Conference Proceedings

The Web and Malice

A Crawler-based Study of Spyware in the Web

Alex Moshchuk, Tanya Bragin, Steven D. Gribble, Henry Levy, University of Washington

Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities

Yi-Min Wang, Microsoft Research; Doug Beck, Microsoft Research; Xuxian Jiang, Purdue University; Roussi Roussev, Florida Tech; Chad Verbowski, Microsoft Research; Shuo Chen, Microsoft Research; Sam King, Microsoft Research

Using Generalization and Characterization Techniques in the Anomaly-based Detection of Web Attacks

William Robertson, Giovanni Vigna, Christopher Kruegel, Richard A. Kemmerer, University of California, Santa Barbara

Healing and Learning

Isolating Intrusions by Automatic Experiments

Stephan Neuhaus, Andreas Zeller, Saarland University

Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software

James Newsome, David Brumley, Dawn Song, Jad Chamcham, Xeno Kovah, Carnegie-Mellon University

Software Self-Healing Using Collaborative Application

Stelios Sidiroglou, Michael Locasto, Angelos Keromytis, Columbia University

Potpourri I

Inoculating SSH Against Address Harvesting

Stuart Schechter, Jaeyeon Jung, Will Stockwell, Cynthia McLain, Massachusetts Institute of Technology

Enterprise Security: A Community of Interest Based Approach

Patrick McDaniel, Pennsylvania State University; Shubho Sen, AT&T; Oliver Spatscheck, AT&T; Jacobus Van der Merwe, AT&T; Bill Aiello, University of British Columbia; Charles Kalmanek, AT&T

Protocol-Independent Adaptive Replay of Application Dialog

Weidong Cui, University of California, Berkeley; Vern Paxson, International Computer Science Institute; Nicholas Weaver, International Computer Science Institute; Randy Katz, University of California, Berkeley


Trust Negotiation with Hidden Credentials, Hidden Policies, and Policy Cycles

Keith Frikken, Jiangtao Li, Mikhail Atallah, Purdue University

Deploying a New Hash Algorithm

Steven Bellovin, Columbia University; Eric Rescorla, Network Resonance

Key Regression: Enabling Efficient Key Distribution for Secure Distributed Storage

Kevin Fu, University of Massachusetts, Amherst; Seny Kamaram, Johns Hopkins University; Yoshi Kohno, University of California, San Diego

Potpourri II

Induced Churn as Shelter from Routing-Table Poisoning

Tyson Condie, Varun Kacholia, Sriram Sank, Joseph M. Hellerstein, University of California, Berkeley; Petros Maniatis, Intel Research

Device Identification via Analog Signal Fingerprinting: A Matched Filter Approach

Ryan Gerdes, Thomas Daniels, Mani Mina, Steve Russell, Iowa State University

Modeling Botnet Propagation Using Time Zones

David Dagon, Georgia Tech; Cliff Zou, University of Central Florida; Wenke Lee, Georgia Tech

Privacy and Integrity

Toward a Practical Data Privacy Scheme for a Distributed Implementation of the Smith-Waterman Genome Sequence Comparison Algorithm

Doug Szajda, Michael Pohl, Jason Owen, Barry Lawson, University of Richmond

Toward Automated Information-Flow Integrity Verification for Security-Critical Applications

Umesh Shankar, University of California, Berkeley; Trent Jaeger, Reiner Sailer, IBM Watson