NDSS 2007 – The Network and Security Conference

The 14th Annual Network & Distributed System Security Symposium
Catamaran Resort Hotel – San Diego, CA – 28th February – 2nd March


Session 1: Threats

Low-Rate TCP-Targeted DoS Attack Disrupts Internet Routing (PDF: 318KB)

Ying Zhang, Zhuoqing Morley Mao, University of Michigan; Jia Wang, AT&T Labs Research

Playing Devil’s Advocate: Inferring Sensitive Information from Anonymized Network Traces (PDF: 278KB)

Scott Coull, Charles Wright, Fabian Monrose, Johns Hopkins University; Michael Collins, Michael Reiter, Carnegie Mellon University

Fig: Automatic Fingerprint Generation (PDF: 175KB)

Shobha Venkataraman, Juan Caballero, Pongsin Poosankam, Min Gyung Kang, Dawn Song, Carnegie Mellon University

Session 2: Web Security

Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis (PDF: 177KB)

Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel – Secure Systems Lab Technical University Vienna; Giovanni Vigna – University of California, Santa Barbara

A Quantitative Study of Forum Spamming Using Context-based Analysis(PDF: 370KB)

Yuan Niu, Hao Chen, Francis Hsu, University of California, Davis; Yi-Min Wang, Ming Ma, Microsoft Research

Session 3: More Threats

Phinding Phish: An Evaluation of Anti-Phishing Toolbars (PDF: 1,5MB)

Lorrie Cranor, Serge Egelman, Jason Hong, Yue Zhang, Carnegie Mellon University

Army of Botnets

Ryan Vogt, John Aycock, Michael Jacobson, University of Calgary, Canada (PDF: 217KB)

Shedding Light on the Configuration of Dark Addresses (PDF: 359KB)

Sushant Sinha, Michael Bailey, Farnam Jahanian, University of Michigan

Session 4: Authentication

Consumable Credentials in Linear-Logic-Based Access-Control Systems (PDF: 213KB)

Kevin D. Bowers, Lujo Bauer, Deepak Garg, Frank Pfenning, Michael K. Reiter, Carnegie Mellon University

Secret Handshakes with Dynamic and Fuzzy Matching (PDF: 263KB)

Giuseppe Ateniese, Jonathan Kirsch, Johns Hopkins University; Marina Blanton, Purdue University

Attribute-Based Publishing with Hidden Credentials and Hidden Policies(PDF: 438KB)

Apu Kapadia, Patrick Tsang, Sean Smith, Dartmouth College

Session 5: Privacy

File System Design with Assured Delete (PDF: 234KB)

Radia Perlman, Sun Microsystems

Cryptographic Methods for Storing Ballots on a Voting Machine (PDF: 191KB)

John Bethencourt, Carnegie Mellon University; Dan Boneh, Stanford University; Brent Waters, SRI International

On the Practicality of Private Information Retrieval (PDF: 160KB)

Radu Sion, Stony Brook University; Bogdan Carbunar, Motorola Labs

Session 6: Intrusion Detection and Prevention

RICH: Automatically Protecting Against Integer-Based Vulnerabilities (PDF: 155KB)

Author: David Brumley, Dawn Song, Carnegie Mellon University; Tzi-cker Chiueh, Rob Johnson, Stony Brook University; Huijia Lin, Cornell University

Generic Application-Level Protocol Analyzer and its Language (PDF: 387KB)

Nikita Borisov, University of Illinois at Urbana-Champaign; David Brumley, Carnegie Mellon University; Helen Wang, John Dunagan, Microsoft Research; Pallavi Joshi, University of California, Berkeley; Chuanxiong Guo, the Institute of Communications Engineering, Nanjing, China

OPTWALL: A Hierarchical Traffic-Aware Firewall (PDF: 188KB)

Subrata Acharya, Bryan Mills, Mehmud Abliz, Taieb Znati, University of Pittsburgh; Jia Wang, Zihui Ge, Albert Greenberg, AT&T Labs Research