NDSS Symposium 2007 Program

Session 1: Threats

Low-Rate TCP-Targeted DoS Attack Disrupts Internet Routing 

Ying Zhang, Zhuoqing Morley Mao, University of Michigan; Jia Wang, AT&T Labs Research

Playing Devil’s Advocate: Inferring Sensitive Information from Anonymized Network Traces

Scott Coull, Charles Wright, Fabian Monrose, Johns Hopkins University; Michael Collins, Michael Reiter, Carnegie Mellon University

Fig: Automatic Fingerprint Generation

Shobha Venkataraman, Juan Caballero, Pongsin Poosankam, Min Gyung Kang, Dawn Song, Carnegie Mellon University

Session 2: Web Security

Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis

Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel – Secure Systems Lab Technical University Vienna; Giovanni Vigna – University of California, Santa Barbara

A Quantitative Study of Forum Spamming Using Context-based Analysis

Yuan Niu, Hao Chen, Francis Hsu, University of California, Davis; Yi-Min Wang, Ming Ma, Microsoft Research

Session 3: More Threats

Phinding Phish: An Evaluation of Anti-Phishing Toolbars

Lorrie Cranor, Serge Egelman, Jason Hong, Yue Zhang, Carnegie Mellon University

Army of Botnets

Ryan Vogt, John Aycock, Michael Jacobson, University of Calgary, Canada (PDF: 217KB)

Shedding Light on the Configuration of Dark Addresses

Sushant Sinha, Michael Bailey, Farnam Jahanian, University of Michigan

Session 4: Authentication

Consumable Credentials in Linear-Logic-Based Access-Control Systems

Kevin D. Bowers, Lujo Bauer, Deepak Garg, Frank Pfenning, Michael K. Reiter, Carnegie Mellon University

Secret Handshakes with Dynamic and Fuzzy Matching 

Giuseppe Ateniese, Jonathan Kirsch, Johns Hopkins University; Marina Blanton, Purdue University

Attribute-Based Publishing with Hidden Credentials and Hidden Policies

Apu Kapadia, Patrick Tsang, Sean Smith, Dartmouth College

Session 5: Privacy

File System Design with Assured Delete

Radia Perlman, Sun Microsystems

Cryptographic Methods for Storing Ballots on a Voting Machine

John Bethencourt, Carnegie Mellon University; Dan Boneh, Stanford University; Brent Waters, SRI International

On the Practicality of Private Information Retrieval

Radu Sion, Stony Brook University; Bogdan Carbunar, Motorola Labs

Session 6: Intrusion Detection and Prevention

RICH: Automatically Protecting Against Integer-Based Vulnerabilities

Author: David Brumley, Dawn Song, Carnegie Mellon University; Tzi-cker Chiueh, Rob Johnson, Stony Brook University; Huijia Lin, Cornell University

Generic Application-Level Protocol Analyzer and its Language

Nikita Borisov, University of Illinois at Urbana-Champaign; David Brumley, Carnegie Mellon University; Helen Wang, John Dunagan, Microsoft Research; Pallavi Joshi, University of California, Berkeley; Chuanxiong Guo, the Institute of Communications Engineering, Nanjing, China

OPTWALL: A Hierarchical Traffic-Aware Firewall

Subrata Acharya, Bryan Mills, Mehmud Abliz, Taieb Znati, University of Pittsburgh; Jia Wang, Zihui Ge, Albert Greenberg, AT&T Labs Research