NDSS Symposium 2013 Accepted Papers

I can be You: Questioning the use of Keystroke Dynamics as Biometrics

Tey Chee Meng, Payas Gupta and Debin Gao

A Practical, Targeted, and Stealthy Attack Against WPA Enterprise Authentication

Aldo Cassola, William Robertson, Engin Kirda and Guevara Noubir

Unobservable Re-authentication for Smartphones

Lingjun Li, Xinxin Zhao and Guoliang Xue

PlaceRaider: Virtual Theft in Physical Spaces with Smartphones

Robert Templeman, Zahid Rahman, David Crandall and Apu Kapadia

Detecting Passive Content Leaks and Pollution in Android Applications

Yajin Zhou and Xuxian Jiang

Security Enhanced (SE) Android: Bringing Flexible MAC to Android

Stephen Smalley and Robert Craig

The Core of the Matter: Analyzing Malicious Traffic in Cellular Carriers

Charles Lever, Manos Antonakakis, Brad Reaves, Patrick Traynor and Wenke Lee

High Accuracy Attack Provenance via Binary-based Execution Partition

Kyu Hyung Lee, Xiangyu Zhang and Dongyan Xu

Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring

Anil Kurmus, Reinhard Tartler, Daniela Dorneanu, Bernhard Heinloth, Valentin Rothberg, Andreas Ruprecht, Wolfgang Schroder-Preikschat, Daniel Lohmann and Rudiger Kapitza

Taming Hosted Hypervisors with (Mostly) Deprivileged Execution

Chiachih Wu, Zhi Wang and Xuxian Jiang

When Firmware Modifications Attack: A Case Study of Embedded Exploitation

Ang Cui, Michael Costello and Salvatore J. Stolfo

CAMP: Content-Agnostic Malware Protection

Moheeb Abu Rajab, Lucas Ballard, Noe Lutz, Panayiotis Mavrommatis and Niels Provos

InteGuard: Toward Automatic Protection of Third-Party Web Service Integrations

Luyi Xing, Yangyi Chen, XiaoFeng Wang and Shuo Chen

Preventing Side-Channel Leaks in Web Traffic: A Formal Approach

Michael Backes, Goran Doychev and Boris Kopf

NEIGHBORWATCHER: A Content-Agnostic Comment Spam Inference System

Jialong Zhang and Guofei Gu

AUTHSCAN: Automatic Extraction of Web Authentication Protocols from Implementations

Guangdong Bai, Jike Lei, Guozhu Meng, Sai Sathyanarayan Venkatraman, Prateek Saxena, Jun Sun, Yang Liu and Jin Song Dong

The Postman Always Rings Twice: Attacking and Defending postMessage in HTML5 Websites

Sooel Son and Vitaly Shmatikov

Pisces: Anonymous Communication Using Social Networks

Prateek Mittal, Matthew Wright and Nikita Borisov

Preserving Link Privacy in Social Network Based Systems

Prateek Mittal, Charalampos Papamanthou and Dawn Song

COMPA: Detecting Compromised Accounts on Social Networks

Manuel Egele, Gianluca Stringhini, Christopher Kruegel and Giovanni Vigna

Social Turing Tests: Crowdsourcing Sybil Detection

Gang Wang, Manish Mohanlal, Christo Wilson, Xiao Wang, Miriam Metzger, Haitao Zheng and Ben Y. Zhao

Comparing Mobile Privacy Protection through Cross-Platform Applications

Jin Han, Qiang Yan, Debin Gao, Jianying Zhou and Robert Deng

On Implementing Deniable Storage Encryption for Mobile Devices

Adam Skillen and Mohammad Mannan

Contextual Policy Enforcement in Android Applications with Permission Event Graphs

Kevin Zhijie Chen, Noah Johnson, Vijay D’Silva, Shuaifu Dai, Kyle MacNamara, Tom Magrino, Edward Wu, Martin Rinard and Dawn Song

Low-cost Standard Signatures in Wireless Sensor Networks: A Case for Reviving Pre-computation Techniques?

G. Ateniese, G. Bianchi, A. Capossele and C. Petrioli

Clickonomics: Determining the Effect of Anti-Piracy Measures for One-Click Hosting

Tobias Lauinger, Martin Szydlowski, Kaan Onarlioglu, Gilbert Wondracek, Engin Kirda and Christopher Kruegel

FRESCO: Modular Composable Security Services for Software-Defined Networks

Seugwon Shin, Phillip Porras, Vinod Yegneswaran, Martin Fong, Guofei Gu and Mabry Tyson

Intention and Origination: An Inside Look at Large-Scale Bot Queries

Junjie Zhang, Yinglian Xie, Fang Yu, David Soukal and Wenke Lee

Juice: A Longitudinal Study of an SEO Botnet

David Y. Wang, Stefan Savage and Geoffrey M. Voelker

I want my voice to be heard: IP over Voice-over-IP for unobservable censorship circumvention

Amir Houmansadr, Thomas Riedl, Nikita Borisov and Andrew Singer

OIRS: Outsourced Image Recovery Service from Compressive Sensing with Privacy Assurance

Cong Wang, Zhen Xu, Kui Ren and Janet Wang

How Privacy Leaks From Bluetooth Mouse

Xian Pan, Zhen Ling, Aniket Pingley, Wei Yu, Kui Ren, Nan Zhang and Xinwen Fu

Practical Timing Side Channel Attacks Against Kernel Space ASLR

Ralf Hund, Carsten Willems and Thorsten Holz

Updates from the Internet Backbone: An RPKI/RTR Router Implementation, Measurements, and Analysis

Matthias Wählisch, Fabian Holler, Thomas C. Schmidt and Jochen Schiller

A Formal Framework for Network Security Design Synthesis

Mohammad Rahman and Ehab Al-Shaer

Automatic Protocol Selection in Secure Two-Party Computations

Florian Kerschbaum, Thomas Schneider and Axel Schroepfer

Assessing software integrity of virtual appliances through software whitelists: Is it any good?

Jun Ho Huh, Mirko Montanari, Derek Dagit, Rakesh Bobba, Dong Wook Kim, Yoonjoo Choi and Roy Campbell

Privacy-Enhancing Technologies for Medical Tests Using Genomic Data

Erman Ayday, Jean-Louis Raisaro and Jean-Pierre Hubaux

Oblivistore: High Performance Oblivious Distributed Cloud Data Store

Emil Stefanov and Elaine Shi

A Non-Interactive Dual Channel Authentication Protocol For Assuring Psuedo-Confidentiality

David Irakiza, Md Karim and Vir Phoha

Macroeconomic Analysis of Malware

Vaibhav Garg and Jean Camp

Transforming and Taming Privacy-Breaching Android Applications

Mu Zhang and Heng Yin

One (Block) Size Fits All: PIR and SPIR with Variable-Length Records via Multi-Block Queries

Ryan Henry, Yizhou Huang and Ian Goldberg

rBridge: User Reputation based Tor Bridge Distribution with Privacy Preservation

Qiyan Wang, Zi Lin, Nikita Borisov and Nicholas J. Hopper

An Empirical Evaluation of Relay Selection in Tor

Chris Wacek, Henry Tan, Kevin Bauer and Micah Sherr

LIRA: Lightweight Incentivized Routing for Anonymity

Rob Jansen, Aaron Johnson and Paul Syverson

KinWrite: Handwriting-Based Authentication Using Kinect

Jing Tian, Chengzhang Qu, Wenyuan Xu and Song Wang

Tailing RFID Tags for Clone Detection

Davide Zanetti, Srdjan Capkun and Ari Juels

One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography

Tibor Jager, Kenneth G. Paterson and Juraj Somorovsky

Does Counting Still Count? Revisiting the Security of Counting based User Authentication Protocols against Statistical Attacks

Hassan Jameel Asghar, Shujun Li, Ron Steinfeld and Josef Pieprzyk

Toward Online Verification of Client Behavior in Distributed Applications

Robert A. Cochran and Michael K. Reiter

Clear and Present Data: Opaque Traffic and its Security Implications for the Future

Andrew M. White, Srinivas Krishnan, Michael Bailey, Fabian Monrose and Phillip Porras

Verito: A Practical System for Transparency and Accountability in Virtual Economies

Raghav Bhaskar, Saikat Guha, Srivatsan Laxman and Prasad Naldurg

Secure Computation on Floating Point Numbers

Mehrdad Aliasgari, Marina Blanton, Yihua Zhang and Aaron Steele

Analyzing Unique-Bid Auction Sites for Fun and Profit

Ory Samorodnitzky, Eran Tromer and Avishai Wool

Fix Me Up: Repairing Access-Control Bugs in Web Applications

Sooel Son, Kathryn S. McKinley and Vitaly Shmatikov

Automatically Inferring the Evolution of Malicious Activity on the Internet

Shobha Venkataraman, David Brumley, Subhabrata Sen and Oliver Spatscheck

Detection of Malicious PDF Files Based on Hierarchical Document Structure

Nedim Srndic and Pavel Laskov

Behind the Scenes of Online Attacks: an Analysis of Exploitation Behaviors on the Web

Davide Canali and Davide Balzarotti