The NDSS 2013 programme will begin with registration on Sunday evening, 24 February, followed by invited talks and research presentations Monday through Wednesday, 25-27 February. The Symposium is scheduled to end at 5:00 pm on Wednesday.  Registration includes admission to sessions, Proceedings, and all the meals and events listed in the Symposium schedule, including the dinner cruise on Mission Bay.

Sunday, February 24

4:00 pm – 7:00 pm Registration
6:00 pm – 7:30 pm Welcome Drink

Monday, February 25

7:30 am – Registration
7:30 am – 8:30 am Continental Breakfast
8:30 am – 8:50 am

Opening Remarks

General Chair: Tom Hutton, San Diego Supercomputer Center

General Chair’s Message

Program Chair: Peng Ning, NC State University

Program Chair’s Message

8:50 am – 9:35 am

Keynote

Keynote by Richard Kemmerer, Computer Science Leadership Chair and Professor, UC Santa Barbara

9:35 am – 10:15 am

Session 1: Authentication

Break
10:35 am – 12:15 pm

Session 2: Mobile Security

 

12:15 pm – 2:00 pm Lunch
2:00 pm — 3:40 pm

Session 3: Systems and Software Security

 

Break
4:00 pm — 5:40 pm

Session 4: Web Security

 

7:00 pm – 9:00 pm Dinner Cruise of Mission Bay aboard the William D. Evans

Tuesday, February 26

7:30 am – 8:30 am Continental Breakfast
8:30 am — 9:15 am

Keynote

Keynote by Stephen Smalley, Trusted Systems Research Group, US National Security Agency (NSA)

9:15 am — 10:15 am

Session 5: Social Networks and Application Security

 

Break
10:35 am — 12:15 pm

Session 6: Mobile and Wireless Security and Privacy

 

12:15 pm – 2:00 pm Lunch
2:00 pm — 3:40 pm

Session 7: Network Security I

 

Break
4:00 pm — 5:40 pm

Session 8: Short Talks

 

7:00 pm – 9:00 pm Buffet Dinner and Rump Session

Wednesday, February 27

7:30 am – 8:30 am Continental Breakfast
8:30 am – 9:15 am

Keynote

Keynote by Joe Sullivan, Chief Security Officer, Facebook

9:15 am – 10:15 am

Session 9: Privacy and Anonymity

 

Break
10:35 am – 12:15 pm

Session 10: Anonymity, Authentication and Attacks

 

12:15 pm – 1:40 pm Lunch
1:40 pm – 3:20 pm

Session 11: Distributed Systems Security

 

Break
3:40 pm – 5:00 pm

Session 12: Network Security II

 

5:00 pm Closing Remarks and Final Prize Drawing

Monday Keynote

Richard Kemmerer, Computer Science Leadership Chair and Professor, UC Santa Barbara

20 Years of Network and Distributed Systems Security: The Good, the Bad, and the Ugly

Since this is the 20th Network and Distributed Systems Security (NDSS) Symposium, we thought it would be appropriate to review some of the highlights, lowlights, and general trends in network and distributed systems over the past twenty years. We also plan to discuss the future trends in this area of research.

Session 1: Authentication

Session Chair: Apu Kapadia, Indiana University

Best Paper Award

I can be you: Questioning the use of Keystroke Dynamics as Biometrics

This paper shows that contrary to the beliefs of prior studies, typing patterns of inpiduals can be imitated. Our results from a large scale user study of over 80 participants show that various factors such as the password used, gender, monetary incentives, time allowed and information about the target typing pattern affects the success rate of the attacker.

Tey Chee Meng, Payas Gupta and Debin Gao

A Practical, Targeted, and Stealthy Attack Against WPA Enterprise Authentication

WPA2-Enterprise wireless networks rely on TLS to protect the underlying MSCHAPv2 authentication. Other layers of the authentication process however, from the physical to the user interface, introduce weaknesses that allow hard to detect Man-In-The-Middle attacks. We propose a novel attack, a prototype implementation, and the evaluation of its end-to-end efficacy using user experiments to demonstrate the need for new security measures across the software stack.

Aldo Cassola, William Robertson, Engin Kirda and Guevara Noubir

Session 2: Mobile Security

Session Chair: Zhichun Li, NEC Lab

Unobservable Re-authentication for Smartphones

In this paper, we propose a novel biometrics based system to achieve continuous and unobservable re-authentication for smartphones. Our system uses a classifier to learn the owner’s finger movement patterns and checks the current user’s finger movement patterns against the owner’s. Experiments show that our system is efficient on smartphones and achieves high accuracy.

Lingjun Li, Xinxin Zhao and Guoliang Xue

PlaceRaider: Virtual Theft in Physical Spaces with Smartphones

We introduce PlaceRaider, a proof-of-concept mobile malware that exploits a smartphone’s camera and onboard sensors to reconstruct rich, 3D models of the victim’s indoor space using only opportunistically taken photos. Attackers can use these models to engage in remote reconnaissance and virtual theft of the victims’ environment. We substantiate this threat through human subject studies.

Robert Templeman, Zahid Rahman, David Crandall and Apu Kapadia

Detecting Passive Content Leaks and Pollution in Android Applications

We systematically study two vulnerabilities in open content provider components of Android applications. The first vulnerability can be exploited to disclose various types of private in-app data while the second one can be leveraged to manipulate them and potentially cause serious side-effects.  Our evaluation with 62,519 Android applications shows that 2.3% of them are susceptible to these two vulnerabilities.

Yajin Zhou and Xuxian Jiang

Security Enhanced (SE) Android: Bringing Flexible MAC to Android

In this paper, we motivate and describe our work to bring flexible mandatory access control (MAC) to Android by enabling the effective use of Security Enhanced Linux (SELinux) for kernel-level MAC and by developing a set of middleware MAC extensions to the Android permissions model.

Stephen Smalley and Robert Craig

The Core of the Matter: Analyzing Malicious Traffic in Cellular Carriers

Much of the attention surrounding mobile malware has focused on the in-depth analysis of malicious applications. In this paper, we present the first empirical network level analysis of mobile malware using traffic from a major US cellular provider and quantify the extent to which devices are actually infected in the network.

Charles Lever, Manos Antonakakis, Brad Reaves, Patrick Traynor and Wenke Lee

Session 3: Systems and Software Security

Session Chair: Guofei Gu, Texas A&M University

High Accuracy Attack Provenance via Binary-Based Execution Partition

To trace the provenance of cyber attacks, audit log analysis faces the challenge of input-output dependence explosion. We develop a binary analysis/hardening technique that partitions the execution of an event-driven process into multiple “units” so that logging can be performed with units — not processes — as subjects. Our evaluation shows significant improvement in attack provenance accuracy with low overhead.

Kyu Hyung Lee, Xiangyu Zhang and Dongyan Xu

Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring

We design and implement an automated approach to produce a kernel configuration that is adapted to a particular workload and hardware, and present an attack surface evaluation framework for evaluating security improvements for the different kernels obtained.  Our results show that, for real-world server use cases, the attack surface reduction obtained by tailoring the kernel ranges from about 50% to 85%.

A. Kurmus, R. Tartler, D. Dorneau, B. Heinloth, V. Rothberg, A. Ruprecht, W. Schöder-Preikschat, D. Lohmann, R. Kapitza

Taming Hosted Hypervisors with (Mostly) Deprivileged Execution

Virtualizing a computer system is a complex task. Existing hosted hypervisors typically have a large code base which might introduce exploitable software bugs. DeHype is proposed to reduce the exposed attack surface of a hosted hypervisor by deprivileging most of its execution to user mode, which also brings additional benefits in allowing for better development as well as concurrent execution of multiple hosted hypervisors in the same physical machine.

Chiachih Wu, Zhi Wang and Xuxian Jiang

When Firmware Modifications Attack: A Case Study of Embedded Exploitation

The ability to update firmware is a feature found in nearly all modern embedded systems. We demonstrate how this feature can be exploited to allow attackers to inject malicious firmware modifications into vulnerable embedded devices. We discuss techniques for exploiting such vulnerable functionality, implement a proof-of-concept attack against HP LaserJet printers, survey the vulnerable population, analyze known vulnerabilities in third-party libraries and discuss defenses.

Ang Cui, Michael Costello and Salvatore J. Stolfo

CAMP: Content-Agnostic Malware Protection

We present CAMP, a content-agnostic malware protection system. CAMP works on top of Google’s Safe Browsing API and leverages reputation data to improve blacklist-based protection mechanisms. This paper gives a detailed overview of CAMP and provides an evaluation of an operational deployment serving 200 million browser users. Our evaluation shows that CAMP detects approximately 5 million malware downloads per month. We also show that CAMP exhibits accuracy close to 99%.

Niels Provos, Moheeb Abu Rajab, Lucas Ballard, Noe Lutz and Panayiotis Mavrommatis

Session 4: Web Security

Session Chair: Xuxian Jiang, NC State University

InteGuard: Toward Automatic Protection of Third-Party Web Service Integrations

We propose InteGuard, the first system that protects vulnerable web API integrations.  InteGuard operates a proxy in front of the service integrator’s web site, performing security checks on a set of invariant relations among the HTTP messages the integrator receives during a transaction. Our evaluation shows that it can defeat complicated exploits on high-profile web services with a small performance impact.

Luyi Xing, Yangyi Chen, XiaoFeng Wang and Shuo Chen

Preventing Side-channel Leaks in Web Traffic: A Formal Approach

We present a novel framework for deriving formal security guarantees against traffic side-channels, and we propose algorithms for the efficient derivation of such guarantees for web applications.  We demonstrate the utility of our techniques in two case studies, where we derive formal guarantees for the security of a regional-language Wikipedia and an auto-complete input field.

Michael Backes, Goran Doychev and Boris Köpf

NeighborWatcher: A Content-Agnostic Comment Spam Inference System

We present NeighborWatcher, a comment spam inference system that exploits spammers’ spamming infrastructure information to infer comment spam. At its core, NeighborWatcher runs a graph-based algorithm to characterize the spamming neighbor relationship, and reports a spam link when the same link also appears in the harbor’s neighbors.

Jialong Zhang and Guofei Gu

AuthScan: Automatic Extraction of Web Authentication Protocols From Implementations

This paper addresses the problem of automatically extracting specifications from implementations and finding security flaws in them. We propose AUTHSCAN, an end-to-end platform to recover the authentication protocol specification from its implementations. AUTHSCAN finds a total of 7 security vulnerabilities in web applications using SSO protocol implementations and in custom web authentication logic of several web sites with millions of users.

Guangdong Bai, Guozhu Meng, Jike Lei, Sai Sathyanarayan Venkatraman, Prateek Saxena, Jun Sun, Yang Liu and Jinsong Dong

Best Student Paper Award

The Postman Always Rings Twice: Attacking and Defending postMessage in HTML5 Websites

The postMessage facility in HTML5 enables communication between web content from different origins.  We analyze postMessage receivers used in Alexa top 10,000 sites and demonstrate that many of them perform origin checks incorrectly.  This leads to multiple vulnerabilities, from cross-site scripting to injection of arbitrary content into localStorage. We then propose several patterns for safe usage of postMessage.

Sooel Son and Vitaly Shmatikov

Tuesday Keynote

Keynote by Stephen Smalley, Trusted Systems Research Group, US National Security Agency (NSA)

Laying a Secure Foundation for Mobile Devices

Session Chair: Roger Khazan, MIT Lincoln Lab

Modern mobile devices such as smartphones and tablets have become fully general computing systems with a rich third party application ecosystem and user experience.  As such, the same security problems that have long plagued the personal computer (PC) industry are becoming increasingly evident on mobile devices. Addressing these threats effectively requires a secure foundation, including both hardware and software mechanisms.  Device OEMs and mobile operating system developers have an opportunity to establish such a foundation by providing the right primitives for constructing secure systems and enabling their use in commodity mobile devices.  Many of the same security constructs that have been applied in the space of client and server PCs can and should be brought to the mobile arena.  In this talk, we lay out a vision for secure mobile computing, including a discussion of the roles that virtualization, trusted computing, and secure operating systems play in an overall security architecture and how these mechanisms can be realized in mobile devices today.

Session 5: Social Networks and Application Security

Session Chair: Lujo Bauer, Carnegie Mellon University

Pisces: Anonymous Communication Using Social Networks

We show that social networks can improve user privacy! We present Pisces, a system for anonymous communication that leverages users’ trusted social contacts. Pisces minimizes an attacker’s ability to compromise user anonymity by explicitly considering social trust in the design of anonymous paths. Pisces is secure against a colluding byzantine adversary, and provides better anonymity than Tor.

Prateek Mittal, Matthew Wright and Nikita Borisov

Preserving Link Privacy in Social Network based Systems

We show that it is possible to enable the design of social network based systems, while protecting the privacy of users’ social contacts. Our approach is to perturb the social network graph, by removing existing edges and adding fake edges, such that the local community structures in the network are preserved. We characterize utility and privacy of such perturbed graphs.

Prateek Mittal, Charalampos Papamanthou and Dawn Song

COMPA: Detecting Compromised Accounts on Social Networks

COMPA detects compromised, yet legitimate social network accounts by building behavioral profiles for inpidual accounts and matching new messages against the extracted behavior. Should multiple similar messages violate their users’ behavioral profiles, COMPA declares these users as compromised. COMPA demonstrated high precision when evaluated on large-scale real-world datasets (1.4B Twitter, 106M Facebook messages).

Manuel Egele, Gianluca Stringhini, Christopher Kruegel and Giovanni Vigna

Session 6: Mobile and Wireless Security and Privacy

Session Chair: David Molnar, Microsoft Research

Social Turing Tests: Crowdsourcing Sybil Detection

We explore the feasibility of a crowdsourced system using human intuition to detect Sybil (fake accounts) in online social networks. We conduct a large user study using a large corpus of ground-truth from Facebook and Renren, and users from Amazon Turk and Chinese crowdsourcing systems. We find this approach promising and propose a multi-tier detection system that is both scalable and highly accurate.

Gang Wang, Manish Mohanlal, Christo Wilson, Xiao Wang, Miriam Metzger, Haitao Zheng and Ben Y. Zhao

Comparing Mobile Privacy Protection through Cross-Platform Applications

In this paper, we make the first attempt to establish a baseline for the security comparison between iOS and Android. Our analysis over 2,600 cross-platform applications shows that iOS applications consistently access more security sensitive APIs than their counterparts on Android. We then investigate further on both third-party libraries and applications’ own code to reveal the underlying reasons.

Jin Han, Qiang Yan, Debin Gao, Jianying Zhou and Robert Deng

On Implementing Deniable Storage Encryption for Mobile Devices

To enable plausibly deniable encryption on mobile devices, we introduce Mobiflage that hides encrypted volumes within random data on the device’s external storage. By providing a decoy key, users can plausibly deny the existence of any hidden data. Our Android prototype includes countermeasures for known weaknesses in desktop PDE systems, and highlights challenges of implementing PDE schemes on mobile systems.

Adam Skillen and Mohammad Mannan

Contextual Policy Enforcement in Android Applications with Permission Event Graphs

Malicious smartphone applications often surreptitiously access sensitive resources or abuse their privileges. We present a new approach for checking and enforcing policies concerning the context and order in which permissions and APIs may be used in an Android application. Our checker constructs Permission Event Graphs, a new, finite-state abstraction of the operating system context in which an application uses a permission. Our experiments show that we can check complex temporal policies with low false positives and false negatives.

Kevin Chen, Noah Johnson, Vijay D’Silva, Shuaifu Dai, Kyle MacNamara, Tom Magrino, Edward Wu, Martin Rinard and Dawn Song

Low-cost Standard Signatures in Wireless Sensor Networks: A Case for Reviving Pre-computation Techniques?

This work describes new pre-computation techniques for cryptographic schemes that exploit recent results on Cayley graph expanders and leverage excess energy generated by micro solar cells and small wind turbines placed on low-power devices. Our improved schemes outperform prior art by as much as 50%.

Giuseppe Ateniese, Giuseppe Bianchi, Angelo Capossele and Chiara Petrioli

Session 7: Network Security I

Session Chair: Davide Balzarotti, EURECOM

Clickonomics: Determining the Effect of Anti-Piracy Measures for One-Click Hosting

This paper reports on a large-scale measurement study about the effects of measures against copyright infringement on One-Click Hosters (or “cyberlockers”). While such efforts are visible, their overall impact appears to be rather limited. The paper also discusses proposed new measures (such as SOPA) and finds that they may not be as successful as their proponents might expect.

Tobias Lauinger, Martin Szydlowski, Kaan Onarlioglu, Gilbert Wondracek, Engin Kirda and Christopher Kruegel

FRESCO: Modular Composable Security Services for Software-Defined Networks

OpenFlow is an open standard that has gained tremendous interest in the last few years.  In this paper we introduce FRESCO, an OpenFlow security application development framework designed to facilitate the rapid design, and modular composition of OF-enabled detection and mitigation modules. FRESCO offers a programming framework that enables security researchers to implement, and compose together, many different security modules.

Seungwon Shin, Phil Porras, Vinod Yegneswaran, Martin Fong, Guofei Gu and Mabry Tyson

Intention and Origination: An Inside Look at Large-Scale Bot Queries

Modern attackers increasingly exploit search engines as a vehicle to identify vulnerabilities and to gather information for launching new attacks. In this paper, we perform a large-scale quantitative analysis on bot queries received by the Bing search engine over month-long periods. Our analysis is based on an automated system, called SBotScope, that we develop to dissect large-scale bot queries. Our study shows that 33% of bot are searching for vulnerabilities, followed by 11% harvesting user account information. In one of our 16-day datasets, we uncover 8.2 million hosts from botnets and 13,364 hosts from data centers submitting bot queries.

Junjie Zhang, Yinglian Xie, Fang Yu, David Soukal and Wenke Lee

Juice: A Longitudinal Study of an SEO Campaign

Black hat search engine optimization (SEO) campaigns attempt to attract and monetize traffic.  Using Web site compromise and cloaking, SEO botnets can manipulate search result rankings, ultimately directing users to sites promoting scams (e.g. fake antivirus).  In this paper, we infiltrate an influential SEO botnet, GR, characterize its dynamics and effectiveness and identify key scams driving its innovation.

David Y. Wang, Stefan Savage and Geoffrey M. Voelker

I want my voice to be heard: IP over Voice-over-IP for Unobservable Censorship Circumvention

We propose an unobservable censorship-resistant infrastructure, called FreeWave. FreeWave works by modulating a client’s Internet traffic into acoustic signals that are carried over VoIP connections. The use of actual VoIP connections, as opposed to traffic mimicking, allows FreeWave to relay its VoIP connections through oblivious VoIP nodes, hence keeping the FreeWave server(s) unobservable and unblockable. We prototype FreeWave over Skype.

Amir Houmansadr, Thomas Riedl, Nikita Borisov and Andrew Singer

Session 8: Short Talks

Session Chair: Peng Ning, NC State University

The Program Committee selected submissions on a range of topics for treatment as Short Talks. Priority has been given to papers that have fresh, unconventional ideas. Though not selected as full papers, these merit a place on the program.

OIRS: Outsourced Image Recovery Service from Compressive Sensing with Privacy Assurance

Cong Wang, Zhen Xu, Kui Ren and Janet Wang

How Privacy Leaks from Bluetooth Mouse?

Xian Pan, Zhen Ling, Aniket Pingley, Wei Yu, Kui Ren, Nan Zhang and Xinwen Fu

Practical Timing Side Channel Attacks Against Kernel Space ASLR

Ralf Hund, Carsten Willems and Thorsten Holz

Updates from the Internet Backbone: An RPKI/RTR Router Implementation, Measurements, and Analysis

Matthias Wählisch, Fabian Holler, Thomas C. Schmidt and Jochen Schiller

A Formal Framework for Network Security Design Synthesis

Mohammad Rahman and Ehab Al-Shaer

Automatic Protocol Selection in Secure Two-Party Computations

Florian Kerschbaum, Thomas Schneider and Axel Schroepfer

Assessing software integrity of virtual appliances through software whitelists: Is it any good?

Jun Ho Huh, Mirko Montanari, Derek Dagit, Rakesh Bobba, Dong Wook Kim, Yoonjoo Choi and Roy Campbell

Privacy-Enhancing Technologies for Medical Tests Using Genomic Data

Erman Ayday, Jean Louis Raisaro and Jean-Pierre Hubaux

Oblivistore: High Performance Oblivious Distributed Cloud Data Store

Emil Stefanov and Elaine Shi

A Non-Interactive Dual Channel Authentication Protocol For Assuring Psuedo-Confidentiality

David Irakiza, Md Karim and Vir Phoha

Macroeconomic Analysis of Malware

Vaibhav Garg and L. Jean Camp

Transforming and Taming Privacy-Breaching Android Applications

Mu Zhang and Heng Yin

Wednesday Keynote

Keynote by Joe Sullivan, Chief Security Officer, Facebook

You Can’t Do Today’s Security With Yesterday’s Methods

Session Chair: Peng Ning, NC State University

“Creative thinking is not a talent, it is a skill that can be learnt. It empowers people by adding strength to their natural abilities which improves teamwork, productivity and where appropriate profits.” — Edward De Bono

As the manager of teams responsible for product and information security at Facebook, Joe believes deeply in the need for operational security teams to remain creative and push limits and not settle into playing passive defense.  Innovation starts with any member of a security team and can inspire not only that team but a whole company to achieve security standards well beyond the “minimum compliance standards” some organizations accept.  Joe will give examples of several different ways his team has evolved dramatically in the last year to address the growing security challenges faced by Facebook’s unprecedented development around the world, and show how willingness to innovate and take chances and unwillingness to fall back on accepted standards were fundamental to the team’s success in each case.

Session 9: Privacy and Anonymity

Session Chair: Paul Syverson, Naval Research Lab

One (Block) Size Fits All: PIR and SPIR Over Arbitrary-Length Records via Multi-block PIR Queries

We propose a communication-efficient method for users to fetch multiple blocks in Goldberg’s information-theoretic private information retrieval (PIR) scheme. Our approach trades off some Byzantine robustness to improve throughput without affecting privacy. We leverage our multi-block queries to construct four symmetric PIR (SPIR) protocols for databases with variable-length records. Three of our protocols support pricing and are therefore well suited to privacy-friendly sales of digital goods.

Ryan Henry, Yizhou Huang and Ian Goldberg

rBridge: User Reputation based Tor Bridge Distribution with Privacy Preservation

A key challenge to the Tor bridge based circumvention system is to distribute bridges to a large scale of users while avoiding bridges falling into the hands of corrupt users. We propose rBridge — a user reputation system for bridge distribution to limit corrupt users from repeatedly blocking bridges. In addition, we study the privacy preservation problem in bridge distribution and propose a privacy-preserving rBridge scheme.

Qiyan Wang, Zi Lin, Nikita Borisov and Nicholas J. Hopper

An Empirical Evaluation of Relay Selection in Tor

We develop large network graphs that capture the live Tor network’s autonomous system boundaries, points-of-presence, inter-relay latencies and relay performance characteristics. Using our network models, we evaluate a series of proposed relay selection strategies under various network conditions.  We additionally quantify the anonymity properties of each approach using simulations driven by data from the live Tor network.

Christopher Wacek, Henry Tan, Kevin Bauer and Micah Sherr

Session 10: Anonymity, Authentication and Attacks

Session Chair: Xiaofeng Wang, Indiana University

LIRA: Lightweight Incentivized Routing for Anonymity

A lack of incentives for volunteers to contribute resources to Tor has lead to performance and scalability problems while hindering user anonymity. We introduce LIRA, a scheme that uses proportional differentiation to produce performance incentives for contributors and a novel cryptographic lottery scheme that is more efficient and provides better anonymity than previous Tor incentive proposals.

Rob Jansen, Aaron Johnson and Paul Syverson

KinWrite: Handwriting-Based Authentication Using Kinect

We propose a user-friendly authentication system (KinWrite) that lets users write their passwords in 3D space and captures the handwriting movement using a low cost motion input sensing device — Kinect.  Because of the built-in behavioral biometrics in handwriting, KinWrite allows users to choose short and easy-to-memorize passwords while providing resistance  to password cracking.

Jing Tian, Chengzhang Qu, Wenyuan Xu and Song Wang

Tailing RFID Tags for Clone Detection

We propose a new approach to detection of counterfeit tags and goods in RFID-enabled supply chains. Called tailing, our approach involves periodic insertion of random data into tags, creating a kind of “synthetic pedigree.” We show in supply-chain simulations how our approach enables a verifier to detect bogus tags even when hindered by partial visibility.

Davide Zanetti, Srdjan Capkun and Ari Juels

One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography

Often a cryptographic standard offers a choice between several algorithms to perform the same cryptographic task, including secure state-of-the-art cryptosystems, as well as insecure legacy cryptosystems with known vulnerabilities that are made available for backwards compatibility reasons. Obviously using insecure legacy cryptosystems is dangerous. However, we show the less obvious fact that even if users have the best of intentions to use only the most up-to-date, vulnerability-free version of a system, the mere existence of support for old versions can have a catastrophic effect on security.

Tibor Jager, Kenneth G. Paterson and Juraj Somorovsky

Does counting still count? Revisiting the Security of Counting based User Authentication Protocols against Statistical Attacks

At NDSS 2012, Yan et al. proposed a generic statistical attack on counting-based authentication protocols. However, they did not give details of any fixes against this attack barring a few suggestions. We generalize this attack with a much more comprehensive theoretical analysis, and propose two fixes to make counting-based protocols practically safe against the attack at the cost of usability.

Hassan Jameel Asghar, Shujun Li, Ron Steinfeld and Josef Pieprzyk

Session 11: Distributed Systems Security

Session Chair: Heng Yin, Syracuse University

Toward Online Verification of Client Behavior in Distributed Applications

We present a new technique by which a server can verify the consistency of a client’s behavior with the sanctioned client software, even though the server does not know inputs local to the client that are driving its behavior.  Our approach improves upon previous approaches in precision, bandwidth consumption, and/or computational expense.

Robert A. Cochran and Michael K. Reiter

Clear and Present Data: Opaque Traffic and its Security Implications for the Future

Opaque, i.e., compressed or encrypted, traffic incurs high overhead for DPI engines yet often yields little useful information. Our experiments indicate that 89% of payload-carrying TCP packets are opaque. We provide a first step toward addressing the challenges presented by the abundance of opaque traffic by introducing new techniques for accurate real-time filtering of opaque packets in 16 bytes or less.

A.M. White, S. Krishnan, M. Bailey, F. Monrose, P. Porras

Verito: A Practical System for Transparency and Accountability in Virtual Economies

We propose Verito, a practical solution that provides transparency and accountability for purchase of virtual goods and services online platforms like Facebook, Xbox and IOS. Consumer interests, including transparency, fairness, non-repudiation, and performance issues, are protected through the use of a novel combination of cryptographic solutions, without the need to rely solely on platform providers or regulation.

Raghav Bhaskar, Saikat Guha, Srivatsan Laxman, and Prasad Naldurg

Secure Computation on Floating Point Numbers

This work proposes the first feasible solutions for secure multi-party computation with real numbers in floating point representation. It also provides techniques for performing more complex operations such as square root, logarithm, and exponentiation. Our experiments show that not only are the proposed protocols efficient, but in certain cases they outperform operations on integers.

Mehrdad Aliasgari, Marina Blanton, Yihua Zhang and Aaron Steele

Analyzing Unique-Bid Auction Sites for Fun and Profit

Unique-Bid auction sites have gained popularity on the Internet in recent years. Using data extracted from such a site, we constructed an agent-based model simulating users’ bidding behaviors. We designed several automated winning strategies that performed well in the simulated environment. Finally, we demonstrated one strategy against a commercial auction site, achieving a 91% win rate and over 1000GBP profit.

Ory Samorodnitzky, Eran Tromer and Avishai Wool

Session 12: Network Security II

Session Chair: Ehab Al-Shaer, UNC Charlotte

Fix Me Up: Repairing Access-Control Bugs in Web Applications

Access-control policies in Web applications ensure that only authorized users can navigate to privileged pages, access databases, and perform other sensitive operations.  Unfortunately, errors in access-control logic are very common.  We present FixMeUp, a new static analysis tool that finds access-control bugs in PHP applications and generates repairs.

Sooel Son, Kathryn S. McKinley and Vitaly Shmatikov

Automatically Inferring the Evolution of Malicious Activity on the Internet

Malicious activity (spam, scans, botnets) arises from virtually anywhere on the Internet and frequently shifts longitudinally over time. We develop the first algorithmic techniques to automatically infer regions of the Internet with shifting security characteristics in an online fashion. Our evaluations on real network data highlight some regions (some small ISPs and hosting providers) are prone to much faster changes than others.

Shobha Venkataraman, David Brumley, Subhabrata Sen and Oliver Spatscheck

Detection of Malicious PDF Files Based on Hierarchical Document Structure

In this paper, we propose an efficient static method for detection of malicious PDF documents which relies on essential differences in the structural properties of malicious and benign PDF files. We demonstrate its effectiveness on a data corpus containing about 600,000 real-world malicious and benign PDF files and evaluate its resistance against adversarial evasion attempts.

Nedim Šrndić and Pavel Laskov

Behind the Scenes of Online Attacks: an Analysis of Exploitation Behaviors on the Web

This work presents the design, implementation, and deployment of a network of 500 fully functional vulnerable websites aimed at studying what attackers do after they compromise a web application. Over 100 days of experiments, our system was able to collect and cluster 6,000 attacks containing over 85,000 files. This allowed us to draw a general picture of the web application attack landscape.

Davide Canali and Davide Balzarotti