31. S&P 2010: Berleley/Oakland, California, USA

Invited Papers

• Peter G. Neumann, Matt Bishop, Sean Peisert, Marv Schaefer:
  Reflections on the 30th Anniversary of the IEEE Symposium on Security and Privacy. 3-13
  
• Carl E. Landwehr:
  History of US Government Investments in Cybersecurity Research: A Personal Perspective. 14-20
  
• W. Douglas Maughan:
  Crossing the "Valley of Death": Transitioning Research into Commercial Products - A Personal Perspective. 21-26
  

Malware Analysis

• Clemens Kolbitsch, Thorsten Holz, Christopher Kruegel, Engin Kirda:
  Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries. 29-44
  
• Matt Fredrikson, Somesh Jha, Mihai Christodorescu, Reiner Sailer, Xifeng Yan:
  Synthesizing Near-Optimal Malware Specifications from Suspicious Behaviors. 45-60
  
• Paolo Milani Comparetti, Guido Salvaneschi, Engin Kirda, Clemens Kolbitsch, Christopher Kruegel, Stefano Zanero:
  Identifying Dormant Functionality in Malware Programs. 61-76
  

Information Flow

• Sardaouna Hamadou, Vladimiro Sassone, Catuscia Palamidessi:
  Reconciling Belief and Vulnerability in Information Flow. 79-92
  
• Bruno P. S. Rocha, Sruthi Bandhakavi, Jerry den Hartog, William H. Winsborough, Sandro Etalle:
  Towards Static Flow-Based Declassification for Legacy and Untrusted Programs. 93-108
  
• Dominique Devriese, Frank Piessens:
  Noninterference through Secure Multi-execution. 109-124
  
• Sergio Maffeis, John C. Mitchell, Ankur Taly:
  Object Capabilities and Isolation of Untrusted Web Applications. 125-140
  

Root of Trust

• Jonathan M. McCune, Yanlin Li, Ning Qu, Zongwei Zhou, Anupam Datta, Virgil D. Gligor, Adrian Perrig:
  TrustVisor: Efficient TCB Reduction and Attestation. 143-158
  
• Matthew Hicks, Murph Finnicum, Samuel T. King, Milo M. K. Martin, Jonathan M. Smith:
  Overcoming an Untrusted Computing Base: Detecting and Removing Malicious Hardware Automatically. 159-172
  
• Adam Waksman, Simha Sethumadhavan:
  Tamper Evident Microprocessors. 173-188
  

Information Abuse

• Shuo Chen, Rui Wang, XiaoFeng Wang, Kehuan Zhang:
  Side-Channel Leaks in Web Applications: A Reality Today, a Challenge Tomorrow. 191-206
  
• Zhiyun Qian, Zhuoqing Morley Mao, Yinglian Xie, Fang Yu:
  Investigation of Triangular Spamming: A Stealthy and Efficient Spamming Technique. 207-222
  
• Gilbert Wondracek, Thorsten Holz, Engin Kirda, Christopher Kruegel:
  A Practical Attack to De-anonymize Social Network Users. 223-238
  
• Margarita Osadchy, Benny Pinkas, Ayman Jarrous, Boaz Moskovich:
  SCiFI - A System for Secure Face Identification. 239-254
  

Network Security

• Haowen Chan, Adrian Perrig:
  Round-Efficient Broadcast Authentication Protocols for Fixed Topology Classes. 257-272
  
• Allison B. Lewko, Amit Sahai, Brent Waters:
  Revocation Systems with Very Small Private Keys. 273-285
  
• Yao Liu, Peng Ning, Huaiyu Dai:
  Authenticating Primary Users' Signals in Cognitive Radio Networks via Integrated Cryptographic and Wireless Link Signatures. 286-301
  

Systematization of Knowledge I

• Robin Sommer, Vern Paxson:
  Outside the Closed World: On Using Machine Learning for Network Intrusion Detection. 305-316
  
• Edward J. Schwartz, Thanassis Avgerinos, David Brumley:
  All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but Might Have Been Afraid to Ask). 317-331
  
• Jason Bau, Elie Bursztein, Divij Gupta, John C. Mitchell:
  State of the Art: Automated Black-Box Web Application Vulnerability Testing. 332-345
  

Secure Systems

• Deepak Garg, Frank Pfenning:
  A Proof-Carrying File System. 349-364
  
• Jason Franklin, Sagar Chaki, Anupam Datta, Arvind Seshadri:
  Scalable Parametric Verification of Secure Systems: How to Verify Reference Monitors without Worrying about Data Structure Size. 365-379
  
• Zhi Wang, Xuxian Jiang:
  HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity. 380-395
  

Systematization of Knowledge II

• Elie Bursztein, Steven Bethard, Celine Fabry, John C. Mitchell, Daniel Jurafsky:
  How Good Are Humans at Solving CAPTCHAs? A Large Scale Evaluation. 399-413
  
• Bryan Parno, Jonathan M. McCune, Adrian Perrig:
  Bootstrapping Trust in Commodity Computers. 414-429
  

Analyzing Deployed Systems

• Steven J. Murdoch, Saar Drimer, Ross J. Anderson, Mike Bond:
  Chip and PIN is Broken. 433-446
  
• Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, Tadayoshi Kohno, Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage:
  Experimental Security Analysis of a Modern Automobile. 447-462
  
• Kapil Singh, Alexander Moshchuk, Helen J. Wang, Wenke Lee:
  On the Incoherencies in Web Browser Access Control Policies. 463-478
  

Language-Based Security

• Leo A. Meyerovich, V. Benjamin Livshits:
  ConScript: Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser. 481-496
  
• Tielei Wang, Tao Wei, Guofei Gu, Wei Zou:
  TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection. 497-512
  
• Prateek Saxena, Devdatta Akhawe, Steve Hanna, Feng Mao, Stephen McCamant, Dawn Song:
  A Symbolic Execution Framework for JavaScript. 513-528
  

Last update Fri May 25 08:41:08 2012 CET by the DBLP Team — Data released under the ODC-BY 1.0 license — See also our legal information page