Abstract is missing.
- Program Committee [doi]
- Title Page [doi]
- Speaker Biographies [doi]
- Copyright [doi]
- Reviewers [doi]
- Tutorial Committee [doi]
- Conference Committee [doi]
- Message from Conference Chair [doi]
- We Need Assurance!Brian D. Snow. 3-10 [doi]
- Model Checking An Entire Linux Distribution for Security ViolationsBenjamin Schwarz, Hao Chen, David Wagner, Jeremy Lin, Wei Tu, Geoff Morrison, Jacob West. 13-22 [doi]
- Strengthening Software Self-Checksumming via Self-Modifying CodeJonathon T. Giffin, Mihai Christodorescu, Louis Kruger. 23-32 [doi]
- Countering Trusting Trust through Diverse Double-CompilingDavid Wheeler. 33-48 [doi]
- A Framework for Detecting Network-based Code Injection Attacks Targeting Windows and UNIXStig Andersson, Andrew Clark, George M. Mohay, Bradley Schatz, Jacob Zimmermann. 49-58 [doi]
- Exploiting Independent State For Network Intrusion DetectionRobin Sommer, Vern Paxson. 59-71 [doi]
- A Host-Based Approach to Network Attack Chaining AnalysisPaul Ammann, Joseph Pamula, Julie A. Street, Ronald W. Ritchey. 72-84 [doi]
- A Nitpicker s guide to a minimal-complexity secure GUINorman Feske, Christian Helmuth. 85-94 [doi]
- A User-level Framework for Auditing and MonitoringYongzheng Wu, Roland H. C. Yap. 95-105 [doi]
- TARP: Ticket-based Address Resolution ProtocolWesam Lootah, William Enck, Patrick McDaniel. 106-116 [doi]
- Verify Results of Network Intrusion Alerts Using Lightweight Protocol AnalysisJingmin Zhou, Adam J. Carlson, Matt Bishop. 117-126 [doi]
- Replay Attack in TCG Specification and SolutionDanilo Bruschi, Lorenzo Cavallaro, Andrea Lanzi, Mattia Monga. 127-137 [doi]
- Code Security Analysis of a Biometric Authentication System Using Automated Theorem ProversJan Jürjens. 138-149 [doi]
- Automated and Safe Vulnerability AssessmentFanglu Guo, Yang Yu, Tzi-cker Chiueh. 150-159 [doi]
- Understanding Complex Network Attack Graphs through Clustered Adjacency MatricesSteven Noel, Sushil Jajodia. 160-169 [doi]
- Intrusion Detection in RBAC-administered DatabasesElisa Bertino, Ashish Kamra, Evimaria Terzi, Athena Vakali. 170-182 [doi]
- How Does Information Assurance R&D Impact Information Assurance in Practice? Follow the money - Where does it Go - What is our ROI?183 [doi]
- User-Centered Security: Stepping Up to the Grand ChallengeMary Ellen Zurko. 187-202 [doi]
- ScriptGen: an automated script generation tool for honeydCorrado Leita, Ken Mermoud, Marc Dacier. 203-214 [doi]
- Automatic Generation of Buffer Overflow Attack Signatures: An Approach Based on Program Behavior ModelsZhenkai Liang, R. Sekar. 215-224 [doi]
- Evolving Successful Stack Overflow Attacks for Vulnerability TestingHilmi Günes Kayacik, A. Nur Zincir-Heywood, Malcolm I. Heywood. 225-234 [doi]
- Java for Mobile Devices: A Security StudyMourad Debbabi, Mohamed Saleh, Chamseddine Talhi, Sami Zhioua. 235-244 [doi]
- Lessons Learned: A Security Analysis of the Internet Chess ClubJohn Black, Martin Cochran, Martin Ryan Gardner. 245-253 [doi]
- Building Evidence Graphs for Network Forensics AnalysisWei Wang, Thomas E. Daniels. 254-266 [doi]
- Multi-Level Security Requirements for HypervisorsPaul A. Karger. 267-275 [doi]
- Building a MAC-Based Security Architecture for the Xen Open-Source HypervisorReiner Sailer, Trent Jaeger, Enriquillo Valdez, Ramón Cáceres, Ronald Perez, Stefan Berger, John Linwood Griffin, Leendert van Doorn. 276-285 [doi]
- e-NeXSh: Achieving an Effectively Non-Executable Stack and Heap via System-Call PolicingGaurav S. Kc, Angelos D. Keromytis. 286-302 [doi]
- Dynamic Taint Propagation for JavaVivek Haldar, Deepak Chandra, Michael Franz. 303-311 [doi]
- An Integrity Verification Scheme for DNS Zone file based on Security Impact AnalysisRamaswamy Chandramouli, Scott Rose. 312-321 [doi]
- Paranoid: A Global Secure File Access Control SystemFareed Zaffar, Gershon Kedem, Ashish Gehani. 322-332 [doi]
- How to Develop a Career in Information Assurance and How to Advance in this FieldMarla Collier. 333 [doi]
- Looking Back at the Bell-La Padula ModelDavid Elliott Bell. 337-351 [doi]
- The Pump: A Decade of Covert FunMyong H. Kang, Ira S. Moskowitz, Stanley Chincheck. 352-360 [doi]
- Design and Implementation of an Extrusion-based Break-In Detector for Personal ComputersWeidong Cui, Randy H. Katz, Wai-tian Tan. 361-370 [doi]
- Detecting Intra-enterprise Scanning Worms based on Address ResolutionDavid Whyte, Paul C. van Oorschot, Evangelos Kranakis. 371-380 [doi]
- Stealth BreakpointsAmit Vasudevan, Ramesh Yerraballi. 381-392 [doi]
- Highlights from the 2005 New Security Paradigms WorkshopSimon N. Foley, Abe Singer, Michael E. Locasto, Stelios Sidiroglou, Angelos D. Keromytis, John McDermott, Julie Thorpe, Paul C. van Oorschot, Anil Somayaji, Richard Ford, Mark Bush, Alex Boulatov. 393-396 [doi]
- mSSL: Extending SSL to Support Data Sharing Among Collaborative ClientsJun Li, Xun Kang. 397-408 [doi]
- Layering Public Key Distribution Over Secure DNS using Authenticated DelegationJohn P. Jones, Daniel F. Berger, Chinya V. Ravishankar. 409-418 [doi]
- PorKI: Making User PKI Safe on Machines of Heterogeneous TrustworthinessSara Sinclair, Sean W. Smith. 419-430 [doi]
- Uniform Application-level Access Control Enforcement of Organizationwide PoliciesTine Verhanneman, Frank Piessens, Bart De Win, Wouter Joosen. 431-440 [doi]
- Using Continuous Biometric Verification to Protect Interactive Login SessionsSandeep Kumar, Terence Sim, Rajkumar Janakiraman, Sheng Zhang. 441-450 [doi]
- Improved Port Knocking with Strong AuthenticationRennie deGraaf, John Aycock, Michael J. Jacobson Jr.. 451-462 [doi]
- Graphical Passwords: A SurveyXiaoyuan Suo, Ying Zhu, G. Scott Owen. 463-472 [doi]
- Have the cake and eat it too - Infusing usability into text-password based authentication systemsSundararaman Jeyaraman, Umut Topkara. 473-482 [doi]
- Fault Attacks on Dual-Rail Encoded SystemsJason Waddle, David Wagner. 483-494 [doi]
- Survivability Architecture of a Mission Critical System: The DPASA ExampleJennifer Chong, Partha Pratim Pal, Michael Atighetchi, Paul Rubel, Franklin Webber. 495-504 [doi]
- Generating Policies for Defense in DepthPaul Rubel, Michael Ihde, Steven Harp, Charles Payne. 505-514 [doi]
- Defensive Execution of Transactional Processes against AttacksMeng Yu, Wanyu Zang, Peng Liu. 515-526 [doi]
- Privacy Requirements Implemented with a JavaCardAnas Abou El Kalam, Yves Deswarte. 527-536 [doi]
- Privacy-Preserving Alert Correlation: A Concept Hierarchy Based ApproachDingbang Xu, Peng Ning. 537-546 [doi]
- Securing Email Archives through User ModelingYiru Li, Anil Somayaji. 547-556 [doi]