Table of Contents

• A Network Access Control Mechanism Based on Behavior ProfilesVanessa Frías-Martínez, Joseph Sherrick, Salvatore J. Stolfo, Angelos D. Keromytis. 3-12 [doi]
• RoleVAT: Visual Assessment of Practical Need for Role Based Access ControlDana Zhang, Kotagiri Ramamohanarao, Steven Versteeg, Rui Zhang 0003. 13-22 [doi]
• How to Securely Break into RBAC: The BTG-RBAC ModelAna Ferreira, David W. Chadwick, Pedro Farinha, Ricardo João Cruz Correia, Gansen Zhao, Rui Chilro, Luis Antunes. 23-31 [doi]
• Computer-Related Risk FuturesPeter G. Neumann. 35-40 [doi]
• Evaluation of a DPA-Resistant Prototype ChipMario Kirschbaum, Thomas Popp. 43-50 [doi]
• FPValidator: Validating Type Equivalence of Function Pointers on the FlyHua Wang, Yao Guo, Xiangqun Chen. 51-59 [doi]
• Surgically Returning to Randomized lib(c)Giampaolo Fresi Roglia, Lorenzo Martignoni, Roberto Paleari, Danilo Bruschi. 60-69 [doi]
• SecureMR: A Service Integrity Assurance Framework for MapReduceWei Wei, Juan Du, Ting Yu, Xiaohui Gu. 73-82 [doi]
• Justifying Integrity Using a Virtual Machine VerifierJoshua Schiffman, Thomas Moyer, Christopher Shal, Trent Jaeger, Patrick Drew McDaniel. 83-92 [doi]
• Scalable Web Content AttestationThomas Moyer, Kevin R. B. Butler, Joshua Schiffman, Patrick Drew McDaniel, Trent Jaeger. 95-104 [doi]
• A Study of User-Friendly Hash Comparison SchemesHsu-Chun Hsiao, Yue-Hsun Lin, Ahren Studer, Cassandra Studer, King-Hang Wang, Hiroaki Kikuchi, Adrian Perrig, Hung-Min Sun, Bo-Yin Yang. 105-114 [doi]
• Modeling Modern Network Attacks and Countermeasures Using Attack GraphsKyle Ingols, Matthew Chu, Richard Lippmann, Seth E. Webster, Stephen Boyer. 117-126 [doi]
• Evaluating Network Security With Two-Layer Attack GraphsAnmin Xie, Zhuhua Cai, Cong Tang, Jian-bin Hu, Zhong Chen. 127-136 [doi]
• Unifying Broadcast Encryption and Traitor Tracing for Content ProtectionHongxia Jin, Jeffrey B. Lotspiech. 139-148 [doi]
• Detecting Software Theft via System Call Based BirthmarksXinran Wang, Yoon-chan Jhi, Sencun Zhu, Peng Liu. 149-158 [doi]
• Reflections on UNIX VulnerabilitiesMatt Bishop. 161-184 [doi]
• The Good, the Bad, And the Ugly: Stepping on the Security ScaleMary Ann Davidson. 187-195 [doi]
• A New Approach for Anonymous Password AuthenticationYanjiang Yang, Jianying Zhou, Jian Weng, Feng Bao. 199-208 [doi]
• On the Security of PAS (Predicate-Based Authentication Service)Shujun Li, Hassan Jameel Asghar, Josef Pieprzyk, Ahmad-Reza Sadeghi, Roland Schmitz, Huaxiong Wang. 209-218 [doi]
• BAF: An Efficient Publicly Verifiable Secure Audit Logging Scheme for Distributed SystemsAttila Altay Yavuz, Peng Ning. 219-228 [doi]
• FIRE: FInding Rogue nEtworksBrett Stone-Gross, Christopher Kruegel, Kevin C. Almeroth, Andreas Moser, Engin Kirda. 231-240 [doi]
• Active Botnet Probing to Identify Obscure Command and Control ChannelsGuofei Gu, Vinod Yegneswaran, Phillip A. Porras, Jennifer Stoll, Wenke Lee. 241-253 [doi]
• TrustGraph: Trusted Graphics Subsystem for High Assurance SystemsHamed Okhravi, David M. Nicol. 254-265 [doi]
• RAD: Reflector Attack Defense Using Message Authentication CodesErik Kline, Matt Beaumont-Gay, Jelena Mirkovic, Peter L. Reiher. 269-278 [doi]
• A Guided Tour Puzzle for Denial of Service PreventionMehmud Abliz, Taieb Znati. 279-288 [doi]
• Online Signature Generation for Windows SystemsLixin Li, James E. Just, R. Sekar. 289-298 [doi]
• Protecting Commodity Operating System Kernels from Vulnerable Device DriversShakeel Butt, Vinod Ganapathy, Michael M. Swift, Chih-Cheng Chang. 301-310 [doi]
• Detecting Malicious Flux Service Networks through Passive Analysis of Recursive DNS TracesRoberto Perdisci, Igino Corona, David Dagon, Wenke Lee. 311-320 [doi]
• Identification of Bot Commands by Run-Time Execution MonitoringYoung Hee Park, Douglas S. Reeves. 321-330 [doi]
• Transparent Encryption for External Storage Media with Key Management Adapted to Mobile UseAlf Zugenmaier, Sven Lachmund, Dileesh Jostin. 333-339 [doi]
• Semantically Rich Application-Centric Security in AndroidMachigar Ongtang, Stephen E. McLaughlin, William Enck, Patrick Drew McDaniel. 340-349 [doi]
• Leveraging Cellular Infrastructure to Improve Fraud PreventionFrank S. Park, Chinmay Gangakhedkar, Patrick Traynor. 350-359 [doi]
• Analyzing and Detecting Malicious Flash AdvertisementsSean Ford, Marco Cova, Christopher Kruegel, Giovanni Vigna. 363-372 [doi]
• Symmetric Cryptography in JavascriptEmily Stark, Michael Hamburg, Dan Boneh. 373-381 [doi]
• Analyzing Information Flow in JavaScript-Based Browser ExtensionsMohan Dhawan, Vinod Ganapathy. 382-391 [doi]
• Java Security: A Ten Year RetrospectiveLi Gong. 395-405 [doi]
• Secure Web 2.0 Content Sharing Beyond Walled GardensSan-Tsai Sun, Kirstie Hawkey, Konstantin Beznosov. 409-418 [doi]
• Enabling Secure Secret Sharing in Distributed Online Social NetworksLe-Hung Vu, Karl Aberer, Sonja Buchegger, Anwitaman Datta. 419-428 [doi]
• Deploying and Monitoring DNS Security (DNSSEC)Eric Osterweil, Daniel Massey, Lixia Zhang. 429-438 [doi]
• MAVMM: Lightweight and Purpose Built VMM for Malware AnalysisAnh M. Nguyen, Nabil Schear, HeeDong Jung, Apeksha Godiyal, Samuel T. King, Hai D. Nguyen. 441-450 [doi]
• Protecting Kernel Code and Data with a Virtualization-Aware Collaborative Operating SystemDaniela Alvim Seabra de Oliveira, Shyhtsun Felix Wu. 451-460 [doi]
• HIMA: A Hypervisor-Based Integrity Measurement AgentAhmed M. Azab, Peng Ning, Emre Can Sezer, Xiaolan Zhang. 461-470 [doi]
• Online Sketching of Network Flows for Real-Time Stepping-Stone DetectionBaris Coskun, Nasir D. Memon. 473-483 [doi]
• SHELF: Preserving Business Continuity and Availability in an Intrusion Recovery SystemXi Xiong, Xiaoqi Jia, Peng Liu. 484-493 [doi]
• An Empirical Approach to Modeling Uncertainty in Intrusion AnalysisXinming Ou, Siva Raj Rajagopalan, Sakthiyuvaraja Sakthivelmurugan. 494-503 [doi]
• The Design of a Trustworthy Voting SystemNathanael Paul, Andrew S. Tanenbaum. 507-517 [doi]
• Privacy through Noise: A Design Space for Private IdentificationKarsten Nohl, David Evans. 518-527 [doi]
• A Survey of Vendor Software Assurance PracticesJeremy Epstein. 528-537 [doi]