FINAL PROGRAM

2008 IEEE Symposium on Security and Privacy

May 18-22, 2008

The Claremont Resort
Berkeley/Oakland, California, USA

Sponsored by the
IEEE Computer Society Technical Committee on Security and Privacy
in co-operation with
The International Association for Cryptologic Research (IACR)

 

Sunday, May 18, 2008

16:00-19:00 Registration and Reception

 

Monday, May 19, 2008

7:30-8:45 Continental breakfast
8:45-9:15 Opening Remarks (Patrick McDaniel, Avi Rubin, Yong Guan)
9:15-10:15

Session: Peering
Session Chair: Avi Rubin

A Near-Optimal Social Network Defense Against Sybil Attacks
Haifeng Yu, Phillip Gibbons, Michael Kaminsky, Feng Xiao

Anonymous Networking with Minimum Latency in Multihop Networks
Parvathinathan Venkitasubramaniam, Lang Tong

10:15-10:45 Break
10:45-12:15

Session: Communications Security
Session Chair: Matt Blaze

Spot me if you can: Uncovering spoken phrases in encrypted VoIP conversations
Charles Wright, Lucas Ballard, Scott Coull, Fabian Monrose, Gerald Masson

Preserving Caller Anonymity in Voice-over-IP Networks
Mudhakar Srivatsa, Arun Iyengar, Ling Liu

Jamming-resistant Key Establishment using Uncoordinated Frequency Hopping
Mario Strasser, Christina Popper, Srdjan Capkun, Mario Cagalj

12:15-13:30 Lunch
13:30-15:00

Session: Data
Session Chair: Fabian Monrose

Casting out Demons: Sanitizing Training Data for Anomaly Sensors
Gabriela Cretu, Angelos Stavrou, Michael Locasto, Salvatore Stolfo, Angelos Keromytis

Efficient and Robust TCP Stream Normalization
Mythili Vutukuru, Hari Balakrishnan, Vern Paxson

Robust De-Anonymization of Large Datasets
Arvind Narayanan, Vitaly Shmatikov

15:00-15:30 Break
15:30-17:30

Session: Attacks
Session Chair: Niels Provos

Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses
Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin Ransford, Shane S. Clark, Benessa Defend, Will Morgan, Kevin Fu, Tadayoshi Kohno, William H. Maisel

Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications
David Brumley, Pongsin Poosankam, Dawn Song, Jiang Zheng

Compromising Reflections -or- How to Read LCD Monitors Around the Corner
Michael Backes, Markus Durmuth, Dominique Unruh

ClearShot: Eavesdropping Keyboard Input from Video
Davide Balzarotti, Marco Cova, Giovanni Vigna

18:00-20:00 Reception
19:30-21:30 Student Forum
Session Chair: David Du
Room: Lanai 2

 

Tuesday, May 20, 2008

7:30-8:45 Continental breakfast
8:45-10:15

Session: Miscellaneous
Session Chair: Andrew Myers

XFA: Faster signature matching with extended automata
Randy Smith, Cristian Estan, Somesh Jha

Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol
Michael Backes, Matteo Maffei, Dominique Unruh

Practical Privacy for Genomic Computation
Somesh Jha, Louis Kruger, Vitaly Shmatikov

10:15-10:45 Break
10:45-12:15

Session: Defenses
Session Chair: Tadayoshi Kohno

Lares: An Architecture for Secure Active Monitoring Using Virtualization
Bryan Payne, Martim Carbone, Monirul Sharif, Wenke Lee

Practical Proactive Integrity Preservation: A Basis for Malware Defense
Weiqing Sun, Tejas Karandikar, R. Sekar, Gaurav Poothia

Preventing memory error exploits with WIT
Periklis Akritidis, Cristian Cadar, Costin Raiciu, Manuel Costa, Miguel Castro

12:15-13:30 Lunch
13:30-15:00

Session: Attacks II
Session Chair: Wenke Lee

Thinking Inside the Box: System-level Failures of Tamper Proofing
Saar Drimer, Steven Murdoch, Ross Anderson

Cloaker: Hardware Supported Rootkit Concealment
Francis David, Ellick Chan, Jeffrey Carlyle, Roy Campbell

Predictable Design of Network-Based Covert Communication Systems
Ronald Smith, Scott Knight

15:00-15:30 Break
15:30-17:00

Session: 5-minute Work-in-Progress Talks
Session Chair: Jonathon Giffin

17:15-18:30 Business Meeting

 

Wednesday, May 21, 2008

7:30-8:30 Continental breakfast
8:30-10:30

Session: Programming Language Security
Session Chair: David Evans

Verifying the Safety of User Pointer Dereferences
Suhabe Bugrara, Alex Aiken

Expressive declassification policies and modular static enforcement
Anindya Banerjee', David Naumann, Stan Rosenberg

Civitas: Toward a Secure Voting System
Michael Clarkson, Stephen Chong, Andrew Myers

Fable: A Language for Enforcing User-defined Security Policies
Nikhil Swamy, Brian Corcoran, Michael Hicks

10:30-11:00 Break
11:00-12:30

Session: Web and File Sharing Security
Session Chair: Patrick McDaniel

Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications
Marco Cova, Vika Felmetsger, Davide Balzarotti, Nenad Jovanovic, Christopher Kruegel, Engin Kirda, Giovanni Vigna

Secure web browsing with the OP web browser
Chris Grier, Shuo Tang, Samuel King

Automated formal analysis of a protocol for secure file sharing on untrusted storage
Bruno Blanchet, Avik Chaudhuri

12:30-12:45 Closing Remarks (Patrick McDaniel, Avi Rubin, and David Du)

 

Thursday, May 22, 2008 - Workshop Day

7:30-18:00 Digital Forensics Workshop (SADFE 2008) Lanai 2
7:30-18:00 Web 2.0 Security and Privacy Workshop (W2SP 2008) Horizon

 

Last modified: Wednesday May 11 21:34:01 EDT 2008