Sponsored by Technical Committee on Security and Privacy
2011
May 22-25, 2011
Berkeley/Oakland, California
ISBN 978-0-7695-4402-1
Session: Security of authentication and protection mechanisms:
Chair: Patrick Traynor
- Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on fon-iks,
by Andrew M. White, Kevin Snow, Austin Matthews and Fabian Monrose, pg. 3
- The Failure of Noise-Based Non-Continuous Audio Captchas,
by Elie Bursztein, Romain Beauxis, Hristo Paskov, Daniele Perito, Celine Fabry and John C. Mitchell, pg. 19
- Using Fingerprint Authentication to Reduce System Security: An Empirical Study,
by Hugh Wimberly and Lorie M. Liebrock, pg. 32
Session: Hardware Security
Chair: Mike Reiter
Session: Systematization of Knowledge I
Chair: Guofei Gu
Session: Browsing Security and Privacy
Chair: Venkat Venkatakrishnan
- Verified Security for Browser Extensions,
by Arjun Guha, Matthew Fredrikson, Benjamin Livshits and Nikhil Swamy, pg. 115
- RePriv: Re-Imagining Content Personalization and In-Browser Privacy,
by Matthew Fredrikson and Benjamin Livshits, pg. 131
- I Still Know What You Visited Last Summer: Leaking broswer history via user interaction and side channel attacks,
by Zachary Weinberg, Eric Y. Chen, Pavithra Ramesh Jayaraman and Collin Jackson, pg. 147
Session: Secure Information Flow and Information Policies
Chair: Andrew Myers
- Verification of Information Flow and Access Control Policies via Dependent Types,
by Aleksandar Nanevski, Anindya Banerjee and Deepak Garg, pg. 165
- Inference of expressive declassification policies,
by Jeffrey Vaughan and Stephen Chong, pg. 180
- The Complexity of Intransitive Noninterference,
by Sebastian Eggert, Ron van der Meyden, Henning Schnoor and Thomas Wilke, pg. 196
- SCION: Scalability, Control, and Isolation On Next-Generation Networks,
by Xin Zhang, Hsu-Chun Hsiao, Geoffrey Hasker, Haowen Chan, Adrian Perrig and David Andersen, pg. 212
Session: Privacy and Social Networks
Chair: Lujo Bauer
- "You Might Also Like:" Privacy Risks of Collaborative Filtering,
by Joseph A. Calandrino, Ann Kilzer, Arvind Narayanan, Edward W. Felten and Vitaly Shmatikov, pg. 231
- Quantifying Location Privacy,
by Reza Shokri, George Theodorakopoulos, Jean-Yves Le Boudec and Jean-Pierre Hubaux, pg. 247
- Preventing Sybil Attacks by Privilege Attenuation: A Design Principle for Social Network Systems,
by Philip W. L. Fong, pg. 263
Session: Virtualization and Trusted Computing
Chair: Jonathan McCune
- PRISM: Program Replication and Integration for Seamless MILS,
by Chris Owen, Duncan Grove, Tristan Newby, Alex Murray, Chris North and Michael Pope, pg. 281
- Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection,
by Brendan Dolan-Gavitt, Tim Leek, Michael Zhivich, Jonathon Giffin and Wenke Lee, pg. 297
- HomeAlone: Co-Residency Detection in the Cloud via Side-Channel Analysis,
by Yinqian Zhang, Ari Juels, Alina Oprea and Michael K. Reiter, pg. 313
- TxBox: Building Secure, Efficient Sandboxes with System Transactions,
by Suman Jana, Vitaly Shmatikov and Donald E. Porter, pg. 329
Session: Program Security Analysis
Chair: Weidong Cui
- Differential Slicing: Identifying Causal Execution Differences for Security Applications,
by Noah Johnson, Juan Caballero, Kevin Chen, Stephen McCamant, Pongsin Poosankam, Daniel Reynaud and Dawn Song, pg. 347
- Automated Analysis of Security-Critical JavaScript APIs,
by Ankur Taly, Úlfar Erlingsson, Mark Miller, John C. Mitchell and Jasvir Nagra, pg. 363
- Memoir: Practical State Continuity for Protected Modules,
by Bryan Parno, Jacob R. Lorch, John R. Douceur, James Mickens and Jonathan M. McCune, pg. 379
Session: Systematization of Knowledge II
Chair: Adrian Perrig
Session: Underground Economy/Malware
Chair: Kevin Fu
- Click Trajectories: End-to-End Analysis of the Spam Value Chain,
by Kirill Levchenko, Andreas Pitsillidis, Neha Chachra, Brandon Enright, Márk Félegyházi, Chris Grier, Tristan Halvorson, Chris Kanich, Christian Kreibich, He Liu, Damon McCoy, Nicholas Weaver, Vern Paxson, Geoffrey M. Voelker and Stefan Savage, pg. 431
- Design and Evaluation of a Real-Time URL Spam Filtering Service,
by Kurt Thomas, Chris Grier, Justin Ma, Vern Paxson and Dawn Song, pg. 447
Session: Vulnerability Analysis
Chair: Christopher Kruegel
- How to Shop for Free Online - Security Analysis of Cashier-as-a-Service Based Web Stores,
by Rui Wang, Shuo Chen, XiaoFeng Wang and Shaz Qadeer, pg. 465
- Cryptography in the Web: The Case of Cryptographic Design Flaws in ASP.NET,
by Thai Duong and Juliano Rizzo, pg. 481
- Cache Games - Bringing Access-Based Cache Attacks on AES to Practice,
by Endre Bangerter, David Gullasch and Stephan Krenn, pg. 490
- OpenConflict: Preventing Real Time Map Hacks in Online Games,
by Elie Bursztein, Mike Hamburg, Jocelyn Lagarenne and Dan Boneh pg. 506
Session: Anonymity and Voting
Chair: David Wagner
Author Index
Publisher's Notices
Copyright