viernes, 28 de mayo de 2010

Presentaciones: IEEE Symposium on Security and Privacy

- Opening Remarks [PPTX] [PDF]
Ulf Lindqvist, David Evans, Giovanni Vigna

- Session 1: Malware Analysis
Chair: Jon Giffin, Georgia Institute of Technology
Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries [Slides: PDF]
Clemens Kolbitsch (Vienna University of Technology), Thorsten Holz (Vienna University of Technology), Christopher Kruegel (University of California, Santa Barbara), Engin Kirda (Institute Eurecom)
Synthesizing Near-Optimal Malware Specifications from Suspicious Behaviors
Identifying Dormant Functionality in Malware Programs [Slides: PDF]

Session 2: Information Flow
Chair: David Molnar, Microsoft Research Redmond
Reconciling Belief and Vulnerability in Information Flow
Sardaouna Hamadou (University of Southampton), Vladimiro Sassone (University of Southampton), Catuscia Palamidessi (École Polytechnique)
Towards Static Flow-Based Declassification for Legacy and Untrusted Programs [Slides: PPTX, PDF]
Non-Interference Through Secure Multi-Execution [Slides: PDF]
Dominique Devriese, Frank Piessens (K. U. Leuven)
Object Capabilities and Isolation of Untrusted Web Applications [Slides: PDF]

Session 3: Root of Trust
Chair: Radu Sion, Stony Brook University
TrustVisor: Efficient TCB Reduction and Attestation [Slides: PPTX, PDF]
Overcoming an Untrusted Computing Base: Detecting and Removing Malicious Hardware Automatically [Slides: PPT, PDF]
Tamper Evident Microprocessors [Slides: PDF, PPT]

Session 4: Information Abuse
Chair: Patrick Traynor, Georgia Institute of Technology
Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow [Slides: PPT, PDF]
Investigation of Triangular Spamming: a Stealthy and Efficient Spamming Technique [Slides: PPTX]
A Practical Attack to De-Anonymize Social Network Users [Slides: PDF]
Gilbert Wondracek (Vienna University of Technology), Thorsten Holz (Vienna University of Technology), Engin Kirda (Institute Eurecom), Christopher Kruegel (University of California, Santa Barbara)
SCiFI - A System for Secure Face Identification [Slides: PDF, PDF 6-up]

Buses start loading for special event
Buses will leave from the Claremont front entrance to the reception. [Walking directions (about 30 minutes)]

Session 5: Network Security
Chair: Nikita Borisov, University of Illinois at Urbana-Champaign
Round-Efficient Broadcast Authentication Protocols for Fixed Topology Classes [Slides: PPT, PDF]
Revocation Systems with Very Small Private Keys [Slides: PPT]

Session 6: Systematization of Knowledge I
Chair: Z Morley Mao. , University of Michigan
Outside the Closed World: On Using Machine Learning For Network Intrusion Detection [Slides: PDF]
All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but might have been afraid to ask) [Slides: PPTX, PDF]

Session 7: Secure Systems
Chair: Jonathan McCune, Carnegie Mellon University
A Proof-Carrying File System
HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity [Slides: PDF]

Session 8: Systematization of Knowledge II
Chair: Ed Suh, Cornell University
How Good are Humans at Solving CAPTCHAs? A Large Scale Evaluation
Elie Bursztein, Steven Bethard, John C. Mitchell, Dan Jurafsky (Stanford University), Céline Fabry
Bootstrapping Trust in Commodity Computers [Slides: PPTX, PDF]

Short Talks
Short Talks Chair: Angelos Stavrou, George Mason University

Session 9: Analyzing Deployed Systems
Chair: J. Alex Halderman, University of Michigan
Chip and PIN is Broken [Slides: PDF, Prezi]

Session 10: Language-Based Security
Chair: David Brumley,Carnegie Mellon University
ConScript: Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser [Slides: PPT, PDF]
Leo Meyerovich (University of California, Berkeley), Benjamin Livshits (Microsoft Research)
TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection [Slides: PPTX, PDF]

No hay comentarios: