By Topic

Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007)

10-14 Dec. 2007

Filter Results

Displaying Results 1 - 25 of 56
  • Twenty-Third Annual Computer Security Applications Conference - Cover

    Publication Year: 2007, Page(s): c1
    Request permission for commercial reuse | PDF file iconPDF (47 KB)
    Freely Available from IEEE
  • Twenty-Third Annual Computer Security Applications Conference - Title

    Publication Year: 2007, Page(s):i - iii
    Request permission for commercial reuse | PDF file iconPDF (308 KB)
    Freely Available from IEEE
  • Twenty-Third Annual Computer Security Applications Conference - Copyright

    Publication Year: 2007, Page(s): iv
    Request permission for commercial reuse | PDF file iconPDF (95 KB)
    Freely Available from IEEE
  • Twenty-Third Annual Computer Security Applications Conference - TOC

    Publication Year: 2007, Page(s):v - ix
    Request permission for commercial reuse | PDF file iconPDF (298 KB)
    Freely Available from IEEE
  • Welcome from the Conference Chair

    Publication Year: 2007, Page(s): x
    Request permission for commercial reuse | PDF file iconPDF (163 KB) | HTML iconHTML
    Freely Available from IEEE
  • Welcome from the Program Chairs

    Publication Year: 2007, Page(s): xi
    Request permission for commercial reuse | PDF file iconPDF (159 KB) | HTML iconHTML
    Freely Available from IEEE
  • Conference Committee

    Publication Year: 2007, Page(s): xii
    Request permission for commercial reuse | PDF file iconPDF (148 KB)
    Freely Available from IEEE
  • Program Committee

    Publication Year: 2007, Page(s): xiii
    Request permission for commercial reuse | PDF file iconPDF (157 KB)
    Freely Available from IEEE
  • Additional Reviewers and Tutorial Reviewers

    Publication Year: 2007, Page(s): xiv
    Request permission for commercial reuse | PDF file iconPDF (163 KB)
    Freely Available from IEEE
  • ACSAC Steering Committee

    Publication Year: 2007, Page(s): xv
    Request permission for commercial reuse | PDF file iconPDF (143 KB)
    Freely Available from IEEE
  • Sponsor: Applied Computer Security Associates

    Publication Year: 2007
    Request permission for commercial reuse | PDF file iconPDF (177 KB)
    Freely Available from IEEE
  • So You Think You Can Dance?

    Publication Year: 2007, Page(s):3 - 17
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (326 KB) | HTML iconHTML

    This paper discusses the importance of keeping practitioners in mind when determining what research to pursue and when making design and implementation decisions as part of a research program. The author discussed how his 30 plus years of security research have been driven by the desire to provide products, tools, and techniques that are useful for practitioners. He also discussed his view of what... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Establishing and Sustaining System Integrity via Root of Trust Installation

    Publication Year: 2007, Page(s):19 - 29
    Cited by:  Papers (9)  |  Patents (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (385 KB) | HTML iconHTML

    Integrity measurements provide a means by which distributed systems can assess the trustability of potentially compromised remote hosts. However, current measurement techniques simply assert the identity of software, but provide no indication of the ongoing status of the system or its data. As a result, a number of significant vulnerabilities can result if the system is not configured and managed ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Tampering with Special Purpose Trusted Computing Devices: A Case Study in Optical Scan E-Voting

    Publication Year: 2007, Page(s):30 - 39
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1367 KB) | HTML iconHTML

    Special purpose trusted computing devices are currently being deployed to offer many services for which the general purpose computing paradigm is unsuitable. The nature of the services offered by many of these devices demand high security and reliability, as well as low cost and low power consumption. Electronic Voting machines is a canonical example of this phenomenon. With electronic voting mach... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Toward a Medium-Robustness Separation Kernel Protection Profile

    Publication Year: 2007, Page(s):40 - 51
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (288 KB) | HTML iconHTML

    A protection profile for high-robustness separation kernels has recently been validated and several implementations are under development. However, medium-robustness separation kernel development efforts have no protection profile, although the US Government has published guidance for authoring such a profile. As a step toward a protection profile, a set of security requirements for medium-robustn... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Improving Signature Testing through Dynamic Data Flow Analysis

    Publication Year: 2007, Page(s):53 - 63
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (314 KB) | HTML iconHTML

    The effectiveness and precision of network-based intrusion detection signatures can be evaluated either by direct analysis of the signatures (if they are available) or by using black-box testing (if the system is closed-source). Recently, several techniques have been proposed to generate test cases by automatically deriving variations (or mutations) of attacks. Even though these techniques have be... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • HoneyIM: Fast Detection and Suppression of Instant Messaging Malware in Enterprise-Like Networks

    Publication Year: 2007, Page(s):64 - 73
    Cited by:  Papers (9)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (377 KB) | HTML iconHTML

    Instant messaging (IM) has been one of most frequently used malware attack vectors due to its popularity. Distinct from other malware, it is straightforward for IM malware to find and hit the next victim by exploiting the current victim's contact list and playing social engineering tricks. Thus, the spread of IM malware is much harder to detect and suppress through conventional approaches. The pre... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Feature Omission Vulnerabilities: Thwarting Signature Generation for Polymorphic Worms

    Publication Year: 2007, Page(s):74 - 85
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (269 KB) | HTML iconHTML

    To combat the rapid infection rate of today's Internet worms, signatures for novel worms must be generated soon after an outbreak. This is especially critical in the case of polymorphic worms, whose binary representation changes frequently during the infection process. In this paper, we examine the assumptions underlying two leading network-based signature generation systems for polymorphic worms:... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Toward Realistic and Artifact-Free Insider-Threat Data

    Publication Year: 2007, Page(s):87 - 96
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (354 KB) | HTML iconHTML

    Progress in insider-threat detection is currently limited by a lack of realistic, publicly available, real-world data. For reasons of privacy and confidentiality, no one wants to expose their sensitive data to the research community. Data can be sanitized to mitigate privacy and confidentiality concerns, but the mere act of sanitizing the data may introduce artifacts that compromise its utility fo... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Database Isolation and Filtering against Data Corruption Attacks

    Publication Year: 2007, Page(s):97 - 106
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (278 KB) | HTML iconHTML

    Various attacks (e.g., SQL injections) may corrupt data items in the database systems, which decreases the integrity level of the database. Intrusion detections systems are becoming more and more sophisticated to detect such attacks. However, more advanced detection techniques require more complicated analyses, e.g, sequential analysis, which incurs detection latency. If we have an intrusion detec... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Injection

    Publication Year: 2007, Page(s):107 - 117
    Cited by:  Papers (23)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (466 KB) | HTML iconHTML

    With the recent rapid increase in interactive Web applications that employ back-end database services, an SQL injection attack has become one of the most serious security threats. The SQL injection attack allows an attacker to access the underlying database, execute arbitrary commands at intent, and receive a dynamically generated output, such as HTML Web pages. In this paper, we present our techn... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Closed-Circuit Unobservable Voice over IP

    Publication Year: 2007, Page(s):119 - 128
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (546 KB) | HTML iconHTML

    Among all the security issues in Voice over IP (VoIP) communications, one of the most difficult to achieve is traffic analysis resistance. Indeed, classical approaches provide a reasonable degree of security but induce large round-trip times that are incompatible with VoIP. In this paper, we describe some of the privacy and security issues derived from traffic analysis in VoIP. We also give an ove... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • SSARES: Secure Searchable Automated Remote Email Storage

    Publication Year: 2007, Page(s):129 - 139
    Cited by:  Papers (6)  |  Patents (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (632 KB) | HTML iconHTML

    The increasing centralization of networked services places user data at considerable risk. For example, many users store email on remote servers rather than on their local disk. Doing so allows users to gain the benefit of regular backups and remote access, but it also places a great deal of unwarranted trust in the server. Since most email is stored in plaintext, a compromise of the server implie... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Design and Development of an Undercover Multipurpose Anti-spoofing Kit (UnMask)

    Publication Year: 2007, Page(s):141 - 150
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (527 KB) | HTML iconHTML

    This paper describes the design and development of a software system to support law enforcement in investigating and prosecuting email based crimes. It focuses on phishing scams which use emails to trick users into revealing personal data. The system described in this paper, called the undercover multipurpose anti-spoofing kit (UnMask), will enable investigators to reduce the time and effort neede... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Efficiency Issues of Rete-Based Expert Systems for Misuse Detection

    Publication Year: 2007, Page(s):151 - 160
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (305 KB) | HTML iconHTML

    This paper provides a general and comprehensive approach to implementing misuse detection on expert systems and an in-depth analysis of the effectiveness of the optimization strategies of the Rete algorithm wrt. the general implementation approach. General efficiency limits of Rete- based expert systems in the domain of misuse detection are determined analytically and validated experimentally. We ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.