The Community for Technology Leaders
2006 IEEE Symposium on Security and Privacy (S&P'06) (2006)
Berkeley/Oakland, California
May 21, 2006 to May 24, 2006
ISSN: 1081-6011
ISBN: 0-7695-2574-1
Session: Signature Generation

Towards Automatic Generation of Vulnerability-Based Signatures (Abstract)

David Brumley , Carnegie Mellon University
James Newsome , Carnegie Mellon University
Dawn Song , Carnegie Mellon University
Hao Wang , University of Wisconsin-Madison
Somesh Jha , University of Wisconsin-Madison
pp. 2-16

MisleadingWorm Signature Generators Using Deliberate Noise Injection (Abstract)

Roberto Perdisci , University of Cagliari, 09123 Cagliari, ITALY
David Dagon , Georgia Institute of Technology, Atlanta
Wenke Lee , Georgia Institute of Technology, Atlanta
Prahlad Fogla , Georgia Institute of Technology, Atlanta
Monirul Sharif , Georgia Institute of Technology, Atlanta
pp. 17-31

Hamsa: Fast Signature Generation for Zero-day PolymorphicWorms with Provable Attack Resilience (Abstract)

Zhichun Li , Northwestern University, Evanston, IL
Manan Sanghi , Northwestern University, Evanston, IL
Yan Chen , Northwestern University, Evanston, IL
Ming-Yang Kao , Northwestern University, Evanston, IL
Brian Chavez , Northwestern University, Evanston, IL
pp. 32-47
Session: Detection

Dataflow Anomaly Detection (Abstract)

Sandeep Bhatkar , Stony Brook University, NY
Abhishek Chaturvedi , Stony Brook University, NY
R. Sekar , Stony Brook University, NY
pp. 48-62

A Framework for the Evaluation of Intrusion Detection Systems (Abstract)

Alvaro A. C?ardenas , University of Maryland
John S. Baras , University of Maryland
Karl Seamon , University of Maryland
pp. 63-77

Siren: Catching Evasive Malware (Short Paper) (Abstract)

Kevin Borders , University of Michigan, Ann Arbor
Xin Zhao , University of Michigan, Ann Arbor
Atul Prakash , University of Michigan, Ann Arbor
pp. 78-85
Session: Privacy

Fundamental Limits on the Anonymity Provided by the MIX Technique (Abstract)

Dogan Kesdogan , RWTH Aachen
Dakshi Agrawal , IBM Watson Res. Ctr.
Vinh Pham , RWTH Aachen
Dieter Rautenbach , University of Bonn
pp. 86-99

Locating Hidden Servers (Abstract)

Lasse Overlier , Gjovik University College
Paul Syverson , Naval Research Laboratory
pp. 100-114

Practical Inference Control for Data Cubes (Extended Abstract) (Abstract)

Yingjiu Li , Singapore Management University
Haibing Lu , Singapore Management University
Robert H. Deng , Singapore Management University
pp. 115-120

Deterring Voluntary Trace Disclosure in Re-encryption Mix Networks (Abstract)

XiaoFeng Wang , Indiana University
Markus Jakobsson , Indiana University
Alex Tsow , Indiana University
pp. 121-131

New Constructions and Practical Applications for Private Stream Searching (Extended Abstract) (Abstract)

John Bethencourt , Carnegie Mellon University
Dawn Song , Carnegie Mellon University
Brent Waters , SRI International
pp. 132-139
Session: Formal Methods

A Computationally Sound Mechanized Prover for Security Protocols (Abstract)

Bruno Blanchet , CNRS, Ecole Normale Superieure, Paris
pp. 140-154

A Logic for Constraint-based Security Protocol Analysis (Abstract)

Ricardo Corin , University of Twente, The Netherlands
Sandro Etalle , University of Twente, The Netherlands
Ari Saptawijaya , University of Indonesia, Indonesia
pp. 155-168

Simulatable Security and Polynomially Bounded Concurrent Composability (Abstract)

Dennis Hofheinz , CWI, Cryptology and Information Security Group Amsterdam, The Netherlands
Dominique Unruh , Universitat Karlsruhe, Germany
pp. 169-183
Session: Analyzing and Enforcing Policy

Privacy and Contextual Integrity: Framework and Applications (Abstract)

Adam Barth , Stanford University
Anupam Datta , Stanford University
John C. Mitchell , Stanford University
Helen Nissenbaum , New York University
pp. 184-198

FIREMAN: A Toolkit for FIREwall Modeling and ANalysis (Abstract)

Lihua Yuan , University of California, Davis
Jianning Mai , University of California, Davis
Zhendong Su , University of California, Davis
Hao Chen , University of California, Davis
Chen-Nee Chuah , University of California, Davis
Prasant Mohapatra , University of California, Davis
pp. 199-213

Retrofitting Legacy Code for Authorization Policy Enforcement (Abstract)

Vinod Ganapathy , University of Wisconsin
Trent Jaeger , Pennsylvania State University
Somesh Jha , University of Wisconsin
pp. 214-229
Session: Analyzing Code

Deriving an Information Flow Checker and Certifying Compiler for Java (Abstract)

Gilles Barthe , INRIA Sophia-Antipolis, Project EVEREST, France
Tamara Rezk , INRIA Sophia-Antipolis, Project EVEREST, France
David Naumann , Stevens Institute of Technology
pp. 230-242

Automatically Generating Malicious Disks using Symbolic Execution (Abstract)

Junfeng Yang , Stanford University
Can Sar , Stanford University
Paul Twohey , Stanford University
Cristian Cadar , Stanford University
Dawson Engler , Stanford University
pp. 243-257

Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper) (Abstract)

Nenad Jovanovic , Technical University of Vienna
Christopher Kruegel , Technical University of Vienna
Engin Kirda , Technical University of Vienna
pp. 258-263

Cobra: Fine-grained Malware Analysis using Stealth Localized-executions (Abstract)

Amit Vasudevan , University of Texas at Arlington
Ramesh Yerraballi , University of Texas at Arlington
pp. 264-279
Session: Authentication

Integrity (I) Codes: Message Integrity Protection and Authentication Over Insecure Channels (Abstract)

Mario Cagalj , I&C-LCA EPFL
Jean-Pierre Hubaux , I&C-LCA EPFL
Srdjan Capkun , Technical University of Denmark
Ramkumar Rengaswamy , EE-NESL, UCLA
Ilias Tsigkogiannis , EE-NESL, UCLA
Mani Srivastava , EE-NESL, UCLA
pp. 280-294

Cognitive Authentication Schemes Safe Against Spyware (Short Paper) (Abstract)

Daphna Weinshall , Hebrew University of Jerusalem, Jerusalem Israel
pp. 295-300

Cache Cookies for Browser Authentication (Extended Abstract) (Abstract)

Ari Juels , RSA Laboratories and RavenWhite Inc.
Markus Jakobsson , Indiana University and RavenWhite Inc.
Tom N. Jagatic , Indiana University
pp. 301-305

Secure Device Pairing based on a Visual Channel (Short Paper) (Abstract)

Nitesh Saxena , University of California, Irvine, USA
Jan-Erik Ekberg , Nokia Research Center, Helsinki, Finland
Kari Kostiainen , Nokia Research Center, Helsinki, Finland
N. Asokan , Nokia Research Center, Helsinki, Finland
pp. 306-313
Session: Attacks

SubVirt: Implementing malware with virtual machines (Abstract)

Samuel T. King , University of Michigan
Peter M. Chen , University of Michigan
Yi-Min Wang , Microsoft Research
Chad Verbowski , Microsoft Research
Helen J. Wang , Microsoft Research
Jacob R. Lorch , Microsoft Research
pp. 314-327

On the Secrecy of Timing-Based Active Watermarking Trace-Back Techniques (Abstract)

Pai Peng , North Carolina State University
Peng Ning , North Carolina State University
Douglas S. Reeves , North Carolina State University
pp. 334-349
Session: Systems

A Safety-Oriented Platform for Web Applications (Abstract)

Richard S. Cox , University of Washington
Steven D. Gribble , University of Washington
Henry M. Levy , University of Washington
Jacob Gorm Hansen , University of Copenhagen, Denmark
pp. 350-364

Analysis of the Linux Random Number Generator (Abstract)

Zvi Gutterman , Safend and The Hebrew University of Jerusalem
Benny Pinkas , University of Haifa
Tzachy Reinman , Hebrew University of Jerusalem
pp. 371-385

The Final Nail in WEP?s Coffin (Abstract)

Andrea Bittau , University College London
Mark Handley , University College London
Joshua Lackey , Microsoft
pp. 386-400
Author Index

Author Index (PDF)

pp. 401
95 ms
(Ver 3.3 (11022016))