NDSS Symposium 2007 Program
Session 1: Threats
Low-Rate TCP-Targeted DoS Attack Disrupts Internet Routing
Ying Zhang, Zhuoqing Morley Mao, University of Michigan; Jia Wang, AT&T Labs Research
Playing Devil’s Advocate: Inferring Sensitive Information from Anonymized Network Traces
Scott Coull, Charles Wright, Fabian Monrose, Johns Hopkins University; Michael Collins, Michael Reiter, Carnegie Mellon University
Fig: Automatic Fingerprint Generation
Shobha Venkataraman, Juan Caballero, Pongsin Poosankam, Min Gyung Kang, Dawn Song, Carnegie Mellon University
Session 2: Web Security
Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis
Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel – Secure Systems Lab Technical University Vienna; Giovanni Vigna – University of California, Santa Barbara
A Quantitative Study of Forum Spamming Using Context-based Analysis
Yuan Niu, Hao Chen, Francis Hsu, University of California, Davis; Yi-Min Wang, Ming Ma, Microsoft Research
Session 3: More Threats
Phinding Phish: An Evaluation of Anti-Phishing Toolbars
Lorrie Cranor, Serge Egelman, Jason Hong, Yue Zhang, Carnegie Mellon University
Ryan Vogt, John Aycock, Michael Jacobson, University of Calgary, Canada (PDF: 217KB)
Shedding Light on the Configuration of Dark Addresses
Sushant Sinha, Michael Bailey, Farnam Jahanian, University of Michigan
Session 4: Authentication
Consumable Credentials in Linear-Logic-Based Access-Control Systems
Kevin D. Bowers, Lujo Bauer, Deepak Garg, Frank Pfenning, Michael K. Reiter, Carnegie Mellon University
Secret Handshakes with Dynamic and Fuzzy Matching
Giuseppe Ateniese, Jonathan Kirsch, Johns Hopkins University; Marina Blanton, Purdue University
Attribute-Based Publishing with Hidden Credentials and Hidden Policies
Apu Kapadia, Patrick Tsang, Sean Smith, Dartmouth College
Session 5: Privacy
File System Design with Assured Delete
Radia Perlman, Sun Microsystems
Cryptographic Methods for Storing Ballots on a Voting Machine
John Bethencourt, Carnegie Mellon University; Dan Boneh, Stanford University; Brent Waters, SRI International
On the Practicality of Private Information Retrieval
Radu Sion, Stony Brook University; Bogdan Carbunar, Motorola Labs
Session 6: Intrusion Detection and Prevention
RICH: Automatically Protecting Against Integer-Based Vulnerabilities
Author: David Brumley, Dawn Song, Carnegie Mellon University; Tzi-cker Chiueh, Rob Johnson, Stony Brook University; Huijia Lin, Cornell University
Generic Application-Level Protocol Analyzer and its Language
Nikita Borisov, University of Illinois at Urbana-Champaign; David Brumley, Carnegie Mellon University; Helen Wang, John Dunagan, Microsoft Research; Pallavi Joshi, University of California, Berkeley; Chuanxiong Guo, the Institute of Communications Engineering, Nanjing, China
OPTWALL: A Hierarchical Traffic-Aware Firewall
Subrata Acharya, Bryan Mills, Mehmud Abliz, Taieb Znati, University of Pittsburgh; Jia Wang, Zihui Ge, Albert Greenberg, AT&T Labs Research