Table of Contents

• Structuring for Strategic Cyber Defense: A Cyber Manhattan Project BlueprintO. Sami Saydjari. 3-10 [doi]
• Practical Applications of Bloom Filters to the NIST RDS and Hard Drive TriagePaul F. Farrell Jr., Simson L. Garfinkel, Douglas White. 13-22 [doi]
• Systematic Signature Engineering by Re-use of Snort SignaturesSebastian Schmerl, Hartmut König, Ulrich Flegel, Michael Meier, René Rietz. 23-32 [doi]
• Analysing the Performance of Security Solutions to Reduce Vulnerability Exposure WindowYolanta Beres, Jonathan Griffin, Simon Shiu, Max Heitman, David Markle, Peter Ventura. 33-42 [doi]
• New Side Channels Targeted at PasswordsAlbert Tannous, Jonathan T. Trostle, Mohamed Hassan, Stephen E. McLaughlin, Trent Jaeger. 45-54 [doi]
• PinUP: Pinning User Files to Known ApplicationsWilliam Enck, Patrick Drew McDaniel, Trent Jaeger. 55-64 [doi]
• Defending Against Attacks on Main Memory PersistenceWilliam Enck, Kevin R. B. Butler, Thomas Richardson, Patrick Drew McDaniel, Adam Smith. 65-74 [doi]
• Automatic Inference and Enforcement of Kernel Data Structure InvariantsArati Baliga, Vinod Ganapathy, Liviu Iftode. 77-86 [doi]
• VICI Virtual Machine Introspection for Cognitive ImmunityTimothy Fraser, Matthew R. Evenson, William A. Arbaugh. 87-96 [doi]
• Soft-Timer Driven Transient Kernel Control Flow Attacks and DefenseJinpeng Wei, Bryan D. Payne, Jonathon Giffin, Calton Pu. 97-107 [doi]
• On Purely Automated Attacks and Click-Based Graphical PasswordsAmirali Salehi-Abari, Julie Thorpe, Paul C. van Oorschot. 111-120 [doi]
• YAGP: Yet Another Graphical Password StrategyHaichang Gao, Xuewu Guo, Xiaoping Chen, Liming Wang, Xiyang Liu. 121-129 [doi]
• Privacy-Aware Biometrics: Design and Implementation of a Multimodal Verification SystemStelvio Cimato, Marco Gamassi, Vincenzo Piuri, Roberto Sassi, Fabio Scotti. 130-139 [doi]
• Improving the Efficiency of Capture-Resistant Biometric Authentication Based on Set IntersectionXunhua Wang, Philip D. Huff, Brett C. Tjaden. 140-149 [doi]
• ProActive Access Control for Business Process-Driven EnvironmentsMathias Kohler, Andreas Schaad. 153-162 [doi]
• Assessing Quality of Policy Properties in Verification of Access Control PoliciesEvan Martin, JeeHyun Hwang, Tao Xie, Vincent C. Hu. 163-172 [doi]
• Please Permit Me: Stateless Delegated Authorization in MashupsRagib Hasan, Marianne Winslett, Richard M. Conlan, Brian Slesinsky, Nandakumar Ramani. 173-182 [doi]
• Implementing ACL-Based Policies in XACMLGünter Karjoth, Andreas Schade, Els Van Herreweghen. 183-192 [doi]
• Execution Trace-Driven Automated Attack Signature GenerationSusanta Nanda, Tzi-cker Chiueh. 195-204 [doi]
• Improving Security Visualization with Exposure Map FilteringMansour Alsaleh, David Barrera, Paul C. van Oorschot. 205-214 [doi]
• Attack Grammar: A New Approach to Modeling and Analyzing Network Attack SequencesYinqian Zhang, Xun Fan, Yijun Wang, Zhi Xue. 215-224 [doi]
• Host-Centric Model Checking for Network Vulnerability AnalysisRattikorn Hewett, Phongphun Kijsanayothin. 225-234 [doi]
• The Role Hierarchy Mining Problem: Discovery of Optimal Role HierarchiesQi Guo, Jaideep Vaidya, Vijayalakshmi Atluri. 237-246 [doi]
• Permission Set Mining: Discovering Practical and Useful RolesDana Zhang, Kotagiri Ramamohanarao, Tim Ebringer, Trevor Yann. 247-256 [doi]
• Enforcing Role-Based Access Control Policies in Web Services with UML and OCLKarsten Sohr, Tanveer Mustafa, Xinyu Bao, Gail-Joon Ahn. 257-266 [doi]
• Addressing Low Base Rates in Intrusion Detection via Uncertainty-Bounding Multi-Step AnalysisRobert J. Cole, Peng Liu. 269-278 [doi]
• Toward Automatic Generation of Intrusion Detection Verification RulesFrédéric Massicotte, Yvan Labiche, Lionel C. Briand. 279-288 [doi]
• STILL: Exploit Code Detection via Static Taint and Initialization AnalysesXinran Wang, Yoon-chan Jhi, Sencun Zhu, Peng Liu. 289-298 [doi]
• McBoost: Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of ExecutablesRoberto Perdisci, Andrea Lanzi, Wenke Lee. 301-310 [doi]
• MalTRAK: Tracking and Eliminating Unknown MalwareAmit Vasudevan. 311-321 [doi]
• Preventing Information Leaks through Shadow ExecutionsRoberto Capizzi, Antonio Longo, V. N. Venkatakrishnan, A. Prasad Sistla. 322-331 [doi]
• XSSDS: Server-Side Detection of Cross-Site Scripting AttacksMartin Johns, Björn Engelmann, Joachim Posegga. 335-344 [doi]
• Anti-Phishing in Offense and DefenseChuan Yue, Haining Wang. 345-354 [doi]
• OMOS: A Framework for Secure Communication in Mashup ApplicationsSaman Zarandioon, Danfeng Yao, Vinod Ganapathy. 355-364 [doi]
• Behavior-Profile Clustering for False Alert Reduction in Anomaly Detection SensorsVanessa Frías-Martínez, Salvatore J. Stolfo, Angelos D. Keromytis. 367-376 [doi]
• Bluetooth Network-Based Misuse DetectionTerrence O Connor, Douglas S. Reeves. 377-391 [doi]
• Bridging the Gap between Data-Flow and Control-Flow Analysis for Anomaly DetectionPeng Li, Hyundo Park, Debin Gao, Jianming Fu. 392-401 [doi]
• Epilogue for RFC 1281, Guidelines for the Secure Operation of the InternetBarbara Fraser, Steve Crocker. 405-417 [doi]
• The Evolution of System-Call MonitoringStephanie Forrest, Steven A. Hofmeyr, Anil Somayaji. 418-430 [doi]
• PAS: Predicate-Based Authentication Services Against Powerful Passive AdversariesXiaole Bai, Wenjun Gu, Sriram Chellappan, Xun Wang, Dong Xuan, Bin Ma. 433-442 [doi]
• pwdArmor: Protecting Conventional Password-Based AuthenticationsTimothy W. van der Horst, Kent E. Seamons. 443-452 [doi]
• DARE: A Framework for Dynamic Authentication of Remote ExecutionsErdem Aktas, Kanad Ghose. 453-462 [doi]
• Instruction Set Extensions for Enhancing the Performance of Symmetric-Key CryptographySean O Melia, Adam J. Elbirt. 465-474 [doi]
• A Survey to Guide Group Key Protocol DevelopmentAhren Studer, Christina Johns, Jaanus Kase, Kyle O Meara, Lorrie Faith Cranor. 475-484 [doi]
• Transaction Oriented Text Messaging with Trusted-SMSAntonio Grillo, Alessandro Lentini, Gianluigi Me, Giuseppe F. Italiano. 485-494 [doi]