Opening Remarks, Awards, and Keynote Address

Program Chair: Paul Van Oorschot, Carleton University

Dr. Strangevote or: How I Learned to Stop Worrying and Love the Paper Ballot

Debra Bowen, California Secretary of State

REFEREED PAPERS

All Your iFrames Point to Us
Niels Provos and Panayiotis Mavrommatis, Google, Inc.; Moheeb Abu Rajab and Fabian Monrose, Johns Hopkins University

Securing Frame Communication in Browsers
Adam Barth, Collin Jackson, and John C. Mitchell, Stanford University

Automatic Generation of XSS and SQL Injection Attacks with Goal-Directed Model Checking
Michael Martin and Monica S. Lam, Stanford University

INVITED TALKS

Political DDoS: Estonia and Beyond
Jose Nazario, Senior Security Engineer, Arbor Networks

In the spring of 2007, the country of Estonia suffered a deluge of distributed denial of service (DDoS) attacks, coordinated to coincide with street-level protests. These attacks caused nationwide problems for the heavily wired country of Estonia and did so again when they recurred in early 2008. These attacks were not the first such politically motivated attacks and they will certainly not be the last. This talk explores the world of DDoS attacks and their growing role as an online political weapon. It also covers how Arbor Networks measured the Estonia attacks, how other attacks are measured, and what these attacks mean for the Internet at large.

REFEREED PAPERS

Lest We Remember: Cold Boot Attacks on Encryption Keys
J. Alex Halderman, Princeton University; Seth D. Schoen, Electronic Frontier Foundation; Nadia Heninger and William Clarkson, Princeton University; William Paul, Wind River Systems; Joseph A. Calandrino and Ariel J. Feldman, Princeton University; Jacob Appelbaum; Edward W. Felten, Princeton University

The Practical Subtleties of Biometric Key Generation
Lucas Ballard and Seny Kamara, Johns Hopkins University; Michael K. Reiter, University of North Carolina at Chapel Hill

Unidirectional Key Distribution Across Time and Space with Applications to RFID Security
Ari Juels, RSA Laboratories; Ravikanth Pappu, ThingMagic Inc.; Bryan Parno, Carnegie Mellon University

INVITED TALKS

Building the Successful Security Software Company
Ted Schlein, Kleiner Perkins Caufield & Byers

Ted will discuss the security market, past and present. He will review what it takes to succeed in building a company and will look at current opportunities. Ted will also share with the audience a few of his successes.

REFEREED PAPERS

CloudAV: N-Version Antivirus in the Network Cloud
Jon Oberheide, Evan Cooke, and Farnam Jahanian, University of Michigan

Highly Predictive Blacklisting
Jian Zhang and Phillip Porras, SRI International; Johannes Ullrich, SANS Institute

Proactive Surge Protection: A Defense Mechanism for Bandwidth-Based Attacks
Jerry Chou and Bill Lin, University of California, San Diego; Subhabrata Sen and Oliver Spatscheck, AT&T Labs—Research

INVITED TALKS

From the Casebooks of . . .
Mark Seiden, Senior Consultant

In a field with few design principles ("defense in depth"? separate duties?), few rules of thumb, no laws named after people more influential than Murphy, no Plancks or Avogadros to hold Constant, and little quantification of any sort (we count only bad things), it appears the best we can do right now is to tell stories.

Over (enough) beer we conjure up lightly anonymized war stories about late-night phone calls, scary devices, hard-to-find bugs that exploiters somehow found, the backups that didn't, stupid criminals, craven prosecutors, cute hacks ("but don't try this at home"), and pointy-haired bosses. . . . There will be a few of these in this talk, but also some cautionary tales and parables—isomorphs of the Old Stories demonstrating human frailty and that the Law of Unexpected Consequences operates most strongly near the intersection of Bleeding Edge and Slippery Slope. Also, just a bit about the future.

Poster Session & Happy Hour

Poster Session Chair: Carrie Gates, CA Labs

Would you like to share a provocative opinion, interesting preliminary work, or a cool idea that will spark discussion at this year's USENIX Security Symposium? The poster session is the perfect venue to introduce such new or ongoing work. Poster presenters will have the entirety of the evening happy hour to discuss their work, get exposure, and receive feedback from attendees.

To submit a poster, please send a 1–5 page proposal, in PDF or PostScript, to sec08posters@usenix.org by Friday, June 13, 2008. Decisions will be made by Monday, June 23, 2008.

REFEREED PAPERS

BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection
Guofei Gu, Georgia Institute of Technology; Roberto Perdisci, Damballa, Inc.; Junjie Zhang, Georgia Institute of Technology; Wenke Lee, Georgia Institute of Technology and Damballa, Inc.

Measurement and Classification of Humans and Bots in Internet Chat
Steven Gianvecchio, Mengjun Xie, Zhengyu Wu, and Haining Wang, The College of William and Mary

To Catch a Predator: A Natural Language Approach for Eliciting Protocol Interaction
Sam Small, Joshua Mason, and Fabian Monrose, Johns Hopkins University; Niels Provos, Google, Inc.; Adam Stubblefield, Johns Hopkins University

INVITED TALKS

Security Analysis of Network Protocols
John Mitchell, Stanford University

Network security protocols, such as key-exchange and key-management protocols, are notoriously difficult to design and debug. Anomalies and shortcomings have been discovered in standards and proposed standards for a wide range of protocols, including public-key and Diffie-Hellman–based variants of Kerberos, SSL/TLS, and the 802.11i (Wi-Fi2) wireless authentication protocols. Although many of these protocols may seem relatively simple, security protocols must achieve their goals when an arbitrary number of sessions are executed concurrently, and an attacker may use information provided by one session to compromise the security of another.

Since security protocols form the cornerstone of modern secure networked systems, it is important to develop informative, accurate, and deployable methods for finding errors and proving that protocols meet their security requirements. This talk will summarize two methods and discuss some of the case studies carried out over the past several years. One method is a relatively simple automated finite-state approach that has been used by our research group, others, and several years of students in a project course at Stanford to find flaws and develop improvements in a wide range of protocols and security mechanisms. The second method, Protocol Composition Logic (PCL), is a way of thinking about protocols that is designed to make it possible to prove security properties of large practical protocols. The two methods are complemen- tary, since the first method can find errors, but only the second is suitable for proving their absence. The talk will focus on basic principles and examples from the IEEE and IETF standardization process.

REFEREED PAPERS

Reverse-Engineering a Cryptographic RFID Tag
Karsten Nohl and David Evans, University of Virginia; Starbug and Henryk Plötz, Chaos Computer Club, Berlin

Practical Symmetric Key Cryptography on Modern Graphics Hardware
Owen Harrison and John Waldron, Trinity College Dublin, Ireland

An Improved Clock-skew Measurement Technique for Revealing Hidden Services
Sebastian Zander, Swinburne University of Technology, Australia; Steven Murdoch, University of Cambridge Computer Laboratory, UK

INVITED TALKS

Enterprise Security in the Brave New (Virtual) World
Tal Garfinkel, VMware

The move to virtual machine–based computing platforms is perhaps the most significant change in how enterprise computing systems have been built in the past decade. The benefits of moving to virtual infrastructure are substantial, from ease of management and better server utilization to transparently providing a wide range of services from high availability to backup. Despite this sweeping change, the way that we secure these systems is still largely unchanged from how we secure today's physical systems. We must rethink the way we design security in virtual infrastructure, both to cope with the new challenges it introduces and to take advantage of the opportunities it offers.

I will discuss the growing pains of moving from physical to virtual infrastructure in the network and the dissonance this can cause in operational settings: why simply dropping existing firewalls and NIDS into virtual infrastructure can limit flexibility, how new mechanisms can help overcome these limitations, and why these elements are better off being virtual instead of physical. Next, I will look at how virtual machines can affect host security as techniques such as virtual machine introspection become mainstream and the line between host and network security gets increasingly blurred. Finally, I will look at some of the odder and more interesting capabilities virtual platforms will be offering in the next few years which will offer fertile ground for new research.

REFEREED PAPERS

NetAuth: Supporting User-based Network Services
Manigandan Radhakrishnan and Jon A. Solworth, University of Illinois at Chicago

Hypervisor Support for Identifying Covertly Executing Binaries
Lionel Litty, H. Andrés Lagar-Cavilla, and David Lie, University of Toronto, Canada

Selective Versioning in a Secure Disk System
Swaminathan Sundararaman, Gopalan Sivathanu, and Erez Zadok, Stony Brook University

INVITED TALKS

Hackernomics
Hugh Thompson, Chief Security Strategist, People Security

Security processes inside most commercial development teams haven't caught up with the growing threat from organized crime groups that are becoming better financed, are relying more on automation to find vulnerabilities, and have figured out how to drive down the cost of launching a significant attack. This talk looks at why the incentive to attack and the ability to find flaws are outpacing practiced application security techniques. It examines how the economics of software attack and defense ("hackernomics") is changing and looks at some interesting outcomes, such as making vulnerability discovery a viable business. The talk will include several live vulnerability demonstrations to illustrate the exploitation vs. prevention dynamics.

REFEREED PAPERS

Adeona: Locating Lost or Stolen Devices with Privacy-Preserving Tracking
Thomas Ristenpart, University of California, San Diego; Gabriel Maganis, Arvind Krishnamurthy, and Tadayoshi Kohno, University of Washington

Panalyst: Privacy-Aware Remote Error Analysis on Commodity Software
Rui Wang, Xiaofeng Wang, and Zhuowei Li, Indiana University Bloomington

Multi-flow Attacks Against Network Flow Watermarking Schemes
Negar Kiyavash, Amir Houmansadr, and Nikita Borisov, University of Illinois at Urbana-Champaign

INVITED TALKS

10+ Billion Lines of Code Later: Experiences Commercializing a Static Checking Tool
Dawson Engler, Stanford University; Ben Chelf, Andy Chou, and Seth Hallem, Coverity

This talk describes lessons learned taking an academic tool that "worked fine" in the lab and using it to check billions of lines of code across several hundred companies. Some ubiquitous themes: reality is weird; what one thinks will matter often doesn't; what one doesn't even think to reject as a possibility is often a first-order effect.

Symposium Reception

REFEREED PAPERS

Verifying Compliance of Trusted Programs
Sandra Rueda, Dave King, and Trent Jaeger, The Pennsylvania State University

Helios: Web-based Open-Audit Voting
Ben Adida, Harvard University

VoteBox: A Tamper-evident, Verifiable Electronic Voting System
Daniel Sandler, Kyle Derr, and Dan S. Wallach, Rice University

INVITED TALKS

The Ghost in the Browser and Other Frightening Stories About Web Malware
Niels Provos, Google, Inc.

While the Web provides information and services that enrich our lives in many ways, it has also become the primary vehicle for delivering malware. Once infected with Web-based malware, an unsuspecting user's machine is converted into a productive member of the Internet underground. This talk explores Web-based malware and the infrastructure supporting it, covering an analysis period of almost two years. It describes trends observed in Web server compromises, as well as giving an overview of the life cycle of Web-based malware. The talk shows that Web malware enables a large number of questionable activities, ranging from the exfiltration of sensitive information such as email addresses and credit card information to forming spamming botnets, which are responsible for a significant fraction of the spam currently seen on the Internet.

REFEREED PAPERS

An Empirical Security Study of the Native Code in the JDK
Gang Tan and Jason Croft, Boston College

AutoISES: Automatically Inferring Security Specification and Detecting Violations
Lin Tan, University of Illinois at Urbana-Champaign; Xiaolan Zhang, IBM T.J. Watson Research Center; Xiao Ma, Weiwei Xiong, and Yuanyuan Zhou, University of Illinois at Urbana-Champaign

Real-World Buffer Overflow Protection for User and Kernel Space
Michael Dalton, Hari Kannan, and Christos Kozyrakis, Stanford University

INVITED TALKS

Managing Insecurity: Practitioner Reflections on Social Costs of Security
Darren Lacey, Chief Information Security Officer, Johns Hopkins University/Johns Hopkins Medicine

Nonprofits and local government have experienced more than their share of breaches and notifications over the past several years. The reasons for this are evident: lots of sensitive information, insufficient IT resources, lack of institutional discipline, etc. Clearly more time and resources at these organizations should be dedicated to security.

I discuss whether even identifying the proper balance is a good deal more difficult for public service organizations than has been widely discussed. Will security concerns affect the adoption of electronic medical records, regional health organizations, and nonprofit work? At what point do needed changes in organizational cultures undermine the public mission? What types of security controls and practices are best suited for service agencies? What kinds of research would most help public services?

Work-in-Progress Reports (WiPs) and Closing Remarks

WiPs Session Chair: Hao Chen, University of California, Davis

The Work-in-Progress reports (WiPs) session offers short presentations about research in progress, new results, or timely topics. This is not the place to re-announce work already published, or re-advertise work already accepted at another venue. Speakers should submit a one- or two-paragraph abstract to sec08wips@usenix.org by 6:00 p.m. PDT on Wednesday, July 30, 2008. Make sure to include your name, affiliation, and the title of your talk. The schedule of presentations and accepted abstracts will be posted on the Symposium Web site. The time available will be distributed among the presenters, with each speaker allocated between 5 and 10 minutes. The time limit will be strictly enforced.