Security '09 Banner

TECHNICAL SESSIONS

VideoJust up! Videos of the presentations are now being posted; please check back soon for more. (Take them with you—they're iPhone compatible!) Access is currently restricted to USENIX members and USENIX Security '09 conference attendees. Not a member? Join today!

Conference papers are available to conference registrants immediately and to everyone beginning August 12, 2009. Everyone can view the proceedings frontmatter immediately.

Proceedings Frontmatter: Covers, with ISBN | Title Page, Conference Organizers, and External Reviewers | Table of Contents and Index of Authors | Message from the Program Chair

Full Proceedings (tarball). See the link under each session name for the PDFs of the papers from that session.

Tech Sessions: Wednesday, August 12 | Thursday, August 13 | Friday, August 14 | Invited Talk Speakers
Wednesday, August 12
9:00 a.m.–10:30 a.m. Wednesday

Ballroom Centre (Level 4)

Opening Remarks, Awards, and Keynote Address

Program Chair: Fabian Monrose, University of North Carolina, Chapel Hill

Video View the video

MP3 Icon Listen in MP3 format

Keynote Address
Android: Securing a Mobile Platform from the Ground Up

Rich Cannings, Android Security Leader, Google

Video View the video

MP3 Icon Listen in MP3 format

Android is an open source mobile platform designed to support easy and open development of mobile applications. Our challenge was to design a platform that balanced our goal of open development and user choice with the unique challenges of securing a consumer-focused mobile system.

Keeping both historic and modern threats in mind, we used various approaches to protect the user and the carrier: cryptography, exploit mitigation features, system updates, UI design, and reuse of UNIX security features in a novel way.

To illustrate the security features of Android, we will describe real examples of security vulnerabilities we have encountered since launch.

10:30 a.m.–11:00 a.m.   Break
11:00 a.m.–12:30 p.m. Wednesday

REFEREED PAPERS

Ballroom Centre (Level 4)

Attacks on Privacy

Session Chair: Steven M. Bellovin, Columbia University

Proceedings of all papers in this session

Awarded Outstanding Student Paper!
Compromising Electromagnetic Emanations of Wired and Wireless Keyboards
Martin Vuagnoux and Sylvain Pasini, LASEC/EPFL

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

Peeping Tom in the Neighborhood: Keystroke Eavesdropping on Multi-User Systems
Kehuan Zhang and XiaoFeng Wang, Indiana University, Bloomington

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

A Practical Congestion Attack on Tor Using Long Paths
Nathan S. Evans, University of Denver; Roger Dingledine, The Tor Project; Christian Grothoff, University of Denver

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

INVITED TALKS

Ballroom West (Level 4)

The Building Security in Maturity Model (BSIMM)
Gary McGraw, CTO, Cigital, Inc., and Brian Chess, Chief Scientist, Fortify Software

Video View the video

MP3 Icon Listen in MP3 format

View the presentation slides

As a discipline, software security has made great progress over the last decade. There are now at least 36 large-scale software security initiatives underway in enterprises including global financial services firms, independent software vendors, defense organizations, and other verticals. In 2008 the speakers, with Sammy Migues, interviewed executives running nine initiatives, using the twelve practices of the Software Security Framework as our guide. Those companies among the nine who graciously agreed to be identified include Adobe, The Depository Trust and Clearing Corporation (DTCC), EMC, Google, Microsoft, QUALCOMM, and Wells Fargo.

The resulting data, drawn from real programs at different levels of maturity, was used to guide the construction of the Building Security in Maturity Model.

This talk will describe the maturity model, drawing examples from many real software security programs. A maturity model is appropriate because improving software security almost always means changing the way an organization works: people, process, and automation are all required. Although not all organizations need to achieve the same security goals, all successful large-scale software security initiatives share ideas and approaches.

Whether you rely on the Cigital Touchpoints, Microsoft's SDL, or OWASP CLASP, there is much to learn from practical experience. BSIMM will help you determine where you stand and what kind of software security plan will work best for you.

12:30 p.m.–2:00 p.m.   Lunch, on your own

Looking for a quick lunch during the Technical Sessions?
Grab your lunch at the Café Bar on the lobby level and mingle with your fellow attendees.
Café Bar features a variety of sandwiches all under $10 that include a salad, soup, or fruit salad. Check with the hotel concierge for a list of local restaurants within walking distance of the hotel.

2:00 p.m.–3:30 p.m. Wednesday

REFEREED PAPERS

Ballroom Centre (Level 4)

Memory Safety

Session Chair: Tal Garfinkel, VMware and Stanford University

Proceedings, with Corrigendum, of all papers in this session

Baggy Bounds Checking: An Efficient and Backwards-Compatible Defense against Out-of-Bounds Errors
Periklis Akritidis, Computer Laboratory, University of Cambridge; Manuel Costa and Miguel Castro, Microsoft Research, Cambridge; Steven Hand, Computer Laboratory, University of Cambridge

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

Dynamic Test Generation to Find Integer Bugs in x86 Binary Linux Programs
David Molnar, Xue Cong Li, and David A. Wagner, University of California, Berkeley

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

NOZZLE: A Defense Against Heap-spraying Code Injection Attacks
Paruj Ratanaworabhan, Cornell University; Benjamin Livshits and Benjamin Zorn, Microsoft Research

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

INVITED TALKS

Ballroom West (Level 4)

Toward a New Legal Framework for Cybersecurity
Deirdre K. Mulligan, School of Information, University of California, Berkeley

Video View the video

MP3 Icon Listen in MP3 format

View the presentation slides

What role should the law play in the creation of more secure or trustworthy networks? Fred Schneider of Cornell University and I argue that it does little to structure incentives or direct activity to drive cybersecurity. As Washington reconsiders the government's role in network security, we set forth a new legal framework for cybersecurity.

We argue for a theoretical reorientation, and we reject the standard siren call for the production of "secure" systems and networks, even though this still dominates policy circles and drives legal approaches. It will be better to focus on managing the inevitable insecurity that comes from the constant vulnerabilities and adversaries we face. The rich mix of legal authorities and institutions that comprise the public health infrastructure makes a useful departure point for considering the range of legal mechanisms and institutions that could aid in cybersecurity. Leveraging the law in a sophisticated and comprehensive manner to address market failures stemming from information gaps, externalities, and cognitive biases is essential to achieving and maintaining a level of security appropriate to the activities occurring on the Internet today and in the future.

We believe the law has been undertheorized and underutilized for network security and trustworthiness. Absent a concerted effort to consider the possible contributions of the law toward managing insecurity on networks, the Internet will grow increasingly less secure and there will be immense and, ultimately, regrettable pressure to build networks that provide greater security in a narrow sense (secrecy, confidentiality, integrity, and availability) at substantial cost to other shared values such as openness, transparency, and privacy.

3:30 p.m.–4:00 p.m.   Break
4:00 p.m.–5:30 p.m. Wednesday

REFEREED PAPERS

Ballroom Centre (Level 4)

Network Security

Session Chair: Wietse Venema, IBM Research

Proceedings of all papers in this session

Detecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine
Shuang Hao, Nadeem Ahmed Syed, Nick Feamster, and Alexander G. Gray, Georgia Tech; Sven Krasser, McAfee, Inc.

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

Improving Tor using a TCP-over-DTLS Tunnel
Joel Reardon, Google Switzerland GmbH; Ian Goldberg, University of Waterloo

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

Locating Prefix Hijackers using LOCK
Tongqing Qiu, Georgia Tech; Lusheng Ji, Dan Pei, and Jia Wang, AT&T Labs—Research; Jun (Jim) Xu, Georgia Tech; Hitesh Ballani, Cornell University

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

INVITED TALKS

Ballroom West (Level 4)

Modern Exploitation and Memory Protection Bypasses
Alexander Sotirov, Independent Security Researcher

Video View the video

MP3 Icon Listen in MP3 format

View the presentation slides

The difficulty of exploiting memory corruption vulnerabilities has increased significantly with the introduction of the exploitation mitigation features in modern operating systems. Stack cookies, non-executable memory, and address space layout randomization successfully prevent most attempts at direct control-flow modification in vulnerable applications. As a result, software exploitation is much more difficult than it has been at any point in the past.

This talk will present the challenges facing exploit developers today and the latest techniques for defeating the memory protection features in modern operating systems. It will describe the current state of the art in exploitation and outline the most promising directions for future exploitation research.

6:00 p.m.–7:30 p.m. Wednesday

Symposium Reception

Ballroom East (Level 4)

Tech Sessions: Wednesday, August 12 | Thursday, August 13 | Friday, August 14 | Invited Talk Speakers
Thursday, August 13
9:00 a.m.–10:30 a.m. Thursday

REFEREED PAPERS

Ballroom Centre (Level 4)

JavaScript Security

Session Chair: Lucas Ballard, Google Inc.

Proceedings, with Corrigendum, of all papers in this session

GATEKEEPER: Mostly Static Enforcement of Security and Reliability Policies for JavaScript Code
Salvatore Guarnieri, University of Washington; Benjamin Livshits, Microsoft Research

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

Cross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense
Adam Barth, Joel Weinberger, and Dawn Song, University of California, Berkeley

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

Memory Safety for Low-Level Software/Hardware Interactions
John Criswell, University of Illinois; Nicolas Geoffray, Université Pierre et Marie Curie, INRIA/Regal; Vikram Adve, University of Illinois

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

INVITED TALKS

Ballroom West (Level 4)

How the Pursuit of Truth Led Me to Selling Viagra
Vern Paxson, EECS, University of California, Berkeley, and Senior Scientist, International Computer Science Institute

View the presentation slides

For an empiricist, at the heart of the pursuit of truth lies measurement. This talk will frame perspectives I have developed in applying measurement to Internet security research for the past fifteen years. Along with lessons learned regarding how security realities can diverge from ivory-tower assumptions, I'll discuss the enormous changes in the landscape over that time and explain how those changes led to colleagues and me trying our hand at selling Viagra—all for the cause of science.

10:30 a.m.–11:00 a.m.   Break
11:00 a.m.–12:30 p.m. Thursday

REFEREED PAPERS

Ballroom Centre (Level 4)

Radio

Session Chair: Xiaolan (Catherine) Zhang, IBM Research

Proceedings of all papers in this session

Physical-layer Identification of RFID Devices
Boris Danev, ETH Zürich, Switzerland; Thomas S. Heydt-Benjamin, IBM Zürich Research Laboratory, Switzerland; Srdjan Čapkun, ETH Zürich, Switzerland

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

CCCP: Secure Remote Storage for Computational RFIDs
Mastooreh Salajegheh, Shane Clark, Benjamin Ransford, and Kevin Fu, University of Massachusetts Amherst; Ari Juels, RSA Laboratories, The Security Division of EMC

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

Jamming-resistant Broadcast Communication without Shared Keys
Christina Pöpper, Mario Strasser, and Srdjan Čapkun, ETH Zurich, Switzerland

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

INVITED TALKS

Ballroom West (Level 4)

Designing Trustworthy User Agents for a Hostile Web
Eric Lawrence, Senior Program Manager, Internet Explorer Security Team, Microsoft

Video View the video

MP3 Icon Listen in MP3 format

View the presentation slides

In a world where organized criminals and myriad misfits work tirelessly to exploit users via an alphabet soup of Web-delivered attacks, browser developers must make the right tradeoffs to deliver usable security. In this talk, I'll describe the attacks we see in the wild today, outline developing threats, and share my thoughts on future browser security investments. With examples from development of the world's most popular browser, I'll explore the challenges in bringing security innovation out of the lab and into real-world products, debunk some security myths, and describe how secure design principles are our only hope as the Web platform gets ever more powerful.

12:30 p.m.–2:00 p.m.   Lunch, on your own

Looking for a quick lunch during the Technical Sessions?
Grab your lunch at the Café Bar on the lobby level and mingle with your fellow attendees.
Café Bar features a variety of sandwiches all under $10 that include a salad, soup, or fruit salad. Check with the hotel concierge for a list of local restaurants within walking distance of the hotel.

2:00 p.m.–3:30 p.m. Thursday

REFEREED PAPERS

Ballroom Centre (Level 4)

Securing Web Apps

Session Chair: David Wagner, University of California, Berkeley

Proceedings of all papers in this session

xBook: Redesigning Privacy Control in Social Networking Platforms
Kapil Singh, Georgia Institute of Technology; Sumeer Bhola, Google; Wenke Lee, Georgia Institute of Technology

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

Nemesis: Preventing Authentication & Access Control Vulnerabilities in Web Applications
Michael Dalton and Christos Kozyrakis, Stanford University; Nickolai Zeldovich, CSAIL, MIT

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

Static Enforcement of Web Application Integrity Through Strong Typing
William Robertson and Giovanni Vigna, University of California, Santa Barbara

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

INVITED TALKS

Ballroom West (Level 4)

Compression, Correction, Confidentiality, and Comprehension: A Modern Look at Commercial Telegraph Codes
Steven M. Bellovin, Professor of Computer Science, Columbia University

Video View the video

MP3 Icon Listen in MP3 format

View the presentation slides

Telegraph codes are a more or less forgotten part of technological history. In their day, though, they were ubiquitous and sophisticated. They also laid the groundwork for many of today's communications technologies, including encryption, compression, and error correction. Beyond that, reading them provides a snapshot into the culture of their time. We look back, describing them in modern terms and noting some of the tradeoffs considered.

3:30 p.m.–4:00 p.m.   Break
4:00 p.m.–5:30 p.m. Thursday

REFEREED PAPERS

Ballroom Centre (Level 4)

Applied Crypto

Session Chair: Ian Goldberg, University of Waterloo

Awarded Outstanding Student Paper!
Vanish: Increasing Data Privacy with Self-Destructing Data
Roxana Geambasu, Tadayoshi Kohno, Amit A. Levy, and Henry M. Levy, University of Washington

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

Efficient Data Structures for Tamper-Evident Logging
Scott A. Crosby and Dan S. Wallach, Rice University

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

VPriv: Protecting Privacy in Location-Based Vehicular Services
Raluca Ada Popa and Hari Balakrishnan, Massachusetts Institute of Technology; Andrew J. Blumberg, Stanford University

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

INVITED TALKS

Ballroom West (Level 4)

Top Ten Web Hacking Techniques of 2008: "What's possible, not probable"
Jeremiah Grossman, Founder and CTO, WhiteHat Security

Video View the video

MP3 Icon Listen in MP3 format

View the presentation slides

The polls are closed, votes are in, and we have the winners making up the Top Ten Web Hacking Techniques of 2008! The competition was fierce, with the newest and most innovative Web hacking techniques rising to the test. This session will review the top ten hacks from 2008: what they indicate about the security of the Web, what they mean for businesses, and what might be used against us soon down the road.

6:00 p.m.–7:30 p.m. Thursday

Poster Session & Happy Hour

Ballroom East (Level 4)

Poster Session Chair: Carrie Gates, CA Labs

Don't miss the cool new ideas and the latest preliminary research on display at the Poster Session. Take part in discussions with your colleagues over complimentary drinks and snacks. Check out the list of accepted posters.

Tech Sessions: Wednesday, August 12 | Thursday, August 13 | Friday, August 14 | Invited Talk Speakers
Friday, August 14
9:00 a.m.–10:30 a.m. Friday

REFEREED PAPERS

Ballroom Centre (Level 4)

Malware Detection and Protection

Session Chair: Niels Provos, Google Inc.

Proceedings of all papers in this session

Effective and Efficient Malware Detection at the End Host
Clemens Kolbitsch and Paolo Milani Comparetti, Secure Systems Lab, TU Vienna; Christopher Kruegel, University of California, Santa Barbara; Engin Kirda, Institute Eurecom, Sophia Antipolis; Xiaoyong Zhou and XiaoFeng Wang, Indiana University at Bloomington

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

Protecting Confidential Data on Personal Computers with Storage Capsules
Kevin Borders, Eric Vander Weele, Billy Lau, and Atul Prakash, University of Michigan

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms
Ralf Hund, Thorsten Holz, and Felix C. Freiling, Laboratory for Dependable Distributed Systems, University of Mannheim, Germany

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

INVITED TALKS

Ballroom West (Level 4)

Hash Functions and Their Many Uses in Cryptography
Shai Halevi, IBM Research

Video View the video

MP3 Icon Listen in MP3 format

View the presentation slides

Hash functions have many uses in cryptography, from encryption through authentication and signatures to key exchange. In this talk I'll cover an assortment of aspects of hash functions.

In many applications, "what we really want" is a truly random function (a.k.a. a random oracle), but we settle for a hash function instead. I will explain the difference between the two and show some consequences of this difference.

Different applications require different security properties from the underlying hash functions. I will survey a few of these properties, make the case that applications should be designed to rely on security properties as weak as possible, and illustrate it with example applications to message authentication and digital signatures.

Most hash functions are constructed from lower-level primitives called compression functions. I will briefly describe this type of design and point out some advantages and drawbacks.

Finally, I will illustrate the design of a modern hash function using Fugue, which is a candidate for the NIST SHA3 competition. More than most hash functions, Fugue was designed to be amenable to rigorous security analysis.

10:30 a.m.–11:00 a.m.   Break
11:00 a.m.–12:30 p.m. Friday

REFEREED PAPERS

Ballroom Centre (Level 4)

Browser Security

Session Chair: Patrick Traynor, Georgia Institute of Technology

Proceedings of all papers in this session

Crying Wolf: An Empirical Study of SSL Warning Effectiveness
Joshua Sunshine, Serge Egelman, Hazim Almuhimedi, Neha Atri, and Lorrie Faith Cranor, Carnegie Mellon University

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

The Multi-Principal OS Construction of the Gazelle Web Browser
Helen J. Wang, Microsoft Research; Chris Grier, University of Illinois at Urbana-Champaign; Alex Moshchuk, University of Washington; Samuel T. King, University of Illinois at Urbana-Champaign; Piali Choudhury and Herman Venter, Microsoft Research

Paper in PDF | Slides

Video View the video

MP3 Icon Listen in MP3 format

INVITED TALKS

Ballroom West (Level 4)

DNS Security: Lessons Learned and The Road Ahead
David Dagon, Georgia Institute of Technology

12:30 p.m.–2:00 p.m.   Lunch, on your own

Looking for a quick lunch during the Technical Sessions?
Grab your lunch at the Café Bar on the lobby level and mingle with your fellow attendees.
Café Bar features a variety of sandwiches all under $10 that include a salad, soup, or fruit salad. Check with the hotel concierge for a list of local restaurants within walking distance of the hotel.

2:00 p.m.–3:30 p.m. Friday

Work-in-Progress Reports (WiPs)

Ballroom Centre (Level 4)

Session Chair: Sven Dietrich, Stevens Institute of Technology

Video View the video

MP3 Icon Listen in MP3 format

The Work-in-Progress reports (WiPs) session offers short presentations about research in progress, new results, or timely topics. The schedule of WiPs and their abstracts is available here.

?Need help? Use our Contacts page.

Last changed: 26 Aug. 2009 jp