Security '11 Banner

TECHNICAL SESSIONS

Tech Sessions: Wednesday, August 10 | Thursday, August 11 | Friday, August 12
VideoJust Up! Videos of the presentations will be posted as soon as they become available.

Proceedings Front Matter: Cover, Copyright, ISBN | Title Page, Organizers, Reviewers | Table of Contents | Message from the Program Chair

Complete Proceedings | Proceedings Errata Slip (rev. 7/26/11)

NEW! E-Book Proceedings: Read the proceedings on the go in iPad-friendly EPUB format or Kindle-friendly Mobipocket format. (See the Proceedings Errata Slip in EPUB format or Mobipocket format.)

Wednesday, August 10
8:30 a.m.–9:00 a.m.    Continental Breakfast served in the Italian Room Foyer
9:00 a.m.–10:30 a.m. Wednesday

Opening Remarks, Awards, and Keynote Address

Grand Ballroom

Program Chair: David Wagner, University of California, Berkeley

Video View the Video

MP3 Icon Listen to the MP3

Network Security in the Medium Term: 2061–2561 AD

Charles Stross, Author of award-winning science fiction

Video View the Video

MP3 Icon Listen to the MP3

Stross A science fiction writer takes a look at the medium-term implications the information processing revolution holds for human civilization.

Charles Stross, 46, is a full-time science fiction writer and resident of Edinburgh, Scotland. The winner of two Locus Reader Awards and winner in 2005 and 2010 of the Hugo Award for best novella, Stross's works have been translated into over a dozen languages. Like many writers, Stross has had a variety of careers, occupations, and job-shaped catastrophes in the past, from pharmacist through tech sector journalist to first code monkey on the team of a successful dot-com startup. He has degrees in pharmacy and computer science.

10:30 a.m.–11:00 a.m.   Break: Coffee and tea served in the Italian Room Foyer
11:00 a.m.–12:30 p.m. Wednesday

REFEREED PAPERS

Grand Ballroom

Web Security

Session Chair: Helen Wang, Microsoft Research

Fast and Precise Sanitizer Analysis with BEK
Pieter Hooimeijer, University of Virginia; Benjamin Livshits and David Molnar, Microsoft Research; Prateek Saxena, University of California, Berkeley; Margus Veanes, Microsoft Research

Read the Full paper

Video View the Video

MP3 Icon Listen to the MP3

Toward Secure Embedded Web Interfaces
Baptiste Gourdin, LSV ENS-Cachan; Chinmay Soman, Hristo Bojinov, and Elie Bursztein, Stanford University

Read the Full paper

Video View the Video | Slides

MP3 Icon Listen to the MP3

ZOZZLE: Fast and Precise In-Browser JavaScript Malware Detection
Charlie Curtsinger, University of Massachusetts Amherst; Benjamin Livshits and Benjamin Zorn, Microsoft Research; Christian Seifert, Microsoft

Read the Full paper

Video View the Video

MP3 Icon Listen to the MP3

INVITED TALKS

Colonial Room

The Three Cyber-War Fallacies
Dave Aitel, CEO of Immunity, Inc.

Video View the Video

MP3 Icon Listen to the MP3

Many sources for cyber strategy and policy that affects it focus on three facets of the cyber domain:

  • Cyber attacks are asymmetric.
  • Cyber attacks are unattributable.
  • Cyber attacks are non-kinetic.
  • None of these is true. This talk explains why.

    12:30 p.m.–2:00 p.m.   Lunch, on your own
    2:00 p.m.–3:30 p.m. Wednesday

    REFEREED PAPERS

    Grand Ballroom

    Analysis of Deployed Systems

    Session Chair: Ian Goldberg, University of Waterloo

    Awarded Outstanding Paper!
    Why (Special Agent) Johnny (Still) Can't Encrypt: A Security Analysis of the APCO Project 25 Two-Way Radio System
    Sandy Clark, Travis Goodspeed, Perry Metzger, Zachary Wasserman, Kevin Xu, and Matt Blaze, University of Pennsylvania

    Read the Full paper

    Video View the Video

    MP3 Icon Listen to the MP3

    Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space
    Martin Mulazzani, Sebastian Schrittwieser, Manuel Leithner, Markus Huber, and Edgar Weippl, SBA Research

    Read the Full paper (Updated 6/24/11)

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    Comprehensive Experimental Analyses of Automotive Attack Surfaces
    Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, and Stefan Savage, University of California, San Diego; Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno, University of Washington

    Read the Full paper

    Video View the Video

    MP3 Icon Listen to the MP3

    3:30 p.m.–4:00 p.m.   Break: Beverages served in the Italian Room Foyer
    4:00 p.m.–5:30 p.m. Wednesday

    REFEREED PAPERS

    Grand Ballroom

    Forensic Analysis

    Session Chair: William Enck, Pennsylvania State University

    Forensic Triage for Mobile Phones with DEC0DE
    Robert J. Walls, Erik Learned-Miller, and Brian Neil Levine, University of Massachusetts Amherst

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    mCarve: Carving Attributed Dump Sets
    Ton van Deursen, Sjouke Mauw, and Saša Radomirović, University of Luxembourg

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    SHELLOS: Enabling Fast Detection and Forensic Analysis of Code Injection Attacks
    Kevin Z. Snow, Srinivas Krishnan, and Fabian Monrose, University of North Carolina at Chapel Hill; Niels Provos, Google

    Read the Full paper

    Video View the Video

    MP3 Icon Listen to the MP3

    INVITED TALKS

    Colonial Room

    Crossing the Chasm: Pitching Security Research to Mainstream Browser Vendors

    Collin Jackson, Assistant Research Professor at Carnegie Mellon University

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    "Why doesn't my browser do X?" Competition among browser vendors is fierce, and it seems that everyone has an idea for how to make Web browsing faster, easier, and more secure. But only a small fraction of the published research on Web security is ever adopted by popular browsers. In this talk we'll discuss what it takes to transition a research idea into a mainstream browser feature and the pitfalls that lie in wait along the way.

    Collin Jackson is an Assistant Research Professor at Carnegie Mellon University, based on the Silicon Valley campus. His Web security proposals have been adopted by many popular browsers, including Internet Explorer, Firefox, Google Chrome, Safari, and Opera. He has also proposed plenty of ideas that have gone absolutely nowhere.

    6:00 p.m.–7:30 p.m. Wednesday

    USENIX Security '11 Reception

    California East/West

    Don't miss the USENIX Security '11 Reception, featuring dinner, drinks, and the chance to connect with other attendees, speakers, and conference organizers.

    7:30 p.m.–9:00 p.m. Wednesday

    USENIX Security '11 Rump Session

    Grand Ballroom

    Rump Session Chair: Matt Blaze, University of Pennsylvania

    Building on last's year success, we will host a rump session on the evening of Wednesday, August 10, 2011. This is intended as an informal session for short and engaging presentations on recent unpublished results, work in progress, or other topics of interest to the USENIX Security attendees. To submit a rump session talk, email sec11rump@usenix.org by Wednesday, August 10, 2011, at 11:59 a.m. PDT.

    Tech Sessions: Wednesday, August 10 | Thursday, August 11 | Friday, August 12
    Thursday, August 11, 2011
    8:30 a.m.–9:00 a.m.    Continental Breakfast served in the Italian Room Foyer
    9:00 a.m.–10:30 a.m. Thursday

    REFEREED PAPERS

    Grand Ballroom

    Static and Dynamic Analysis

    Session Chair: Sam King, University of Illinois at Urbana-Champaign

    MACE: Model-inference-Assisted Concolic Exploration for Protocol and Vulnerability Discovery
    Chia Yuan Cho, University of California, Berkeley, and DSO National Labs; Domagoj Babić, University of California, Berkeley; Pongsin Poosankam, University of California, Berkeley, and Carnegie Mellon University; Kevin Zhijie Chen, Edward XueJun Wu, and Dawn Song, University of California, Berkeley

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    Static Detection of Access Control Vulnerabilities in Web Applications
    Fangqi Sun, Liang Xu, and Zhendong Su, University of California, Davis

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    ADsafety: Type-Based Verification of JavaScript Sandboxing
    Joe Gibbs Politz, Spiridon Aristides Eliopoulos, Arjun Guha, and Shriram Krishnamurthi, Brown University

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    INVITED TALKS

    Colonial Room

    I'm from the Government and I'm Here to Help: Perspectives from a Privacy Tech Wonk
    Tara Whalen, Office of the Privacy Commissioner of Canada

    Video View the Video

    MP3 Icon Listen to the MP3

    Security research has often had a major impact on technology policy...and vice versa. Within the privacy space, issues such as location privacy, lawful intercept, and online tracking have been the subject of considerable debate. As a "tame technologist" within the Canadian civil service, I've been deeply engaged in these subjects at a practical level. In this talk, I will outline some of the ways in which the spheres of technology, policy, and law intersect, illustrated with recent real-world examples from the privacy domain.

    Tara Whalen joined the Office of the Privacy Commissioner of Canada (OPC) in 2009, where she works as an IT Research Analyst. Prior to joining the OPC, she conducted post-doctoral research in computer security at Carleton University. She has a PhD in Computer Science from Dalhousie University. Tara has over 15 years of experience in the information security and privacy fields, including roles in research labs, academia, federal government institutions, and the private sector. In addition to privacy, her research interests include the human factors of security and the social implications of technology.

    10:30 a.m.–11:00 a.m.   Break: Coffee and tea served in the Italian Room Foyer
    11:00 a.m.–12:30 p.m. Thursday

    REFEREED PAPERS

    Grand Ballroom

    Understanding the Underground Economy

    Session Chair: Yinglian Xie, Microsoft Research

    Awarded Outstanding Paper!
    Measuring Pay-per-Install: The Commoditization of Malware Distribution
    Juan Caballero, IMDEA Software Institute; Chris Grier, Christian Kreibich, and Vern Paxson, University of California, Berkeley, and ICSI

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    Dirty Jobs: The Role of Freelance Labor in Web Service Abuse
    Marti Motoyama, Damon McCoy, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, University of California, San Diego

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    Show Me the Money: Characterizing Spam-advertised Revenue
    Chris Kanich, University of California, San Diego; Nicholas Weaver, International Computer Science Institute; Damon McCoy and Tristan Halvorson, University of California, San Diego; Christian Kreibich, International Computer Science Institute; Kirill Levchenko, University of California, San Diego; Vern Paxson, International Computer Science Institute and University of California, Berkeley; Geoffrey M. Voelker and Stefan Savage, University of California, San Diego

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    INVITED TALKS

    Colonial Room

    Privacy in the Age of Augmented Reality
    Alessandro Acquisti, Associate Professor of Information Technology and Public Policy at Heinz College, Carnegie Mellon University

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    In this talk, I will link two of my favorite research streams: (1) the behavioral economics of privacy, and (2) mining of data from online social networks for privacy and security risks associated with online disclosures. I will highlight how research in behavioral economics can help us make sense of apparent inconsistencies in privacy (and security) decision-making and will present results from a variety of experiments conducted at Carnegie Mellon University. Then I will discuss the technical feasibility and privacy implications of combining publicly available Web 2.0 images with off-the-shelf face recognition technology, for the purpose of large-scale, automated individual re-identification. Combined, the results highlight the behavioral, technological, and legal issues raised by the convergence of mining technologies and online social networks and illuminate the future of privacy in an augmented reality world.

    Alessandro Acquisti is an Associate Professor of Information Systems and Public Policy at the Heinz College, Carnegie Mellon University, and the co-director of the CMU Center for Behavioral Decision Research (CBDR). Alessandro has been the recipient of many awards, and his research on privacy has been published in leading journals across multiple disciplines and featured in media outlets such as the New York Times, the Wall Street Journal, the Washington Post, CNN, and NPR. His 2009 study on the predictability of Social Security numbers contributed to the change in the assignment scheme of SSNs that was announced in 2011 by the US Social Security Administration.

    12:30 p.m.–2:00 p.m.   Lunch, on your own
    2:00 p.m.–3:30 p.m. Thursday

    REFEREED PAPERS

    Grand Ballroom

    2:00 p.m.–3:30 p.m.

    Defenses and New Directions

    Session Chair: Tara Whalen, Office of the Privacy Commissioner of Canada

    Secure In-Band Wireless Pairing
    Shyamnath Gollakota, Nabeel Ahmed, Nickolai Zeldovich, and Dina Katabi, Massachusetts Institute of Technology

    Read the Full paper

    Video View the Video | Slides (PPTX)

    MP3 Icon Listen to the MP3

    TRESOR Runs Encryption Securely Outside RAM
    Tilo Müller and Felix C. Freiling, University of Erlangen; Andreas Dewald, University of Mannheim

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    Bubble Trouble: Off-Line De-Anonymization of Bubble Forms
    Joseph A. Calandrino, William Clarkson, and Edward W. Felten, Princeton University

    Read the Full paper

    Video View the Video

    MP3 Icon Listen to the MP3

    REFEREED PAPERS

    Colonial Room

    2:00 p.m.–3:00 p.m.

    Securing Search

    Session Chair: Wenyuan Xu, University of South Carolina

    Measuring and Analyzing Search-Redirection Attacks in the Illicit Online Prescription Drug Trade
    Nektarios Leontiadis, Carnegie Mellon University; Tyler Moore, Harvard University; Nicolas Christin, Carnegie Mellon University

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    deSEO: Combating Search-Result Poisoning
    John P. John, University of Washington; Fang Yu and Yinglian Xie, MSR Silicon Valley; Arvind Krishnamurthy, University of Washington; Martín Abadi, MSR Silicon Valley

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    3:30 p.m.–4:00 p.m.   Break: Beverages served in the Italian Room Foyer
    4:00 p.m.–5:30 p.m. Thursday

    REFEREED PAPERS

    Grand Ballroom

    Securing Smart Phones

    Session Chair: David Evans, University of Virginia

    A Study of Android Application Security
    William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri, The Pennsylvania State University

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    Permission Re-Delegation: Attacks and Defenses
    Adrienne Porter Felt, University of California, Berkeley; Helen J. Wang and Alexander Moshchuk, Microsoft Research; Steve Hanna and Erika Chin, University of California, Berkeley

    Read the Full paper

    Video View the Video

    MP3 Icon Listen to the MP3

    QUIRE: Lightweight Provenance for Smart Phone Operating Systems
    Michael Dietz, Shashi Shekhar, Yuliy Pisetsky, Anhei Shu, and Dan S. Wallach, Rice University

    Read the Full paper (updated 7/26/11)

    Video View the Video

    MP3 Icon Listen to the MP3

    INVITED TALKS

    Colonial Room

    Deport on Arrival: Adventures in Technology, Politics, and Power
    J. Alex Halderman, Assistant Professor, Computer Science and Engineering, The University of Michigan

    Video View the Video

    MP3 Icon Listen to the MP3

    Last year, my colleagues and I were accused by unnamed intelligence officials of being a "foreign conspiracy" to destabilize a major democracy and narrowly escaped being thrown onto an airplane and deported from that country—all for publishing a research paper (Wolchok et al., CCS 2010). In this talk I will share this story and other research adventures from my work in DRM, electronic voting, and Internet censorship—areas that lie at the intersection of technology and political power. These topics touch on computer security issues that affect the relationship between individuals and government, and scientists working to understand these issues have an obligation not only to speak truth to power but also to explain technical realities directly to the people. We will travel from Manhattan alleyways to Mumbai jail cells, meeting powerful foes and making lasting friendships along the way.

    J. Alex Halderman is an assistant professor of computer science and engineering at the University of Michigan. His research spans applied computer security and tech-centric public policy, including topics such as software security, data privacy, electronic voting, censorship resistance, digital rights management, and cybercrime, as well as technological aspects of intellectual property law and government regulation.

    6:00 p.m.–7:30 p.m. Thursday

    Poster Session & Pizza Party

    California East/West

    Poster Session Chair: Patrick Traynor, Georgia Institute of Technology

    Don't miss the cool new ideas and the latest preliminary research on display at the Poster Session. Take part in discussions with your colleagues over complimentary drinks, pizza, and salad. Check out the list of accepted posters.

    Tech Sessions: Wednesday, August 10 | Thursday, August 11 | Friday, August 12
    Friday, August 12
    8:30 a.m.–9:00 a.m.    Continental Breakfast served in the Italian Room Foyer
    9:00 a.m.–10:30 a.m. Friday

    REFEREED PAPERS

    Grand Ballroom

    Understanding Attacks

    Session Chair: Hovav Shacham, University of California, San Diego

    SMS of Death: From Analyzing to Attacking Mobile Phones on a Large Scale
    Collin Mulliner, Nico Golde, and Jean-Pierre Seifert, Technische Universität Berlin and Deutsche Telekom Laboratories

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    Q: Exploit Hardening Made Easy
    Edward J. Schwartz, Thanassis Avgerinos, and David Brumley, Carnegie Mellon University

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    Cloaking Malware with the Trusted Platform Module
    Alan M. Dunn, Owen S. Hofmann, Brent Waters, and Emmett Witchel, The University of Texas at Austin

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    INVITED TALKS

    Colonial Room

    The (Decentralized) SSL Observatory
    Peter Eckersley, Senior Staff Technologist for the Electronic Frontier Foundation, and Jesse Burns, Founding Partner, iSEC Partners

    View the Slides

    The EFF SSL Observatory project collects and publishes comprehensive datasets of the TLS/SSL certificates used by servers on the public Internet. These datasets provide numerous insights into the ways cryptography is used on the Web and the collective role of Certificate Authorities (CAs) in authenticating Web servers. This talk will review previous findings from the project's scans of port 443 in IPv4 address space and will present several new results. It will also describe the design and initial findings from the new, decentralized version of the Observatory.

    Peter Eckersley is a Senior Staff Technologist at the Electronic Frontier Foundation. His work at EFF has included privacy and security projects, such as Panopticlick, HTTPS Everywhere, Surveillance Self-Defense International, and the SSL Observatory, and running the first controlled tests to confirm that Comcast was using forged reset packets to interfere with P2P protocols. Peter's PhD at the University of Melbourne was on digital copyright and alternatives to digital copyright.

    Jesse Burns is a Principal Partner at iSec Partners, an application security consulting firm. His clients include many of the world's largest technology, telecommunications, and financial services firms.

    10:30 a.m.–11:00 a.m.   Break: Coffee and tea served in the Italian Room Foyer
    11:00 a.m.–12:30 p.m. Friday

    REFEREED PAPERS

    Grand Ballroom

    Dealing with Malware and Bots

    Session Chair: Niels Provos, Google, Inc.

    Detecting Malware Domains at the Upper DNS Hierarchy
    Manos Antonakakis, Damballa Inc. and Georgia Institute of Technology; Roberto Perdisci, University of Georgia; Wenke Lee, Georgia Institute of Technology; Nikolaos Vasiloglou II, Damballa Inc.; David Dagon, Georgia Institute of Technology

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    BOTMAGNIFIER: Locating Spambots on the Internet
    Gianluca Stringhini, University of California, Santa Barbara; Thorsten Holz, Ruhr-University Bochum; Brett Stone-Gross, Christopher Kruegel, and Giovanni Vigna, University of California, Santa Barbara

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    JACKSTRAWS: Picking Command and Control Connections from Bot Traffic
    Gregoire Jacob, University of California, Santa Barbara; Ralf Hund, Ruhr-University Bochum; Christopher Kruegel, University of California, Santa Barbara; Thorsten Holz, Ruhr-University Bochum

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    PANEL

    Colonial Room

    SSL/TLS Certificates: Threat or Menace?

    Moderator: Eric Rescorla, RTFM, Inc.
    Panelists: Adam Langley, Google; Brian Smith, Mozilla; Stephen Schultze, Princeton University; Steve Kent, BBN Technologies

    Video View the Video

    MP3 Icon Listen to the MP3

    The security of SSL/TLS as used in practice depends on the security of the certificate hierarchy used to authenticate the servers. However, recent events have called the adequacy of that system into question: typical browsers trust a large number of root certificate authorities (trust anchors), and compromise of any of those anchors leads to the ability to impersonate more or less any server, as was demonstrated by the recent Comodo incident. Our panelists will talk about the state of the SSL/TLS authentication system, its future, and the various proposals for improvement and/or replacement.

    12:30 p.m.–2:00 p.m.   Lunch, on your own
    2:00 p.m.–3:30 p.m. Friday

    REFEREED PAPERS

    Grand Ballroom

    Privacy- and Freedom-Enhancing Technologies

    Session Chair: Matthew Green, Johns Hopkins University

    Telex: Anticensorship in the Network Infrastructure
    Eric Wustrow and Scott Wolchok, The University of Michigan; Ian Goldberg, University of Waterloo; J. Alex Halderman, The University of Michigan

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval
    Prateek Mittal, University of Illinois at Urbana-Champaign; Femi Olumofin, University of Waterloo; Carmela Troncoso, K.U.Leuven/IBBT; Nikita Borisov, University of Illinois at Urbana-Champaign; Ian Goldberg, University of Waterloo

    Read the Full paper

    Video View the Video | Slides (PPTX)

    MP3 Icon Listen to the MP3

    The Phantom Tollbooth: Privacy-Preserving Electronic Toll Collection in the Presence of Driver Collusion
    Sarah Meiklejohn, Keaton Mowery, Stephen Checkoway, and Hovav Shacham, University of California, San Diego

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    INVITED TALKS

    Colonial Room

    Pico: No More Passwords!
    Frank Stajano, University of Cambridge

    Video View the Video

    MP3 Icon Listen to the MP3

    Passwords are no longer acceptable as a security mechanism. Memorable, unguessable, high entropy, regularly changed, never written down, and all different . . . a contradictory and unsatisfiable set of requests! Solutions have been offered for Web authentication; to users, though, non-Web passwords are just as annoying. I propose a portable gadget called Pico to get rid of passwords everywhere, not just online, transforming "what you know" into "what you have." Maybe your gut reaction to the controversial Pico will be "it'll never work," but I believe we have a duty to come up with something more usable than passwords.

    3:30 p.m.–4:00 p.m.   Break: Beverages served in the Italian Room Foyer
    4:00 p.m.–5:30 p.m. Friday

    REFEREED PAPERS

    Grand Ballroom

    Applied Cryptography

    Session Chair: Diana Smetters, Google, Inc.

    Differential Privacy Under Fire
    Andreas Haeberlen, Benjamin C. Pierce, and Arjun Narayan, University of Pennsylvania

    Read the Full paper

    Video View the Video | Slides (PDF) (PPTX)

    MP3 Icon Listen to the MP3

    Outsourcing the Decryption of ABE Ciphertexts
    Matthew Green and Susan Hohenberger, Johns Hopkins University; Brent Waters, University of Texas at Austin

    Read the Full paper (Updated 6/14/11)

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    Faster Secure Two-Party Computation Using Garbled Circuits
    Yan Huang and David Evans, University of Virginia; Jonathan Katz, University of Maryland; Lior Malka, Intel

    Read the Full paper

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    INVITED TALKS

    Colonial Room

    The Cloud-y Future of Security Technologies
    Adam O'Donnell, Co-founder & Director, Cloud Engineering Immunet

    Video View the Video | Slides

    MP3 Icon Listen to the MP3

    With a healthy dose of technologies and techniques borrowed from big-data companies such as Google and Facebook, engineers in the security industry have led a sea change in how security products are designed and implemented. Rather than rely upon ad hoc threat detection networks and loose partnerships with other security firms to detect new threats, security firms are moving to cloud-based product models, where threat information for malicious network traffic, malware, and various forms of attacks is centrally aggregated and processed from endpoints. Large teams of analysts-focused manual identification of threats are now being displaced by data mining and machine learning, pushing the effective time to live of an attack from weeks to hours. In this talk I will show you how it's been done.

    ?Need help? Use our Contacts page.

    Last changed: 29 May 2012 mpn