Check out the new USENIX Web site.
WOOT '09 Banner

USENIX Security '09


All sessions will take place in Salon Drummond Centre (Level 3) unless otherwise noted.

Session papers are available to workshop registrants immediately and to everyone beginning August 10, 2009.

Monday, August 10, 2009
8:30 a.m.–9:00 a.m.    Continental Breakfast, Ballroom Foyer (Level 4)
9:15 a.m.–9:30 a.m.


9:30 a.m.–10:30 a.m.

Keynote Address

Breaking DNSSEC
Daniel J. Bernstein, University of Illinois at Chicago

More than two hundred sites around the world have installed DNSSEC during the past year, so attackers can finally gain hands-on experience with breaking DNSSEC servers. How quickly does DNSSEC leak private information? How powerful are today's DNSSEC servers when they are abused as denial-of-service amplifiers? How easy is it to forge DNS data from a DNSSEC server?

10:30 a.m.–10:50 a.m.    Break
10:50 a.m.–12:20 p.m.


Unpacking Virtualization Obfuscators
Rolf Rolles

Paper in PDF

A Fistful of Red-Pills: How to Automatically Generate Procedures to Detect CPU Emulators
Roberto Paleari, Università degli Studi di Milano; Lorenzo Martignoni, Università degli Studi di Udine; Giampaolo Fresi Roglia and Danilo Bruschi, Università degli Studi di Milano

Paper in PDF

Covert Channels through External Interference
Gaurav Shah and Matt Blaze, University of Pennsylvania

Paper in PDF

12:20 p.m.–1:45 p.m.    Workshop Luncheon, Ballroom East (Level 4)
1:45 p.m.–3:15 p.m.


Rootkits for JavaScript Environments
Ben Adida, Harvard University; Adam Barth, University of California, Berkeley; Collin Jackson, Stanford University

Paper in PDF

Injecting SMS Messages into Smart Phones for Security Analysis
Collin Mulliner, Deutsche Telekom Laboratories/TU-Berlin; Charlie Miller, Independent Security Evaluators

Paper in PDF

Half-Blind Attacks: Mask ROM Bootloaders Are Dangerous
Travis Goodspeed; Aurélien Francillon, INRIA Rhône-Alpes

Paper in PDF

3:15 p.m.–3:40 p.m.    Break
3:40 p.m.–5:10 p.m.


Routing Loop Attacks Using IPv6 Tunnels
Gabi Nakibly and Michael Arov, National EW Research & Simulation Center, Rafael—Advanced Defense Systems

Paper in PDF | Slides

Decaptcha: Breaking 75% of eBay Audio CAPTCHAs
Elie Bursztein and Steven Bethard, Stanford University

Paper in PDF

PolyPack: An Automated Online Packing Service for Optimal Antivirus Evasion
Jon Oberheide, Michael Bailey, and Farnam Jahanian, University of Michigan

Paper in PDF

5:10 p.m.–5:50 p.m.

Rump Session

5-minute talks

? Need help? Use our Contacts page.

Last changed: 20 Aug. 2009 jp