Technical Sessions [Wednesday, August 16]
[Thursday, August 17]
WEDNESDAY, AUGUST 16, 2000
Opening Remarks and
Keynote Address: The Journey Ahead
Blaine Burnham, Director, Georgia Tech Information Security Center
Dr. Burnham will recap the recent politics of information security and roll out
a proposed "case for action."
Session Chair: Dan Wallach, Rice University
MAPbox: Using Parameterized Behavior Classes to Confine Untrusted
Anurag Acharya and Mandar Raje, University of California at Santa Barbara
A Secure Java Virtual Machine
Leendert van Doorn, IBM T.J. Watson Research Center
Encrypting Virtual Memory
Niels Provos, University of Michigan
Deja Vu--A User Study: Using Images for Authentication
Rachna Dhamija and Adrian Perrig, University of California at Berkeley
Security: Is There Really a Threat?
Dave Dittrich, University of Washington
Throughout 1999, groups around the world were involved in the development of
distributed DoS (DDoS) attack programs which allowed the coordination of
literally thousands of compromised computers. By January 1, 2000, four of these
DDoS tools had been identified by incident investigators and analyzed. February
2000 brought DoS attacks against several e-commerce sites, and DDoS to the
attention of the general public.
Most current proposals deal only with a small part of the issue. We will look at
the larger picture of response to DDoS attacks.
pm Lunch (on your own)
Session Chair: Ian Goldberg, University of California at Berkeley
Publius: A Robust, Tamper-Evident, Censorship-Resistant, and Source-Anonymous
Web Publishing System
Marc Waldman, New York University; and Aviel D. Rubin and Lorrie F.
Cranor, AT&T LabsResearch
Probabilistic Counting of Large Digital Signature Collections
Markus G. Kuhn, University of Cambridge, U.K.
Can Pseudonymity Really Guarantee Privacy?
Josyula R. Rao and Pankaj Rohatgi, IBM T.J. Watson Research Center
Duncan Campbell, IPTV Ltd., EPIC (Electronic Privacy Information Center), and
International Consortium of Investigative Journalists
Communications intelligence (Comint) as an industrial activity has been
established globally for over 50 years. At the height of the Cold War, immense
resources were devoted by Western signals intelligence agencies to collecting
civilian communications of their own and other Western nations. Since then,
agencies such as the U.S. National Security Agency have redefined their mission
as "global access" to others' telecommunications.
This talk reviews the development, scale, significance, and technical functions
of the Comint network run jointly by the English-speaking nations. The
increasing impact of cryptography and other security measures suggests that
Comint resources are likely to shift to network and terminal attacks. The
implications of these moves will be discussed.
Session Chair: Markus Kuhn, University of Cambridge, U.K.
An Open-Source Cryptographic Coprocessor
Peter Gutmann, University of Auckland, New Zealand
Secure Coprocessor Integration with Kerberos V5
Naomaru Itoi, University of Michigan
Analysis of the Intel Pentium's Ability to Support a Secure Virtual Machine
John Scott Robin, U.S. Air Force; and Cynthia E. Irvine, Naval
Pitfalls of PKI
Mark Chen, Securify
"Public-key infrastructure": To many people, these words suggest a unified
authentication mechanism suitable for supporting a diverse array of security
requirements. Public-key technology does solve some problems that are not easily
managed with symmetric ciphers, but the practical deployment issues are complex,
and obscured by the word infrastructure. This talk addresses the
trust-management pitfalls that lurk in the use of public-key technology in
business applications. It is particularly relevant for those who are considering
retaining the services of a commercial certification authority.
THURSDAY, AUGUST 17, 2000
Session Chair: Wietse Venema, IBM T.J.Watson Research Center
Detecting and Countering System Intrusions Using Software Wrappers
Calvin Ko, Timothy Fraser, Lee Badger, and Douglas Kilpatrick, INAI Labs
Yin Zhang, Cornell University; and Vern Paxson, ACIRI
Detecting Stepping Stones
Yin Zhang, Cornell University; and Vern Paxson, ACIRI
Automated Response Using System-Call Delay
Anil Somayaji, University of New Mexico; and Stephanie Forrest, Santa
The Practical Use
of Cryptography in Human Rights Groups
Suelette Dreyfus, Author
Modern cryptography is increasingly being used by human rights and nonprofit
community activist groups around the world to protect sensitive data from
governments and hostile organizations. A number of Truth Commissions, as well as
grassroots human rights groups interviewing victims of and witnesses to human
rights abuses, have relied on cryptographic software.
This talk will look at a case study: the use of cryptography by a grassroots HR
group and the Truth Commission in Guatemala to protect witnesses from
retribution, as well as to ensure the integrity of the data. It will conclude
with a brief review of anti-cryptography laws around the globe, and how certain
types of new technology may thwart these laws.
Session Chair: Tara Whalen, Communications Research Centre Canada
CenterTrack: An IP Overlay Network for Tracking DoS Floods
Robert Stone, UUNET Technologies Inc.
A Multi-Layer IPSEC Protocol
Yongguang Zhang and Bikramjit Singh, HRL Laboratories, LLC
Defeating TCP/IP Stack Fingerprinting
Matthew Smart, G. Robert Malan, and Farnam Jahanian, University of
Technologies: How Not to Build the Future
Ian Goldberg, Zero-Knowledge Systems
Much talk has been heard recently of "Privacy-Enhancing Technologies," which
ostensibly allow a user to maintain his privacy while using some other,
assumedly desirable, technologies. The underlying problem is that these other
technologies degrade the user's privacy in the first place. This talk will
discuss the "Nymity Slider" and will indicate how, keeping it in mind, we should
aim to build future technology with privacy as important a part of the design as
are security, performance, and correctness.
pm Lunch (on your own)
Session Chair: Elizabeth Zwicky, Counterpane Internet Security
A Chosen Ciphertext Attack Against Several E-Mail Encryption Protocols
Jonathan Katz, Columbia University; and Bruce Schneier, Counterpane
Internet Security, Inc.
PGP in Constrained Wireless Devices
Michael Brown and Donny Cheung, University of Waterloo, Canada; Darrel
Hankerson, Auburn University; Julio Lopez Hernandez, State University
of Campinas, Brazil; and Michael Kirkup and Alfred Menezes, University of
Shibboleth: Private Mailing List Manager
Matt Curtin, Interhack Posse
Detecting Addressable Promiscuous Devices
Mudge, VP of Research and Development, @stake
When an intruder obtains elevated privileges on a remote system, the machine is
usually placed in promiscuous mode to monitor traffic on the network, often
rewarding the the intruder with such items as user names, passwords, email, and
usage statistics. Machines on the network in promiscuous mode often indicates
that those systems have been compromised. Once intruders have access, they
commonly fix the holes that were exploited and then install backdoors to allow
future access. Such a system may well pass network security scans even though it
remains compromised. This talk describes some network techniques that can be
used to detect
Session Chair: Peter Honeyman, CITI, University of Michigan
Do you have interesting work you would like to share, or a cool idea that is not
yet ready to be published? Symposium attendees provide valuable discussion and
feedback. Short, pithy, and fun, this Work-in-Progress Session (WiPs)
introduces interesting new or ongoing work. We are particularly interested in
presentation of student work.
Speakers should submit a one- or two-paragraph abstract to
email@example.com by 6:00 pm on Wednesday, August 16, 2000. Please include
your name, affiliation, and the title of your talk. The time available will be
distributed among the presenters with a minimum of 5 minutes and a maximum of 10
minutes. The time limit will be strictly enforced. A schedule of presentations
will be posted at the symposium by noon on August 17. Experience has shown that
most submissions are usually accepted.