Check out the new USENIX Web site.
9th USENIX Security Symposium, Aug. 14-17, 2000, Denver, Colorado
Home  | At a Glance  | Register/Hotel  | Tutorials  | Technical Sessions  | Exhibition  | Organizers  | Activities

Technical Sessions   [Wednesday, August 16]    [Thursday, August 17]


9:00 am—10:15 am
Opening Remarks and Keynote Address: The Journey Ahead
Blaine Burnham, Director, Georgia Tech Information Security Center

Dr. Burnham will recap the recent politics of information security and roll out a proposed "case for action."

10:15 am—10:45 am Break
10:45 am—12:45 pm

OS Security
Session Chair: Dan Wallach, Rice University

MAPbox: Using Parameterized Behavior Classes to Confine Untrusted Applications
Anurag Acharya and Mandar Raje, University of California at Santa Barbara

A Secure Java Virtual Machine
Leendert van Doorn, IBM T.J. Watson Research Center

Encrypting Virtual Memory
Niels Provos, University of Michigan

Deja Vu--A User Study: Using Images for Authentication
Rachna Dhamija and Adrian Perrig, University of California at Berkeley


Computer System Security: Is There Really a Threat?
Dave Dittrich, University of Washington

Throughout 1999, groups around the world were involved in the development of distributed DoS (DDoS) attack programs which allowed the coordination of literally thousands of compromised computers. By January 1, 2000, four of these DDoS tools had been identified by incident investigators and analyzed. February 2000 brought DoS attacks against several e-commerce sites, and DDoS to the attention of the general public.

Most current proposals deal only with a small part of the issue. We will look at the larger picture of response to DDoS attacks.

12:45 pm—2:00 pm Lunch (on your own)
2:00 pm—3:30 pm

Session Chair: Ian Goldberg, University of California at Berkeley

Publius: A Robust, Tamper-Evident, Censorship-Resistant, and Source-Anonymous Web Publishing System
Marc Waldman, New York University; and Aviel D. Rubin and Lorrie F. Cranor, AT&T Labs—Research

Probabilistic Counting of Large Digital Signature Collections
Markus G. Kuhn, University of Cambridge, U.K.

Can Pseudonymity Really Guarantee Privacy?
Josyula R. Rao and Pankaj Rohatgi, IBM T.J. Watson Research Center


The Insecurity Industry
Duncan Campbell, IPTV Ltd., EPIC (Electronic Privacy Information Center), and International Consortium of Investigative Journalists

Communications intelligence (Comint) as an industrial activity has been established globally for over 50 years. At the height of the Cold War, immense resources were devoted by Western signals intelligence agencies to collecting civilian communications of their own and other Western nations. Since then, agencies such as the U.S. National Security Agency have redefined their mission as "global access" to others' telecommunications.

This talk reviews the development, scale, significance, and technical functions of the Comint network run jointly by the English-speaking nations. The increasing impact of cryptography and other security measures suggests that Comint resources are likely to shift to network and terminal attacks. The implications of these moves will be discussed.

3:30 pm—4:00 pm Break
4:00 pm—5:30 pm

Session Chair: Markus Kuhn, University of Cambridge, U.K.

An Open-Source Cryptographic Coprocessor
Peter Gutmann, University of Auckland, New Zealand

Secure Coprocessor Integration with Kerberos V5
Naomaru Itoi, University of Michigan

Analysis of the Intel Pentium's Ability to Support a Secure Virtual Machine Monitor
John Scott Robin, U.S. Air Force; and Cynthia E. Irvine, Naval Postgraduate School


Trust-Management Pitfalls of PKI
Mark Chen, Securify

"Public-key infrastructure": To many people, these words suggest a unified authentication mechanism suitable for supporting a diverse array of security requirements. Public-key technology does solve some problems that are not easily managed with symmetric ciphers, but the practical deployment issues are complex, and obscured by the word infrastructure. This talk addresses the trust-management pitfalls that lurk in the use of public-key technology in business applications. It is particularly relevant for those who are considering retaining the services of a commercial certification authority.

9:00 am—10:45 am

Intrusion Detection
Session Chair: Wietse Venema, IBM T.J.Watson Research Center

Detecting and Countering System Intrusions Using Software Wrappers
Calvin Ko, Timothy Fraser, Lee Badger, and Douglas Kilpatrick, INAI Labs

Detecting Backdoors
Yin Zhang, Cornell University; and Vern Paxson, ACIRI

Detecting Stepping Stones
Yin Zhang, Cornell University; and Vern Paxson, ACIRI

Automated Response Using System-Call Delay
Anil Somayaji, University of New Mexico; and Stephanie Forrest, Santa Fe Institute


The Practical Use of Cryptography in Human Rights Groups
Suelette Dreyfus, Author

Modern cryptography is increasingly being used by human rights and nonprofit community activist groups around the world to protect sensitive data from governments and hostile organizations. A number of Truth Commissions, as well as grassroots human rights groups interviewing victims of and witnesses to human rights abuses, have relied on cryptographic software.

This talk will look at a case study: the use of cryptography by a grassroots HR group and the Truth Commission in Guatemala to protect witnesses from retribution, as well as to ensure the integrity of the data. It will conclude with a brief review of anti-cryptography laws around the globe, and how certain types of new technology may thwart these laws.

10:45 am—11:15 am Break
11:15 am—12:45 pm

Network Protection
Session Chair: Tara Whalen, Communications Research Centre Canada

CenterTrack: An IP Overlay Network for Tracking DoS Floods
Robert Stone, UUNET Technologies Inc.

A Multi-Layer IPSEC Protocol
Yongguang Zhang and Bikramjit Singh, HRL Laboratories, LLC

Defeating TCP/IP Stack Fingerprinting
Matthew Smart, G. Robert Malan, and Farnam Jahanian, University of Michigan


Privacy-Degrading Technologies: How Not to Build the Future
Ian Goldberg, Zero-Knowledge Systems

Much talk has been heard recently of "Privacy-Enhancing Technologies," which ostensibly allow a user to maintain his privacy while using some other, assumedly desirable, technologies. The underlying problem is that these other technologies degrade the user's privacy in the first place. This talk will discuss the "Nymity Slider" and will indicate how, keeping it in mind, we should aim to build future technology with privacy as important a part of the design as are security, performance, and correctness.

12:45 am—2:00 pm Lunch (on your own)
2:00 pm—3:30 pm

Session Chair: Elizabeth Zwicky, Counterpane Internet Security

A Chosen Ciphertext Attack Against Several E-Mail Encryption Protocols
Jonathan Katz, Columbia University; and Bruce Schneier, Counterpane Internet Security, Inc.

PGP in Constrained Wireless Devices
Michael Brown and Donny Cheung, University of Waterloo, Canada; Darrel Hankerson, Auburn University; Julio Lopez Hernandez, State University of Campinas, Brazil; and Michael Kirkup and Alfred Menezes, University of Waterloo, Canada

Shibboleth: Private Mailing List Manager
Matt Curtin, Interhack Posse


Methods for Detecting Addressable Promiscuous Devices
Mudge, VP of Research and Development, @stake

When an intruder obtains elevated privileges on a remote system, the machine is usually placed in promiscuous mode to monitor traffic on the network, often rewarding the the intruder with such items as user names, passwords, email, and usage statistics. Machines on the network in promiscuous mode often indicates that those systems have been compromised. Once intruders have access, they commonly fix the holes that were exploited and then install backdoors to allow future access. Such a system may well pass network security scans even though it remains compromised. This talk describes some network techniques that can be used to detect this situation.

3:30 pm—4:00 pm Break
4:00 pm—5:30 pm
Work-in-Progress Session (WiPs)
Session Chair: Peter Honeyman, CITI, University of Michigan

Do you have interesting work you would like to share, or a cool idea that is not yet ready to be published? Symposium attendees provide valuable discussion and feedback. Short, pithy, and fun, this Work-in-Progress Session (WiPs) introduces interesting new or ongoing work. We are particularly interested in presentation of student work.

Speakers should submit a one- or two-paragraph abstract to by 6:00 pm on Wednesday, August 16, 2000. Please include your name, affiliation, and the title of your talk. The time available will be distributed among the presenters with a minimum of 5 minutes and a maximum of 10 minutes. The time limit will be strictly enforced. A schedule of presentations will be posted at the symposium by noon on August 17. Experience has shown that most submissions are usually accepted.

?Need help? Use our Contacts page.
Last changed: 22 Aug 2000 mc
Security 2000 home
Events calendar