12. CCS 2005: Alexandria, VA, USA

Keynote address

• W. Douglas Maughan:
  Homeland security: cyber security R&D initiatives. 1
  

Formal analysis of crypto protocols

• Changhua He, Mukund Sundararajan, Anupam Datta, Ante Derek, John C. Mitchell:
  A modular correctness proof of IEEE 802.11i and TLS. 2-15
  
• Mathieu Baudet:
  Deciding security of protocols against off-line guessing attacks. 16-25
  
• Peeter Laud:
  Secrecy types for a simulatable cryptographic library. 26-35
  

Trust management

• Keith Irwin, Ting Yu:
  Preventing attribute information leakage in automated trust negotiation. 36-45
  
• Jiangtao Li, Ninghui Li, William H. Winsborough:
  Automated trust negotiation using cryptographic credentials. 46-57
  
• Mohamed Shehab, Elisa Bertino, Arif Ghafoor:
  Secure collaboration in mediator-free environments. 58-67
  

Privacy and anonymity

• Qiang Huang, David Jao, Helen J. Wang:
  Applications of secure electronic voting to automated privacy-preserving troubleshooting. 68-80
  
• Xinyuan Wang, Shiping Chen, Sushil Jajodia:
  Tracking anonymous peer-to-peer VoIP calls on the internet. 81-91
  
• Giuseppe Ateniese, Jan Camenisch, Breno de Medeiros:
  Untraceable RFID tags via insubvertible encryption. 92-101
  
• Arvind Narayanan, Vitaly Shmatikov:
  Obfuscated databases and group privacy. 102-111
  

Authentication

• Mario Di Raimondo, Rosario Gennaro:
  New approaches for deniable authentication. 112-121
  
• Jean-Pierre Seifert:
  On authenticated computing and RSA-based authentication. 122-127
  
• Meiyuan Zhao, Sean W. Smith, David M. Nicol:
  Aggregated path authentication for efficient BGP security. 128-138
  
• Onur Aciiçmez, Werner Schindler, Çetin Kaya Koç:
  Improving Brumley and Boneh timing attack on unprotected SSL implementations. 139-146
  

Access control

• Kevin Borders, Xin Zhao, Atul Prakash:
  CPOL: high-performance policy evaluation. 147-157
  
• Jason Crampton:
  Understanding and developing role-based administrative models. 158-167
  
• Marianne Winslett, Charles C. Zhang, Piero A. Bonatti:
  PeerAccess: a logic for distributed authorization. 168-179
  

Key management, key exchange, & pseudo-random generation

• Jonathan Katz, Ji Sun Shin:
  Modeling insider attacks on group key-exchange protocols. 180-189
  
• Mikhail J. Atallah, Keith B. Frikken, Marina Blanton:
  Dynamic and efficient key management for access hierarchies. 190-202
  
• Boaz Barak, Shai Halevi:
  A model and architecture for pseudo-random generation with applications to /dev/random. 203-212
  

Intrusion detection and prevention

• Zhenkai Liang, R. Sekar:
  Fast and automated generation of attack signatures: a basis for building self-protecting servers. 213-222
  
• Jun Xu, Peng Ning, Chongkyung Kil, Yan Zhai, Christopher Bookholt:
  Automatic diagnosis and response to memory corruption vulnerabilities. 223-234
  
• Jedidiah R. Crandall, Zhendong Su, Shyhtsun Felix Wu, Frederic T. Chong:
  On deriving unknown vulnerabilities from zero-day polymorphic and metamorphic worm exploits. 235-248
  
• Angelos Stavrou, Angelos D. Keromytis:
  Countering DoS attacks with stateless multipath overlays. 249-259
  

Security for diffuse computing

• Karl Krukow, Mogens Nielsen, Vladimiro Sassone:
  A framework for concrete reputation-systems with applications to history-based access control. 260-269
  
• Shai Rubin, Mihai Christodorescu, Vinod Ganapathy, Jonathon T. Giffin, Louis Kruger, Hao Wang, Nicholas Kidd:
  An auctioning reputation system based on anomaly. 270-279
  
• Matthew Yurkewych, Brian Neil Levine, Arnold L. Rosenberg:
  On the cost-ineffectiveness of redundancy in commercial P2P computing. 280-288
  
• Mudhakar Srivatsa, Ling Liu:
  Securing publish-subscribe overlay services with EventGuard. 289-298
  

Cryptography

• Craig Gentry, Philip D. MacKenzie, Zulfikar Ramzan:
  Password authenticated key exchange using hidden smooth subgroups. 299-309
  
• Giuseppe Ateniese, Susan Hohenberger:
  Proxy re-signatures: new definitions, algorithms, and applications. 310-319
  
• Xavier Boyen, Qixiang Mei, Brent Waters:
  Direct chosen ciphertext security from identity-based techniques. 320-329
  

Automated analysis

• Vinod Ganapathy, Trent Jaeger, Somesh Jha:
  Automatic placement of authorization hooks in the linux security modules framework. 330-339
  
• Martín Abadi, Mihai Budiu, Úlfar Erlingsson, Jay Ligatti:
  Control-flow integrity. 340-353
  
• Michael F. Ringenburg, Dan Grossman:
  Preventing format-string attacks via automatic and efficient dynamic checking. 354-363
  

Attacking passwords and bringing down the network

• Arvind Narayanan, Vitaly Shmatikov:
  Fast dictionary attacks on passwords using time-space tradeoff. 364-372
  
• Li Zhuang, Feng Zhou, J. D. Tygar:
  Keyboard acoustic emanations revisited. 373-382
  
• Rob Sherwood, Bobby Bhattacharjee, Ryan Braud:
  Misbehaving TCP receivers can cause internet-wide congestion collapse. 383-392
  
• William Enck, Patrick Traynor, Patrick McDaniel, Thomas F. La Porta:
  Exploiting open functionality in SMS-capable cellular networks. 393-404
  

Industry track invited talks

• Peter P. Swire:
  Security market: incentives for disclosure of vulnerabilities. 405
  
• Guido Appenzeller:
  Identity-based encryption from algorithm to enterprise deployment. 406
  
• Vance Bjorn:
  Biometrics hit the mainstream: an analysis of security and privacy implications. 407