To become a USENIX Member, please see our Membership Information.

10th USENIX Security Symposium
August 13–17, 2001
Washington, D.C., USA

REFEREED PAPERS

Wednesday, August 15, 2001

Using Client Puzzles to Protect TLS
Drew Dean, Xerox PARC, and Adam Stubblefield, Rice University

Awarded Best Paper!
Inferring Internet Denial-of-Service Activity
David Moore, CAIDA; Geoffrey M. Voelker and Stefan Savage, University of California, San Diego

MULTOPS: A Data-Structure for Bandwidth Attack Detection
Thomer M. Gil, Vrije Universiteit/M.I.T., and Massimiliano Poletto, M.I.T.

Hardware
Session Chair: Dirk Balfanz, Xerox PARC

Data Remanence in Semiconductor Devices
Peter Gutmann, IBM T.J.Watson Research Center

StackGhost: Hardware Facilitated Stack Protection
Mike Frantzen, CERIAS, and Mike Shuey, Engineering Computer Network

Improving DES Coprocessor Throughput for Short Operations
Mark Lindemann, IBM T.J. Watson Research Center, and Sean W. Smith, Dartmouth College

Firewalls/Intrusion Detection
Session Chair: Mudge, @stake

Architecting the Lumeta Firewall Analyzer
Avishai Wool, Lumeta Corporation

Transient Addressing for Related Processes: Improved Firewalling by Using IPV6 and Multiple Addresses per Host
Peter M. Gleitz and Steven M. Bellovin, AT&T Labs–Research

Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics
Mark Handley and Vern Paxson, ACIRI; Christian Kreibich, Technische Universität München

SDMI/DMCA

Reading Between the Lines: Lessons from the SDMI Challenge
Scott A. Craver, Min Wu, and Bede Liu, Princeton University; Adam Stubblefield, Ben Swartzlander, and Dan S. Wallach, Rice University; Drew Dean; and Edward W. Felten, Princeton University

Thursday, August 16, 2001

Security Analysis of the Palm Operating System and its Weaknesses Against Malicious Code Threats
Kingpin and Mudge, @stake, Inc.

Secure Data Deletion for Linux File Systems
Steven Bauer and Nissanka B. Priyantha, MIT

RaceGuard: Kernel Protection From Temporary File Race Vulnerabilities
Crispin Cowan, Steve Beattie, Chris Wright, and Greg Kroah-Hartman, WireX Communications, Inc.

Managing Code
Session Chair: Trent Jaeger, IBM T.J. Watson Research Center

Statically Detecting Likely Buffer Overflow Vulnerabilities
David Larochelle and David Evans, University of Virginia

FormatGuard: Automatic Protection From printf Format String Vulnerabilities
Crispin Cowan, Matt Barringer, Steve Beattie, and Greg Kroah-Hartman, WireX Communications, Inc.; Mike Frantzen, Purdue University; and Jamie Lokier, CERN

Detecting Format String Vulnerabilities with Type Qualifiers
Umesh Shankar, Kunal Talwar, Jeffrey S. Foster, and David Wagner, University of California at Berkeley

Authorization
Session Chair: Carl Ellison, Intel Corporation

Capability File Names: Separating Authorisation From User Management in an Internet File System
Jude T. Regan and Christian D. Jensen, Trinity College Dublin

Kerberized Credential Translation: A Solution to Web Access Control
Olga Kornievskaia, Peter Honeyman, Bill Doster, and Kevin Coffman, CITI, University of Michigan

Awarded Best Paper!
The Dos and Don'ts of Client Authentication on the Web
Kevin Fu, Emil Sit, Kendra Smith, and Nick Feamster, MIT

Key Management
Session Chair: Peter Gutmann, University of Aukland

SC-CFS: Smartcard Secured Cryptographic File System
Naomaru Itoi, CITI, University of Michigan

Secure Distribution of Events in Content-Based Publish Subscribe Systems
Lukasz Opyrchal and Atul Prakash, University of Michigan

A Method for Fast Revocation of Public Key Certificates and Security Capabilities
Dan Boneh, Stanford University; Xuhua Ding and Gene Tsudik, University of California, Irvine; and Chi Ming Wong, Stanford University

Friday, August 17, 2001

PDM: A New Strong Password-Based Protocol
Charlie Kaufman, Iris Associates, and Radia Perlman, Sun Microsystems Laboratories

Defending Against Statistical Steganalysis
Niels Provos, CITI, University of Michigan

Timing Analysis of Keystrokes and Timing Attacks on SSH
Dawn Xiaodong Song, David Wagner, and Xuqing Tian, University of California, Berkeley