To become a USENIX Member, please see our Membership Information.
10th USENIX Security Symposium
August 1317, 2001
Washington, D.C., USA
REFEREED PAPERS
Wednesday, August 15, 2001
Denial of Service
Session Chair: Steve Bellovin, AT&T Labs - Research
Using Client Puzzles to Protect TLS
Drew Dean, Xerox PARC, and Adam Stubblefield, Rice University
Awarded Best Paper!
Inferring Internet Denial-of-Service Activity
David Moore, CAIDA; Geoffrey M. Voelker and Stefan Savage, University of California, San
Diego
MULTOPS: A Data-Structure for Bandwidth Attack Detection
Thomer M. Gil, Vrije Universiteit/M.I.T., and Massimiliano Poletto, M.I.T.
Hardware
Session Chair: Dirk Balfanz, Xerox PARC
Data Remanence in Semiconductor Devices
Peter Gutmann, IBM T.J.Watson Research Center
StackGhost: Hardware Facilitated Stack Protection
Mike Frantzen, CERIAS, and Mike Shuey, Engineering Computer
Network
Improving DES Coprocessor Throughput for Short Operations
Mark Lindemann, IBM T.J. Watson Research Center, and Sean W. Smith, Dartmouth College
Firewalls/Intrusion
Detection
Session Chair: Mudge, @stake
Architecting the Lumeta Firewall Analyzer
Avishai Wool, Lumeta Corporation
Transient Addressing for Related Processes: Improved Firewalling by Using
IPV6 and Multiple Addresses per Host
Peter M. Gleitz and Steven M. Bellovin, AT&T LabsResearch
Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End
Protocol Semantics
Mark Handley and Vern Paxson, ACIRI; Christian Kreibich, Technische
Universität München
SDMI/DMCA
Reading
Between the Lines: Lessons from the SDMI Challenge
Scott A. Craver, Min Wu, and Bede Liu, Princeton University;
Adam Stubblefield, Ben Swartzlander, and Dan S. Wallach, Rice University; Drew Dean; and Edward W. Felten, Princeton University
Thursday, August 16, 2001
Operating
Systems
Session Chair: Teresa Lunt, Xerox PARC
Security Analysis of the Palm Operating System and its Weaknesses Against
Malicious Code Threats
Kingpin and Mudge, @stake, Inc.
Secure Data Deletion for Linux File Systems
Steven Bauer and Nissanka B. Priyantha, MIT
RaceGuard: Kernel Protection From Temporary File Race Vulnerabilities
Crispin Cowan, Steve Beattie, Chris Wright, and Greg Kroah-Hartman, WireX Communications, Inc.
Managing
Code
Session Chair: Trent Jaeger, IBM T.J. Watson Research Center
Statically Detecting Likely Buffer Overflow Vulnerabilities
David Larochelle and David Evans, University of Virginia
FormatGuard: Automatic Protection From printf Format String
Vulnerabilities
Crispin Cowan, Matt Barringer, Steve Beattie, and Greg Kroah-Hartman,
WireX Communications, Inc.; Mike Frantzen, Purdue University; and Jamie Lokier,
CERN
Detecting Format String Vulnerabilities with Type Qualifiers
Umesh Shankar, Kunal Talwar, Jeffrey S. Foster, and David Wagner, University of California at
Berkeley
Authorization
Session Chair: Carl Ellison, Intel Corporation
Capability File Names: Separating Authorisation From User Management in an
Internet File System
Jude T. Regan and Christian D. Jensen, Trinity College
Dublin
Kerberized Credential Translation: A Solution to Web Access Control
Olga Kornievskaia, Peter Honeyman, Bill Doster, and Kevin Coffman, CITI, University of Michigan
Awarded Best Paper!
The Dos and Don'ts of Client Authentication on the Web
Kevin Fu, Emil Sit, Kendra Smith, and Nick Feamster, MIT
Key
Management
Session Chair: Peter Gutmann, University of Aukland
SC-CFS: Smartcard Secured Cryptographic File System
Naomaru Itoi, CITI, University of Michigan
Secure Distribution of Events in Content-Based Publish Subscribe Systems
Lukasz Opyrchal and Atul Prakash, University of Michigan
A Method for Fast Revocation of Public Key Certificates and Security Capabilities
Dan Boneh, Stanford University; Xuhua Ding and Gene Tsudik, University of California, Irvine; and Chi Ming Wong, Stanford University
Friday, August 17, 2001
Math
Attacks!
Session Chair: Ian Goldberg, Zero Knowledge Systems
PDM: A New Strong Password-Based Protocol
Charlie Kaufman, Iris Associates, and Radia Perlman, Sun Microsystems Laboratories
Defending Against Statistical Steganalysis
Niels Provos, CITI, University of Michigan
Timing Analysis of Keystrokes and Timing Attacks on SSH
Dawn Xiaodong Song, David Wagner, and Xuqing Tian, University of California, Berkeley