NDSS'10 の論文
Feb 15, 2010 From: k.suzaki@a...
# 先ほどの投稿のアーカイブが昔のポストになっている http://qwik.atdot.net/vimpl/100.html
# qwikweb がおかしいのでは?
# とりあえず、タイトルを変えて再送します。
須崎です。NDSS (Network and Distributed Systems Security Symposium)
2010 の論文が幾つか公開されていたので入手可能なURLをまとめました。ご参
考までに。
このMLだと Binary Code Extraction and Interface Identification for
Security Application に興味があるのでは?この著者Ph.D Candidateですが、
DIMVA 2010 のprogram commiteeだそうです。
http://www.ece.cmu.edu/~juanca/
また、When Good Randomness Goes Bad の著者は CCS'09 でCross VM
Vulnerabilities in Cloud Computingの著者です。彼もPhD candidateだそうです。
http://cseweb.ucsd.edu/~tristenp/
■ Session 1: Distributed Systems and Networks
Server-side Verification of Client Behavior in Online Games
Darrell Bethea, Robert Cochran and Michael Reiter
Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs
Scott Wolchok, Owen S. Hofmann, Nadia Heninger, Edward W. Felten,
J. Alex Halderman, Christopher J. Rossbach, Brent Waters, and Emmett Witchel
NDSS の論文とは違うが同じタイトル、同じ著者 http://www.cse.umich.edu/~jhalderm/pub/papers/vanish-broken-20090928.pdf
Stealth DoS Attacks on Secure Channels
Amir Herzberg and Haya Shulman
■ Session 2: Web Security and Privacy
Protecting Browsers from Extension Vulnerabilities
Adam Barth, Adrienne Porter Felt, Prateek Saxena, and Aaron Boodman
http://www.adambarth.com/papers/2010/barth-felt-saxena-boodman.pdf
Adnostic: Privacy Preserving Targeted Advertising
Vincent Toubiana, Arvind Narayanan, Dan Boneh, Helen Nissenbaum and Solon Barocas
http://crypto.stanford.edu/adnostic/adnostic.pdf
FLAX: Systematic Discovery of Client-side Validation Vulnerabilities in Rich Web Applications
Prateek Saxena, Steve Hanna, Pongsin Poosankam and Dawn Song
http://www.cs.berkeley.edu/~prateeks/papers/FLAX.pdf
■ Session 3: Intrusion Detection and Attack Analysis
Effective Anomaly Detection with Scarce Training Data
William Robertson, Federico Maggi, Christopher Kruegel and Giovanni Vigna
http://people.cs.vt.edu/~danfeng/courses/cs6204/papers/long_tail_embed-kruegel.pdf
A Systematic Characterization of IM Threats using Honeypots
Iasonas Polakis, Thanasis Petsas, Evangelos P. Markatos and Spiros Antonatos
■ Session 4: Spam
On Network-level Clusters for Spam Detection
Zhiyun Qian, Zhuoqing Mao, Yinglian Xie and Fang Yu
Improving Spam Blacklisting Through Dynamic Thresholding and Speculative Aggregation
Sushant Sinha, Michael Bailey and Farnam Jahanian
Botnet Judo: Fighting Spam with Itself
Andreas Pitsillidis, Kirill Levchenko, Christian Kreibich, Chris Kanich, Geoffrey M. Voelker,
Vern Paxson, Nicholas Weaver and Stefan Savage
関連記事 http://www.allspammedup.com/2010/01/botnet-judo-fights-spam-flip/
■ Session 5: Anonymity and Cryptographic Systems
Contractual Anonymity
Edward J. Schwartz, David Brumley and Jonathan M. McCune
NDSS の論文とは違うが同じタイトル、同じ著者 http://reports-archive.adm.cs.cmu.edu/anon/2009/CMU-CS-09-144.pdf Master Thesis http://www.ece.cmu.edu/~ejschwar/papers/cathesis09.pdf
A3: An Extensible Platform for Application-Aware Anonymity
Micah Sherr, Andrew Mao, William R. Marczak, Wenchao Zhou and Boon Thau Loo
プロジェクトHP http://a3.cis.upenn.edu/
When Good Randomness Goes Bad: Virtual Machine Reset Vulnerabilities and Hedging Deployed Cryptography
Thomas Ristenpart and Scott Yilek
著者のHP http://cseweb.ucsd.edu/~syilek/ndss2010.html
■ Session 6: Security Protocols and Policies
InvisiType: Object-Oriented Security Policies
Jiwon Seo and Monica S. Lam
http://suif.stanford.edu/papers/ndss10.pdf
A Security Evaluation of DNSSEC with NSEC3
Jason Bau and John Mitchell
On the Safety of Enterprise Policy Deployment
Yudong Gao, Ni Pan, Xu Chen and Z. Morley Mao
■ Session 7: Languages and Systems Security
Where Do You Want to Go Today? Escalating Privileges by Pathname Manipulation
Suresh Chari, Shai Halevi and Wietse Venema
NDSS の論文とは違うが同じタイトル、同じ著者のIBM Research Report http://domino.watson.ibm.com/library/CyberDig.nsf/papers/234774460318DB03852576710068B0EB/$File/rc24900.pdf
Joe-E: A Security-Oriented Subset of Java
Adrian Mettler, David Wagner and Tyler Close
http://www.eecs.berkeley.edu/~daw/papers/joe-e-ndss10.pdf
Preventing Capability Leaks in Secure JavaScript Subsets
Matthew Finifter, Joel Weinberger and Adam Barth
http://www.eecs.berkeley.edu/~finifter/staticad.pdf
■ Session 8: Malware
Binary Code Extraction and Interface Identification for Security Applications
Juan Caballero, Noah M. Johnson, Stephen McCamant, and Dawn Song
http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-133.pdf
Automatic Reverse Engineering of Data Structures from Binary Execution
Zhiqiang Lin, Xiangyu Zhang and Dongyan Xu
タイトルは面白そう。
Efficient Detection of Split Personalities in Malware
Davide Balzarotti, Marco Cova, Christoph Karlberger, Engin Kirda, Christopher Kruegel and Giovanni Vigna
http://www.iseclab.org/papers/NDSS2010.pdf
suzaki
Feb 15, 2010 From: ko1@a...
(2010/02/15 15:21), Kuniyasu Suzaki wrote::
# 先ほどの投稿のアーカイブが昔のポストになっている http://qwik.atdot.net/vimpl/100.html # qwikweb がおかしいのでは? # とりあえず、タイトルを変えて再送します。
おかしくないです.同じタイトル(Re: とかは無視)のメールは同じページに
集まるという仕様です.
// SASADA Koichi at atdot dot net
Feb 15, 2010 From: k.suzaki@a...
須崎です。
>>From: SASADA Koichi <ko1@a...> >>Subject: [vimpl:175] Re: NDSS'10 の論文 >> >>(2010/02/15 15:21), Kuniyasu Suzaki wrote:: >>> # 先ほどの投稿のアーカイブが昔のポストになっている http://qwik.atdot.net/vimpl/100.html >>> # qwikweb がおかしいのでは? >>> # とりあえず、タイトルを変えて再送します。 >> >> おかしくないです.同じタイトル(Re: とかは無視)のメールは同じページに >>集まるという仕様です.
了解。HPの下の方に付いてました。
suzaki