[我研究]安全会议研究方向总结
(Computer Security Conference Ranking and Statistic - http://faculty.cs.tamu.edu/guofei/sec_conf_stat.htm)
IEEE S&P 2011
Session 1: Security of authentication and protection mechanisms
Session 2: Hardware Security
Session 3: Systematization of Knowledge I
Mobile Security Catching Up? - Revealing the nuts and bolts of the security of mobile devices
Michael Becher (University of Mannheim), Felix C. Freiling (University of Mannheim), Johannes Hoffmann (Ruhr-University Bochum), Thorsten Holz (Ruhr-University Bochum), Sebastian Uellenbeck (Ruhr-University Bochum), Christopher Wolf (Ruhr-University Bochum)
Session 4: Browsing Security and Privacy
Session 5: Secure Information Flow and Information Policies
Session 6: Privacy and Social Networks
Session 7: Virtualization and Trusted Computing
Session 8: Program Security Analysis
Differential Slicing: Identifying Causal Execution Differences for Security Applications
Noah Johnson (UC Berkeley) Juan Caballero (IMDEA Software Institute) Kevin Chen (UC Berkeley) Stephen McCamant (UC Berkeley Pongsin Poosankam (UC Berkeley, Carnegie Mellon University) Daniel Reynaud (UC Berkeley) Dawn Song (UC Berkeley)
Automated Analysis of Security-Critical JavaScript APIs
Ankur Taly (Stanford University), Ulfar Erlingsson (Google), Mark Miller (Google), John C. Mitchell (Stanford University), Jasvir Nagra (Google)
Session 9: Systematization of Knowledge II
Session 10: Underground Economy/Malware
Session 11: Vulnerability Analysis
Session 12: Anonymity and Voting
IEEE S&P 2010
Session 1: Malware Analysis
Session 2: Information Flow
Session 3: Root of Trust
Session 4: Information Abuse
Session 5: Network Security
Session 6: Systematization of Knowledge I
Session 7: Secure Systems
Session 8: Systematization of Knowledge II
Session 9: Analyzing Deployed Systems
Session 10: Language-Based Security
TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection [Slides: PPTX, PDF]
Tielei Wang (Peking University), Tao Wei (Peking University), Guofei Gu (Texas A & M University), Wei Zou (Peking University)
IEEE S&P 2009
Session 1: Attacks and Defenses
Session 2: Information Security
Session 3: Malicious Code
Native Client: A Sandbox for Portable, Untrusted x86 Native Code (Best Paper Award)
Bennet Yee, David Sehr, Gregory Dardyk, Brad Chen, Robert Muth, Tavis Ormandy, Shiki Okasaka, Neha Narula, Nicholas Fullagar (Google)
Automatic Reverse Engineering of Malware Emulators (Best Student Paper Award)
Monirul Sharif, Andrea Lanzi, Jonathon Giffin, Wenke Lee (Georgia Institute of Technology)
Prospex: Protocol Specification Extraction
Paolo Milani Comparetti (Technical University Vienna), Gilbert Wondracek (Technical University Vienna), Christopher Kruegel (University of California, Santa Barbara), Engin Kirda (Institute Eurecom)
Session 4: Information Leaks
Session 5: Privacy
Session 6: Formal Foundations
Session 7: Network Security
Session 8: Physical Security
Session 9: Web Security (Browser)
Session 10: Humans and Secrets
ACM CCS 2010
SESSION: Security analysis
SESSION: System security
SESSION: Wireless and phone security
SESSION: Applied cryptography I
SESSION: Passwords and CAPTCHAs
SESSION: Sandboxing
SESSION: Attacks on secure hardware
SESSION: Information flow
SESSION: Anonymity networks
SESSION: Formal methods
SESSION: Malware
SESSION: Applied cryptography II
SESSION: Cryptographic protocols
SESSION: Memory safety and binary code
SESSION: Web security
JVM-sandbox?
Robusta: taming the native beast of the JVM
Joseph Siefers, Gang Tan, Greg Morrisett
Pages: 201-211
doi>10.1145/1866307.1866331
Full text: PdfPdf
Java applications often need to incorporate native-code components for efficiency and for reusing legacy code. However, it is well known that the use of native code defeats Java's security model. We describe the design and implementation of Robusta, ...
AccessMiner: using system-centric models for malware protection
Andrea Lanzi, Davide Balzarotti, Christopher Kruegel, Mihai Christodorescu, Engin Kirda
Pages: 399-412
doi>10.1145/1866307.1866353
Full text: PdfPdf
Models based on system calls are a popular and common approach to characterize the run-time behavior of programs. For example, system calls are used by intrusion detection systems to detect software exploits. As another example, policies based on system calls are used to sandbox applications or to enforce access control. Given that malware represents a significant security threat for today's computing infrastructure, it is not surprising that system calls were also proposed to distinguish between benign processes and malicious code.
Most proposed malware detectors that use system calls follows program-centric analysis approach. That is, they build models based on specific behaviors of individual applications. Unfortunately, it is not clear how well these models generalize, especially when exposed to a diverse set of previously-unseen, real-world applications that operate on realistic inputs. This is particularly problematic as most previous work has used only a small set of programs to measure their technique's false positive rate. Moreover, these programs were run for a short time, often by the authors themselves.
In this paper, we study the diversity of system calls by performing a large-scale collection (compared to previous efforts) of system calls on hosts that run applications for regular users on actual inputs. Our analysis of the data demonstrates that simple malware detectors, such as those based on system call sequences, face significant challenges in such environments. To address the limitations of program-centric approaches, we propose an alternative detection model that characterizes the general interactions between benign programs and the operating system (OS). More precisely, our system-centric approach models the way in which benign programs access OS resources (such as files and registry entries). Our experiments demonstrate that this approach captures well the behavior of benign programs and raises very few (even zero) false positives while being able to detect a significant fraction of today's malware.
ACM CCS 2009
SESSION: Attacks I
SESSION: RFID
SESSION: Formal techniques
SESSION: Applied cryptography
SESSION: Anonymization networks
SESSION: Cloud security
SESSION: Security of mobile services
SESSION: Software security using behavior
SESSION: Systems and networks
SESSION: Privacy
SESSION: Anonymization techniques
SESSION: Embedded and mobile devices
SESSION: Technique for ensuring software security
SESSION: Designing secure systems
SESSION: Attacks II
SESSION: System security
SESSION: Anonymization
SESSION: Malware and bots
Large-scale malware indexing using function-call graphs
Xin Hu, Tzi-cker Chiueh, Kang G. Shin
Pages: 611-620
doi>10.1145/1653662.1653736
Full text: PDFPDF
A major challenge of the anti-virus (AV) industry is how to effectively process the huge influx of malware samples they receive every day. One possible solution to this problem is to quickly determine if a new malware sample is similar to any previously-seen ...
Behavior based software theft detection
Xinran Wang, Yoon-Chan Jhi, Sencun Zhu, Peng Liu
Pages: 280-290
doi>10.1145/1653662.1653696
Full text: PDFPDF
Along with the burst of open source projects, software theft (or plagiarism) has become a very serious threat to the healthiness of software industry. Software birthmark, which represents the unique characteristics of a program, can be used for software ..
USENIX Security 2010
Protection Mechanisms
Privacy
Detection of Network Attacks
Dissecting Bugs
Cryptography
Internet Security
Real-World Security
Web Security
Securing Systems
Using Humans
USENIX Security 2009
Attacks on Privacy
Memory Safety
Network Security
JavaScript Security
Radio
Securing Web Apps
Applied Crypto
Malware Detection and Protection
Browser Security
NDSS 2011
Session 1: Secure Emerging Applications: Social Networks and Smartphones
Session 2: Wireless Attacks!
Session 3: OS Security
Session 4: Network Malware
Session 5: Software Security / Code Analysis
Session 6: Web Security
Session 8: Real-World Security: Cloud Computing, Biometrics, and Humans
Session 9: Privacy
NDSS 2010
Session 1: Distributed Systems and Networks
Session 2: Web Security and Privacy
Session 3: Intrusion Detection and Attack Analysis
Session 4: Spam
Session 5: Anonymity and Cryptographic Systems
Session 6: Security Protocols and Policies
Session 7: Languages and Systems Security
Session 8: Malware
NDSS 2009
Session 1: Web Security
Session 2: Distributed Systems
Session 3: Intrusion Detection
Session 4: Malware
Session 5: Traffic Protection and Infrastructure Security
Session 6: Host Security
Session 7: Authentication and Accountability
