IFIP TC6 Open Digital Library

SEC 2011: Lucerne, Switzerland

Future Challenges in Security and Privacy for Academia and Industry - 26th IFIP TC 11 International Information Security Conference, SEC 2011, Lucerne, Switzerland, June 7-9, 2011. Proceedings

Jan Camenisch, Simone Fischer-Hübner, Yuko Murayama, Armand Portmann, Carlos Rieder

Springer, IFIP Advances in Information and Communication Technology 354, ISBN: 978-3-642-21423-3



Contents

Kristian Beckman Award Keynote

Patience, Persistence, and Faith: Evolving the Gold Standard in Privacy and Data Protection.

Ann Cavoukian

 1-16

Malware, Information Flow and DoS Attacks

iSAM: An iPhone Stealth Airborne Malware.

Dimitrios Damopoulos, Georgios Kambourakis, Stefanos Gritzalis

 17-28

TCP Ack Storm DoS Attacks.

Raz Abramov, Amir Herzberg

 29-40

Detecting Hidden Storage Side Channel Vulnerabilities in Networked Applications.

Felix C. Freiling, Sebastian Schinzel

 41-55

Authentication

Breaking reCAPTCHA: A Holistic Approach via Shape Recognition.

Paul Baecher, Niklas Büscher, Marc Fischlin, Benjamin Milde

 56-67

From Multiple Credentials to Browser-Based Single Sign-On: Are We More Secure?

Alessandro Armando, Roberto Carbone, Luca Compagna, Jorge Cuéllar, Giancarlo Pellegrino, Alessandro Sorniotti

 68-79

Quantifying the Effect of Graphical Password Guidelines for Better Security.

Mohd Zalisham Jali, Steven Furnell, Paul Dowland

 80-91

Network Security and Security Protocols

A Case Study in Practical Security of Cable Networks.

Amir Alsbih, Felix C. Freiling, Christian Schindelhauer

 92-103

Ceremony Analysis: Strengths and Weaknesses.

Kenneth Radke, Colin Boyd, Juan Manuel González Nieto, Margot Brereton

 104-115

Preventing Board Flooding Attacks in Coercion-Resistant Electronic Voting Schemes.

Reto E. Koenig, Rolf Haenni, Stephan Fischli

 116-127

Piracy Protection for Streaming Content in Home Networks.

Hongxia Jin, Jeffrey B. Lotspiech

 128-141

Software Security

JITDefender: A Defense against JIT Spraying Attacks.

Ping Chen, Yi Fang, Bing Mao, Li Xie

 142-153

Retrofitting Security in COTS Software with Binary Rewriting.

Pádraig O'Sullivan, Kapil Anand, Aparna Kotha, Matthew Smithson, Rajeev Barua, Angelos D. Keromytis

 154-172

Generating Optimised and Formally Checked Packet Parsing Code.

Sebastien Mondet, Ion Alberdi, Thomas Plagemann

 173-184

Policy Compliance and Obligations

Organizational Power and Information Security Rule Compliance.

Ella Kolkowska, Gurpreet Dhillon

 185-196

Delegation of Obligations and Responsibility.

Meriam Ben-Ghorbel-Talbi, Frédéric Cuppens, Nora Cuppens-Boulahia, Daniel Le Métayer, Guillaume Piolle

 197-209

Distributed Security Policy Conformance.

Mirko Montanari, Ellick Chan, Kevin Larson, Wucherl Yoo, Roy H. Campbell

 210-222

Privacy Attacks and Privacy-Enhancing Technologies

Scalable Privacy-Preserving Data Mining with Asynchronously Partitioned Datasets.

Hiroaki Kikuchi, Daisuke Kagawa, Anirban Basu, Kazuhiko Ishii, Masayuki Terada, Sadayuki Hongo

 223-234

Privacy-Enhanced Web-Based Event Scheduling with Majority Agreement.

Benjamin Kellermann

 235-246

Analyzing Key-Click Patterns of PIN Input for Recognizing VoIP Users.

Ge Zhang

 247-258

Risk Analysis and Security Metrics

Problem Analysis of Traditional IT-Security Risk Assessment Methods - An Experience Report from the Insurance and Auditing Domain.

Stefan Taubenberger, Jan Jürjens, Yijun Yu, Bashar Nuseibeh

 259-270

On Computing Enterprise IT Risk Metrics.

Sandeep Bhatt, William G. Horne, Prasad Rao

 271-280

A Kolmogorov Complexity Approach for Measuring Attack Path Complexity.

Nwokedi C. Idika, Bharat K. Bhargava

 281-292

Intrusion Detection

Extending LSCs for Behavioral Signature Modeling.

Sven Patzina, Lars Patzina, Andy Schürr

 293-304

Detecting Illegal System Calls Using a Data-Oriented Detection Model.

Jonathan-Christofer Demay, Frédéric Majorczyk, Eric Totel, Frédéric Tronel

 305-316

Appendix

IFIP Technical Committee 11 Security and Privacy Protection in Information Processing Systems.

Kai Rannenberg, S. H. (Basie) von Solms, Leon Strous

 317-325