14. ESORICS 2009: Saint-Malo, France

Network Security I

• Thorsten Holz, Markus Engelberth, Felix C. Freiling:
  Learning More about the Underground Economy: A Case-Study of Keyloggers and Dropzones. 1-18
  
• Daisuke Mashima, Mustaque Ahamad, Swagath Kannan:
  User-Centric Handling of Identity Agent Compromise. 19-36
  
• Ahren Studer, Adrian Perrig:
  The Coremelt Attack. 37-52
  

Information Flow

• Matteo Centenaro, Riccardo Focardi, Flaminia L. Luccio, Graham Steel:
  Type-Based Analysis of PIN Processing APIs. 53-68
  
• Alexander Lux, Heiko Mantel:
  Declassification with Explicit Reference Points. 69-85
  
• Alejandro Russo, Andrei Sabelfeld, Andrey Chudnov:
  Tracking Information Flow in Dynamic Tree Structures. 86-103
  

Network Security II

• Yossi Gilad, Amir Herzberg:
  Lightweight Opportunistic Tunneling (LOT). 104-119
  
• Yali Liu, Dipak Ghosal, Frederik Armknecht, Ahmad-Reza Sadeghi, Steffen Schulz, Stefan Katzenbeisser:
  Hide and Seek in Time - Robust Covert Timing Channels. 120-135
  
• Alina Oprea, Kevin D. Bowers:
  Authentic Time-Stamps for Archival Storage. 136-151
  

Language Based Security

• Radha Jagadeesan, Alan Jeffrey, Corin Pitcher, James Riely:
  Towards a Theory of Accountability and Audit. 152-167
  
• Nataliya Guts, Cédric Fournet, Francesco Zappa Nardelli:
  Reliable Evidence: Auditability by Typing. 168-183
  
• Avik Chaudhuri, Deepak Garg:
  PCAL: Language Support for Proof-Carrying Authorization Systems. 184-199
  

Network Security III

• Zhi Wang, Xuxian Jiang, Weidong Cui, Xinyuan Wang, Mike Grace:
  ReFormat: Automatic Reverse Engineering of Encrypted Messages. 200-215
  
• Drew Davidson, Randy Smith, Nic Doyle, Somesh Jha:
  Protocol Normalization Using Attribute Grammars. 216-231
  
• Peter Wurzinger, Leyla Bilge, Thorsten Holz, Jan Goebel, Christopher Kruegel, Engin Kirda:
  Automatically Generating Models for Botnet Detection. 232-249
  

Access Control

• David A. Basin, Samuel J. Burri, Günter Karjoth:
  Dynamic Enforcement of Abstract Separation of Duty Constraints. 250-267
  
• Qihua Wang, Hongxia Jin, Ninghui Li:
  Usable Access Control in Collaborative Environments: Authorization Based on People-Tagging. 268-284
  
• Joachim Biskup, Christian Gogolin, Jens Seiler, Torben Weibert:
  Requirements and Protocols for Inference-Proof Interactions in Information Systems. 285-302
  

Privacy - I

• Philip W. L. Fong, Mohd M. Anwar, Zhen Zhao:
  A Privacy Preservation Model for Facebook-Style Social Network Systems. 303-320
  
• Ching Yu Ng, Willy Susilo, Yi Mu, Reihaneh Safavi-Naini:
  New Privacy Results on Synchronized RFID Authentication Protocols against Tag Tracing. 321-336
  
• Sebastian Mödersheim, Luca Viganò:
  Secure Pseudonymous Channels. 337-354
  

Distributed Systems Security

• Qian Wang, Cong Wang, Jin Li, Kui Ren, Wenjing Lou:
  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing. 355-370
  
• Sipat Triukose, Zakaria Al-Qudah, Michael Rabinovich:
  Content Delivery Networks: Protection or Threat? 371-389
  
• Ravinder Shankesi, Musab AlTurki, Ralf Sasse, Carl A. Gunter, José Meseguer:
  Model-Checking DoS Amplification for VoIP Session Initiation. 390-405
  

Privacy - II

• George Danezis, Claudia Díaz, Emilia Käsper, Carmela Troncoso:
  The Wisdom of Crowds: Attacks and Optimal Constructions. 406-423
  
• Mauro Barni, Pierluigi Failla, Vladimir Kolesnikov, Riccardo Lazzeretti, Ahmad-Reza Sadeghi, Thomas Schneider:
  Secure Evaluation of Private Linear Branching Programs with Medical Applications. 424-439
  
• Valentina Ciriani, Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela Samarati:
  Keep a Few: Outsourcing Data While Maintaining Confidentiality. 440-455
  

Security Primitives

• Darrell Bethea, Michael K. Reiter:
  Data Structures with Unpredictable Timing. 456-471
  
• Tiancheng Li, Xiaonan Ma, Ninghui Li:
  WORM-SEAL: Trustworthy Data Retention and Verification for Regulatory Compliance. 472-488
  
• Giovanni Di Crescenzo, Shaoquan Jiang, Reihaneh Safavi-Naini:
  Corruption-Localizing Hashing. 489-504
  

Web Security

• Sergio Maffeis, John C. Mitchell, Ankur Taly:
  Isolating JavaScript with Filters, Rewriting, and Wrappers. 505-522
  
• Yanlin Peng, Linfeng Zhang, J. Morris Chang, Yong Guan:
  An Effective Method for Combating Malicious Scripts Clickbots. 523-538
  
• Fangqi Sun, Liang Xu, Zhendong Su:
  Client-Side Detection of XSS Worms by Monitoring Payload Propagation. 539-554
  

Cryptography

• Cristian Ene, Yassine Lakhnech, Van Chan Ngo:
  Formal Indistinguishability Extended to the Random Oracle Model. 555-570
  
• Mihhail Aizatulin, Henning Schnoor, Thomas Wilke:
  Computationally Sound Analysis of a Probabilistic Contract Signing Protocol. 571-586
  
• Rakeshbabu Bobba, Himanshu Khurana, Manoj Prabhakaran:
  Attribute-Sets: A Practically Motivated Enhancement to Attribute-Based Encryption. 587-604
  

Protocols

• Véronique Cortier, Graham Steel:
  A Generic Security API for Symmetric Key Management on Cryptographic Devices. 605-620
  
• Nils Ole Tippenhauer, Srdjan Capkun:
  ID-Based Secure Distance Bounding and Localization. 621-636
  
• Ton van Deursen, Sjouke Mauw, Sasa Radomirovic, Pim Vullers:
  Secure Ownership and Ownership Transfer in RFID Systems. 637-654
  

Systems Security and Forensics

• Michael LeMay, Carl A. Gunter:
  Cumulative Attestation Kernels for Embedded Systems. 655-670
  
• Scott A. Crosby, Dan S. Wallach:
  Super-Efficient Aggregating History-Independent Persistent Authenticated Dictionaries. 671-688
  
• Liang Chen, Jason Crampton:
  Set Covering Problems in Role-Based Access Control. 689-704