Computer Security - ESORICS 2011
16th European Symposium on Research in Computer Security, Leuven, Belgium, September 12-14, 2011. Proceedings
Published on 15. September 2011
XIV, 686 pages
978-3-642-23822-2 (ISBN)
Description
This book constitutes the refereed proceedings of the 16th European Symposium on Computer Security, ESORICS 2011, held in Leuven, Belgium, in September 2011. The 36 papers included in the book were carefully reviewed and selected from 155 papers. The articles are organized in topical sections on wireless security; Web security; forensics, biometrics and software protection; access control; cryptography and protocol analysis; information flow, side channels, and vulnerability analysis; usability, trust, and economics of security and privacy; and privacy.
More details
Other editions
Additional editions
Vijay Atluri | Claudia Diaz
Computer Security - ESORICS 2011
16th European Symposium on Research in Computer Security, Leuven, Belgium, September 12-14, 2011. Proceedings
Book
09/2011
Springer
€53.49
Shipment within 7-9 days
Persons
Content
- 6879
- Preface
- Organization
- Table of Contents
- Wireless Security
- Secure Localization Using Dynamic Verifiers
- Introduction
- Related Work
- Model and Background
- Time-of-Flight for Positioning
- Model
- Notation
- The Proposed System
- Algorithm Description
- Reliability of Verification Decisions
- Security Analysis
- Security against Collusion Attacks
- Simulation Results
- Conclusion
- References
- Hybrid Approach with Hidden-Base Stations
- Impossibility of a Secure Protocol with Less Honest Users
- WiFiHop - Mitigating the Evil Twin Attack through Multi-hop Detection
- Introduction
- Related Work
- Problem Statement
- Detecting the Evil Twin AP
- Open WiFiHop
- Covert WiFiHop
- Implementation
- Results
- Conclusions
- References
- Investigation of Signal and Message Manipulations on the Wireless Channel
- Introduction
- Related Work and Problem Statement
- Related Work on Signal Manipulations
- Problem Statement
- Classifying Wireless Attacks
- Signal Manipulations and Effects on Messages
- Model of Adversarial Interference
- Classification
- Theoretical Analysis of Symbol Flipping
- Simulation and Experimental Evaluation
- Simulation Setup and Attacker Model
- Simulated Modification of Modulated Signals
- Simulated Modification of Recorded Signals
- Experimental Evaluation of Signal Annihilation
- Summary of Results
- Implications
- Conclusion
- References
- Integration into the SINR Model
- Simulation Setup
- Experimental Setup
- Web Security I
- Protecting Private Web Content from Embedded Scripts
- Introduction
- Protecting Private Data
- Execution Isolation
- DOM Node Access Control
- Implementation
- Script Execution Isolation
- DOM Access Control
- Taint-Tracking
- Dynamic Scripting
- Automatic Policy Generation
- Evaluation
- Security
- Compatibility
- Policy Learning
- Related Work
- Availability
- References
- Automatic Policy Generation Results
- Preventing Web Application Injections with Complementary Character Coding
- Introduction
- Complementary Character Coding
- Complementary ASCII
- Value Comparison and Full Comparison
- Complementary Unicode
- Preventing Injections with Complementary Coding
- Dynamic Tainting with Complementary Coding
- Complement Aware Components
- Architecture, Backwards Compatibility and Migration Strategy
- Limitations
- Example Revisited with CAC
- Implementation
- Evaluation
- Related Work
- Conclusion and Future Work
- References
- Automatic and Precise Client-Side Protection against CSRF Attacks
- Introduction
- Cross-Origin HTTP Requests
- Attack Scenarios
- Non-malicious Cross-Origin Scenarios
- Automatic and Precise Request Stripping
- Formal Modeling and Checking
- Modeling Our Countermeasure
- Using Model Checking for Security and Functionality
- Implementation
- Evaluating the Trusted-Delegation Assumption
- Related Work
- Conclusion
- References
- Web Security II
- Timing Is Everything: The Importance of History Detection
- Introduction
- Attacker and Victim Model
- Our Contribution
- Related Works
- Redirecting the Victim's Tab
- Working around Opera's Navigation Restrictions
- Page Modification by a Network Attacker
- Timing the Attack
- CSS History Detection
- Using History Detection to Learn When the Victim Reaches a Page
- Limitations of CSS History Detection
- Network Based Timing
- Impact and Feasibility of Flow Stealing
- Browser Features
- Experiences with a Proof-of-Concept
- Proposed Counter-Measures
- Closing the CSS History Detection Hole
- Payment Provider Pages
- Limiting Window Manipulation via Window Handles
- Traditional CSRF Defenses Do Not Prevent Flow Stealing
- Conclusion and Future Work
- References
- Reclaiming the Blogosphere, TalkBack: A Secure LinkBack Protocol for Weblogs
- Introduction
- Background
- Threat Analysis
- Overview
- Blog Registration
- Auto-Discovery
- Protocol
- Optimizations
- Performance
- Additional Relevant work
- Conclusion
- References
- A Systematic Analysis of XSS Sanitization in Web Application Frameworks
- Introduction
- A Systematic Browser Model for XSS
- Problem Formulation: XSS Explained
- Subtleties and Challenges in XSS Sanitization
- The Role of Web Frameworks
- Analysis Objectives
- Analysis of Web Frameworks and Applications
- Auto-Sanitization: Features and Pitfalls
- Security of Client-Side Code Evaluation
- Context Expressiveness
- Enabling Reasoning of Sanitizer Correctness
- Related Work
- Conclusions and Future Work
- References
- Transductions in the Browser
- Forensics, Biometrics and Software Protection
- Who Wrote This Code? Identifying the Authors of Program Binaries
- Introduction
- Overview
- Binary Code Representation
- Idioms
- Graphlets
- Supergraphlets
- Call Graphlets
- N-grams and External Interaction
- Author Classification
- Author Clustering
- Evaluation
- Methodology
- Classification
- Clustering
- Discussion
- Related Work
- Conclusion
- References
- Stylistic Feature Examples
- Secure and Efficient Protocols for Iris and Fingerprint Identification
- Introduction
- Description of Computation
- Preliminaries
- Secure Iris Identification
- Base Protocol
- Optimizations
- Implementation and Performance
- Secure Fingerprint Identification
- Conclusions
- References
- Security Analysis of the Iris Protocol
- Linear Obfuscation to Combat Symbolic Execution
- Introduction
- Background and Related Work
- Symbolic Execution and Its Applications
- Limitation of Symbolic Execution in Unrolling Loops
- Binary Obfuscation
- Unsolved Conjectures
- Overview of Our Obfuscator
- Implementation
- Adding a Spurious Variable
- Choosing an Unsolved Conjecture
- Inserting Trigger-Based Malicious Code into the Unsolved Conjecture
- Security Evaluation
- Strategy Used by Program Analyzers
- Probability of Finding the Correct Trigger Condition
- Choice of Initial Input
- Limitations
- Conclusion
- References
- Contineous Scripts of the Program Analyzer When x = 1158 and x = 1034
- Distribution of Initial Inputs for Different Trigger Input t
- DriverGuard: A Fine-Grained Protection on I/O Flows
- Introduction
- Related Work
- Design of DriverGuard
- Trust Model
- Design Rationale
- Overview
- Access Control over Critical Regions
- Cryptographic Components
- PCB Execution Escorting
- Implementation
- Driver Context Initialization
- Checkpoint Deployment
- PCB Execution Escorting
- Region Access Control
- Device Control Protection
- Evaluation
- Usage of PCB
- Performance Evaluation
- Conclusion
- References
- Access Control
- Time-Storage Trade-Offs for Cryptographically-Enforced Access Control
- Introduction
- Graph-Based Authorization Policies
- Derivation-Storage Trade-Offs
- Correctness and Security
- Access Control for Scalable Multimedia Formats
- Temporal Authorization Policies
- Basic Constructions for Dm
- Binary Decomposition
- Linear Decomposition
- Additive Decomposition
- Comparison with Related Work
- Concluding Remarks
- References
- Socially Constructed Trust for Distributed Authorization
- Introduction
- A Community Security Language
- Distributed Architecture for Policy Specification
- Oracle Policy Specification
- Acceptor Policy Specification
- Practical Issues
- Related Work
- Conclusions and Further Work
- References
- Fully Secure Multi-authority Ciphertext-Policy Attribute-Based Encryption without Random Oracles
- Introduction
- Our Results
- System Architecture
- Related Work
- Definition and Security Model
- Definition
- Security Model
- Background
- Access Policy
- Number-Theoretic Assumptions
- Our Multi-authority CP-ABE
- Outline
- Construction
- Extensions
- Large Universe Construction
- Improving Performance and Robustness
- Comparison
- Conclusion
- References
- Security Analysis
- Cryptography and Protocol Analysis
- How to Aggregate the CL Signature Scheme
- Introduction
- Preliminaries
- Bilinear Groups
- Signature Scheme
- The CL Signature Scheme
- Sequential Aggregate Signature
- Definition
- Security Model
- Intuition for the Construction
- The Construction
- Proof of Security
- References
- Key Exchange in IPsec Revisited: Formal Analysis of IKEv1 and IKEv2
- Introduction
- Background on IKE
- IKE Version 1 (IKEv1)
- IKE Version 2 (IKEv2)
- Intended Security Properties
- Previous Analyses of IKE
- Formal Analysis of IKEv1 and IKEv2
- Results
- Automatically Rediscovered Weaknesses
- Previously Unreported Weaknesses
- Discussion
- Conclusions
- References
- Adversary Models
- Multi-protocol Analysis Results
- Adapting Helios for Provable Ballot Privacy
- Introduction
- Ballot Privacy
- Voting Schemes
- Security Model
- A Generic Construction of Voting Schemes with Ballot Privacy
- Voting-Friendly Encryption
- Our Generic Construction
- Constructions for Voting-Friendly Schemes
- Application to the Helios Protocol
- References
- Information Flow, Side Channels, and Vulnerability Analysis
- Remote Timing Attacks Are Still Practical
- Introduction
- Timing Attacks
- Elliptic Curve Cryptography
- Digital Signatures
- Scalar Multiplication
- A Timing Attack
- Overview of the Collection Phase
- Collection Phase in Ideal Conditions
- Collection Phase over TLS
- The Lattice Attack
- Results
- Collection Phase Parameters
- Remote Attack
- Conclusion
- References
- Countermeasure as OpenSSL Source Code Patch
- Multi-run Security
- Introduction
- Security Condition
- Enforcement
- Enforcing 1-Bit Security
- Enforcing General Knowledge Policies
- Related Work
- Conclusions
- References
- Automated Information Flow Analysis of Virtualized Infrastructures
- Introduction
- Contributions
- Applications
- Related Work
- A Model for Isolation Analysis
- Modeling Isolation
- Isolation Analysis of Virtual Infrastructures
- Discovery
- Transformation into a Graph Model
- Coloring through Graph Traversal
- The Traversal Rules
- Detecting Undesired Information Flows
- Security Analysis of the Automated Information Flow Analysis
- Reduction to Correctness of the Traversal Rules
- Correctness of the Given Traversal Rules
- Overall Detection Rate
- Discussion
- Implementation
- Discovery
- Processing
- Case Study
- Conclusions and Future Work
- References
- Information Flow Types
- Flow Types
- Security of Information Flow Analysis
- Reduction to Traversal Rules
- Inspection of Individual Traversal Rules
- Scalable Analysis of Attack Scenarios
- Introduction
- Related Work
- Generalized Dependency Graphs
- Attack Modeling
- Combining Attack and Dependency Graphs
- Real-time Scenario Analysis
- Index Update Algorithm
- Analysis of Future Scenarios
- Experiments
- Conclusions
- References
- Usability, Ttrust, and Economics of Security and Privacy
- Usability of Display-Equipped RFID Tags for Security Purposes
- Introduction
- Related Work
- Secure User-to-Tag Authentication
- Transaction Verification
- Reader Revocation Checking
- Secure Device Pairing
- Proposed Techniques
- General Assumptions
- User-to-Tag Authentication
- Transaction Verification
- Reader Revocation Status Checking
- Secure Device Pairing
- Usability Analysis
- Apparatus, Implementation and Setup
- Subject Background
- Test Procedures and Results
- Conclusions
- References
- Forcing Johnny to Login Safely
- Introduction
- Current Mechanisms: Passive Indicators
- Interactive Custom Indicators
- Secure Login Using a Bookmark
- Challenges and Requirements for User Studies
- Our Contributions
- Paper Organization
- Principles for Effective Anti-Phishing Mechanisms
- Conditioned-Safe Ceremonies
- Design Goals for a Conditioned-Safe Login Ceremony
- Mechanisms of Interest
- WAPP
- Long-Term User Study
- Study's Framework System
- Introducing the Experiment
- Users' Login Methods
- Users' Email Methods
- Attacks
- Threat Analysis
- Study Results and Conclusions
- Detection Rates Summary
- Users' Response to Emails
- Spoofed Home Page Attacks Summary
- Effectiveness of Active Browser Warnings
- False Negatives
- Usability Survey
- Conclusions
- References
- Additional Attack Scenarios
- Removing Outliers
- Different Versions of Our Study - Conclusions
- Interactive Images Usability
- Towards a Mechanism for Incentivating Privacy
- Introduction
- Formal Framework
- Selection and Response Mechanism
- Rational Strategies
- Related Work
- Discussion and Perspectives
- Current Achievements
- Possible Variations to the Current Framework
- Generalizing Preferences
- Repeated Auctions
- Deployment
- References
- Investigating the OpenPGP Web of Trust
- Introduction
- Background
- Methodology
- Graph Extraction and Analysis
- Terms and Graph Metrics
- Results
- Macro Structure: Strongly Connected Components (SCCs)
- Usefulness in the LSCC
- Robustness of the LSCC
- Community Structure of the Web of Trust
- Cryptographic Algorithms
- Related Work
- Discussion and Conclusion
- References
- Common Terms and Graph Metrics
- Distances
- Node Neighborhoods
- Clustering Coefficient
- Correlation of Node Degrees
- Privacy I
- A Practical Complexity-Theoretic Analysis of Mix Systems
- Introduction
- Mix and Attacker Model
- The Pure Mix Model
- ExactHS Algorithm
- Estimation of the Number of Covered Observations
- Potential
- Number of Peer Choices for a Disproof
- Expectation of the Difference
- Average Number of Peer Choices
- Runtime Complexity
- Upper Bound of Average Worst Case
- Simulation
- Conclusion
- References
- Analysis of Expectation Function for Number of Peer Choices
- Average Worst Case Number of Peer Choices
- A Light-Weight Solution to Preservation of Access Pattern Privacy in Un-trusted Clouds
- Introduction
- Models and Assumptions
- System Model
- Security Model
- Design Goal
- The Proposed Scheme
- System Setup
- Scheme Description
- Security and Overhead Analysis
- Security Analysis
- Overhead Analysis
- Performance Evaluation
- Evaluation Setup
- Preservation of Access Frequency Privacy
- Preservation of Access Order Privacy
- Preservation of Data Item's Location Privacy
- Related Work
- Conclusions and Future Work
- References
- Optimizing Mixing in Pervasive Networks: A Graph-Theoretic Perspective
- Introduction
- Background and Related Work
- Preliminaries: Combinatorial Hardness and Approximations
- Mix-Zone Placement Problem
- Problem Statement
- System Model
- Privacy Requirement
- Graph-Theoretic Framework and the Mix Cover (MC) Problem
- Algorithms and Combinatorial Results
- Linear Programming Algorithm
- ``Divide and Conquer" Algorithms
- Empirical Evaluation
- Conclusion
- References
- Privacy II
- A New RFID Privacy Model
- Introduction
- Definitions
- Existing Privacy Models
- Vaudenay
- Canard et al.
- Deng, Li, Yung and Zhao
- Juels-Weis
- Bohli-Pashalidis
- Our Model
- Adversarial Model and Privacy
- Security, Correctness, Privacy
- Motivation and Comparison
- Evaluating Existing Protocols
- Vaudenay's Public Key Protocol
- RO-Based Protocol
- Conclusion
- References
- Extending the Model
- Mutual Authentication
- Quantitative Information Flow, with a View
- Introduction
- Notations and Preliminary Notions
- Formal Set Up
- Basic Definitions
- Attacker Targets S
- Attacker Targets W
- Information Leakage
- Asymptotic Error Probability
- Example 1: Unlinkability in Threshold Mix-Nets
- Example 2: Privacy in Sparse Datasets
- Conclusion
- References
- Appendix
- To Release or Not to Release: Evaluating Information Leaks in Aggregate Human-Genome Data
- Introduction
- Backgrounds and Assumptions
- Aggregate Human-Genome Data
- Threats
- Adversary Model
- Recovery Threats to Allele Frequencies
- The Problem
- When to Release
- The Impact of Human Genetic Structure
- When Not to Release
- Identification Threat to Test Statistics
- The Problem
- When to Release
- When Not to Release
- Related Work
- Conclusion
- References
- Terminologies
- Proofs of Theorem 1, Corollary 1, Corollary 2 and Corollary 4ï¼? Conjecture 1, Theorem 2, Corollary 5, Corollary 6
- Privacy III
- Don't Reveal My Intension: Protecting User Privacy Using Declarative Preferences during Distributed Query Processing
- Introduction
- Background and Assumptions
- Querier Privacy
- Matching Query Plan Nodes
- Matching Syntax
- Matching Operator
- Constraining Multiple Node Descriptors
- Preference Algebra
- Background
- Preferences for Query Plan Execution
- Preference Syntax
- Implementation Considerations
- Related Work
- Conclusions and Future Work
- References
- SQL Extension Syntax
- Expressive Capabilities
- Supporting Concurrency in Private Data Outsourcing
- Introduction
- Preliminary Concepts
- Main Index and Delta Versions
- Operating on Delta Versions
- Reconciling Delta Versions and Main Index
- Security Analysis
- Performance Analysis
- Related Work
- Conclusions
- Privacy-Preserving DNS: Analysis of Broadcast, Range Queries and Mix-Based Protection Methods
- Introduction
- Related Work
- Overview of DNS and the Dataset
- Characteristics of DNS Traffic
- Overview of the Dataset
- DNS Anonymity Service
- Broadcasting Popular DNS Records
- Obtaining the Most Popular Hosts
- Realization of the Broadcast Mechanism
- Anonymizing the Long Tail
- Mixes
- Range Queries
- Evaluation
- Broadcasting the TopList
- Trace-Driven Simulations
- Performance Comparison of Mixes and Range Queries
- Real World Latencies
- Traffic Overhead
- Conclusion
- References
- Author Index
