The Community for Technology Leaders
2012 IEEE Symposium on Security and Privacy (2012)
San Francisco, CA USA
May 20, 2012 to May 23, 2012
ISSN: 1081-6011
ISBN: 978-0-7695-4681-0
TABLE OF CONTENTS
Papers

OB-PWS: Obfuscation-Based Private Web Search (PDF)

C. Troncoso , ESAT/COSIC, KU Leuven, Leuven, Belgium
C. Diaz , ESAT/COSIC, KU Leuven, Leuven, Belgium
E. Balsa , ESAT/COSIC, KU Leuven, Leuven, Belgium
pp. 491-505

Distance Hijacking Attacks on Distance Bounding Protocols (PDF)

S. Capkun , Inf. Security Group, ETH Zurich, Zurich, Switzerland
K. B. Rasmussen , Irvine Comput. Sci. Dept., Univ. of California, Irvine, CA, USA
B. Schmidt , Inf. Security Group, ETH Zurich, Zurich, Switzerland
C. Cremers , Inf. Security Group, ETH Zurich, Zurich, Switzerland
pp. 113-127

Flash Memory for Ubiquitous Hardware Security Functions: True Random Number Generation and Device Fingerprints (PDF)

E. C. Kan , Sch. of Electr. & Comput. Eng., Cornell Univ., Ithaca, NY, USA
G. E. Suh , Sch. of Electr. & Comput. Eng., Cornell Univ., Ithaca, NY, USA
Wing-kei Yu , Sch. of Electr. & Comput. Eng., Cornell Univ., Ithaca, NY, USA
Shuo Wu , Sch. of Electr. & Comput. Eng., Cornell Univ., Ithaca, NY, USA
G. Malysa , Sch. of Electr. & Comput. Eng., Cornell Univ., Ithaca, NY, USA
Yinglei Wang , Sch. of Electr. & Comput. Eng., Cornell Univ., Ithaca, NY, USA
pp. 33-47

ReDeBug: Finding Unpatched Code Clones in Entire OS Distributions (PDF)

Jiyong Jang , Carnegie Mellon Univ. Pittsburgh, Pittsburgh, PA, USA
D. Brumley , Carnegie Mellon Univ. Pittsburgh, Pittsburgh, PA, USA
A. Agrawal , Carnegie Mellon Univ. Pittsburgh, Pittsburgh, PA, USA
pp. 48-62

User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems (PDF)

F. Roesner , Univ. of Washington, Seattle, WA, USA
T. Kohno , Univ. of Washington, Seattle, WA, USA
pp. 224-238

Off-path TCP Sequence Number Inference Attack - How Firewall Middleboxes Reduce Security (PDF)

Z. M. Mao , Univ. of Michigan, Ann Arbor, MI, USA
Zhiyun Qian , Univ. of Michigan, Ann Arbor, MI, USA
pp. 347-361

Signing Me onto Your Accounts through Facebook and Google: A Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services (PDF)

Rui Wang , Indiana Univ. Bloomington, Bloomington, IN, USA
Shuo Chen , Microsoft Res., Redmond, WA, USA
XiaoFeng Wang , Indiana Univ. Bloomington, Bloomington, IN, USA
pp. 365-379

The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords (PDF)

J. Bonneau , Comput. Lab., Univ. of Cambridge, Cambridge, UK
pp. 538-552

The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes (PDF)

F. Stajano , Univ. of Cambridge, Cambridge, UK
P. C. van Oorschot , Carleton Univ., Ottawa, ON, Canada
C. Herley , Microsoft Res., Redmond, WA, USA
J. Bonneau , Univ. of Cambridge, Cambridge, UK
pp. 553-567

ILR: Where'd My Gadgets Go? (PDF)

J. W. Davidson , Dept. of Comput. Sci., Univ. of Virginia, Charlottesville, VA, USA
M. Hall , Dept. of Comput. Sci., Univ. of Virginia, Charlottesville, VA, USA
M. Co , Dept. of Comput. Sci., Univ. of Virginia, Charlottesville, VA, USA
A. Nguyen-Tuong , Dept. of Comput. Sci., Univ. of Virginia, Charlottesville, VA, USA
J. Hiser , Dept. of Comput. Sci., Univ. of Virginia, Charlottesville, VA, USA
pp. 571-585

Building Verifiable Trusted Path on Commodity x86 Computers (PDF)

J. Newsome , ECE Dept. & CyLab, Carnegie Mellon Univ., Pittsburgh, PA, USA
J. M. McCune , ECE Dept. & CyLab, Carnegie Mellon Univ., Pittsburgh, PA, USA
Zongwei Zhou , ECE Dept. & CyLab, Carnegie Mellon Univ., Pittsburgh, PA, USA
V. D. Gligor , ECE Dept. & CyLab, Carnegie Mellon Univ., Pittsburgh, PA, USA
pp. 616-630

Detecting Hoaxes, Frauds, and Deception in Writing Style Online (PDF)

R. Greenstadt , Dept. of Comput. Sci., Drexel Univ., Philadelphia, PA, USA
M. Brennan , Dept. of Comput. Sci., Drexel Univ., Philadelphia, PA, USA
S. Afroz , Dept. of Comput. Sci., Drexel Univ., Philadelphia, PA, USA
pp. 461-475

A Framework to Eliminate Backdoors from Response-Computable Authentication (PDF)

Wei Zou , Beijing Key Lab. of Internet Security Technol., Peking Univ., Beijing, China
Zhenkai Liang , Sch. of Comput., Nat. Univ. of Singapore, Singapore, Singapore
Yu Ding , Beijing Key Lab. of Internet Security Technol., Peking Univ., Beijing, China
Chao Zhang , Beijing Key Lab. of Internet Security Technol., Peking Univ., Beijing, China
Tielei Wang , Coll. of Comput., Georgia Inst. of Technol., Atlanta, GA, USA
Shuaifu Dai , Beijing Key Lab. of Internet Security Technol., Peking Univ., Beijing, China
Tao Wei , Beijing Key Lab. of Internet Security Technol., Peking Univ., Beijing, China
pp. 3-17

Don't Trust Satellite Phones: A Security Analysis of Two Satphone Standards (PDF)

T. Holz , Horst-Goertz Inst. for IT Security, Ruhr-Univ. Bochum, Bochum, Germany
C. Willems , Horst-Goertz Inst. for IT Security, Ruhr-Univ. Bochum, Bochum, Germany
B. Driessen , Horst-Goertz Inst. for IT Security, Ruhr-Univ. Bochum, Bochum, Germany
C. Paar , Horst-Goertz Inst. for IT Security, Ruhr-Univ. Bochum, Bochum, Germany
R. Hund , Horst-Goertz Inst. for IT Security, Ruhr-Univ. Bochum, Bochum, Germany
pp. 128-142

Foundations of Logic-Based Trust Management (PDF)

M. Y. Becker , Microsoft Res., Cambridge, UK
A. Russo , Dept. of Comput., Imperial Coll. London, London, UK
N. Sultana , Comput. Lab., Univ. of Cambridge, Cambridge, UK
pp. 161-175

Formalizing and Enforcing Purpose Restrictions in Privacy Policies (PDF)

A. Datta , Carnegie Mellon Univ., Pittsburgh, PA, USA
J. M. Wing , Carnegie Mellon Univ., Pittsburgh, PA, USA
M. C. Tschantz , Carnegie Mellon Univ., Pittsburgh, PA, USA
pp. 176-190

The Psychology of Security for the Home Computer User (PDF)

Z. Byrne , Psychol. Dept., Colorado State Univ., Fort Collins, CO, USA
M. Roberts , Comput. Sci. Dept., Colorado State Univ., Fort Collins, CO, USA
A. E. Howe , Comput. Sci. Dept., Colorado State Univ., Fort Collins, CO, USA
M. Urbanska , Comput. Sci. Dept., Colorado State Univ., Fort Collins, CO, USA
I. Ray , Comput. Sci. Dept., Colorado State Univ., Fort Collins, CO, USA
pp. 209-223

Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail (PDF)

T. Shrimpton , Dept. of Comput. Sci., Portland State Univ., Portland, OR, USA
K. P. Dyer , Dept. of Comput. Sci., Portland State Univ., Portland, OR, USA
T. Ristenpart , Dept. of Comput. Sci., Univ. of Wisconsin-Madison, Madison, WI, USA
S. E. Coull , RedJack, LLC., Silver Spring, MD, USA
pp. 332-346

Space Traveling across VM: Automatically Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection (PDF)

Zhiqiang Lin , Dept. of Comput. Sci., Univ. of Texas at Dallas, Dallas, TX, USA
Yangchun Fu , Dept. of Comput. Sci., Univ. of Texas at Dallas, Dallas, TX, USA
pp. 586-600

Message from the General Chair: S&P 2012 (PDF)

Robert Cunningham , Cyber Systems and Technology, MIT Lincoln Laboratory, MA, USA
pp. ix-x

Message from the Program Chairs: S&P 2012 (PDF)

Somesh Jha , University of Wisconsin, Madison, WI, USA
Wenke Lee , Georgia Institute of Technology, Atlanta, GA, USA
pp. xi

LASTor: A Low-Latency AS-Aware Tor Client (PDF)

H. V. Madhyastha , Dept. of Comput. Sci. & Eng., Univ. of California, Riverside, CA, USA
C. Yu , Dept. of Comput. Sci. & Eng., Univ. of California, Riverside, CA, USA
M. Akhoondi , Dept. of Comput. Sci. & Eng., Univ. of California, Riverside, CA, USA
pp. 476-490

Program Committee (PDF)

pp. xiii-xiv

Reviewers (PDF)

pp. xv-xvi

Safe Loading - A Foundation for Secure Execution of Untrusted Programs (PDF)

T. R. Gross , ETH Zurich, Zurich, Switzerland
T. Hartmann , ETH Zurich, Zurich, Switzerland
M. Payer , ETH Zurich, Zurich, Switzerland
pp. 18-32

Abusing File Processing in Malware Detectors for Fun and Profit (PDF)

V. Shmatikov , Univ. of Texas at Austin, Austin, TX, USA
S. Jana , Univ. of Texas at Austin, Austin, TX, USA
pp. 80-94

Unleashing Mayhem on Binary Code (PDF)

T. Avgerinos , Carnegie Mellon Univ., Pittsburgh, PA, USA
A. Rebert , Carnegie Mellon Univ., Pittsburgh, PA, USA
D. Brumley , Carnegie Mellon Univ., Pittsburgh, PA, USA
Sang Kil Cha , Carnegie Mellon Univ., Pittsburgh, PA, USA
pp. 380-394

Clash Attacks on the Verifiability of E-Voting Systems (PDF)

A. Vogt , Univ. of Trier, Trier, Germany
T. Truderung , Univ. of Trier, Trier, Germany
R. Kusters , Univ. of Trier, Trier, Germany
pp. 395-409

Third-Party Web Tracking: Policy and Technology (PDF)

J. C. Mitchell , Stanford Univ., Stanford, CA, USA
J. R. Mayer , Stanford Univ., Stanford, CA, USA
pp. 413-427

EvilSeed: A Guided Approach to Finding Malicious Web Pages (PDF)

P. M. Comparetti , Lastline, Inc., Vienna Univ. of Technol., Vienna, Austria
L. Invernizzi , UC Santa Barbara, Santa Barbara, CA, USA
pp. 428-442

Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms (PDF)

J. Lopez , Carnegie Mellon Univ., Pittsburgh, PA, USA
L. F. Cranor , Carnegie Mellon Univ., Pittsburgh, PA, USA
N. Christin , Carnegie Mellon Univ., Pittsburgh, PA, USA
L. Bauer , Carnegie Mellon Univ., Pittsburgh, PA, USA
M. L. Mazurek , Carnegie Mellon Univ., Pittsburgh, PA, USA
T. Vidas , Carnegie Mellon Univ., Pittsburgh, PA, USA
R. Shay , Carnegie Mellon Univ., Pittsburgh, PA, USA
S. Komanduri , Carnegie Mellon Univ., Pittsburgh, PA, USA
P. G. Kelley , Carnegie Mellon Univ., Pittsburgh, PA, USA
pp. 523-537

Author index (PDF)

pp. 631-632

Memento: Learning Secrets from Process Footprints (PDF)

V. Shmatikov , Univ. of Texas at Austin, Austin, TX, USA
S. Jana , Univ. of Texas at Austin, Austin, TX, USA
pp. 143-157

New Results for Timing-Based Attestation (PDF)

J. Butterworth , MITRE Corp., Bedford, MA, USA
M. Albin , MITRE Corp., Bedford, MA, USA
A. Herzog , MITRE Corp., Bedford, MA, USA
X. Kovah , MITRE Corp., Bedford, MA, USA
C. Kallenberg , MITRE Corp., Bedford, MA, USA
C. Weathers , MITRE Corp., Bedford, MA, USA
pp. 239-253
80 ms
(Ver 3.3 (11022016))