Material del 21 simposio sobre seguridad USENIX

• August 19, 2012
• tuxotron
• Seguridad, Hacking

• Facebook
• Twitter
• Reddit
• LinkedIn

El simposio sobre seguridad USENIX, celebró su vigésimo primer evento los pasados 8 al 10 de agosto en Washington. Aunque su nombre te lleve a pensar que es un evento de seguridad orientado a sistemas *NIX, no lo es. Es un evento enfocado a los sistemas de cómputo en general. En estos momentos ya podemos acceder a todas las presentaciones dadas, las cuales puedes ver en la siguiente lista (los enlaces son PDFs):

• PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs - Paper - Slides
• B@bel: Leveraging Email Delivery for Spam Mitigation - Paper
• Impact of Spam Exposure on User Engagement - Paper
• Security and Usability Challenges of Moving-Object CAPTCHAs: Decoding Codewords in Motion - Paper
• How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation - Paper
• I Forgot Your Password: Randomness Attacks Against PHP Applications - Paper
• An Evaluation of the Google Chrome Extension Security Architecture - Paper
• Establishing Browser Security Guarantees through Formal Shim Verification - Paper
• Neuroscience Meets Cryptography: Designing Crypto Primitives Secure Against Rubber Hose Attacks - Paper
• On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces - Paper
• Whispers in the Hyper-space: High-speed Covert Channel Attacks in the Cloud - Paper
• Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services - Paper
• STEALTHMEM: System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud - Paper
• Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices - Paper
• TARDIS: Time and Remanence Decay in SRAM to Implement Secure Protocols on Embedded Devices without Clocks - Paper
• Gone in 360 Seconds: Hijacking with Hitag2 - Paper
• Taking Proof-Based Verified Computation a Few Steps Closer to Practicality - Paper
• Optimally Robust Private Information Retrieval - Paper
• Billion-Gate Secure Computation with Malicious Adversaries - Paper
• Progressive Authentication: Deciding When to Authenticate on Mobile Phones - Paper
• Origin-Bound Certificates: A Fresh Approach to Strong Client Authentication for the Web - Paper
• Data Node Encrypted File System: Efficient Secure Deletion for Flash Memory - Paper
• Life as a Target—Welcome to the Club
• Throttling Tor Bandwidth Parasites - Paper - Slides
• Chimera: A Declarative Language for Streaming Network Traffic Analysis - Paper
• New Attacks on Timing-based Network Flow Watermarks - Paper
• On Breaking SAML: Be Whoever You Want to Be - Paper
• Clickjacking: Attacks and Defenses - Paper
• Privilege Separation in HTML5 Applications - Paper
• Fuzzing with Code Fragments - Paper
• kGuard: Lightweight Kernel Protection against Return-to-User Attacks - Paper
• Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization - Paper
• From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware - Paper - Slides
• PUBCRAWL: Protecting Users and Businesses from CRAWLers - Paper
• Enemy of the State: A State-Aware Black-Box Web Vulnerability Scanner - Paper
• Aurasium: Practical Policy Enforcement for Android Applications - Paper
• AdSplit: Separating Smartphone Advertising from Applications - Paper
• DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis - Paper
• STING: Finding Name Resolution Vulnerabilities in Programs - Paper
• Tracking Rootkit Footprints with a Practical Memory Analysis System - Paper
• Tachyon: Tandem Execution for Efficient Live Patch Testing - Paper
• Privacy-Preserving Social Plugins - Paper
• Social Networking with Frientegrity: Privacy and Integrity with an Untrusted Provider - Paper
• Efficient and Scalable Socware Detection in Online Social Networks - Paper