2001 IEEE Symposium on Security and Privacy

May 13-16, 2001
The Claremont Resort
Oakland, California, USA

sponsored by
IEEE Computer Society Technical Committee on Security and Privacy
in cooperation with
The International Association for Cryptologic Research (IACR)

Sunday, 13 May 2001

4:00- 7:00 Registration and Reception

Monday, 14 May 2001

8:45-9:00 Opening remarks
9:00-10:30 Tamper-resistance and Cryptography

Cryptographic Security for Mobile Code
Joy Algesheimer, Christian Cachin, Jan Camenisch, Günter Karjoth (IBM Research) 

Networked Cryptographic Devices Resilient to Capture
Philip MacKenzie, Michael Reiter (Bell Labs, Lucent) 

Protection of Keys against Modification Attack
Wai-wa Fung, Mordecai Golin, Jim Gray, (Hong Kong University of Science and Technology) 

10:30-11:00 Break
11:00-12:00 Intrusion and anomaly detection, I

Data Mining Methods for Detection of New Malicious Executables
Matthew Schultz, Eleazar Eskin, Erez Zadok, Sal Stolfo 

Evaluation of Intrusion Detectors: A Decision Theory Approach
John Gaffney (Lockheed Martin), Jacob Ulvila (Decision Science Associates, Inc)

12:00- 1:30 Lunch
1:30- 2:30 Information flow

On Confidentiality and Algorithms
Johan Agat (Chalmers University of Technology)

Preserving Information Flow Properties under Refinement
Heiko Mantel 

2:30- 3:00 Break
3:00- 4:30 Access control and trust management

Understanding Trust Management Systems
Stephen Weeks 

SD3: a trust management system with certified evaluation
Trevor Jim 

Formal Treatment of Certificate Revocation Under Communal Access Control
Xuhui Ao, Naftaly Minsky, Victoria Ungureanu 

Tuesday, 15 May 2001

9:00-10:30 Intrusion and Anomaly Detection II

Information-Theoretic Measures for Anomaly Detection
Wenke Lee, Dong Xiang (North Carolina State University)

A Fast Automaton-Based Method for Detecting Anomalous Program Behaviors
R Sekar, Mugdha Bendre, Pradeep Bollineni 

Intrusion Detection via Static Analysis
David Wagner (UC Berkeley), Drew Dean (Xerox PARC)

10:30-11:00 Break
11:00-12:00 Cryptographic Protocols, I

Performance of Public Key-Enabled Kerberos Authentication in Large Networks
Alan Harbitter (PEC Solutions), Daniel A. Menasce (George Mason University)

A Model for Asynchronous Reactive Systems and its Application to Secure Message Transmission
Birgit Pfitzmann (Universitat des Saarlandes), Michael Waidner (IBM Research)

12:00- 1:30 Lunch
1:30- 2:30 What's really different

Cryptographic Key Generation from Voice
Fabian Monrose, Michael Reiter, Qi Li, Susanne Wetzel (Bell Labs, Lucent)

A Trend Analysis of Exploitations
Hilary Browne, William Arbaugh, John McHugh, William Fithen 

2:30- 3:00 Break
3:00- 5:00 5-minute presentations on developing research

Wednesday, 16 May 2001

9:00-10:30 Invited Talk:  Reverse Engineering:  A Legal Right or Wrong?
Speaker: Pamela Samuelson 
School of Information Management and Systems 
University of California at Berkeley 
10:30-11:00 Break
11:00-12:00 Cryptographic protocols, 2

Graph-Based Authentication of Digital Streams
Sara Miner, Jessica Staddon 

ELK, a New Protocol for Efficient Large-Group Key Distribution
Adrian Perrig, Dawn Song, J. D. Tygar (UC Berkeley)

5-Minute Talks

A continuing feature of the symposium will be a session of 5-minute talks, where attendees can present preliminary research results or summaries of works published elsewhere. Commercial advertisements and marketing presentations are inappropriate. Printed abstracts of these talks will be distributed at the symposium.

Abstracts for 5-minute talks should fit on one 8.5"x11" or A4 page, including the title and all author names and affiliations.  Send an email with a MIME attachment containing your abstract in PDF or portable postscript format to
This email should state that your abstract is for the session of 5-minute presentations at the 2001 IEEE Symposium on Security and Privacy, and should include the presenter's name, email and postal addresses, and phone and fax numbers. Please use a
subject field containing the string "Oakland01".

5-minute abstracts due:  March 24, 2001
Acceptance notification:  April 12, 2001