Maintained by:

Institute for         Cyber Security   UTSA

List of Accepted Papers

CODASPY '14- Proceedings of the 4th ACM conference on Data and application security and privacy

Full Citation in the ACM Digital Library

SESSION: Access control for applications

  • Ram Krishnan

On the suitability of dissemination-centric access control systems for group-centric sharing

  • William C. Garrison, III
  • Yechen Qiao
  • Adam J. Lee

Streamforce: outsourcing access control enforcement for stream data to the clouds

  • Dinh Tien Tuan Anh
  • Anwitaman Datta

Compac: enforce component-level access control in android

  • Yifei Wang
  • Srinivas Hariharan
  • Chenxi Zhao
  • Jiaming Liu
  • Wenliang Du

SESSION: Web security

  • Anna Squicciarini

KameleonFuzz: evolutionary fuzzing for black-box XSS detection

  • Fabien Duchene
  • Sanjay Rawat
  • Jean-Luc Richier
  • Roland Groz

Automated black-box detection of access control vulnerabilities in web applications

  • Xiaowei Li
  • Xujie Si
  • Yuan Xue

PhishSafe: leveraging modern JavaScript API's for transparent and robust protection

  • Bastian Braun
  • Martin Johns
  • Johannes Koestler
  • Joachim Posegga

SESSION: Keynote address 1

  • Elisa Bertino

Virtualization and security: happily ever after?

  • Dongyan Xu

SESSION: Novel techniques for application security

  • Barbara Carminati

On protection in federated social computing systems

  • Ebrahim Tarameshloo
  • Philip W.L. Fong
  • Payman Mohassel

COMPARS: toward an empirical approach for comparing the resilience of reputation systems

  • Euijin Choo
  • Jianchun Jiang
  • Ting Yu

RiskMon: continuous and automated risk assessment of mobile applications

  • Yiming Jing
  • Gail-Joon Ahn
  • Ziming Zhao
  • Hongxin Hu

Situational awareness through reasoning on network incidents

  • Anna Cinzia Squicciarini
  • Giuseppe Petracca
  • William G. Horne
  • Aurnob Nath

POSTER SESSION: Poster session

  • Gabriel Ghinita

Measuring the robustness of source program obfuscation: studying the impact of compiler optimizations on the obfuscation of C programs

  • Sandrine Blazy
  • Stéphanie Riaud

Interaction provenance model for unified authentication factors in service oriented computing

  • Ragib Hasan
  • Rasib Khan

Detecting man-in-the-middle attacks on non-mobile systems

  • Visa Antero Vallivaara
  • Mirko Sailio
  • Kimmo Halunen

A modular multi-location anonymized traffic monitoring tool for a WiFi network

  • Justin Hummel
  • Andrew McDonald
  • Vatsal Shah
  • Riju Singh
  • Bradford D. Boyle
  • Tingshan Huang
  • Nagarajan Kandasamy
  • Harish Sethu
  • Steven Weber

Consistency checking in access control

  • Anja Remshagen
  • Li Yang

POSTER: a pairing-free certificateless hybrid sign-cryption scheme for advanced metering infrastructures

  • Seung Hyun Seo
  • Jongho Won
  • Elisa Bertino

Spoilt for choice: graph-based assessment of key management protocols to share encrypted data

  • Holger Kuehner
  • Hannes Hartenstein

Trust ranking of medical websites

  • Haruna Kibirige
  • Lila Ghemri

A cloud architecture for protecting guest's information from malicious operators with memory management

  • Koki Murakami
  • Tsuyoshi Yamada
  • Rie Shigetomi Yamaguchi
  • Masahiro Goshima
  • Shuichi Sakai

Privacy-preserving publication of provenance workflows

  • Mihai Maruseac
  • Gabriel Ghinita
  • Razvan Rughinis

Large-scale machine learning-based malware detection: confronting the "10-fold cross validation" scheme with reality

  • Kevin Allix
  • Tegawendé F. Bissyandé
  • Quentin Jérome
  • Jacques Klein
  • Radu State
  • Yves Le Traon

Securing OAuth implementations in smart phones

  • Mohamed Shehab
  • Fadi Mohsen

Minimizing lifetime of sensitive data in concurrent programs

  • Kalpana Gondi
  • A. Prasad Sistla
  • V. N. Venkatakrishnan

SESSION: Mobile security

  • Debin Gao

Systematic audit of third-party android phones

  • Michael Mitchell
  • Guanyu Tian
  • Zhi Wang

PREC: practical root exploit containment for android devices

  • Tsung-Hsuan Ho
  • Daniel Dean
  • Xiaohui Gu
  • William Enck

DIVILAR: diversifying intermediate language for anti-repackaging on android platform

  • Wu Zhou
  • Zhi Wang
  • Yajin Zhou
  • Xuxian Jiang

SESSION: Novel techniques for data security

  • Adam J. Lee

On quantitative dynamic data flow tracking

  • Enrico Lovat
  • Johan Oudinet
  • Alexander Pretschner

Security of graph data: hashing schemes and definitions

  • Muhammad U. Arshad
  • Ashish Kundu
  • Elisa Bertino
  • Krishna Madhavan
  • Arif Ghafoor

Inference attack against encrypted range queries on outsourced databases

  • Mohammad Saiful Islam
  • Mehmet Kuzu
  • Murat Kantarcioglu

SESSION: Keynote address 2

  • Ravi Sandhu

Shared responsibility is better than no responsibility: federated encryption in the cloud

  • Jarret Raim

SESSION: Short papers 1

  • Mohamed Shehab

Efficient privacy-aware search over encrypted databases

  • Mehmet Kuzu
  • Mohammad Saiful Islam
  • Murat Kantarcioglu

DroidBarrier: know what is executing on your android

  • Hussain M.J. Almohri
  • Danfeng (Daphne) Yao
  • Dennis Kafura

RopSteg: program steganography with return oriented programming

  • Kangjie Lu
  • Siyang Xiong
  • Debin Gao

SobTrA: a software-based trust anchor for ARM cortex application processors

  • Julian Horsch
  • Sascha Wessel
  • Frederic Stumpf
  • Claudia Eckert

SESSION: Short papers 2

  • Gabriel Ghinita

TrustID: trustworthy identities for untrusted mobile devices

  • Julian Horsch
  • Konstantin Böttinger
  • Michael Weiß
  • Sascha Wessel
  • Frederic Stumpf

Keystroke biometrics: the user perspective

  • Chee Meng Tey
  • Payas Gupta
  • Kartik Muralidharan
  • Debin Gao

Relationship-based information sharing in cloud-based decentralized social networks

  • Davide Alberto Albertini
  • Barbara Carminati

WebWinnow: leveraging exploit kit workflows to detect malicious urls

  • Birhanu Eshete
  • V. N. Venkatakrishnan

Privacy-preserving audit for broker-based health information exchange

  • Se Eun Oh
  • Ji Young Chun
  • Limin Jia
  • Deepak Garg
  • Carl A. Gunter
  • Anupam Datta

SESSION: Privacy preserving techniques

  • Murat Kantarcioglu

An efficient privacy-preserving system for monitoring mobile users: making searchable encryption practical

  • Gabriel Ghinita
  • Razvan Rughinis

Is it really you?: user identification via adaptive behavior fingerprinting

  • Paul Giura
  • Ilona Murynets
  • Roger Piqueras Jover
  • Yevgeniy Vahlis

Wiretap-proof: what they hear is not what you speak, and what you speak they do not hear

  • Hemant Sengar
  • Haining Wang
  • Seyed Amir Iranmanesh