Maintained by:

Institute for Cyber Security UTSA

List of Accepted Papers

CODASPY '14- Proceedings of the 4th ACM conference on Data and application security and privacy

Full Citation in the ACM Digital Library

SESSION: Access control for applications

Ram Krishnan

On the suitability of dissemination-centric access control systems for group-centric sharing

William C. Garrison, III
Yechen Qiao
Adam J. Lee

Streamforce: outsourcing access control enforcement for stream data to the clouds

Dinh Tien Tuan Anh
Anwitaman Datta

Compac: enforce component-level access control in android

Yifei Wang
Srinivas Hariharan
Chenxi Zhao
Jiaming Liu
Wenliang Du

SESSION: Web security

Anna Squicciarini

KameleonFuzz: evolutionary fuzzing for black-box XSS detection

Fabien Duchene
Sanjay Rawat
Jean-Luc Richier
Roland Groz

Automated black-box detection of access control vulnerabilities in web applications

Xiaowei Li
Xujie Si
Yuan Xue

PhishSafe: leveraging modern JavaScript API's for transparent and robust protection

Bastian Braun
Martin Johns
Johannes Koestler
Joachim Posegga

SESSION: Keynote address 1

Elisa Bertino

Virtualization and security: happily ever after?

Dongyan Xu

SESSION: Novel techniques for application security

Barbara Carminati

On protection in federated social computing systems

Ebrahim Tarameshloo
Philip W.L. Fong
Payman Mohassel

COMPARS: toward an empirical approach for comparing the resilience of reputation systems

Euijin Choo
Jianchun Jiang
Ting Yu

RiskMon: continuous and automated risk assessment of mobile applications

Yiming Jing
Gail-Joon Ahn
Ziming Zhao
Hongxin Hu

Situational awareness through reasoning on network incidents

Anna Cinzia Squicciarini
Giuseppe Petracca
William G. Horne
Aurnob Nath

POSTER SESSION: Poster session

Gabriel Ghinita

Measuring the robustness of source program obfuscation: studying the impact of compiler optimizations on the obfuscation of C programs

Sandrine Blazy
Stéphanie Riaud

Interaction provenance model for unified authentication factors in service oriented computing

Ragib Hasan
Rasib Khan

Detecting man-in-the-middle attacks on non-mobile systems

Visa Antero Vallivaara
Mirko Sailio
Kimmo Halunen

A modular multi-location anonymized traffic monitoring tool for a WiFi network

Justin Hummel
Andrew McDonald
Vatsal Shah
Riju Singh
Bradford D. Boyle
Tingshan Huang
Nagarajan Kandasamy
Harish Sethu
Steven Weber

Consistency checking in access control

Anja Remshagen
Li Yang

POSTER: a pairing-free certificateless hybrid sign-cryption scheme for advanced metering infrastructures

Seung Hyun Seo
Jongho Won
Elisa Bertino

Spoilt for choice: graph-based assessment of key management protocols to share encrypted data

Holger Kuehner
Hannes Hartenstein

Trust ranking of medical websites

Haruna Kibirige
Lila Ghemri

A cloud architecture for protecting guest's information from malicious operators with memory management

Koki Murakami
Tsuyoshi Yamada
Rie Shigetomi Yamaguchi
Masahiro Goshima
Shuichi Sakai

Privacy-preserving publication of provenance workflows

Mihai Maruseac
Gabriel Ghinita
Razvan Rughinis

Large-scale machine learning-based malware detection: confronting the "10-fold cross validation" scheme with reality

Kevin Allix
Tegawendé F. Bissyandé
Quentin Jérome
Jacques Klein
Radu State
Yves Le Traon

Securing OAuth implementations in smart phones

Mohamed Shehab
Fadi Mohsen

Minimizing lifetime of sensitive data in concurrent programs

Kalpana Gondi
A. Prasad Sistla
V. N. Venkatakrishnan

SESSION: Mobile security

Debin Gao

Systematic audit of third-party android phones

Michael Mitchell
Guanyu Tian
Zhi Wang

PREC: practical root exploit containment for android devices

Tsung-Hsuan Ho
Daniel Dean
Xiaohui Gu
William Enck

DIVILAR: diversifying intermediate language for anti-repackaging on android platform

Wu Zhou
Zhi Wang
Yajin Zhou
Xuxian Jiang

SESSION: Novel techniques for data security

Adam J. Lee

On quantitative dynamic data flow tracking

Enrico Lovat
Johan Oudinet
Alexander Pretschner

Security of graph data: hashing schemes and definitions

Muhammad U. Arshad
Ashish Kundu
Elisa Bertino
Krishna Madhavan
Arif Ghafoor

Inference attack against encrypted range queries on outsourced databases

Mohammad Saiful Islam
Mehmet Kuzu
Murat Kantarcioglu

SESSION: Keynote address 2

Ravi Sandhu

Shared responsibility is better than no responsibility: federated encryption in the cloud

Jarret Raim

SESSION: Short papers 1

Mohamed Shehab

Efficient privacy-aware search over encrypted databases

Mehmet Kuzu
Mohammad Saiful Islam
Murat Kantarcioglu

DroidBarrier: know what is executing on your android

Hussain M.J. Almohri
Danfeng (Daphne) Yao
Dennis Kafura

RopSteg: program steganography with return oriented programming

Kangjie Lu
Siyang Xiong
Debin Gao

SobTrA: a software-based trust anchor for ARM cortex application processors

Julian Horsch
Sascha Wessel
Frederic Stumpf
Claudia Eckert

SESSION: Short papers 2

Gabriel Ghinita

TrustID: trustworthy identities for untrusted mobile devices

Julian Horsch
Konstantin Böttinger
Michael Weiß
Sascha Wessel
Frederic Stumpf

Keystroke biometrics: the user perspective

Chee Meng Tey
Payas Gupta
Kartik Muralidharan
Debin Gao

Relationship-based information sharing in cloud-based decentralized social networks

Davide Alberto Albertini
Barbara Carminati

WebWinnow: leveraging exploit kit workflows to detect malicious urls

Birhanu Eshete
V. N. Venkatakrishnan

Privacy-preserving audit for broker-based health information exchange

Se Eun Oh
Ji Young Chun
Limin Jia
Deepak Garg
Carl A. Gunter
Anupam Datta

SESSION: Privacy preserving techniques

Murat Kantarcioglu

An efficient privacy-preserving system for monitoring mobile users: making searchable encryption practical

Gabriel Ghinita
Razvan Rughinis

Is it really you?: user identification via adaptive behavior fingerprinting

Paul Giura
Ilona Murynets
Roger Piqueras Jover
Yevgeniy Vahlis

Wiretap-proof: what they hear is not what you speak, and what you speak they do not hear

Hemant Sengar
Haining Wang
Seyed Amir Iranmanesh