Privacy and Security (TOPS)


Search Issue
enter search term and/or author name


ACM Transactions on Information and System Security (TISSEC), Volume 12 Issue 2, December 2008

Guest Editorial: Special Issue on Computer and Communications Security
Rebecca N. Wright, Sabrina De Capitanidi Vimercati
Article No.: 7
DOI: 10.1145/1455518.1455519

Enforcing Safety and Consistency Constraints in Policy-Based Authorization Systems
Adam J. Lee, Marianne Winslett
Article No.: 8
DOI: 10.1145/1455518.1455520

In trust negotiation and other forms of distributed proving, networked entities cooperate to form proofs of authorization that are justified by collections of certified attribute credentials. These attributes may be obtained through interactions...

Data Collection with Self-Enforcing Privacy
Philippe Golle, Frank McSherry, Ilya Mironov
Article No.: 9
DOI: 10.1145/1455518.1455521

Consider a pollster who wishes to collect private, sensitive data from a number of distrustful individuals. How might the pollster convince the respondents that it is trustworthy? Alternately, what mechanism could the respondents insist upon to...

EXE: Automatically Generating Inputs of Death
Cristian Cadar, Vijay Ganesh, Peter M. Pawlowski, David L. Dill, Dawson R. Engler
Article No.: 10
DOI: 10.1145/1455518.1455522

This article presents EXE, an effective bug-finding tool that automatically generates inputs that crash real code. Instead of running code on manually or randomly constructed input, EXE runs it on symbolic input initially allowed to be anything....

Fast and Black-box Exploit Detection and Signature Generation for Commodity Software
Xiaofeng Wang, Zhuowei Li, Jong Youl Choi, Jun Xu, Michael K. Reiter, Chongkyung Kil
Article No.: 11
DOI: 10.1145/1455518.1455523

In biology, a vaccine is a weakened strain of a virus or bacterium that is intentionally injected into the body for the purpose of stimulating antibody production. Inspired by this idea, we propose a packet vaccine mechanism that...

Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure
Spiros Antonatos, Periklis Akritidis, Vinh The Lam, Kostas G. Anagnostakis
Article No.: 12
DOI: 10.1145/1455518.1455524

Most of the recent work on Web security focuses on preventing attacks that directly harm the browser’s host machine and user. In this paper we attempt to quantify the threat of browsers being indirectly misused for attacking third parties....

Thwarting E-mail Spam Laundering
Mengjun Xie, Heng Yin, Haining Wang
Article No.: 13
DOI: 10.1145/1455518.1455525

Laundering e-mail spam through open-proxies or compromised PCs is a widely-used trick to conceal real spam sources and reduce spamming cost in the underground e-mail spam industry. Spammers have plagued the Internet by exploiting a large number of...