Privacy and Security (TOPS)


Search Issue
enter search term and/or author name


ACM Transactions on Information and System Security (TISSEC), Volume 13 Issue 2, February 2010

Guest editorial: Special issue on computer and communications security
Sabrina de Capitani di Vimercati, Paul Syverson
Article No.: 11
DOI: 10.1145/1698750.1698751

Stealthy malware detection and monitoring through VMM-based “out-of-the-box” semantic view reconstruction
Xuxian Jiang, Xinyuan Wang, Dongyan Xu
Article No.: 12
DOI: 10.1145/1698750.1698752

An alarming trend in recent malware incidents is that they are armed with stealthy techniques to detect, evade, and subvert malware detection facilities of the victim. On the defensive side, a fundamental limitation of traditional host-based...

How much anonymity does network latency leak?
Nicholas Hopper, Eugene Y. Vasserman, Eric Chan-TIN
Article No.: 13
DOI: 10.1145/1698750.1698753

Low-latency anonymity systems such as Tor, AN.ON, Crowds, and aim to provide anonymous connections that are both untraceable by “local” adversaries who control only a few machines and have low enough delay to support...

CANDID: Dynamic candidate evaluations for automatic prevention of SQL injection attacks
Prithvi Bisht, P. Madhusudan, V. N. Venkatakrishnan
Article No.: 14
DOI: 10.1145/1698750.1698754

SQL injection attacks are one of the top-most threats for applications written for the Web. These attacks are launched through specially crafted user inputs, on Web applications that use low-level string operations to construct SQL queries. In...

New payload attribution methods for network forensic investigations
Miroslav Ponec, Paul Giura, Joel Wein, Hervé Brönnimann
Article No.: 15
DOI: 10.1145/1698750.1698755

Payload attribution can be an important element in network forensics. Given a history of packet transmissions and an excerpt of a possible packet payload, a payload attribution system (PAS) makes it feasible to identify the sources, destinations,...

Split-ballot voting: Everlasting privacy with distributed trust
Tal Moran, Moni Naor
Article No.: 16
DOI: 10.1145/1698750.1698756

In this article, we propose a new voting protocol with several desirable security properties. The voting stage of the protocol can be performed by humans without computers; it provides every voter with the means to verify that all the votes were...

Authenticated error-correcting codes with applications to multicast authentication
Anna Lysyanskaya, Roberto Tamassia, Nikos Triandopoulos
Article No.: 17
DOI: 10.1145/1698750.1698757

We consider the problem of authenticating a stream of packets transmitted over a network controlled by an adversary who may perform arbitrary attacks on the stream: He may drop or modify chosen packets, rearrange the order of the packets in any...

Deterring voluntary trace disclosure in re-encryption mix-networks
Xiaofeng Wang, Philippe Golle, Markus Jakobsson, Alex Tsow
Article No.: 18
DOI: 10.1145/1698750.1698758

Mix-networks, a family of anonymous messaging protocols, have been engineered to withstand a wide range of theoretical internal and external adversaries. An undetectable insider threat—voluntary partial trace disclosures by server...