Originating
from every continent, the 32 submissions were included in a blind
review
process that involved more than 25 reviewers (composed of PC members
and their
delegates) from many different institutions. The reviewers did an
outstanding
job and the whole process generated more than 110 reviews – each paper
was reviewed by at least 3 reviewers. Based on the reviewers' reports
and the
general ACM SAC guidelines for evaluation of submissions, only 10
papers were
accepted, that is an acceptance rate of one third, which is slightly
more
optimistic than last year’s. Contents cover various aspects of applied
computer
security, ranging from intrusion detection to malicious code
prevention. Here
comes this year’s programme, which is divided into two sessions,
chaired by Bella.
- Bistarelli et al. advance a qualitative approach for the selection of security countermeasures able to protect an IT system from attacks.
- Johns and Bayerlein develop a system based on approximated data/code separation to prevent attack injection in web applications.
- Koralage et al. advance and RFID protocol to securely manage the changing hands of the same tagged products and to control the behaviors of tags throughout the product lifecycle.
- Nguyen publishes a virtual machine that can detect many kernel rootkits with negligible penalty to the system's performance.
- Orlovsky and Raz study the problem of adapting security policies to distributed environments such as grids and mobile code systems.
- Soleimani et al. develop a self-adaptive controlling mechanism to catalogue the alerts generated by Snort in a well-formed abstract format.
- Topkara et al. tackle the problem of password robustness by generating a mnemonic sentence that helps the users remember a multiplicity of truly random passwords.
- Yi et al. advance a novel and efficient content filtering technique for the latest generation of intrusion detection systems.
- Zhou et al. discuss the feasibility of embedding a bit map image into relational databases for protecting digital copyrights.
- Zhu constructs a secure yet practical sequential aggregate signature scheme from the RSA problem.