Synopses & Reviews
This book constitutes the refereed proceedings of the 17th European Symposium on Computer Security, ESORICS 2012, held in Pisa, Italy, in September 2012. The 50 papers included in the book were carefully reviewed and selected from 248 papers. The articles are organized in topical sections on security and data protection in real systems; formal models for cryptography and access control; security and privacy in mobile and wireless networks; counteracting man-in-the-middle attacks; network security; users privacy and anonymity; location privacy; voting protocols and anonymous communication; private computation in cloud systems; formal security models; identity based encryption and group signature; authentication; encryption key and password security; malware and phishing; and software security.
Table of Contents
Modeling and Enhancing Android's Permission System.-Hardening Access Control and Data Protection in GFS-like File Systems.-Attack of the Clones: Detecting Cloned Applications on Android Markets.-Boosting the Permissiveness of Dynamic Information-Flow Tracking by Testing.-Effective Symbolic Protocol Analysis via Equational Irreducibility Conditions.-Deciding Epistemic and Strategic Properties of Cryptographic Protocols.-Authorization Model.-Deciding Security for a Fragment of ASLan.-A Probabilistic Framework for Localization of Attackers in MANETs.-Robust Probabilistic Fake Packet Injection for Receiver-Location Privacy in WSN.-Privacy-Aware Message Exchanges for Geographically Routed Human Movement Networks.-Trust No One Else: Detecting MITM Attacks against SSL/TLS without Third-Parties.-X.509 Forensics: Detecting and Localising the SSL/TLS Men-in-the-Middle.-A Practical Man-In-The-Middle Attack on Signal-Based Key Generation Protocols.-The Silence of the LANs: Efficient Leakage Resilience for IPsec VPNs.-Security of Patched DNS.-Revealing Abuses of Channel Assignment Protocols in Multi-channel Wireless Networks: An Investigation Logic Approach.-Exploring Linkability of User Reviews.-Formal Analysis of Privacy in an eHealth Protocol.- PRIVATUS: Wallet-Friendly Privacy Protection for Smart Meters.-SHARP: Private Proximity Test and Secure Handshake with Cheat-Proof Location Tags.-Secure Proximity Detection for NFC Devices Based on Ambient Sensor Data.-Enhancing Location Privacy for Electric Vehicles (at the Right time).-Design and Implementation of a Terrorist Fraud Resilient Distance Bounding System.-Applying Divertibility to Blind Ballot Copying in the Helios Internet Voting System.-Defining Privacy for Weighted Votes, Single and Multi-voter Coercion.-TorScan: Tracing Long-Lived Connections and Differential Scanning Attacks.-Introducing the gMix Open Source Framework for Mix Implementations.-Secure and Efficient Outsourcing of Sequence Comparisons.-Third-Party Private DFA Evaluation on Encrypted Files in the Cloud.-New Algorithms for Secure Outsourcing of Modular Exponentiations.-Towards Symbolic Encryption Schemes.-Decision Procedures for Simulatability.-Model-Checking Bisimulation-Based Information Flow Properties for Infinite State Systems.-Identity-Based Traitor Tracing with Short Private Key and Short Ciphertext.-Identity-Based Encryption with Master Key-Dependent Message Security and Leakage-Resilience.-Unique Group Signatures.-Relations among Notions of Privacy for RFID Authentication Protocols.-PE(AR)2: Privacy-Enhanced Anonymous Authentication with Reputation and Revocation.-Dismantling iClass and iClass Elite.-Evaluation of Standardized Password-Based Key Derivation against Parallel Processing Platforms.-Beyond eCK: Perfect Forward Secrecy under Actor Compromise and Ephemeral-Key Reveal.-Bleichenbacher's Attack Strikes again: Breaking PKCS#1 v1.5 in XML Encryption.-On the Security of Password Manager Database Formats.-Scalable Telemetry Classification for Automated Malware Detection.-Abstraction-Based Malware Analysis Using Rewriting and Model Checking.-Detecting Phishing Emails the Natural Language Way.-JVM-Portable Sandboxing of Java's Native Libraries.-Codejail: Application-Transparent Isolation of Libraries with Tight Program Interactions.-SocialImpact: Systematic Analysis of Underground Social Dynamics.