Welcome to the Proceedings of the New Security Paradigms Workshop 2002. This was the eleventh year of our very special workshop. The truly great ideas resulting from this year's workshop are fight here for your consideration and enjoyment.If you find the work presented here interesting and provocative and would like to share your own ideas at a future NSPW, please watch for the Call For Papers for our next NSPW on our web site at http://www.nspw.orgNSPW is distinguished by the fact that every selected paper is discussed in a collegial setting at the time of its presentation and often afterwards. The number of papers selected is small enough to allow a comfortable time period for the intensive examination of new concepts. Authors are instructed to prepare for a 20 to 25 minute presentation and then given an hour of actual presentation-cure-discussion time which shows the high degree of interaction with the other workshop participants.NSPW must remain small to provide the high quality interaction between authors and attendees. However, this year's attendance was an all-time high of 38 (significantly over our historically-determined optimum size of 30 attendees), and quality was very high as well!One of the most noteworthy features of NSPW is the "psychological contract" by which all workshop participants abide. Because authors are asked to present ideas that might be considered risky in some other venues, all participants are charged with providing feedback in a constructive and gracious manner. And it works! The resulting brainstorming environment has proven to be excellent for furthering the development of these ideas. Authors typically receive a considerable amount of feedback about their presentations and incorporate it into the final version of their paper. The results are reflected in these proceedings, published after the workshop.
MET: an experimental system for Malicious Email Tracking
Despite the use of state of the art methods to protect against malicious programs, they continue to threaten and damage computer systems around the world. In this paper we present MET, the Malicious Email Tracking system, designed to automatically ...
Predators: good will mobile codes combat against computer viruses
We present a mathematical analysis of a new approach to fight against computer viruses through the use of their predators. Predators are good will mobile codes which, like viruses, travel over computer networks, and replicate and multipy themselves. The ...
An empirical analysis of NATE: Network Analysis of Anomalous Traffic Events
This paper presents results of an empirical analysis of NATE (Network Analysis of Anomalous Traffic Events), a lightweight, anomaly based intrusion detection tool. Previous work was based on the simulated Lincoln Labs data set. Here, we show that NATE ...
Small worlds in security systems: an analysis of the PGP certificate graph
We propose a new approach to securing self-organized mobile ad hoc networks. In this approach, security is achieved in a fully self-organized manner; by this we mean that the security system does not require any kind of certification authority or ...
Breaking the barriers: high performance security for high performance computing
This paper attempts to reconcile the high performance community's requirement of high performance with the need for security, and reconcile some accepted security approaches with the performance constraints of high-performance networks. We propose a new ...
From privacy promises to privacy management: a new approach for enforcing privacy throughout an enterprise
Regulations and consumer backlash force many organizations to re-evaluate the way they manage private data. As a first step, they publish privacy promises as text or P3P. These promises are not backed up by privacy technology that enforces the promises ...
Anomaly intrusion detection in dynamic execution environments
We describe an anomaly intrusion-detection system for platforms that incorporate dynamic compilation and profiling. We call this approach "dynamic sandboxing." By gathering information about applications' behavior usually unavailable to other anomaly ...
Empowering mobile code using expressive security policies
Existing approaches for mobile code security tend to take a conservative view that mobile code is inherently risky, and hence focus on confining it. Such confinement is usually achieved using access control policies that restrict mobile code from taking ...
The source is the proof
We challenge the apparent consensus for using bytecode verification and techniques related to proof-carrying code for mobile code security. We propose an alternative to these two techniques that transports programs at a much higher level of abstraction. ...
An approach to usable security based on event monitoring and visualization
The thorny problem of usability has been recognized in the security community for many years, but has, so far, eluded systematic solution. We characterize the problem as a gap between theoretical and effective levels of security, and consider the ...
Moving from the design of usable security technologies to the design of useful secure applications
Recent results from usability studies of security systems have shown that end-users find them difficult to adopt and use. In this paper we argue that improving the usability of security technology is only one part of the problem, and that what is missed ...
Assurance in life/nation critical endeavors a panel
Our thesis is that biometric and other intertwined technologies will be used to supplement the work of people in the security field. When these technologies are used, we fear that a high degree of misinterpretation and error is likely. Because of this, ...
Biometrics or ... biohazards?
IPSE DIXIT Biometrics as an array of deployable technologies presumes an elaborate infrastructure, including underlying science that justifies its claims of detection, classification, identification and authentication of individual human identities; ...
An evolutionary approach to cyber security
Reducing the risks introduced with large new systems requires rethinking the way we build systems. Today's computer systems are built according to traditional engineering models, which emphasize simplicity and efficiency but which introduce an ...
Capacity is the wrong paradigm
At present, "capacity" is the prevailing paradigm for covert channels. With respect to steganography, however, capacity is at best insufficient, and at worst, is incorrect. In this paper, we propose a new paradigm called "capability" which gauges the ...
A practical approach to solve Secure Multi-party Computation problems
Secure Multi-party Computation (SMC) problems deal with the following situation: Two (or many) parties want to jointly perform a computation. Each party needs to contribute its private input to this computation, but no party should disclose its private ...
Guarding the next Internet frontier: countering denial of information attacks
As applications enabled by the Internet become information rich, ensuring access to quality information in the presence of potentially malicious entities will be a major challenge. Denial of information (DoI) attacks attempt to degrade the quality of ...
Index Terms
- Proceedings of the 2002 workshop on New security paradigms