| 2004 | .NET Security: Lessons Learned and Missed from Java. Nathanael Paul, David Evans |
| 2004 | 20th Annual Computer Security Applications Conference (ACSAC 2004), 6-10 December 2004, Tucson, AZ, USA |
| 2004 | A Dynamic Technique for Eliminating Buffer Overflow Vulnerabilities (and Other Memory Errors). Martin C. Rinard, Cristian Cadar, Daniel Dumitran, Daniel M. Roy, Tudor Leu |
| 2004 | A Look Back at "Security Problems in the TCP/IP Protocol Suite". Steven M. Bellovin |
| 2004 | A Serial Combination of Anomaly and Misuse IDSes Applied to HTTP Traffic. Elvis Tombini, Hervé Debar, Ludovic Mé, Mireille Ducassé |
| 2004 | Alert Correlation through Triggering Events and Common Resources. Dingbang Xu, Peng Ning |
| 2004 | An Intrusion Detection Tool for AODV-Based Ad hoc Wireless Networks. Giovanni Vigna, Sumit Gwalani, Kavitha Srinivasan, Elizabeth M. Belding-Royer, Richard A. Kemmerer |
| 2004 | Attack Plan Recognition and Prediction Using Causal Networks. Xinzhou Qin, Wenke Lee |
| 2004 | Automatic Generation and Analysis of NIDS Attacks. Shai Rubin, Somesh Jha, Barton P. Miller |
| 2004 | CTCP: A Transparent Centralized TCP/IP Architecture for Network Security. Fu-Hau Hsu, Tzi-cker Chiueh |
| 2004 | Correlating Intrusion Events and Building Attack Scenarios Through Attack Graph Distances. Steven Noel, Eric Robertson, Sushil Jajodia |
| 2004 | Cozilet: Transparent Encapsulation to Prevent Abuse of Trusted Applets. Hisashi Kojima, Ikuya Morikawa, Yuko Nakayama, Yuji Yamaoka |
| 2004 | Design, Implementation, and Evaluation of A Repairable Database Management System. Tzi-cker Chiueh, Dhruv Pilania |
| 2004 | Designing Good Deceptions in Defense of Information Systems. Neil C. Rowe |
| 2004 | Detecting Attacks That Exploit Application-Logic Errors Through Application-Level Auditing. Jingyu Zhou, Giovanni Vigna |
| 2004 | Detecting Exploit Code Execution in Loadable Kernel Modules. Haizhi Xu, Wenliang Du, Steve J. Chapin |
| 2004 | Detecting Kernel-Level Rootkits Through Binary Analysis. Christopher Krügel, William K. Robertson, Giovanni Vigna |
| 2004 | Extracting Attack Manifestations to Determine Log Data Requirements for Intrusion Detection. Emilie Lundin Barse, Erland Jonsson |
| 2004 | High-Fidelity Modeling of Computer Network Worms. Kalyan S. Perumalla, Srikanth Sundaragopalan |
| 2004 | If A1 is the Answer, What was the Question? An Edgy Na?f's Retrospective on Promulgating the Trusted Computer Systems Evaluation Criteria. Marvin Schaefer |
| 2004 | Mohammad A. Al-Kahtani, Ravi Sandhu. Mohammad A. Al-Kahtani, Ravi S. Sandhu |
| 2004 | Nabs: A System for Detecting Resource Abuses via Characterization of Flow Content Type. Kulesh Shanmugasundaram, Mehdi Kharrazi, Nasir D. Memon |
| 2004 | Open-Source Applications of TCPA Hardware. John Marchesini, Sean W. Smith, Omen Wild, Joshua Stabiner, Alex Barsamian |
| 2004 | PEACE: A Policy-Based Establishment of Ad-hoc Communities. Sye Loong Keoh, Emil Lupu, Morris Sloman |
| 2004 | RACOON: Rapidly Generating User Command Data For Anomaly Detection From Customizable Templates. Ramkumar Chinchani, Aarthie Muthukrishnan, Madhusudhanan Chandrasekaran, Shambhu J. Upadhyaya |
| 2004 | Reasoning About Complementary Intrusion Evidence. Yan Zhai, Peng Ning, Purush Iyer, Douglas S. Reeves |
| 2004 | Role-Based Delegation Model/ Hierarchical Roles (RBDM1). Ezedin Barka, Ravi S. Sandhu |
| 2004 | Securing Java RMI-Based Distributed Applications. Ninghui Li, John C. Mitchell, Derrick Tong |
| 2004 | Securing a Remote Terminal Application with a Mobile Trusted Device. Alina Oprea, Dirk Balfanz, Glenn Durfee, Diana K. Smetters |
| 2004 | Security Policies to Mitigate Insider Threat in the Document Control Domain. Suranjan Pramanik, Vidyaraman Sankaranarayanan, Shambhu J. Upadhyaya |
| 2004 | Static Analyzer of Vicious Executables (SAVE). Andrew H. Sung, Jianyun Xu, Patrick Chavez, Srinivas Mukkamala |
| 2004 | The Cyber Enemy Within ... Countering the Threat from Malicious Insiders. Dick Brackney, Terrance Goan, Allen Ott, Lockheed Martin |
| 2004 | The Relationship of System & Product Specifications and Evaluations. Marshall D. Abrams |
| 2004 | The Trustworthy Computing Security Development Lifecycle. Steven B. Lipner |
| 2004 | Themes and Highlights of the New Security Paradigms Workshop 2004. Carla Marceau, Simon N. Foley |
| 2004 | Towards Secure Design Choices for Implementing Graphical Passwords. Julie Thorpe, Paul C. van Oorschot |
| 2004 | Tracing the Root of "Rootable" Processes. Amit Purohit, Vishnu Navda, Tzi-cker Chiueh |
| 2004 | Using Predators to Combat Worms and Viruses: A Simulation-Based Study. Ajay Gupta, Daniel C. DuVarney |
| 2004 | Visualizing Enterprise-Wide Security (VIEWS). J. J. Brennan, Mindy Rudell, Donald B. Faatz, Carson Zimmerman |
| 2004 | Visualizing and Identifying Intrusion Context from System Calls Trace. Zhuowei Li, Amitabha Das |
| 2004 | Vulnerabilities and Security Threats in Structured Overlay Networks: A Quantitative Analysis. Mudhakar Srivatsa, Ling Liu |
| 2004 | Worm Detection, Early Warning and Response Based on Local Victim Information. Guofei Gu, Monirul Islam Sharif, Xinzhou Qin, David Dagon, Wenke Lee, George F. Riley |