| 2007 | 23rd Annual Computer Security Applications Conference (ACSAC 2007), December 10-14, 2007, Miami Beach, Florida, USA |
| 2007 | A Taxonomy of Botnet Structures. David Dagon, Guofei Gu, Christopher P. Lee, Wenke Lee |
| 2007 | An Overview of the Annex System. Duncan A. Grove, Toby C. Murray, Chris A. Owen, Chris J. North, J. A. Jones, Mark R. Beaumont, Bradley D. Hopkins |
| 2007 | Automated Format String Attack Prevention for Win32/X86 Binaries. Wei Li, Tzi-cker Chiueh |
| 2007 | Automated Security Debugging Using Program Structural Constraints. Chongkyung Kil, Emre Can Sezer, Peng Ning, Xiaolan Zhang |
| 2007 | Automated Vulnerability Analysis: Leveraging Control Flow for Evolutionary Input Crafting. Sherri Sparks, Shawn Embleton, Ryan Cunningham, Cliff Changchun Zou |
| 2007 | Bonsai: Balanced Lineage Authentication. Ashish Gehani, Ulf Lindqvist |
| 2007 | Breaking Visual CAPTCHAs with Naive Pattern Recognition Algorithms. Jeff Yan, Ahmad Salah El Ahmad |
| 2007 | Centralized Security Labels in Decentralized P2P Networks. Nathalie Tsybulnik, Kevin W. Hamlen, Bhavani Thuraisingham |
| 2007 | Channels: Runtime System Infrastructure for Security-Typed Languages. Boniface Hicks, Tim Misiak, Patrick D. McDaniel |
| 2007 | Closed-Circuit Unobservable Voice over IP. Carlos Aguilar Melchor, Yves Deswarte, Julien Iguchi-Cartigny |
| 2007 | Combining Static and Dynamic Analysis for Automatic Identification of Precise Access-Control Policies. Paolina Centonze, Robert J. Flynn, Marco Pistoia |
| 2007 | Countering False Accusations and Collusion in the Detection of In-Band Wormholes. Daniel Sterne, Geoffrey Lawler, Richard Gopaul, Brian Rivera, Kelvin Marcus, Peter Kruus |
| 2007 | Database Isolation and Filtering against Data Corruption Attacks. Meng Yu, Wanyu Zang, Peng Liu |
| 2007 | Distributed Secure Systems: Then and Now. Brian Randell, John M. Rushby |
| 2007 | Efficiency Issues of Rete-Based Expert Systems for Misuse Detection. Michael Meier, Ulrich Flegel, Sebastian Schmerl |
| 2007 | Efficient Detection of Delay-Constrained Relay Nodes. Baris Coskun, Nasir D. Memon |
| 2007 | Efficient Distributed Detection of Node Replication Attacks in Sensor Networks. Bo Zhu, Venkata Gopala Krishna Addada, Sanjeev Setia, Sushil Jajodia, Sankardas Roy |
| 2007 | Establishing and Sustaining System Integrity via Root of Trust Installation. Luke St. Clair, Joshua Schiffman, Trent Jaeger, Patrick D. McDaniel |
| 2007 | Extending the Java Virtual Machine to Enforce Fine-Grained Security Policies in Mobile Devices. Iulia Ion, Boris Dragovic, Bruno Crispo |
| 2007 | Extensible Pre-authentication Kerberos. Phillip L. Hellewell, Kent E. Seamons |
| 2007 | Feature Omission Vulnerabilities: Thwarting Signature Generation for Polymorphic Worms. Matthew Van Gundy, Hao Chen, Zhendong Su, Giovanni Vigna |
| 2007 | Fine-Grained Information Flow Analysis and Enforcement in a Java Virtual Machine. Deepak Chandra, Michael Franz |
| 2007 | HoneyIM: Fast Detection and Suppression of Instant Messaging Malware in Enterprise-Like Networks. Mengjun Xie, Zhenyu Wu, Haining Wang |
| 2007 | Improving Signature Testing through Dynamic Data Flow Analysis. Christopher Kruegel, Davide Balzarotti, William K. Robertson, Giovanni Vigna |
| 2007 | Limits of Static Analysis for Malware Detection. Andreas Moser, Christopher Kruegel, Engin Kirda |
| 2007 | MetaAware: Identifying Metamorphic Malware. Qinghua Zhang, Douglas S. Reeves |
| 2007 | OmniUnpack: Fast, Generic, and Safe Unpacking of Malware. Lorenzo Martignoni, Mihai Christodorescu, Somesh Jha |
| 2007 | Personal Privacy without Computational Obscurity: Rethinking Privacy Protection Strategies for Open Information Networks. Daniel J. Weitzner |
| 2007 | Quarantining Untrusted Entities: Dynamic Sandboxing Using LEAP. Manigandan Radhakrishnan, Jon A. Solworth |
| 2007 | Retrofitting the IBM POWER Hypervisor to Support Mandatory Access Control. Enriquillo Valdez, Reiner Sailer, Ronald Perez |
| 2007 | Routing in the Dark: Pitch Black. Nathan S. Evans, Chris GauthierDickey, Christian Grothoff |
| 2007 | SSARES: Secure Searchable Automated Remote Email Storage. Adam J. Aviv, Michael E. Locasto, Shaya Potter, Angelos D. Keromytis |
| 2007 | Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Injection. Yuji Kosuga, Kenji Kono, Miyuki Hanaoka, Miho Hishiyama, Yu Takahama |
| 2007 | Secure Input for Web Applications. Martin Szydlowski, Christopher Kruegel, Engin Kirda |
| 2007 | Secure and Flexible Monitoring of Virtual Machines. Bryan D. Payne, Wenke Lee |
| 2007 | Security Usability Principles for Vulnerability Analysis and Risk Assessment. Audun Jøsang, Bander AlFayyadh, Tyrone Grandison, Mohammed Al Zomai, Judith McNamara |
| 2007 | So You Think You Can Dance? Richard A. Kemmerer |
| 2007 | Spector: Automatically Analyzing Shell Code. Kevin Borders, Atul Prakash, Mark Zielinski |
| 2007 | Tampering with Special Purpose Trusted Computing Devices: A Case Study in Optical Scan E-Voting. Aggelos Kiayias, Laurent Michel, Alexander Russell, Narasimha K. Shashidhar, Andrew See, Alexander A. Shvartsman, Seda Davtyan |
| 2007 | The Age of Data: Pinpointing Guilty Bytes in Polymorphic Buffer Overflows on Heap or Stack. Asia Slowinska, Herbert Bos |
| 2007 | The Design and Development of an Undercover Multipurpose Anti-spoofing Kit (UnMask). Sudhir Aggarwal, Jasbinder Bali, Zhenhai Duan, Leo Kermes, Wayne Liu, Shahank Sahai, Zhenghui Zhu |
| 2007 | Toward Realistic and Artifact-Free Insider-Threat Data. Kevin S. Killourhy, Roy A. Maxion |
| 2007 | Toward a Medium-Robustness Separation Kernel Protection Profile. Rance J. DeLong, Thuy D. Nguyen, Cynthia E. Irvine, Timothy E. Levin |
| 2007 | Tracking Darkports for Network Defense. David Whyte, Paul C. van Oorschot, Evangelos Kranakis |