| 2009 | A metadata calculus for secure information sharing. Mudhakar Srivatsa, Dakshi Agrawal, Steffen Reidt |
| 2009 | A new cell counter based attack against tor. Zhen Ling, Junzhou Luo, Wei Yu, Xinwen Fu, Dong Xuan, Weijia Jia |
| 2009 | A probabilistic approach to hybrid role mining. Mario Frank, Andreas P. Streich, David A. Basin, Joachim M. Buhmann |
| 2009 | A security-preserving compiler for distributed programs: from information-flow policies to cryptographic mechanisms. Cédric Fournet, Gurvan Le Guernic, Tamara Rezk |
| 2009 | An efficient forward private RFID protocol. Côme Berbain, Olivier Billet, Jonathan Etrog, Henri Gilbert |
| 2009 | Anonymous credentials on a standard java card. Patrik Bichsel, Jan Camenisch, Thomas Groß, Victor Shoup |
| 2009 | As-awareness in Tor path selection. Matthew Edman, Paul F. Syverson |
| 2009 | Attacking cryptographic schemes based on "perturbation polynomials". Martin R. Albrecht, Craig Gentry, Shai Halevi, Jonathan Katz |
| 2009 | Battle of Botcraft: fighting bots in online games with human observational proofs. Steven Gianvecchio, Zhenyu Wu, Mengjun Xie, Haining Wang |
| 2009 | Behavior based software theft detection. Xinran Wang, Yoon-chan Jhi, Sencun Zhu, Peng Liu |
| 2009 | Can they hear me now?: a security analysis of law enforcement wiretaps. Micah Sherr, Gaurav Shah, Eric Cronin, Sandy Clark, Matt Blaze |
| 2009 | Certificateless onion routing. Dario Catalano, Dario Fiore, Rosario Gennaro |
| 2009 | CoSP: a general framework for computational soundness proofs. Michael Backes, Dennis Hofheinz, Dominique Unruh |
| 2009 | Computational soundness for key exchange protocols with symmetric encryption. Ralf Küsters, Max Tuengerthal |
| 2009 | Countering kernel rootkits with lightweight hook protection. Zhi Wang, Xuxian Jiang, Weidong Cui, Peng Ning |
| 2009 | Dispatcher: enabling active botnet infiltration using automatic protocol reverse-engineering. Juan Caballero, Pongsin Poosankam, Christian Kreibich, Dawn Xiaodong Song |
| 2009 | Dynamic provable data possession. C. Christopher Erway, Alptekin Küpçü, Charalampos Papamanthou, Roberto Tamassia |
| 2009 | EPC RFID tag security weaknesses and defenses: passport cards, enhanced drivers licenses, and beyond. Karl Koscher, Ari Juels, Vjekoslav Brajkovic, Tadayoshi Kohno |
| 2009 | Effective implementation of the cell broadband engine Masana Murase, Kanna Shimizu, Wilfred Plouffe, Masaharu Sakamoto |
| 2009 | Efficient pseudorandom functions from the decisional linear assumption and weaker variants. Allison B. Lewko, Brent Waters |
| 2009 | English shellcode. Joshua Mason, Sam Small, Fabian Monrose, Greg MacManus |
| 2009 | False data injection attacks against state estimation in electric power grids. Yao Liu, Michael K. Reiter, Peng Ning |
| 2009 | Feeling-based location privacy protection for location-based services. Toby Xu, Ying Cai |
| 2009 | Fides: remote anomaly-based cheat detection using client emulation. Edward C. Kaiser, Wu-chang Feng, Travis Schluessler |
| 2009 | Filter-resistant code injection on ARM. Yves Younan, Pieter Philippaerts, Frank Piessens, Wouter Joosen, Sven Lachmund, Thomas Walter |
| 2009 | Finding bugs in exceptional situations of JNI programs. Siliang Li, Gang Tan |
| 2009 | HAIL: a high-availability and integrity layer for cloud storage. Kevin D. Bowers, Ari Juels, Alina Oprea |
| 2009 | Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage |
| 2009 | Improving privacy and security in multi-authority attribute-based encryption. Melissa Chase, Sherman S. M. Chow |
| 2009 | Large-scale malware indexing using function-call graphs. Xin Hu, Tzi-cker Chiueh, Kang G. Shin |
| 2009 | Learning your identity and disease from research papers: information leaks in genome wide association study. Rui Wang, Yong Fuga Li, Xiaofeng Wang, Haixu Tang, Xiao-yong Zhou |
| 2009 | Mapping kernel objects to enable systematic integrity checking. Martim Carbone, Weidong Cui, Long Lu, Wenke Lee, Marcus Peinado, Xuxian Jiang |
| 2009 | Membership-concealing overlay networks. Eugene Y. Vasserman, Rob Jansen, James Tyra, Nicholas Hopper, Yongdae Kim |
| 2009 | Multi-party off-the-record messaging. Ian Goldberg, Berkant Ustaoglu, Matthew Van Gundy, Hao Chen |
| 2009 | Multiple password interference in text passwords and click-based graphical passwords. Sonia Chiasson, Alain Forget, Elizabeth Stobert, Paul C. van Oorschot, Robert Biddle |
| 2009 | NISAN: network information service for anonymization networks. Andriy Panchenko, Stefan Richter, Arne Rache |
| 2009 | Oblivious transfer with access control. Jan Camenisch, Maria Dubovitskaya, Gregory Neven |
| 2009 | On achieving good operating points on an ROC plane using stochastic anomaly score prediction. Muhammad Qasim Ali, Hassan Khan, Ali Sajjad, Syed Ali Khayam |
| 2009 | On cellular botnets: measuring the impact of malicious devices on a cellular network core. Patrick Traynor, Michael Lin, Machigar Ongtang, Vikhyath Rao, Trent Jaeger, Patrick D. McDaniel, Thomas La Porta |
| 2009 | On lightweight mobile phone application certification. William Enck, Machigar Ongtang, Patrick D. McDaniel |
| 2009 | On non-cooperative location privacy: a game-theoretic analysis. Julien Freudiger, Mohammad Hossein Manshaei, Jean-Pierre Hubaux, David C. Parkes |
| 2009 | On the difficulty of software-based attestation of embedded devices. Claude Castelluccia, Aurélien Francillon, Daniele Perito, Claudio Soriente |
| 2009 | On voting machine design for verification and testability. Cynthia Sturton, Susmit Jha, Sanjit A. Seshia, David A. Wagner |
| 2009 | Privacy-preserving genomic computation through program specialization. Rui Wang, Xiaofeng Wang, Zhou Li, Haixu Tang, Michael K. Reiter, Zheng Dong |
| 2009 | Proceedings of the 2009 ACM Conference on Computer and Communications Security, CCS 2009, Chicago, Illinois, USA, November 9-13, 2009 Ehab Al-Shaer, Somesh Jha, Angelos D. Keromytis |
| 2009 | Proximity-based access control for implantable medical devices. Kasper Bonne Rasmussen, Claude Castelluccia, Thomas S. Heydt-Benjamin, Srdjan Capkun |
| 2009 | RFID privacy: relation between two notions, minimal condition, and efficient construction. Changshe Ma, Yingjiu Li, Robert H. Deng, Tieyan Li |
| 2009 | Reactive noninterference. Aaron Bohannon, Benjamin C. Pierce, Vilhelm Sjöberg, Stephanie Weirich, Steve Zdancewic |
| 2009 | Ripley: automatically securing web 2.0 applications through replicated execution. K. Vikram, Abhishek Prateek, V. Benjamin Livshits |
| 2009 | Robust signatures for kernel data structures. Brendan Dolan-Gavitt, Abhinav Srivastava, Patrick Traynor, Jonathon T. Giffin |
| 2009 | SMILE: encounter-based trust for mobile social services. Justin Manweiler, Ryan Scudellari, Landon P. Cox |
| 2009 | Scalable onion routing with torsk. Jon McLachlan, Andrew Tran, Nicholas Hopper, Yongdae Kim |
| 2009 | Secure in-VM monitoring using hardware virtualization. Monirul Islam Sharif, Wenke Lee, Weidong Cui, Andrea Lanzi |
| 2009 | Secure open source collaboration: an empirical study of linus' law. Andrew Meneely, Laurie A. Williams |
| 2009 | ShadowWalker: peer-to-peer anonymous communication using redundant structured topologies. Prateek Mittal, Nikita Borisov |
| 2009 | The bayesian traffic analysis of mix networks. Carmela Troncoso, George Danezis |
| 2009 | The fable of the bees: incentivizing robust revocation decision making in ad hoc networks. Steffen Reidt, Mudhakar Srivatsa, Shane Balfe |
| 2009 | XCS: cross channel scripting and its impact on web applications. Hristo Bojinov, Elie Bursztein, Dan Boneh |
| 2009 | Your botnet is my botnet: analysis of a botnet takeover. Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard A. Kemmerer, Christopher Kruegel, Giovanni Vigna |