| 2004 | A Cryptographically Sound Dolev-Yao Style Security Proof of the Otway-Rees Protocol. Michael Backes |
| 2004 | A Formalization of Anonymity and Onion Routing. Sjouke Mauw, Jan Verschuren, Erik P. de Vink |
| 2004 | A Host Intrusion Prevention System for Windows Operating Systems. Roberto Battistoni, Emanuele Gabrielli, Luigi V. Mancini |
| 2004 | A Public-Key Encryption Scheme with Pseudo-random Ciphertexts. Bodo Möller |
| 2004 | A Vector Model of Trust for Developing Trustworthy Systems. Indrajit Ray, Sudip Chakraborty |
| 2004 | ARCHERR: Runtime Environment Driven Program Safety. Ramkumar Chinchani, Anusha Iyer, Bharat Jayaraman, Shambhu J. Upadhyaya |
| 2004 | Access-Condition-Table-Driven Access Control for XML Databases. Naizhen Qi, Michiharu Kudo |
| 2004 | An Algebra for Composing Enterprise Privacy Policies. Michael Backes, Markus Dürmuth, Rainer Steinwandt |
| 2004 | Better Privacy for Trusted Computing Platforms: (Extended Abstract). Jan Camenisch |
| 2004 | Breaking Cauchy Model-Based JPEG Steganography with First Order Statistics. Rainer Böhme, Andreas Westfeld |
| 2004 | Combinatorial Design of Key Distribution Mechanisms for Wireless Sensor Networks. Seyit Ahmet Çamtepe, Bülent Yener |
| 2004 | Comparison Between Two Practical Mix Designs. Claudia Díaz, Len Sassaman, Evelyne Dewitte |
| 2004 | Computer Security - ESORICS 2004, 9th European Symposium on Research Computer Security, Sophia Antipolis, France, September 13-15, 2004, Proceedings Pierangela Samarati, Peter Y. A. Ryan, Dieter Gollmann, Refik Molva |
| 2004 | Deriving, Attacking and Defending the GDOI Protocol. Catherine Meadows, Dusko Pavlovic |
| 2004 | Discovering Novel Attack Strategies from INFOSEC Alerts. Xinzhou Qin, Wenke Lee |
| 2004 | Hindering Eavesdropping via IPv6 Opportunistic Encryption. Claude Castelluccia, Gabriel Montenegro, Julien Laganier, Christoph Neumann |
| 2004 | Incorporating Dynamic Constraints in the Flexible Authorization Framework. Shiping Chen, Duminda Wijesekera, Sushil Jajodia |
| 2004 | Information Flow Control Revisited: Noninfluence = Noninterference + Nonleakage. David von Oheimb |
| 2004 | On the Role of Key Schedules in Attacks on Iterated Ciphers. Lars R. Knudsen, John Erik Mathiassen |
| 2004 | Parameterized Authentication. Michael J. Covington, Mustaque Ahamad, Irfan A. Essa, H. Venkateswaran |
| 2004 | Portable and Flexible Document Access Control Mechanisms. Mikhail J. Atallah, Marina Bykova |
| 2004 | Possibilistic Information Flow Control in the Presence of Encrypted Communication. Dieter Hutter, Axel Schairer |
| 2004 | Re-establishing Trust in Compromised Systems: Recovering from Rootkits That Trojan the System Call Table. Julian B. Grizzard, John G. Levine, Henry L. Owen |
| 2004 | Redundancy and Diversity in Security. Bev Littlewood, Lorenzo Strigini |
| 2004 | Security Property Based Administrative Controls. Jon A. Solworth, Robert H. Sloan |
| 2004 | Sets, Bags, and Rock and Roll: Analyzing Large Data Sets of Network Data. John McHugh |
| 2004 | Signature Bouquets: Immutability for Aggregated/Condensed Signatures. Einar Mykletun, Maithili Narasimha, Gene Tsudik |
| 2004 | Towards a Theory of Data Entanglement: (Extended Abstract). James Aspnes, Joan Feigenbaum, Aleksandr Yampolskiy, Sheng Zhong |