| 2009 | An Efficient Black-box Technique for Defeating Web Application Attacks. R. Sekar |
| 2009 | Analyzing and Comparing the Protection Quality of Security Enhanced Operating Systems. Hong Chen, Ninghui Li, Ziqing Mao |
| 2009 | CSAR: A Practical and Provable Technique to Make Randomized Systems Accountable. Michael Backes, Peter Druschel, Andreas Haeberlen, Dominique Unruh |
| 2009 | Conditioned-safe Ceremonies and a User Study of an Application to Web Authentication. Chris Karlof, J. Doug Tygar, David A. Wagner |
| 2009 | Coordinated Scan Detection. Carrie Gates |
| 2009 | Detecting Forged TCP Reset Packets. Nicholas Weaver, Robin Sommer, Vern Paxson |
| 2009 | Document Structure Integrity: A Robust Basis for Cross-site Scripting Defense. Yacin Nadji, Prateek Saxena, Dawn Song |
| 2009 | IntScope: Automatically Detecting Integer Overflow Vulnerability in X86 Binary Using Symbolic Execution. Tielei Wang, Tao Wei, Zhiqiang Lin, Wei Zou |
| 2009 | K-Tracer: A System for Extracting Kernel Malware Behavior. Andrea Lanzi, Monirul Islam Sharif, Wenke Lee |
| 2009 | Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks. Matthew Van Gundy, Hao Chen |
| 2009 | Proceedings of the Network and Distributed System Security Symposium, NDSS 2009, San Diego, California, USA, 8th February - 11th February 2009 |
| 2009 | RAINBOW: A Robust And Invisible Non-Blind Watermark for Network Flows. Amir Houmansadr, Negar Kiyavash, Nikita Borisov |
| 2009 | RB-Seeker: Auto-detection of Redirection Botnets. Xin Hu, Matthew Knysz, Kang G. Shin |
| 2009 | Recursive DNS Architectures and Vulnerability Implications. David Dagon, Manos Antonakakis, Kevin Day, Xiapu Luo, Christopher P. Lee, Wenke Lee |
| 2009 | Safe Passage for Passwords and Other Sensitive Data. Jonathan M. McCune, Adrian Perrig, Michael K. Reiter |
| 2009 | Scalable, Behavior-Based Malware Clustering. Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Krügel, Engin Kirda |
| 2009 | Spectrogram: A Mixture-of-Markov-Chains Model for Anomaly Detection in Web Traffic. Yingbo Song, Angelos D. Keromytis, Salvatore J. Stolfo |
| 2009 | SybilInfer: Detecting Sybil Nodes using Social Networks. George Danezis, Prateek Mittal |
| 2009 | The Blind Stone Tablet: Outsourcing Durability to Untrusted Parties. Peter Williams, Radu Sion, Dennis E. Shasha |
| 2009 | Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis. Charles V. Wright, Scott E. Coull, Fabian Monrose |
| 2009 | Two-Party Computation Model for Privacy-Preserving Queries over Distributed Databases. Sherman S. M. Chow, Jie-Han Lee, Lakshminarayanan Subramanian |