Back To The Future: A Framework For Executing Malware Safely
Hao Chen , University of California, Davis
04/07/2005
Malware is software with malicious intent. Besides viruses and worms, newer forms of malware have recently emerged as widespread threats to system security. These newervarieties, such as spyware and adware, are difficult to remove. Often they are bundled with more legitimate applications people want to use, which makes preventinginfection difficult. State of the art defenses against malware rely predominately on signature-based detection and recovery. A major weakness of this approach is the inability to reliably detect new malware or variants of known malware. We (Hao Chen, Francis Hsu, Thomas Ristenpart, Zhendong Su) propose a novel framework forallowing users to run untrusted programs safely. We formally define what is meant by safety. Based on our formalizations, we develop a general framework for untrustedprogram execution that utilizes monitoring and logging to ensure safety. We willdiscuss our experience in implementing a prototype of the framework on Windows, theusual target of malware activity.
Our Last Best Chance To Defeat Spammers, Scammers, And Hackers
Danny Goodman, Author, Half Moon Bay
04/14/2005
The problems associated with unwanted email, computer viruses, and outright cyberattacks are having a substantial negative impact on productivity and personal privacy.The viability of electronic email as a reliable and desirable medium is at risk. In this talk, the author of the book "Spam Wars" will explain what is right and wrong withcurrent legal and technological approaches to the problems, and then demonstrate how frustratingly close we are to ridding the Internet of those who take unfair advantage ofeveryday email users.
Dynamics And Animation For Film, Where We Are - Where We Are Going
John Anderson , Pixar Animation Studios, Emeryville
04/21/2005
In the last five years physically motivated procedural animation has become an increasingly important tool for character and effects animation. The influence of these techniques has progressed from an era where dynamics based approaches werepainstakingly applied to a few special shots to the point where the majority of CG character animation includes some procedural elements. We are now at a particularly exciting point in the development and application of these techniques. New technologies and faster hardware have opened the door to real-time procedural characters. These characters combine methods from dynamic simulation and multivariate statistics to provide new tools that allow animators to achieve artistic goals without losing control of the performance.
Phishing Countermeasures
Aaron Emigh, Radix Partners
04/28/2005
"Phishing" is a form of identity theft in which deception is used to trick a user into revealing confidential information with economic value. Phishing was responsible forat least $1.2 billion in direct losses last year. Starting with a threat model based on theinformation flow of a phishing attack, this presentation evaluates technical countermeasures applicable at each chokepoint to detect phishing, reduce the deceptiveness of fraudulent content, provide a trusted path over the public internet and render illicitly obtained information valueless. A combination of applied cryptographictechniques has the potential to dramatically reduce the losses due to phishing and otherforms of identity theft.
Prototypes And Game Development
Jason Shankel, Maxis/Electronic Arts, Walnut Creek
05/05/2005
Gathering requirements for game development projects is challenging. Prototypes help designers address key questions and minimize production risk. In this talk, I will present several prototyping methods and discuss their applicability to game and general software design.