RFID and Privacy -- A New Framework for RFID Privacy -- Readers Behaving Badly -- Privacy-Preserving, Taxable Bank Accounts -- Formal Analysis of Privacy for Vehicular Mix-Zones -- Software Security -- IntPatch: Automatically Fix Integer-Overflow-to-Buffer-Overflow Vulnerability at Compile-Time -- A Theory of Runtime Enforcement, with Results -- Enforcing Secure Object Initialization in Java -- Flexible Scheduler-Independent Security -- Cryptographic Protocols -- Secure Multiparty Linear Programming Using Fixed-Point Arithmetic -- A Certifying Compiler for Zero-Knowledge Proofs of Knowledge Based on ?-Protocols -- Short Generic Transformation to Strongly Unforgeable Signature in the Standard Model -- DR@FT: Efficient Remote Attestation Framework for Dynamic Systems -- Traffic Analysis -- Website Fingerprinting and Identification Using Ordered Feature Sequences -- Web Browser History Detection as a Real-World Privacy Threat -- On the Secrecy of Spread-Spectrum Flow Watermarks -- Traffic Analysis against Low-Latency Anonymity Networks Using Available Bandwidth Estimation -- End-User Security -- A Hierarchical Adaptive Probabilistic Approach for Zero Hour Phish Detection -- Kamouflage: Loss-Resistant Password Management -- Formal Analysis -- Sequential Protocol Composition in Maude-NPA -- Verifying Security Property of Peer-to-Peer Systems Using CSP -- Modeling and Analyzing Security in the Presence of Compromising Adversaries -- On Bounding Problems of Quantitative Information Flow -- E-voting and Broadcast -- On E-Vote Integrity in the Case of Malicious Voter Computers -- Election Verifiability in Electronic Voting Protocols -- Pretty Good Democracy for More Expressive Voting Schemes -- Efficient Multi-dimensional Key Management in Broadcast Services -- Authentication, Access Control, Authorization and Attestation -- Caught in the Maze of Security Standards -- User-Role Reachability Analysis of Evolving Administrative Role Based Access Control -- An Authorization Framework Resilient to Policy Evaluation Failures -- Optimistic Fair Exchange with Multiple Arbiters -- Anonymity and Unlinkability -- Speaker Recognition in Encrypted Voice Streams -- Evaluating Adversarial Partitions -- Providing Mobile Users’ Anonymity in Hybrid Networks -- Complexity of Anonymity for Security Protocols -- Network Security and Economics -- k-Zero Day Safety: Measuring the Security Risk of Networks against Unknown Attacks -- Are Security Experts Useful? Bayesian Nash Equilibria for Network Security Games with Limited Information -- RatFish: A File Sharing Protocol Provably Secure against Rational Users -- A Service Dependency Model for Cost-Sensitive Intrusion Response -- Secure Update, DOS and Intrustion Detection -- Secure Code Update for Embedded Devices via Proofs of Secure Erasure -- D(e|i)aling with VoIP: Robust Prevention of DIAL Attacks -- Low-Cost Client Puzzles Based on Modular Exponentiation -- Expressive, Efficient and Obfuscation Resilient Behavior Based IDS.

This book constitutes the proceedings of the 15th European Symposium on Computer Security held in Athens, Greece in September 2010. The 42 papers included in the book were carefully reviewed and selected from 201 papers. The articles are organized in topical sections on RFID and Privacy, Software Security, Cryptographic Protocols, Traffic Analysis, End-User Security, Formal Analysis, E-voting and Broadcast, Authentication, Access Control, Authorization and Attestation, Anonymity and Unlinkability, Network Security and Economics, as well as Secure Update, DOS and Intrustion Detection.