| Name | Approved Project |
| Sri Basava | Paper: The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls |
| Matt Beldyk | Paper:Testing Network-based Intrusion Detection > Signatures Using Mutant Exploits |
| Sam Blackshear | Paper: Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code |
| Brian Cairns | Paper: Your botnet is my botnet |
| Leon Gibson and Carlos Tafoya | VM: Analysis of VM1 (undisclosed source) |
| Harold Gonzales | Paper: A Control Point for Reducing Root Abuse of File-System Privileges |
| Lukas Jeter | Tool: WireShark |
| Quintin Lee and Mahmood Miah | VM: Analysis of VM2 (undisclosed source) |
| Meenakshi Mani | Paper: Client-Side XSS Protection |
| Redhwan Nour | Paper: Why Johnny Can't Pentest: An Analysis of Black-box Web Vulnerability Scanners |
| Brent Smith | Paper: Analyzing and Detecting Malicious Flash Advertisements |
| Landon Spear | Paper: Testing Hands-On Network Security: Testbeds and Live Exercises |
| Arpit Sud | Paper: Prophiler: A Fast Filter for the Large-Scale Detection of Malicious Web Pages |
| Donny Warbritton | Paper: Your botnet is my botnet |
| Chris Wailes | Paper: Detecting Malicious Java Code > Using Virtual Machine Auditing |