Recent Advances in Intrusion Detection.pdf

(14874 KB) Pobierz

Lecture Notes in Computer Science

Commenced Publication in 1973

Founding and Former Series Editors:

Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen

5230

Editorial Board

David Hutchison

Lancaster University, UK

Takeo Kanade

Carnegie Mellon University, Pittsburgh, PA, USA

Josef Kittler

University of Surrey, Guildford, UK

Jon M. Kleinberg

Cornell University, Ithaca, NY, USA

Alfred Kobsa

University of California, Irvine, CA, USA

Friedemann Mattern

ETH Zurich, Switzerland

John C. Mitchell

Stanford University, CA, USA

Moni Naor

Weizmann Institute of Science, Rehovot, Israel

Oscar Nierstrasz

University of Bern, Switzerland

C. Pandu Rangan

Indian Institute of Technology, Madras, India

Bernhard Steffen

University of Dortmund, Germany

Madhu Sudan

Massachusetts Institute of Technology, MA, USA

Demetri Terzopoulos

University of California, Los Angeles, CA, USA

Doug Tygar

University of California, Berkeley, CA, USA

Gerhard Weikum

Max-Planck Institute of Computer Science, Saarbruecken, Germany

Richard Lippmann Engin Kirda

Ari Trachtenberg (Eds.)

Recent Advances

in Intrusion Detection

11th International Symposium, RAID 2008

Cambridge, MA, USA, September 15-17, 2008

Proceedings

Volume Editors

Richard Lippmann

Lincoln Laboratory

Massachusetts Institute of Technology

Lexington, MA, USA

E-mail: lippmann@ll.mit.edu

Engin Kirda

Institut Eurecom

Sophia-Antipolis, France

E-mail: engin.kirda@eurecom.fr

Ari Trachtenberg

Boston University

Boston, MA, USA

E-mail: trachten@bu.edu

Library of Congress Control Number: 2008934305

CR Subject Classiﬁcation (1998): K.6.5, K.4, E.3, C.2, D.4.6

LNCS Sublibrary: SL 4 – Security and Cryptology

ISSN

ISBN-10

ISBN-13

0302-9743

3-540-87402-X Springer Berlin Heidelberg New York

978-3-540-87402-7 Springer Berlin Heidelberg New York

This work is subject to copyright. All rights are reserved, whether the whole or part of the material is

concerned, speciﬁcally the rights of translation, reprinting, re-use of illustrations, recitation, broadcasting,

reproduction on microﬁlms or in any other way, and storage in data banks. Duplication of this publication

or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965,

in its current version, and permission for use must always be obtained from Springer. Violations are liable

to prosecution under the German Copyright Law.

Springer is a part of Springer Science+Business Media

springer.com

Printed in Germany

Typesetting: Camera-ready by author, data conversion by Scientiﬁc Publishing Services, Chennai, India

Printed on acid-free paper

SPIN: 12511846

06/3180

543210

Preface

On behalf of the Program Committee, it is our pleasure to present the pro-

ceedings of the 11th International Symposium on Recent Advances in Intrusion

Detection (RAID 2008), which took place in Cambridge, Massachusetts, USA

on September 15–17.

The symposium brought together leading researchers and practitioners from

academia, government and industry to discuss intrusion detection research and

practice. There were six main sessions presenting full-ﬂedged research papers

(rootkit prevention, malware detection and prevention, high performance in-

trusion and evasion, web application testing and evasion, alert correlation and

worm detection, and anomaly detection and network traﬃc analysis), a session

of posters on emerging research areas and case studies, and two panel discussions

(“Government Investments: Successes, Failures and the Future” and “Life after

Antivirus - What Does the Future Hold?”).

The RAID 2008 Program Committee received 80 paper submissions from

all over the world. All submissions were carefully reviewed by at least three

independent reviewers on the basis of space, topic, technical assessment, and

overall balance. Final selection took place at the Program Committee meeting on

May 23rd in Cambridge, MA. Twenty papers were selected for presentation and

publication in the conference proceedings, and four papers were recommended

for resubmission as poster presentations.

As a new feature this year, the symposium accepted submissions for poster

presentations, which have been published as extended abstracts, reporting early-

stage research, demonstration of applications, or case studies. Thirty-nine posters

were submitted for a numerical review by an independent, three-person sub-

committee of the Program Committee based on novelty, description, and eval-

uation. The subcommittee chose to recommend the acceptance of 16 of these

posters for presentation and publication.

The success of RAID 2008 depended on the joint eﬀort of many people. We

would like to thank all the authors who submitted papers, whether accepted

or not. We would also like to thank the Program Committee members and

additional reviewers, who volunteered their time to carefully evaluate the nu-

merous submissions. In addition, we would like to thank the General Chair, Rob

Cunningham, for handling the conference arrangements, Ari Trachtenberg for

handling publication, Jon Giﬃn for publicizing the conference, Anup Ghosh for

ﬁnding sponsors for the conference, and MIT Lincoln Lab for maintaining the

conference website. Finally, we extend our thanks to The Institute for Infor-

mation Infrastructure Protection (I3P), Symantec Corporation, IBM, and MIT

Lincoln Laboratory for their sponsorship of student scholarships.

June 2008

Richard Lippmann

Engin Kirda

Organization

RAID 2008 was organized by MIT Lincoln Laboratory and held in conjunction

with VIZSEC 2008.

Conference Chairs

Conference Chair

Program Chair

Program Co-chair

Publications Chair

Publicity Chair

Sponsorship Chair

Robert Cunningham (MIT Lincoln Laboratory)

Richard Lippmann (MIT Lincoln Laboratory)

Engin Kirda (Eurecom / Technical University

of Vienna)

Ari Trachtenberg (Boston University)

Jon Giﬃn (Georgia Tech)

Anup Ghosh (George Mason University)

Program Committee

Michael Bailey

Michael Behringer

Herbert Bos

David Brumley

Tzi-cker Chiueh

Andrew Clark

Robert Cunningham

Ulrich Flegel

Debin Gao

Anup Ghosh

Jonathon Giﬃn

Thorsten Holz

Jaeyeon Jung

Engin Kirda

Kwok-Yan Lam

Zhuowei Li

Richard Lippmann

Raﬀael Marty

Benjamin Morin

Rei Safavi-Naini

R. Sekar

Robin Sommer

Salvatore Stolfo

Toshihiro Tabata

Ari Trachtenberg

University of Michigan

Cisco

Vrije Universiteit

Carnegie Mellon University

State University of New York at Stony Brook

Queensland University of Technology

MIT Lincoln Lab

SAP Research

Singapore Management University

George Mason University

Georgia Institute of Technology

University of Mannheim

Intel

Institute Eurecom

Tsinghua University

Microsoft

MIT Lincoln Laboratory

Splunk

Sup´lec

University of Calgary

State University of New York at Stony Brook

ICSI and LBNL

Columbia University

Okayama University

Boston University

Plik z chomika:

jacek_040

Inne pliki z tego folderu:

Exploiting Web-Based Applications - FREE Video Training Course PART 1.rar (506812 KB)
Exploiting Web-Based Applications - FREE Video Training Course PART 2.rar (933817 KB)
50 Android Hacks.pdf (3465 KB)
50 Reasons For Mastering Penetration Testing.azw3 (171 KB)
610.1 - Malware Analysis Fundamentals.pdf (31650 KB)

Recent Advances in Intrusion Detection.pdf

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: