Michael Venable, Mohamed R. Chouchane, Md Enamul Karim, Arun Lakhotia (auth.), Klaus Julisch, Christopher Kruegel (eds.)3540266135, 9783540266136
On behalf of the Program Committee, it is our pleasure to present to you the proceedings of the 2nd GI SIG SIDAR Conference on Detection of Intrusions & Malware, and Vulnerability Assessment (DIMVA). DIMVA is organized by the Special Interest Group Security — Intrusion Detection and Response (SIDAR) of the German Informatics Society (GI) as an annual conference that brings together experts from throughout the world to discuss the state of the art in the areas of intrusion detection, detection of malware, and assessment of vulnerabilities. TheDIMVA2005ProgramCommitteereceived51submissionsfrom18co- tries. This represents an increase of approximately 25% compared with the n- ber of submissions last year. All submissions were carefully reviewed by at least three Program Committee members or external experts according to the cri- ria of scienti?c novelty, importance to the ?eld, and technical quality. The ?nal selection took place at a meeting held on March 18, 2005, in Zurich, Switz- land. Fourteen full papers were selected for presentation and publication in the conference proceedings. In addition, three papers were selected for presentation in the industry track of the conference. The program featured both theoretical and practical research results, which were grouped into six sessions. Philip Att?eld from the Northwest Security Institute gave the opening keynote speech. The slides presented by the authors are available on the DIMVA 2005 Web site at http://www.dimva.org/dimva2005 We sincerely thank all those who submitted papers as well as the Program Committee members and the external reviewers for their valuable contributions. |
Table of contents :
Front Matter….Pages –
Analyzing Memory Accesses in Obfuscated x86 Executables….Pages 1-18
Hybrid Engine for Polymorphic Shellcode Detection….Pages 19-31
Experiences Using Minos as a Tool for Capturing and Analyzing Novel Worms for Unknown Vulnerabilities….Pages 32-50
A Pointillist Approach for Comparing Honeypots….Pages 51-68
Automatic Detection of Attacks on Cryptographic Protocols: A Case Study….Pages 69-84
METAL – A Tool for Extracting Attack Manifestations….Pages 85-102
Flow-Level Traffic Analysis of the Blaster and Sobig Worm Outbreaks in an Internet Backbone….Pages 103-122
A Learning-Based Approach to the Detection of SQL Attacks….Pages 123-140
Masquerade Detection via Customized Grammars….Pages 141-159
A Prevention Model for Algorithmic Complexity Attacks….Pages 160-173
Detecting Malicious Code by Model Checking….Pages 174-187
Improving the Efficiency of Misuse Detection….Pages 188-205
Enhancing the Accuracy of Network-Based Intrusion Detection with Host-Based Context….Pages 206-221
TCPtransform: Property-Oriented TCP Traffic Transformation….Pages 222-240
Back Matter….Pages – |
Reviews
There are no reviews yet.