Scheduled System Maintenance
On Friday, October 20, IEEE Xplore will be unavailable from 9:00 PM-midnight ET. We apologize for the inconvenience.
Notice: There is currently an issue with the citation download feature. Learn more.

2008 WOMBAT Workshop on Information Security Threats Data Collection and Sharing

21-22 April 2008

Filter Results

Displaying Results 1 - 17 of 17
  • [Front cover]

    Publication Year: 2008, Page(s): C1
    Request permission for commercial reuse | PDF file iconPDF (262 KB)
    Freely Available from IEEE
  • [Title page i]

    Publication Year: 2008, Page(s): i
    Request permission for commercial reuse | PDF file iconPDF (27 KB)
    Freely Available from IEEE
  • [Title page iii]

    Publication Year: 2008, Page(s): iii
    Request permission for commercial reuse | PDF file iconPDF (61 KB)
    Freely Available from IEEE
  • [Copyright notice]

    Publication Year: 2008, Page(s): iv
    Request permission for commercial reuse | PDF file iconPDF (46 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2008, Page(s): v
    Request permission for commercial reuse | PDF file iconPDF (78 KB)
    Freely Available from IEEE
  • Message from General Chair

    Publication Year: 2008, Page(s): vi
    Request permission for commercial reuse | PDF file iconPDF (76 KB) | HTML iconHTML
    Freely Available from IEEE
  • Acknowledgements

    Publication Year: 2008, Page(s): vii
    Request permission for commercial reuse | PDF file iconPDF (74 KB) | HTML iconHTML
    Freely Available from IEEE
  • Organizing Committee

    Publication Year: 2008, Page(s): viii
    Request permission for commercial reuse | PDF file iconPDF (66 KB)
    Freely Available from IEEE
  • Honey@home: A New Approach to Large-Scale Threat Monitoring

    Publication Year: 2008, Page(s):3 - 16
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (685 KB) | HTML iconHTML

    Honeypots have been proven to be very useful for accurately detecting attacks, including zero-day threats, at a reasonable cost and with zero false positives. However, there are two pressing problems with existing approaches. The first problem is that timely detection requires deployment of honeypots in a large fraction of the network address space, which many organizations or ISPs cannot afford. ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The SANS Internet Storm Center

    Publication Year: 2008, Page(s):17 - 23
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (284 KB) | HTML iconHTML

    This paper serves to introduce the SANS Internet Storm Center, and more specifically, its data collection and analysis processes pertaining to information security incidents. It reviews both the technical means of collection as those that rely on human input, and describes the various analysis and output processes. In addition, it provides some case studies on how incidents are handled using the t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Honeynet Project: Data Collection Tools, Infrastructure, Archives and Analysis

    Publication Year: 2008, Page(s):24 - 30
    Cited by:  Papers (12)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (202 KB) | HTML iconHTML

    We briefly introduce the Honeynet Project, describe the honeynet data collection tools and techniques currently in use by it's members, review the types of data collected and research published, and present some current and proposed infrastructures for capturing and sharing honeypot-derived network attack data. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Cooperation of Intelligent Honeypots to Detect Unknown Malicious Codes

    Publication Year: 2008, Page(s):31 - 39
    Cited by:  Papers (9)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1428 KB) | HTML iconHTML

    Honeypot is one of the most popular tools to decoy attackers into our network, and to capture lots of information about the activity of malicious attackers. By tracing and analyzing collected traffic data, we can find out unknown malicious codes under an experimental stage before some codes become hazardous to an application. Although many honeypots have been proposed, there is a common problem th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Leurre.com Project: Collecting Internet Threats Information Using a Worldwide Distributed Honeynet

    Publication Year: 2008, Page(s):40 - 57
    Cited by:  Papers (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1025 KB) | HTML iconHTML

    This paper aims at presenting in some depth the Leurre.com project and its data collection infrastructure. Launched in 2003 by the Institut Eurecom, this project is based on a worldwide distributed system of honeypots running in more than 30 different countries. The main objective of the project is to get a more realistic picture of certain classes of threats happening on the Internet, by collecti... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • nicter: An Incident Analysis System Toward Binding Network Monitoring with Malware Analysis

    Publication Year: 2008, Page(s):58 - 66
    Cited by:  Papers (10)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (824 KB) | HTML iconHTML

    We have been developing the Network Incident analysis Center for Tactical Emergency Response (nicter), whose present focus is on detecting and identifying propagating malwares such as worms, viruses, and bots. The nicter presently monitors darknet, a set of unused IP addresses, to observe macroscopic trends of network threats. Meantime, it keeps capturing and analyzing malware executables in the w... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Techcrafters and Makecrafters: A Comparison of Two Populations of Hackers

    Publication Year: 2008, Page(s):67 - 78
    Cited by:  Papers (9)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (387 KB) | HTML iconHTML

    The frequency and sophistication of computer attacks have increased in the last decade as have reports concerning the involvement of organized crime and state sponsored groups in hack attacks. Information security research has improved our understanding of the attack methods used to compromise systems, though there is a need to consider the attitudes, ethics, and social behaviors of computer attac... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Author index

    Publication Year: 2008, Page(s): 79
    Request permission for commercial reuse | PDF file iconPDF (52 KB)
    Freely Available from IEEE
  • [Publisher's information]

    Publication Year: 2008, Page(s): 80
    Request permission for commercial reuse | PDF file iconPDF (83 KB) | HTML iconHTML
    Freely Available from IEEE