By Topic

Computer Network Defense (EC2ND), 2009 European Conference on

Date 9-10 Nov. 2009

Filter Results

Displaying Results 1 - 18 of 18
  • [Front cover]

    Publication Year: 2009, Page(s): C1
    Request permission for commercial reuse | PDF file iconPDF (174 KB)
    Freely Available from IEEE
  • [Title page i]

    Publication Year: 2009, Page(s): i
    Request permission for commercial reuse | PDF file iconPDF (9 KB)
    Freely Available from IEEE
  • [Title page iii]

    Publication Year: 2009, Page(s): iii
    Request permission for commercial reuse | PDF file iconPDF (49 KB)
    Freely Available from IEEE
  • [Copyright notice]

    Publication Year: 2009, Page(s): iv
    Request permission for commercial reuse | PDF file iconPDF (122 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2009, Page(s): v
    Request permission for commercial reuse | PDF file iconPDF (139 KB)
    Freely Available from IEEE
  • Message from the Chair

    Publication Year: 2009, Page(s): vi
    Request permission for commercial reuse | PDF file iconPDF (71 KB) | HTML iconHTML
    Freely Available from IEEE
  • Organization

    Publication Year: 2009, Page(s): vii
    Request permission for commercial reuse | PDF file iconPDF (61 KB)
    Freely Available from IEEE
  • list-reviewer

    Publication Year: 2009, Page(s): viii
    Request permission for commercial reuse | PDF file iconPDF (59 KB)
    Freely Available from IEEE
  • Gone Rogue: An Analysis of Rogue Security Software Campaigns

    Publication Year: 2009, Page(s):1 - 3
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (659 KB) | HTML iconHTML

    In the past few years, Internet miscreants have developed a number of techniques to defraud and make a hefty profit out of their unsuspecting victims. A troubling, recent example of this trend is cyber-criminals distributing rogue security software, that is malicious programs that,by pretending to be legitimate security tools (e.g., anti-virus or anti-spyware), deceive users into paying a substant... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Racewalk: Fast Instruction Frequency Analysis and Classification for Shellcode Detection in Network Flow

    Publication Year: 2009, Page(s):4 - 12
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (387 KB) | HTML iconHTML

    Memory corruption attacks still play a significant role in present cybercrime activities, being one of the keystones for worm, virus propagation and building botnets. Moreover,recent disclosures of widespread networking equipment vulnerabilities show that the problem is unlikely to fade away in the near future. The subject of this paper is NOP-sled detection - one of the approaches for detecting m... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Walowdac - Analysis of a Peer-to-Peer Botnet

    Publication Year: 2009, Page(s):13 - 20
    Cited by:  Papers (20)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (886 KB) | HTML iconHTML

    A botnet is a network of compromised machines under the control of an attacker. Botnets are the driving force behind several misuses on the Internet, for example spam mails or automated identity theft. In this paper, we study the most prevalent peer-to-peer botnet in 2009: Waledac. We present our in ltration of the Waledac botnet, which can be seen as the successor of the Storm Worm botnet. To ach... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Effectiveness Metrics for Intrusion Detection in Wireless Sensor Networks

    Publication Year: 2009, Page(s):21 - 28
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (213 KB) | HTML iconHTML

    Wireless sensor networks cannot be secured against internal attacker with only cryptographic techniques because their nodes are not physically protected and can be easily captured by the attacker. Therefore, in this work we consider intrusion detection systems that monitor behavior of sensor nodes and detect the malicious ones among them. Our work is exploratory in that we propose metrics for eval... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Visualization and Explanation of Payload-Based Anomaly Detection

    Publication Year: 2009, Page(s):29 - 36
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (243 KB) | HTML iconHTML

    The threat posed by modern network attacks requires novel means for detection of intrusions, as regular signature-based systems fail to cope with the amount and diversity of attacks. Recently, several methods for detection of anomalies in network payloads have been proposed to counteract this threat and identify novel attacks during their initial propagation. However, intrusion detection systems m... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Integrated Detection of Attacks Against Browsers, Web Applications and Databases

    Publication Year: 2009, Page(s):37 - 45
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (217 KB) | HTML iconHTML

    Anomaly-based techniques were exploited successfully to implement protection mechanisms for various systems. Recently, these approaches have been ported to the web domain under the name of "web application anomaly detectors" (or firewalls) with promising results. In particular, those capable of automatically building specifications, or models, of the protected application by observing its traffic ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Self-Routing Denial-of-Service Resistant Capabilities Using In-packet Bloom Filters

    Publication Year: 2009, Page(s):46 - 51
    Cited by:  Papers (10)  |  Patents (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (323 KB) | HTML iconHTML

    In this paper, we propose and analyze an in-packet Bloom-filter-based source-routing architecture resistant to Distributed Denial-of-Service attacks. The approach is based on forwarding identifiers that act simultaneously as path designators, i.e. define which path the packet should take, and as capabilities, i.e. effectively allowing the forwarding nodes along the path to enforce a security polic... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Dorothy Project: An Open Botnet Analysis Framework for Automatic Tracking and Activity Visualization

    Publication Year: 2009, Page(s):52 - 54
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (706 KB) | HTML iconHTML

    Botnets, networks of compromised machines remotely controlled and instructed to work in a coordinated fashion, have had an epidemic diffusion over the Internet and represent one of today's most insidious threat. In this paper, we present an open framework called Dorothy that permits to monitor the activity of a botnet. We propose to characterize a botnet behavior through a set of parameters and a ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Author index

    Publication Year: 2009, Page(s): 55
    Request permission for commercial reuse | PDF file iconPDF (63 KB)
    Freely Available from IEEE
  • [Publisher's information]

    Publication Year: 2009, Page(s): 56
    Request permission for commercial reuse | PDF file iconPDF (70 KB) | HTML iconHTML
    Freely Available from IEEE