RAID 2003 Home | Call for Papers | Program | Location |

RAID 2003 Preliminary Program

Monday, 8 September 2003
08.00 Registration
10.00 Opening Remarks
10:15 Invited Talk
Richard Clarke (Former Special Advisor to the President for Cyber Security)
Turning off the Alarm System?
11.15 Coffee Break
11.45 Network Infrastructure (Session Chair: Felix Wu)
- Mitigating Distributed Denial of Service Attacks Using a Proportional-Integral-Derivative Controller
Marcus Tylutki and Karl Levitt
University of California, Davis, USA
- Topology-based Detection of Anomalous BGP Messages
Christopher Kruegel, Darren Mutz, William Robertson, and Fredrik Valeur
University of California, Santa Barbara, USA
12.45 Lunch
14.00 Invited Talk
Richard Stiennon (Vice President of Research, Network Security, Gartner Group)
Defense in Depth, An Alternative to Intrusion Detection
15.00 Coffee Break
15.30 Anomaly Detection I (Session Chair: Wenke Lee)
- Detecting Anomalous Network Traffic with Self-Organizing Maps
Manikantan Ramadas, Shawn Ostermann, and Brett Tjaden
Ohio University and James Madison University, USA
- An Approach for Detecting Self-Propagating Email Using Anomaly Detection
Ajay Gupta and R. Sekar
SUNY at Stony Brook, USA
16.30 End of Technical Program - Day 1
19.00 Conference Reception and Banquet

Tuesday, 9 September 2003
08.00 Registration
10.00 Correlation (Session Chair: Phil Porras)
- Statistical Causality Analysis of INFOSEC Alert Data
Xinzhou Qin and Wenke Lee
Georgia Institute of Technology, USA
- Correlation of Intrusion Symptoms: an Application of Chronicles
Benjamin Morin and Herve Debar
France Telecom R&D, France
11.00 Coffee Break
11.30 Modeling and Specification (Session Chair: Ulf Lindqvist)
- Modeling Computer Attacks: An Ontology for Intrusion Detection
Jeffrey Undercoffer, Anupam Joshi, and John Pinkston
University of Maryland, USA
- Using Specification-Based Intrusion Detection for Automated Response
Ivan Balepin, Sergei Maltsev, Jeff Rowe, and Karl Levitt
University of California, Davis, USA, and Bauman Moscow State Technical University, Russia
12.30 Lunch
14.00 Panel - Detecting Worms and Malicious Code
15.30 Coffee Break
16.00 IDS Sensors (Session Chair: Calvin Ko)
- Characterizing the Performance of Network Intrusion Detection Sensors
Lambert Schaelicke, Thomas Slabach, Branden Moore, and Curt Freeland
University of Notre Dame, USA
- Using Decision Trees to Improve Signature-based Intrusion Detection
Christopher Kruegel and Thomas Toth
University of California, Santa Barbara, USA, and Technical University Vienna, Austria
- Ambiguity Resolution via Passive OS Fingerprinting
Greg Taleck
NFR Security, Inc., USA
17.30 Poster session and industry demonstrations
19.30 End of Technical Program - Day 2

Wednesday, 10 September 2003
09.30 Anomaly Detection II (Session Chair: Roy Maxion)
- Two Sophisticated Techniques to Improve HMM-based Intrusion Detection Systems
Sung-Bae Cho and Sang-Jun Han
Yonsei University, Korea
- An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection
Matthew V. Mahoney and Philip K. Chan
Florida Institute of Technology and Massachusetts Institute of Technology, USA
10.30 Coffee Break
11.00 iDemo Project Report (Laura Tinnel, Teknowledge)
12.00 Closing remarks
12.30 End of Program - Day 3