• 9:00 Registration opens
  • 12:30-14:00 Lunch
  • 14:00-14:15 Welcome
  • 14:15-15:15 The New World of Networked Cybercriminals
    • Joseph Springsteen, CCIPS, U.S. Dept. of Justice
  • 15:15-15:45 Break
  • 15:45-16:45 Anomaly Detection (Chair: Wenke Lee)
    • A Framework For The Application Of Association Rule Mining In Large Intrusion Detection Infrastructures
      • James J. Treinen, Ramakrishna Thurimella
    • Behavioral Distance Measurement Using Hidden Markov Models
      • Debin Gao, Michael K. Reiter and Dawn Song
  • 16:45-17:00 Break
  • 17:00-18:00 5-minute poster presentations
  • 18:00-20:00 Poster session
    A list of accepted poster presentation can be found here.


  • 9:00-10:30 Attacks (Chair: Ming-Yuh Huang)
    • Automated Discovery Of Mimicry Attacks
      • Jonathon T. Giffin, Somesh Jha, Barton P. Miller
    • Allergy Attack Against Automatic Signature Generation
      • Simon P. Chung, Aloysius K. Mok
    • Paragraph: Thwarting Signature Learning By Training Maliciously
      • James Newsome, Brad Karp, Dawn Song
  • 10:30-11:00 Break
  • 11:00-12:30 System Evaluation and Threat Assessment (Chair: Robert K. Cunningham)
    • Anomaly Detector Performance Evaluation Using A Parameterized Environment
      • Jeffery P. Hansen, Kymie M.C. Tan, Roy A. Maxion
    • Ranking Attack Graphs
      • Vaibhav Mehta, Constantinos Bartzis, Haifeng Zhu, Edmund Clarke, Jeannette Wing
    • Using Hidden Markov Models To Evaluate The Risks Of Intrusions -- System Architecture And Model Validation
      • André Årnes, Fredrik Valeur, Giovanni Vigna, Richard A. Kemmerer
  • 12:30-14:00 Lunch
  • 14:00-15:00 Work-in-progress session
    Organizer: James Riordan, IBM Zurich Research Laboratory
    Additional information about this session can be found here.
  • 15:00-15:30 Break
  • 15:30-17:00 Malware Collection and Analysis
    (Chair: Christopher Kruegel)
    • The Nepenthes Platform: An Efficient Approach To Collect Malware
      • Paul Baecher, Markus Koetter, Thorsten Holz, Maximillian Dornseif, Felix Freiling
    • Automatic Handling Of Protocol Dependencies And Reaction To 0-Day Attacks With ScriptGen Based Honeypots
      • Corrado Leita, Marc Dacier, Frederic Massicotte
    • Fast And Evasive Attacks: Highlighting The Challenges Ahead
      • Moheeb Abu Rajab, Fabian Monrose, Andreas Terzis
  • 19:00 Conference Dinner on board of the windjammer Rickmer Rickmers, a museum ship in the harbour of Hamburg.


  • 09:00-10:00 Anomaly- and Specification-Based Detection (Chair: Benjamin Morin)
    • Anagram: A Content Anomaly Detector Resistant To Mimicry Attack
      • Ke Wang, Janak J. Parekh, Salvatore J. Stolfo
    • DEMEM: Distributed Evidence-Driven Message Exchange Intrusion Detection Model For MANET
      • Chinyang Henry Tseng, Shiau-Huey Wang, Calvin Ko, Karl Levitt
  • 10:00-10:30 Break
  • 10:30-12:00 Network Intrusion Detection (Chair: George Mohay)
    • Enhancing Network Intrusion Detection With Integrated Sampling And Filtering
      • Jose M. Gonzalez, Vern Paxson
    • WIND: Workload-Aware INtrusion Detection
      • Sushant Sinha, Farnam Jahanian, Jignesh M. Patel
    • Safecard: A Gigabit IPS On The Network Card
      • Willem de Bruijn, Asia Slowinska, Kees van Reeuwijk, Tomas Hruby, Li Xu, Herbert Bos
  • 12:00-12:15 Concluding remarks

A list of all accepted papers can be found here.

Program Flyer

Donwload the RAID 2006 program:

Invited Speaker

Joseph Springsteen, CCIPS, U.S. Department of Justice

Speaker information »

Important Dates

Download the RAID 2006 list of events as iCal-format file ready to include into your iCal or Sunbird calendar:

Head over to the Important Dates page for details:

Important Dates »


RAID 2006 will be directly preceded by ESORICS 2006.

ESORICS 2006 homepage