Recent Advances in Intrusion Detection Symposium, 2007
Home Contact Call for Papers Submissions Committees Camera Ready Instructions Keynote Abstracts
Venue Registration Hotel Info Program Student Scholarships Travel Tips Past RAIDs

Keynote Addresses

Constraints, Style and Focus of Industrial Security Research
Dr. Tzi-cker Chiueh, Director, Core Research Group, Symantec Research Labs
Abstract
Presentation

National Information Infrastructure Protection (NIIP) and the Role of IDS
Professor Emeritus Bill Caelli, AO
Abstract
Presentation


Download Program in PDF

Program

Venue: Norfolk Room

Tuesday, September 4th, 2007

19:00 - 21:00 Registration and Reception
Cristels Function Room

Wednesday, September 5th, 2007

8:15 Registration
9:15 - 9:30 Welcome - Ed Dawson, Research Director, Information Security Institute, Queensland University of Technology
Conference Arragements - George Mohay, RAID 2007 General Chair
Conference Open - Christopher Kruegel, RAID 2007 Program Chair
9:30 - 10:30 Keynote Address, Chair: Christopher Kruegel
Constraints, Style and Focus of Industrial Security Research
Dr. Tzi-cker Chiueh, Director, Core Research Group, Symantec Research Labs
10:30 - 11:00 Morning Tea
Session 1:
11:00 - 12:00
Host-Based Intrusion Detection
Chair: Benjamin Morin
Exploiting Execution Context for the Detection of Anomalous System Calls
Darren Mutz, William Robertson, Giovanni Vigna, and Richard Kemmerer

Understanding Precision in Host Based Intrusion Detection
Monirul Sharif, Kapil Singh, Jonathon Giffin, and Wenke Lee
12:00 - 14:00 Lunch, luncheon event
Session 2:
14:00 - 15:00
Anomaly-Based Intrusion Detection
Chair: Wenke Lee
Comparing Anomaly Detection Techniques for HTTP
Kenneth L. Ingham and Hajime Inoue

Swaddler: An Approach for the Anomaly-based Detection of State Violations in Web Applications
Marco Cova, Davide Balzarotti, Viktoria Felmetsger, and Giovanni Vigna
15:00 - 15:30 Afternoon Tea
Session 3:
15:30 - 16:30
Posters and WIP
Presentations
16:30 - 18:30 Poster display session, light refreshments
Cristels Function Room

Thursday, September 6th, 2007

Session 4:
09:00 - 10:30
Network-Based Intrusion Detection and Response
Chair: Giovanni Vigna
Emulation-Based Detection of Non-self-contained Polymorphic Shellcode
Michalis Polychronakis, Kostas G. Anagnostakis, and Evangelos P. Markatos

The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware
Matthias Vallentin, Robin Sommer, Jason Lee, Craig Leres, Vern Paxson, and Brian Tierney

Cost-Sensitive Intrusion Responses for Mobile Ad Hoc Networks
Shiau-Huey Wang, Chinyang Henry Tseng, Karl Levitt, and Matthew Bishop
10:30 - 11:00 Morning Tea
Session 5:
11:00 - 12:00
Insider Detection and Alert Correlation
Chair: Richard Lippmann
ELLICIT: A System for Detecting Insiders Who Violate Need-to-know
Marcus A. Maloof and Gregory D. Stephens

On the Use of Different Statistical Tests for Alert Correlation - Short Paper
Federico Maggi and Stefano Zanero
12:00 - 13:30 Lunch
Session 6:
13:30 - 15:00
Malicious Code Analysis
Chair: Thorsten Holz
Automated Classification and Analysis of Internet Malware
Michael Bailey, Jon Oberheide, Jon Andersen, Z. Morley Mao, Farnam Jahanian, and Jose Nazario

'Out-of-the-box' Monitoring of VM-based High-Interaction Honeypots
Xuxian Jiang and Xinyuan Wang

A Forced Sampled Execution Approach to Kernel Rootkit Identification
Jeffrey Wilhelm and Tzi-cker Chiueh
15:00 - 15:30 Afternoon Tea
Session 7:
15:30 - 16:30
Evasion
Chair: Robin Sommer
Advanced Allergy Attacks: Does a Corpus Really Help?
Simon P. Chung and Aloysius K. Mok

Alert Verification Evasion through Server Response Forging
Adam D. Todd, Richard A. Raines, Rusty O. Baldwin, Barry E. Mullins, and Steven K. Rogers

Conference dinner - Norkfolk Room with Nahri Dance/Didgeridoo Entertainers
18:15 Drinks
19:00 Dinner

Friday, September 7th, 2007

09:00 - 10:00 Keynote Address, Chair: Christopher Kruegel
National Information Infrastructure Protection (NIIP) and the Role of IDS
Professor Emeritus Bill Caelli, AO
10:00 - 10:30 Morning Tea
Session 8:
10:30 - 12:00
Malicious Code Defense
Chair: Ludovic Me
Hit-List Worm Detection and Bot Identification in Large Networks Using Protocol Graphs
M. Patrick Collins and Michael K. Reiter

SpyShield: Preserving Privacy from Spy Add-ons
Zhuowei Li, XiaoFeng Wang, and Jong Youl Choi

Vortex: Enabling Cooperative Selective Wormholing for Network Security Systems
John R. Lange, Peter A. Dinda, and Fabian E. Bustamante
12:00 - 12:15 Concluding remarks
12:15 Lunch. End of Symposium

Hosted by:

Sponsors:

Student Scholarships Sponsor:

NWSI - Northwest Security Institute