Keynote Addresses
Constraints, Style and Focus of Industrial Security Research
Dr. Tzi-cker Chiueh, Director, Core Research Group, Symantec Research Labs
Abstract
Presentation
National Information Infrastructure Protection (NIIP) and the Role of IDS
Professor Emeritus Bill Caelli, AO
Abstract
Presentation
| 
Download Program in PDF
Program
Venue: Norfolk Room
Tuesday, September 4th, 2007
|
|
19:00 - 21:00
|
Registration and Reception
Cristels Function Room
|
Wednesday, September 5th, 2007
|
| 8:15 |
Registration |
| 9:15 - 9:30 |
Welcome - Ed Dawson, Research Director, Information Security Institute, Queensland University of Technology
Conference Arragements - George Mohay, RAID 2007 General Chair
Conference Open - Christopher Kruegel, RAID 2007 Program Chair |
| 9:30 - 10:30 |
Keynote Address, Chair: Christopher Kruegel
Constraints, Style and Focus of Industrial Security Research
Dr. Tzi-cker Chiueh, Director, Core Research Group, Symantec Research Labs |
| 10:30 - 11:00 |
Morning Tea |
Session 1:
11:00 - 12:00 |
Host-Based Intrusion Detection
Chair: Benjamin Morin
Exploiting Execution Context for the Detection of Anomalous System Calls
Darren Mutz, William Robertson, Giovanni Vigna, and Richard Kemmerer
Understanding Precision in Host Based Intrusion Detection
Monirul Sharif, Kapil Singh, Jonathon Giffin, and Wenke Lee
|
| 12:00 - 14:00 |
Lunch, luncheon event |
Session 2:
14:00 - 15:00 |
Anomaly-Based Intrusion Detection
Chair: Wenke Lee
Comparing Anomaly Detection Techniques for HTTP
Kenneth L. Ingham and Hajime Inoue
Swaddler: An Approach for the Anomaly-based Detection of State Violations in Web Applications
Marco Cova, Davide Balzarotti, Viktoria Felmetsger, and Giovanni Vigna
|
| 15:00 - 15:30 |
Afternoon Tea |
Session 3:
15:30 - 16:30 |
Posters and WIP
Presentations |
| 16:30 - 18:30 |
Poster display session, light refreshments
Cristels Function Room |
Thursday, September 6th, 2007 |
Session 4:
09:00 - 10:30 |
Network-Based Intrusion Detection and Response
Chair: Giovanni Vigna
Emulation-Based Detection of Non-self-contained Polymorphic Shellcode
Michalis Polychronakis, Kostas G. Anagnostakis, and Evangelos P. Markatos
The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware
Matthias Vallentin, Robin Sommer, Jason Lee, Craig Leres, Vern Paxson, and Brian Tierney
Cost-Sensitive Intrusion Responses for Mobile Ad Hoc Networks
Shiau-Huey Wang, Chinyang Henry Tseng, Karl Levitt, and Matthew Bishop
|
| 10:30 - 11:00 |
Morning Tea |
Session 5:
11:00 - 12:00 |
Insider Detection and Alert Correlation
Chair: Richard Lippmann
ELLICIT: A System for Detecting Insiders Who Violate Need-to-know
Marcus A. Maloof and Gregory D. Stephens
On the Use of Different Statistical Tests for Alert Correlation - Short Paper
Federico Maggi and Stefano Zanero
|
| 12:00 - 13:30 |
Lunch |
Session 6:
13:30 - 15:00 |
Malicious Code Analysis
Chair: Thorsten Holz
Automated Classification and Analysis of Internet Malware
Michael Bailey, Jon Oberheide, Jon Andersen, Z. Morley Mao, Farnam Jahanian, and Jose Nazario
'Out-of-the-box' Monitoring of VM-based High-Interaction Honeypots
Xuxian Jiang and Xinyuan Wang
A Forced Sampled Execution Approach to Kernel Rootkit Identification
Jeffrey Wilhelm and Tzi-cker Chiueh
|
| 15:00 - 15:30 |
Afternoon Tea |
Session 7:
15:30 - 16:30 |
Evasion
Chair: Robin Sommer
Advanced Allergy Attacks: Does a Corpus Really Help?
Simon P. Chung and Aloysius K. Mok
Alert Verification Evasion through Server Response Forging
Adam D. Todd, Richard A. Raines, Rusty O. Baldwin, Barry E. Mullins, and Steven K. Rogers
|
|
Conference dinner - Norkfolk Room
with Nahri Dance/Didgeridoo Entertainers |
| 18:15 |
Drinks |
| 19:00 |
Dinner |
Friday, September 7th, 2007 |
| 09:00 - 10:00 |
Keynote Address, Chair: Christopher Kruegel
National Information Infrastructure Protection (NIIP) and the Role of IDS
Professor Emeritus Bill Caelli, AO |
| 10:00 - 10:30 |
Morning Tea |
Session 8:
10:30 - 12:00 |
Malicious Code Defense
Chair: Ludovic Me
Hit-List Worm Detection and Bot Identification in Large Networks Using Protocol Graphs
M. Patrick Collins and Michael K. Reiter
SpyShield: Preserving Privacy from Spy Add-ons
Zhuowei Li, XiaoFeng Wang, and Jong Youl Choi
Vortex: Enabling Cooperative Selective Wormholing for Network Security Systems
John R. Lange, Peter A. Dinda, and Fabian E. Bustamante
|
| 12:00 - 12:15 |
Concluding remarks |
| 12:15 |
Lunch. End of Symposium |
| Hosted by:
Sponsors:
Student Scholarships Sponsor:
NWSI - Northwest Security Institute
|
