Detection of intrusions and malware, and vulnerability assessment : Second International Conference, DIMVA 2005, Vienna, Austria, July 7-8, 2005 : proceedings
Author(s)
Bibliographic Information
Detection of intrusions and malware, and vulnerability assessment : Second International Conference, DIMVA 2005, Vienna, Austria, July 7-8, 2005 : proceedings
(Lecture notes in computer science, 3548)
Springer, c2005
Available at 9 libraries
  Aomori
  Iwate
  Miyagi
  Akita
  Yamagata
  Fukushima
  Ibaraki
  Tochigi
  Gunma
  Saitama
  Chiba
  Tokyo
  Kanagawa
  Niigata
  Toyama
  Ishikawa
  Fukui
  Yamanashi
  Nagano
  Gifu
  Shizuoka
  Aichi
  Mie
  Shiga
  Kyoto
  Osaka
  Hyogo
  Nara
  Wakayama
  Tottori
  Shimane
  Okayama
  Hiroshima
  Yamaguchi
  Tokushima
  Kagawa
  Ehime
  Kochi
  Fukuoka
  Saga
  Nagasaki
  Kumamoto
  Oita
  Miyazaki
  Kagoshima
  Okinawa
  Korea
  China
  Thailand
  United Kingdom
  Germany
  Switzerland
  France
  Belgium
  Netherlands
  Sweden
  Norway
  United States of America
Note
Includes bibliographical references and index
Description and Table of Contents
Description
On behalf of the Program Committee, it is our pleasure to present to you the proceedings of the 2nd GI SIG SIDAR Conference on Detection of Intrusions & Malware, and Vulnerability Assessment (DIMVA). DIMVA is organized by the Special Interest Group Security - Intrusion Detection and Response (SIDAR) of the German Informatics Society (GI) as an annual conference that brings together experts from throughout the world to discuss the state of the art in the areas of intrusion detection, detection of malware, and assessment of vulnerabilities. TheDIMVA2005ProgramCommitteereceived51submissionsfrom18co- tries. This represents an increase of approximately 25% compared with the n- ber of submissions last year. All submissions were carefully reviewed by at least three Program Committee members or external experts according to the cri- ria of scienti?c novelty, importance to the ?eld, and technical quality. The ?nal selection took place at a meeting held on March 18, 2005, in Zurich, Switz- land. Fourteen full papers were selected for presentation and publication in the conference proceedings. In addition, three papers were selected for presentation in the industry track of the conference. The program featured both theoretical and practical research results, which were grouped into six sessions. Philip Att?eld from the Northwest Security Institute gave the opening keynote speech. The slides presented by the authors are available on the DIMVA 2005 Web site at http://www.dimva.org/dimva2005 We sincerely thank all those who submitted papers as well as the Program Committee members and the external reviewers for their valuable contributions.
Table of Contents
Obfuscated Code Detection.- Analyzing Memory Accesses in Obfuscated x86 Executables.- Hybrid Engine for Polymorphic Shellcode Detection.- Honeypots.- Experiences Using Minos as a Tool for Capturing and Analyzing Novel Worms for Unknown Vulnerabilities.- A Pointillist Approach for Comparing Honeypots.- Vulnerability Assessment and Exploit Analysis.- Automatic Detection of Attacks on Cryptographic Protocols: A Case Study.- METAL - A Tool for Extracting Attack Manifestations.- Flow-Level Traffic Analysis of the Blaster and Sobig Worm Outbreaks in an Internet Backbone.- Anomaly Detection.- A Learning-Based Approach to the Detection of SQL Attacks.- Masquerade Detection via Customized Grammars.- A Prevention Model for Algorithmic Complexity Attacks.- Misuse Detection.- Detecting Malicious Code by Model Checking.- Improving the Efficiency of Misuse Detection.- Distributed Intrusion Detection and IDS Testing.- Enhancing the Accuracy of Network-Based Intrusion Detection with Host-Based Context.- TCPtransform: Property-Oriented TCP Traffic Transformation.
by "Nielsen BookData"