Detection of intrusions and malware, and vulnerability assessment : 4th International Conference, DIMVA 2007 Lucerne, Switzerland, July 12-13, 2007 : proceedings

OnbehalfoftheProgramCommittee,itisourpleasuretopresenttoyouthep- ceedings of the 4th GI International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA). Each year DIMVA brings - gether internationalexperts from academia,industry andgovernmentto present and discuss novel security research. DIMVA is organized by the special interest group Security-Intrusion Detection and Response of the German Informatics Society (GI). The DIMVA 2007 Program Committee received 57 submissions from 20 d- ferentcountries. Allsubmissions werecarefullyreviewedbyProgramCommittee members and external experts according to the criteria of scienti?c novelty, - portance to the ?eld and technical quality. The ?nal selection took place at a Program Committee meeting held on March 31, 2007, at Universit' a Campus Bio-Medico di Roma, Italy. Twelve full papers and two extended abstracts were selectedforpresentationatthe conferenceandpublicationin theconferencep- ceedings. The conference took place during July 12-13, 2007, at the University of Applied Sciences and Arts Lucerne (HTA Lucerne) in Switzerland. The p- gram featured both theoretical and practical research results grouped into ?ve sessions. ThekeynotespeechwasgivenbyVern Paxson,InternationalComputer Science Institute and Lawrence Berkeley National Laboratory. Another invited talk was presented by Marcelo Masera, InstitutefortheProtection and Security of the Citizen. Peter Trachsel, Deputy Head of the Federal Strategic Unit for IT in Switzerland, gave a speech during the conference dinner. The conference programfurther included a rump sessionorganizedby Sven Dietrich of Carnegie Mellon University; and it was complemented by the third instance of the Eu- pean capture-the-?ag contest CIPHER, organized by Lexi Pimenidis of RWTH Aachen.

Web Security.- Extensible Web Browser Security.- On the Effectiveness of Techniques to Detect Phishing Sites.- Protecting the Intranet Against "JavaScript Malware" and Related Attacks.- Intrusion Detection.- On the Effects of Learning Set Corruption in Anomaly-Based Detection of Web Defacements.- Intrusion Detection as Passive Testing: Linguistic Support with TTCN-3 (Extended Abstract).- Characterizing Bots' Remote Control Behavior.- Traffic Analysis.- Measurement and Analysis of Autonomous Spreading Malware in a University Environment.- Passive Monitoring of DNS Anomalies.- Characterizing Dark DNS Behavior.- Network Security.- Distributed Evasive Scan Techniques and Countermeasures.- On the Adaptive Real-Time Detection of Fast-Propagating Network Worms.- Host Security.- Targeting Physically Addressable Memory.- Static Analysis on x86 Executables for Preventing Automatic Mimicry Attacks.- A Study of Malcode-Bearing Documents.