This book constitutes the refereed proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection, RAID 2008, held in Cambridge, MA, USA, in September 2008.
The 20 revised full papers presented together with 16 revised poster papers were carefully reviewed and selected from 80 submissions. The papers are organized in topical sections on rootkit prevention, malware detection and prevention, high performance intrusion and evasion, Web application testing and evasion, alert correlation and worm detection, as well as anomaly detection and network traffic analysis.
Author(s): Ryan Riley, Xuxian Jiang, Dongyan Xu (auth.), Richard Lippmann, Engin Kirda, Ari Trachtenberg (eds.)
Series: Lecture Notes in Computer Science 5230 : Security and Cryptology
Edition: 1
Publisher: Springer-Verlag Berlin Heidelberg
Year: 2008
Language: English
Pages: 424
Tags: Management of Computing and Information Systems; Computers and Society; Data Encryption; Computer Communication Networks; Systems and Data Security
Front Matter....Pages -
Guest-Transparent Prevention of Kernel Rootkits with VMM-Based Memory Shadowing....Pages 1-20
Countering Persistent Kernel Rootkits through Systematic Hook Discovery....Pages 21-38
Tamper-Resistant, Application-Aware Blocking of Malicious Network Connections....Pages 39-58
A First Step towards Live Botmaster Traceback....Pages 59-77
A Layered Architecture for Detecting Malicious Behaviors....Pages 78-97
A Study of the Packer Problem and Its Solutions....Pages 98-115
Gnort: High Performance Network Intrusion Detection Using Graphics Processors....Pages 116-134
Predicting the Resource Consumption of Network Intrusion Detection Systems....Pages 135-154
High-Speed Matching of Vulnerability Signatures....Pages 155-174
Swarm Attacks against Network-Level Emulation/Analysis....Pages 175-190
Leveraging User Interactions for In-Depth Testing of Web Applications....Pages 191-210
Model-Based Covert Timing Channels: Automated Modeling and Evasion....Pages 211-230
Optimal Cost, Collaborative, and Distributed Response to Zero-Day Worms - A Control Theoretic Approach....Pages 231-250
On the Limits of Payload-Oblivious Network Attack Detection....Pages 251-270
Determining Placement of Intrusion Detectors for a Distributed Application through Bayesian Network Modeling....Pages 271-290
A Multi-Sensor Model to Improve Automated Attack Detection....Pages 291-310
Monitoring SIP Traffic Using Support Vector Machines....Pages 311-330
The Effect of Clock Resolution on Keystroke Dynamics....Pages 331-350
A Comparative Evaluation of Anomaly Detectors under Portscan Attacks....Pages 351-371
Advanced Network Fingerprinting....Pages 372-389
On Evaluation of Response Cost for Intrusion Response Systems....Pages 390-391
WebIDS: A Cooperative Bayesian Anomaly-Based Intrusion Detection System for Web Applications (Extended Abstract)....Pages 392-393
Evading Anomaly Detection through Variance Injection Attacks on PCA....Pages 394-395
Anticipating Hidden Text Salting in Emails....Pages 396-397
Improving Anomaly Detection Error Rate by Collective Trust Modeling....Pages 398-399
Database Intrusion Detection and Response....Pages 400-401
An Empirical Approach to Identify Information Misuse by Insiders (Extended Abstract)....Pages 402-403
Page-Based Anomaly Detection in Large Scale Web Clusters Using Adaptive MapReduce (Extended Abstract)....Pages 404-405
Automating the Analysis of Honeypot Data (Extended Abstract)....Pages 406-407
Anomaly and Specification Based Cognitive Approach for Mission-Level Detection and Response....Pages 408-409
Monitoring the Execution of Third-Party Software on Mobile Devices....Pages 410-411
Streaming Estimation of Information-Theoretic Metrics for Anomaly Detection (Extended Abstract)....Pages 412-414
Bots Behaviors vs. Human Behaviors on Large-Scale Communication Networks (Extended Abstract)....Pages 415-416
Anomalous Taint Detection....Pages 417-418
Deep Packet Inspection Using Message Passing Networks....Pages 419-420
System Call API Obfuscation (Extended Abstract)....Pages 421-422
Back Matter....Pages -
