Detection of Intrusions and Malware, and Vulnerability Assessment - 6th International Conference, DIMVA 2009, Milan, Italy, July 9-10, 2009. Proceedings

Read more

This book constitutes the refereed proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2009, held in Milan, Italy, in July 2009.
The 10 revised full papers presented together with three extended abstracts were carefully selected from 44 initial submissions. The papers are organized in topical sections on malware and SPAM, emulation-based detection, software diversity, harnessing context, and anomaly detection.

List of contents

Malware and SPAM.- A Case Study on Asprox Infection Dynamics.- How Good Are Malware Detectors at Remediating Infected Systems?.- Towards Proactive Spam Filtering (Extended Abstract).- Emulation-Based Detection.- Shepherding Loadable Kernel Modules through On-demand Emulation.- Yataglass: Network-Level Code Emulation for Analyzing Memory-Scanning Attacks.- Defending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks.- Software Diversity.- Polymorphing Software by Randomizing Data Structure Layout.- On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities.- Harnessing Context.- Using Contextual Information for IDS Alarm Classification (Extended Abstract).- Browser Fingerprinting from Coarse Traffic Summaries: Techniques and Implications.- A Service Dependency Modeling Framework for Policy-Based Response Enforcement.- Anomaly Detection.- Learning SQL for Database Intrusion Detection Using Context-Sensitive Modelling (Extended Abstract).- Selecting and Improving System Call Models for Anomaly Detection.