Recent Advances in Intrusion Detection - 12th International Symposium, RAID 2009, Saint-Malo, France, September 23-25, 2009, Proceedings

Ulteriori informazioni

On behalf of the Program Committee, it is our pleasure to present the p- ceedings of the 12th International Symposium on Recent Advances in Intrusion Detection systems (RAID 2009),which took place in Saint-Malo,France, during September 23-25. As in the past, the symposium brought together leading - searchers and practitioners from academia, government, and industry to discuss intrusion detection research and practice. There were six main sessions prese- ingfullresearchpapersonanomalyandspeci?cation-basedapproaches,malware detection and prevention, network and host intrusion detection and prevention, intrusion detection for mobile devices, and high-performance intrusion det- tion. Furthermore, there was a poster session on emerging research areas and case studies. The RAID 2009ProgramCommittee received59 full paper submissionsfrom all over the world. All submissions were carefully reviewed by independent - viewers on the basis of space, topic, technical assessment, and overall balance. The ?nal selection took place at the Program Committee meeting on May 21 in Oakland, California. In all, 17 papers were selected for presentation and p- lication in the conference proceedings. As a continued feature, the symposium accepted submissions for poster presentations which have been published as - tended abstracts, reporting early-stage research, demonstration of applications, or case studies. Thirty posters were submitted for a numerical review by an independent, three-person sub-committee of the Program Committee based on novelty, description, and evaluation. The sub-committee recommended the - ceptance of 16 of these posters for presentation and publication. The success of RAID 2009 depended on the joint e?ort of many people.

Sommario

Recent Advances in Intrusion Detection Anomaly and Specification-Based Approaches.- Panacea: Automating Attack Classification for Anomaly-Based Network Intrusion Detection Systems.- Protecting a Moving Target: Addressing Web Application Concept Drift.- Adaptive Anomaly Detection via Self-calibration and Dynamic Updating.- Runtime Monitoring and Dynamic Reconfiguration for Intrusion Detection Systems.- Malware Detection and Prevention (I).- Malware Behavioral Detection by Attribute-Automata Using Abstraction from Platform and Language.- Automatic Generation of String Signatures for Malware Detection.- PE-Miner: Mining Structural Information to Detect Malicious Executables in Realtime.- Network and Host Intrusion Detection and Prevention.- Automatically Adapting a Trained Anomaly Detector to Software Patches.- Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration.- Automated Behavioral Fingerprinting.- Intrusion Detection for Mobile Devices.- SMS-Watchdog: Profiling Social Behaviors of SMS Users for Anomaly Detection.- Keystroke-Based User Identification on Smart Phones.- VirusMeter: Preventing Your Cellphone from Spies.- High-Performance Intrusion Detection.- Regular Expression Matching on Graphics Hardware for Intrusion Detection.- Multi-byte Regular Expression Matching with Speculation.- Malware Detection and Prevention (II).- Toward Revealing Kernel Malware Behavior in Virtual Execution Environments.- Exploiting Temporal Persistence to Detect Covert Botnet Channels.- Posters.- An Experimental Study on Instance Selection Schemes for Efficient Network Anomaly Detection.- Automatic Software Instrumentation for the Detection of Non-control-data Attacks.- BLADE: Slashing the Invisible Channel of Drive-by DownloadMalware.- CERN Investigation of Network Behaviour and Anomaly Detection.- Blare Tools: A Policy-Based Intrusion Detection System Automatically Set by the Security Policy.- Detection, Alert and Response to Malicious Behavior in Mobile Devices: Knowledge-Based Approach.- Autonomic Intrusion Detection System.- ALICE@home: Distributed Framework for Detecting Malicious Sites.- Packet Space Analysis of Intrusion Detection Signatures.- Traffic Behaviour Characterization Using NetMate.- On the Inefficient Use of Entropy for Anomaly Detection.- Browser-Based Intrusion Prevention System.- Using Formal Grammar and Genetic Operators to Evolve Malware.- Method for Detecting Unknown Malicious Executables.- Brave New World: Pervasive Insecurity of Embedded Network Devices.- DAEDALUS: Novel Application of Large-Scale Darknet Monitoring for Practical Protection of Live Networks.

Riassunto

On behalf of the Program Committee, it is our pleasure to present the p- ceedings of the 12th International Symposium on Recent Advances in Intrusion Detection systems (RAID 2009),which took place in Saint-Malo,France, during September 23–25. As in the past, the symposium brought together leading - searchers and practitioners from academia, government, and industry to discuss intrusion detection research and practice. There were six main sessions prese- ingfullresearchpapersonanomalyandspeci?cation-basedapproaches,malware detection and prevention, network and host intrusion detection and prevention, intrusion detection for mobile devices, and high-performance intrusion det- tion. Furthermore, there was a poster session on emerging research areas and case studies. The RAID 2009ProgramCommittee received59 full paper submissionsfrom all over the world. All submissions were carefully reviewed by independent - viewers on the basis of space, topic, technical assessment, and overall balance. The ?nal selection took place at the Program Committee meeting on May 21 in Oakland, California. In all, 17 papers were selected for presentation and p- lication in the conference proceedings. As a continued feature, the symposium accepted submissions for poster presentations which have been published as - tended abstracts, reporting early-stage research, demonstration of applications, or case studies. Thirty posters were submitted for a numerical review by an independent, three-person sub-committee of the Program Committee based on novelty, description, and evaluation. The sub-committee recommended the - ceptance of 16 of these posters for presentation and publication. The success of RAID 2009 depended on the joint e?ort of many people.