Call for Paper: 16th USENIX Security Symposium

Tuesday, September 26. 2006
The Call for Papers for the 16th USENIX Security Symposium is now available. I am very proud to be one of the members of the program committee and of course I would like to see many honeynet-related papers submitted to the conference!

Important dates:
  • Paper submissions due: Thursday, February 1, 2007, 11:59 p.m. PST

  • Panel proposals due: Thursday, March 29, 2007

  • Notification to authors: Wednesday, April 4, 2007

  • Final papers due: Monday, May 14, 2007

  • Work-in-Progress reports due: Wednesday, August 8, 2007, 6:00 p.m. EDT

The conference will be held from August 6–10, 2007, in Boston, MA.

About USENIX Security:
The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security of computer systems and networks. T

All researchers are encouraged to submit papers covering novel and scientifically significant practical works in security or applied cryptography. Submissions are due on February 1, 2007, 11:59 p.m. PST. The Symposium will span five days: a two-day training program will be followed by a two and one-half day technical program, which will include refereed papers, invited talks, Work-in-Progress reports, panel discussions, and Birds-of-a-Feather sessions.

Continue reading "Call for Paper: 16th USENIX Security Symposium"

Posted by Thorsten Holz in administrativa, paper at 20:29 | Comments (0) | Trackbacks (0)

The Nepenthes Platform: An Efficient Approach to Collect Malware

Thursday, September 21. 2006
At the RAID'06 conference taking place in Hamburg between September 20 and 22, we published a paper on nepenthes. It describes nepenthes in detail and gives an overview of preliminary results. I had published excerpt from the paper previously here at this blog, but now also the final paper is available.

Abstract:
Up to now, there is little empirically backed quantitative and qualitative knowledge about self-replicating malware publicly available. This hampers research in these topics because many counter-strategies against malware, e.g., network- and host-based intrusion detection systems, need hard empirical data to take full effect.
We present the nepenthes platform, a framework for large-scale collection of information on self-replicating malware in the wild. The basic principle of nepenthes is to emulate only the vulnerable parts of a service. This leads to an efficient and effective solution that offers many advantages compared to other honeypot-based solutions. Furthermore, nepenthes offers a flexible deployment solution, leading to even better scalability. Using the nepenthes platform we and several other organizations were able to greatly broaden the empirical basis of data available about self-replicating malware and provide thousands of samples of previously unknown malware to vendors of host-based IDS/anti-virus systems. This greatly improves the detection rate of this kind of threat.

Continue reading "The Nepenthes Platform: An Efficient Approach to Collect Malware"

Posted by Thorsten Holz in honeynets, paper at 13:52 | Comments (0) | Trackbacks (0)
(Page 1 of 1, totaling 2 entries)