RAID 2004 Home Page   Call for Papers Sponsor Information Submission Information Program Information Registration Information Conference Committee General Information

Technical Program

Wednesday, September 15th
9:00Registration opens
12:30 - 14:00Lunch
14:00 - 14:15Welcome
14:15 - 15:15Invited Talk: Fighting Fraud in Telecom Environments
Håkan Kvarnström
TeliaSonera AB, Sweden
15:15 - 15:45Coffee break
15:45 - 16:45Modelling process behaviour - Chair: Alfonso Valdes (SRI International, USA)
Automatic Extraction of Accurate Application-Specific Sandboxing Policy
Lap-chung Lam, Tzi-cker Chiueh
Rether Networks Inc., Centereach N.Y., USA
Context Sensitive Anomaly Monitoring of Process Control Flow to Detect Mimicry Attacks and Impossible Paths
Haizhi Xu, Wenliang Du, Steve J. Chapin
Systems Assurance Institute, Syracuse University, USA
16:45 - 17:00Break
17:00 - 18:00Abstract session
18:00 - 20:30Poster session with Buffet at the Conference Venue
Thursday, September 16th

09:00 - 10:30Detecting Worms and Viruses - Chair: John McHugh (CMU/SEI CERT, USA)
HoneyStat: Local Worm Detection Using Honeypots
David Dagon, Xinzhou Qin, Guofei Gu, Wenke Lee, Julian Grizzard, John Levine, Henry Owen
Georgia Institute of Technology, USA
Fast Detection of Scanning Worm Infections
Jaeyeon Jung (1), Stuart E. Schechter (2), Arthur W. Berger (1),
(2) Harvard DEAS, USA
Detecting Unknown Massive Mailing Viruses Using Proactive Methods
Ruiqi Hu, Aloysius K. Mok
Dept of Computer Sciences, University of Texas at Austin, USA
10:30 - 11:00Coffee break
11:00 - 12:00Invited Talk: Lessons in Intrusion Detection
Bruce Schneier
Counterpane Internet Security, CA, USA
12:00 - 13:30Lunch
13:30 - 15:00Attack and Alert Analysis - Chair: Diego Zamboni (IBM Research, Switzerland)
Using Adaptive Alert Classification to Reduce False Positives in Intrusion Detection
Tadeusz Pietraszek
IBM Zürich Research Laboratory, Switzerland
Attack Analysis and Detection for Ad Hoc Routing Protocols
Yi-an Huang, Wenke Lee
College of Computing, Georgia Institute of Technology, USA
On the Design and Use of Internet Sinks for Network Abuse Monitoring
Vinod Yegneswaran (1), Paul Barford (1), Dave Plonka (2)
(1) Dept of Computer Science, University of Wisconsin, Madison, USA
(2) Dept of Information Technology, University of Wisconsin, Madison, USA
15:00 - 15:30Coffee break
15:30 - 16:30Practical Experience - Chair: George Mohay (Queensland University of Technology, Australia)
Monitoring IDS Background Noise Using EWMA Control Charts and Alert Information
Jouni Viinikka, Herve Debar
France Telecom R&D, Caen, France
Experience with a Commercial Deception System
Brian Hernacki, Jeremy Bennett, Thomas Löfgren
Symantec Corporation, Redwood City, USA
16:30 - 17:30Poster session
20:00 - Banquet - Restaurant Bijou Plage - Juan les Pins
Friday, September 17th
09:00 - 10:30Anomaly Detection - Chair: Christopher Kruegel (Technical University of Vienna, Austria)
Anomalous Payload-based Network Intrusion Detection
Ke Wang, Salvatore J. Stolfo
Computer Science Dept, Columbia University, USA
Anomaly Detection Using Layered Networks Based on Eigen Co-occurrence Matrix
Mizuki Oka (1), Yoshihiro Oyama (2,3), Hirotake Abe (1), Kazuhiko Kato (1,3)
(1) University of Tsukuba, Japan
(2) University of Tokyo, Japan
(3) Japan Science and Technology Cooperation, Japan
Seurat: A Pointillist Approach to Anomaly Detection
Yinglian Xie (1), Hyang-Ah Kim (1), David R. O'Hallaron (1,2), Michael K. Reiter (1,2), Hui Zhang (1,2)
(1) Dept of Computer Science, Carnegie-Mellon University, USA
(2) Dept of Electrical and Computer Engineering, Carnegie-Mellon University, USA
10:30 - 11:00Coffee break
11:00 - 12:30Formal Analysis for Intrusion Detection - Chair: Wenke Lee (Georgia Tech, USA)
Detection of Interactive Stepping Stones with Maximum Delay Bound: Algorithms and Confidence Bounds
Avrim Blum, Dawn Song, Shobha Venkataraman
Carnegie Mellon University, USA
Formal Reasoning about Intrusion Detection Systems
Tao Song (1), Calvin Ko (2), Jim Alves-Foss (3), Cui Zhang (4), Karl Levitt (1),
(1) Computer Security Laboratory, University of California, Davis, USA
(2) NAI LAbs, Network Associates Inc., Santa Clara, CA, USA
(3) Center for Secure and Dependable Systems, University of Idaho, USA
(4) Computer Science Dept, California State University, Sacramento, USA
RheoStat : Real-time Risk Management
Ashish Gehani, Gershon Kedem
Dept of Computer Science, Duke University, USA
12:30 - 12:45Concluding Remarks
12:45 - 14:00Lunch