Focus on IDS
Call for Participation - DIMVA 2009 May 18 2009 07:59PM
Sebastian Schmerl (sbs Informatik TU-Cottbus DE)
(We apologize if you receive multiple copies of this message.)
----------------------------------------------------------------------
C A L L F O R P A R T I C I P A T I O N
======================================================================

DIMVA 2009

Sixth International Conference on
Detection of Intrusions and Malware & Vulnerability Assessment

Organized by GI SIG SIDAR

Como, Italy
July 9-10, 2009

http://www.dimva.org/dimva2009
mailto:info (at) dimva (dot) org [email concealed]
======================================================================

The annual DIMVA conference serves as a premier forum for advancing
the state of the art in intrusion detection, malware detection, and
vulnerability assessment. Each year DIMVA brings together
international experts from academia, industry and government to
present and discuss novel research in these areas. DIMVA is organized
by the special interest group Security - Intrusion Detection and
Response (SIDAR) of the German Informatics Society (GI) and takes
place 9/10-07-2009 in Como, Italy.

This year's program features a single technical track with 13 papers
DIMVA 2009 will also feature two invited talks by renowned experts:

* Henry Stern, Ironport / Cisco:
A New Era in Security Collaboration: Turning the Tables on Botnets

* Richard Kemmerer, University of California Santa Barbara
How to Steal a Botnet and What Can Happen When You Do

The conference program will be complemented by

* a Rump Session: a series of short and entertaining talks where
attendees can present recent research results, work in progress,
or other topics of interest to the community.

Please contact the Rump Session Chair, Sven Dietrich, at
rump-chair (at) dimva (dot) org [email concealed] for submission questions.

* CIPHER 5: a "Capture The Flag"-style contest in IT security for
teams of students from universities around the world. CIPHER is
co-arranged by the Special Interest Group SIDAR (Security - Intrusion
Detection and Response) of the German Informatics Society (GI).
(More information on http://www.cipher-ctf.org)

Registration and Travel
=======================

The DIMVA 2009 conference will be held in Como (Italy). The
registration is now open. Please check the DIMVA web site for
information on the rates, registration, travel and accommodation:

!!!Early Bird Rates available now!!!

http://www.dimva.org/dimva2009

Conference Program (preliminary)
================================

Thursday, July 9th
------------------

Welcome Opening Remarks

Session 1: Malware and SPAM

A Case Study on Asprox Infection Dynamics

How good are malware detectors at remediating infected systems?

Towards Proactive Spam Filtering

Session 2: Emulation-based Detection

Shepherding Loadable Kernel Module through On-demand
Emulation

Yataglass: Network-level Code Emulation for Analyzing
Memory-scanning Attacks

Defending Browsers against Drive-by Downloads: Mitigating
Heap-spraying Code Injection Attacks

Keynote

How to Steal a Botnet and What Can Happen When You Do
Richard Kemmerer, University of California Santa Barbara

Session 3: Software Diversity

Polymorphing Software by Randomizing Data Structure Layout

On the Effectiveness of Software Diversity: A Systematic
Study on Real-World Vulnerabilities

SIG SIDAR Open Meeting

Friday, July 10th
-----------------

Keynote

A New Era in Security Collaboration: Turning the Tables on
Botnets
Henry Stern, Ironport / Cisco

Session 4: Harnessing Context

Using Contextual Information for IDS Alarm Classification

Browser Fingerprinting from Coarse Traffic Summaries:
Techniques and Implications

A Service Dependency Modeling Framework for Policy-based
Response Enforcement

Rump Session

Session 5: Anomaly Detection

Learning SQL for Database Intrusion Detection using
Context-Sensitive Modelling

Selecting and Improving System Call Models for Anomaly
Detection

CIPHER 5 Capture the Flag

Farewell - Concluding Remarks

Corporate Sponsors
==================
We solicit interested organizations to serve as sponsors for DIMVA
2009, particularly in sponsorship of student travel and other expenses
for DIMVA. Please contact the Sponsorship Chair for information
regarding corporate sponsorship of DIMVA 2009.

Organizing Committee
====================
General Chair: Danilo M. Bruschi,
Università degli Studi di Milano,
Italy (info (at) dimva (dot) org [email concealed])
Program Chair: Ulrich Flegel, SAP Research CEC Karlsruhe,
Germany (pc-chair (at) dimva (dot) org [email concealed])
Rump Session Chair: Sven Dietrich,
Stevens Institute of Technology,
U.S.A. (rump-chair (at) dimva (dot) org [email concealed])
Sponsorship Chair: Thorsten Holz, University of Mannheim,
Germany (sponsor-chair (at) dimva (dot) org [email concealed])
Publicity Chair: Sebastian Schmerl,
Technical University of Cottbus,
Germany (publicity-chair (at) dimva (dot) org [email concealed])

Program Committee
=================
Thomas Biege, Novell, Germany
Gunter Bitz, SAP AG, Germany
Herbert Bos, Vrije Universiteit Amsterdam, Netherlands
Danilo Bruschi, Università degli Studi di Milano, Italy
Roland Büschkes, RWE, Germany
Marc Dacier, Symantec Research, France
Hervé Debar, France Télécom, France
Sven Dietrich, Stevens Institute of Technology, U.S.A.
Toralv Dirro, McAfee, Germany
Thomas Dullien, Zynamics, Germany
Ulrich Flegel, SAP Research, Germany
Bernhard Hämmerli, Acris GmbH & HSLU Lucerne, Switzerland
Marc Heuse, Baseline Security, Germany
Thorsten Holz, University of Mannheim, Germany
Erland Jonsson, Chalmers University, Sweden
Klaus Julisch, IBM Zurich Research Laboratory, Switzerland
Engin Kirda, Eurecom, France
Christian Kreibich, International Computer Science Institute,
U.S.A.
Christopher Kruegel, University of California in Santa Barbara,
U.S.A
Pavel Laskov, University of Tuebingen, Germany
Wenke Lee, Georgia Institute of Technology, U.S.A.
Javier Lopez, University of Malaga, Spain
John McHugh, University of North Carolina and Dalhousie
University Halifax, Canada
Michael Meier, Technical University of Dortmund, Germany
George Mohay, Queensland University of Technology, Australia
Martin Rehák, Czech Technical University, Czech
Konrad Rieck, Technical University of Berlin, Germany
Sebastian Schmerl, Technical University of Cottbus, Germany
Robin Sommer, ICSI/LBNL, U.S.A.
Salvatore Stolfo, Columbia University, U.S.A
Peter Szor, Symantec, U.S.A.
Bernhard Thurm, SAP Research, Germany
Al Valdes, SRI International, U.S.A.

Steering Committee
==================
Chairs:
* Ulrich Flegel, SAP Research CEC Karlsruhe
* Michael Meier, Technical University of Dortmund

Members:
* Roland Büschkes, RWE
* Hervé Debar, France Telecom R&D
* Bernhard Hämmerli, Acris GmbH, HSLU
* Marc Heuse, Baseline Security Consulting
* Klaus Julisch, IBM Zurich Research Lab
* Christopher Kruegel, UC Santa Barbara
* Pavel Laskov, University of Tuebingen
* Robin Sommer, ICSI/LBNL
* Diego Zamboni, IBM Zurich Research Lab

--
_____________________________________________________________________
Sebastian Schmerl Tel: +49 (0) 355 69 20 29
sbs (at) informatik.tu-cottbus (dot) de [email concealed] Fax: +49 (0) 355 69 21 27
BTU Cottbus

Computer Networks and Communication System
P.O.Box 10 13 44, 03013 Cottbus, Germany
http://www-rnks.informatik.tu-cottbus.de
_____________________________________________________________________

0? *?H?÷
 ?0?1 0 +0? *?H?÷
 ?É0?!0?  Ç0
 *?H?÷
0q1 0 UDE10U
Deutsche Telekom AG10U T-TeleSec Trust Center1#0!UDeutsche Telekom Root CA 20
061219102900Z
190630235900Z0Z1 0 UDE10U

DFN-Verein10U DFN-PKI1$0"UDFN-Verein PCA Global - G010?"0
 *?H?÷
?0?
?é?Ãg?ù
®õTÃ?P5=bénLí?×[?"tÔ ë4ÖìÀ1 ?â¦ÒR (#??t?^[àâxÁxËË(59{-EÐí z|¿JÃ?é\+1{ ó?$C?8?jh?îÜOx«ÒÆ?v­îÞ&èï¯tÁ ¢ökνÓÍ0Oõåã¤Èb??'0
e`MíÑ #*?5X'ÓvÆq¶Äíÿ5?}o3³ÛÅÂ??¡?]AkØÒõLýÊQ¬Ù½ï??»Úë?VVCÏáÕ=¦'0ÍITÛÉ4
?quÅlê§ ?ù!'¯>£99Hj?­É?ûÃò½£Ù0Ö0pUi0g0e c a?_http://pki.tel
esec.de/cgi-bin/service/af_DownloadARL.crl?-crl_format=X_509&-issuer=DT_
ROOT_CA_20UI·ÆÏè=êD{)÷ñ
p>Þd0U#0?1ÃyºõS×à?z-l
³+30Uÿ0Uÿ0ÿ0
 *?H?÷
?;áZwÀHÜ©쁯Z?ð½(?¦ÊYpì(òç®?,çò]1ö+t½½?²¹÷gÉ9¢y;áîkx?3~;
_&'uSe?3cîÏsð?#I!Pu#¡â??=?3éw ¢½æ¡?)@ö?s2X
k¦Ú?lÀ?»fdV$N®
?25[é??ÙrYO±??ñt?VåÃø\óîG³SpçåM?i?(á ??^ÈêX ù¤ÔZhý(>?¶Xµö¡,7Wg«#hc¥ï?k\ýKVö«@?4Ô?lì?Å
3r´o T,ØQÇÌ¿0ÓCrñ2¿?ÎIc¨÷ò0?Z0?B  ?ï­0
 *?H?÷
0Z1 0 UDE10U

DFN-Verein10U DFN-PKI1$0"UDFN-Verein PCA Global - G010
071220134606Z
190630000000Z0É1 0 UDE10U Brandenburg10UCottbus1907U
0Brandenburgische Technische Universitaet Cottbus10U 
Rechenzentrum10UBTU-CA (G01 2008)1#0! *?H?÷
 ca-btu (at) tu-cottbus (dot) de0 [email concealed]?"0
 *?H?÷
?0?
?»B(?÷û¤?)ÏÄú½Ô(m??ãl¼w«óiܝ3ÞdVx?ýÙ}E¸°Á?oÌ?£â?PÙ?tÇøt
½¯@ðÉ?¡jÊÁa?«B?ó,qt^Ô??Yåc?MÈàp?8?X·Þ ö=òeä£Ój?ã??M-mNÇ ÉõÇ$.Þ?vÏ t§²Æ´?¼ÑUs?pfV??Ãû*,eÞ:??Hùvÿ¦îYÚq¶<ä
¡U96t ?o?^A¾h?ç? ;Πlýo?ï¸
Sse?¸CT?¿ú?n¯ÊøYú??V/eÊ3»Ö8nã?¶0?²0Uÿ0ÿ0 
U0UX²j­?1s¥Û99RgDÚ>0U#0?I·ÆÏè=êD{)÷ñ
p>Þd0U0ca-btu (at) tu-cottbus (dot) de0 [email concealed]?U?0~0= ; 9?7http://cdp1.pc
a.dfn.de/global-root-ca/pub/crl/cacrl.crl0= ; 9?7http://cdp2.pca.dfn.de/
global-root-ca/pub/crl/cacrl.crl0¢+?0?0G+0?;http://
cdp1.pca.dfn.de/global-root-ca/pub/cacert/cacert.crt0G+0?;http:/
/cdp2.pca.dfn.de/global-root-ca/pub/cacert/cacert.crt0
 *?H?÷
?
oeqè?¦Éü´%?Ù³?àY-?q¦?Zï|ÅÉj/mO~k}[?Än?dÙþïç¶ããÚ¨¤?Ë£B?5IXMÎH?f
´Ç{|æÉÊå~I?4 ê«$É??ª°U¥AÈ|T+4ô£p>4²?:$?Þj´)KmÌ:Ô?ÿÿ!?Õ#La Dñ&º˴Ƚ^Æí:· À??¿2Àý?{Ø|??hæX±e¿HKEÝL±q.%Ãz\w¡X`à$!?é,º?[­ÀÄ¥BcOîëÑECû[]äªæ?<
¥©µ=ýààñµ?Âvú\??ìÚâl0?0?  ËÀç0
 *?H?÷
0É1 0 UDE10U Brandenburg10UCottbus1907U
0Brandenburgische Technische Universitaet Cottbus10U 
Rechenzentrum10UBTU-CA (G01 2008)1#0! *?H?÷
 ca-btu (at) tu-cottbus (dot) de0 [email concealed]
080208115609Z
091217235959Z0ô1 0 UDE10U Brandenburg10UCottbus1907U
0Brandenburgische Technische Universitaet Cottbus1907U 0Lehrstuhl Rechnernetze und Kommunikationssysteme10USebastian Schmerl1+0) *?H?÷
 sbs (at) informatik.tu-cottbus (dot) de0 [email concealed]?"0
 *?H?÷
?0?
?Ðñû{eOåF¬S¨{?¾¼ ÚE×?¾ï;Q<¸ÇèÁ jÉ<?ïÑáå?Ãõ0?¬ª/ßRÙà/?2 ?x7oÝl?dõQvà0úM ,YÖû>Éb?òu?¬ße7 øa?~ò/\}TÈ!`2á{ l£mO.ã?1 ¿JÕù??ÚÞ¢¨ãfYK53Àû?Iç½¹0ñpÂuþp~¢¤zB¿øLVÄ
?ÜsA <ÔZÞt!¯¢)­Ëi?¬§ tÏÙ?çé:á?ÜL?©\ý¼?ëõg6OTn0:ýôÖáñY( é>??Çë¸!Ò9/Ôµ
§%Ý?
{½£?à0?Ü0 U00 Uà0)U%"0 ++
+?70U?0G·?Vñ?yÎ&x®=
ñ^å\Ä0U#0?X²j­?1s¥Û99RgDÚ>0'U 0sbs (at) informatik.tu-cottbus (dot) de0 [email concealed]?U?0~0= ; 9?7http://cdp1.pca.dfn
.de/btu-cottbus-ca/pub/crl/cacrl.crl0= ; 9?7http://cdp2.pca.dfn.de/btu-c
ottbus-ca/pub/crl/cacrl.crl0¢+?0?0G+0?;http://cdp1.
pca.dfn.de/btu-cottbus-ca/pub/cacert/cacert.crt0G+0?;http://cdp2
.pca.dfn.de/btu-cottbus-ca/pub/cacert/cacert.crt0
 *?H?÷
?ŵ$?výM!úpÙe-mP°G.9ý)F?k?j½b¢/?º ?R#E&z tTãcOݶâZÚb?¦m%?®:Fý ½?0ßÃÖÂäS{Çi:Û¨Ft×êéZjº?n.??iN7?:ùFodò]ê]?J8?ÌPÂ?ÝJ?*}g{?­û"3
±8ãºqgÔÙHÈ°áGûÞ
¾ßßÿøÙm?pï??;¼Òasu
<_µc2ôA?1?I`v`ÛµY?ë«ö¼Ù6ÑØ!ÄÇ.°«øwö/eGÍÊÍó?dD±Ã¿ñrÈÀq0?0?
  ËÀç0
 *?H?÷
0É1 0 UDE10U Brandenburg10UCottbus1907U
0Brandenburgische Technische Universitaet Cottbus10U 
Rechenzentrum10UBTU-CA (G01 2008)1#0! *?H?÷
 ca-btu (at) tu-cottbus (dot) de0 [email concealed]
080208115609Z
091217235959Z0ô1 0 UDE10U Brandenburg10UCottbus1907U
0Brandenburgische Technische Universitaet Cottbus1907U 0Lehrstuhl Rechnernetze und Kommunikationssysteme10USebastian Schmerl1+0) *?H?÷
 sbs (at) informatik.tu-cottbus (dot) de0 [email concealed]?"0
 *?H?÷
?0?
?Ðñû{eOåF¬S¨{?¾¼ ÚE×?¾ï;Q<¸ÇèÁ jÉ<?ïÑáå?Ãõ0?¬ª/ßRÙà/?2 ?x7oÝl?dõQvà0úM ,YÖû>Éb?òu?¬ße7 øa?~ò/\}TÈ!`2á{ l£mO.ã?1 ¿JÕù??ÚÞ¢¨ãfYK53Àû?Iç½¹0ñpÂuþp~¢¤zB¿øLVÄ
?ÜsA <ÔZÞt!¯¢)­Ëi?¬§ tÏÙ?çé:á?ÜL?©\ý¼?ëõg6OTn0:ýôÖáñY( é>??Çë¸!Ò9/Ôµ
§%Ý?
{½£?à0?Ü0 U00 Uà0)U%"0 ++
+?70U?0G·?Vñ?yÎ&x®=
ñ^å\Ä0U#0?X²j­?1s¥Û99RgDÚ>0'U 0sbs (at) informatik.tu-cottbus (dot) de0 [email concealed]?U?0~0= ; 9?7http://cdp1.pca.dfn
.de/btu-cottbus-ca/pub/crl/cacrl.crl0= ; 9?7http://cdp2.pca.dfn.de/btu-c
ottbus-ca/pub/crl/cacrl.crl0¢+?0?0G+0?;http://cdp1.
pca.dfn.de/btu-cottbus-ca/pub/cacert/cacert.crt0G+0?;http://cdp2
.pca.dfn.de/btu-cottbus-ca/pub/cacert/cacert.crt0
 *?H?÷
?ŵ$?výM!úpÙe-mP°G.9ý)F?k?j½b¢/?º ?R#E&z tTãcOݶâZÚb?¦m%?®:Fý ½?0ßÃÖÂäS{Çi:Û¨Ft×êéZjº?n.??iN7?:ùFodò]ê]?J8?ÌPÂ?ÝJ?*}g{?­û"3
±8ãºqgÔÙHÈ°áGûÞ
¾ßßÿøÙm?pï??;¼Òasu
<_µc2ôA?1?I`v`ÛµY?ë«ö¼Ù6ÑØ!ÄÇ.°«øwö/eGÍÊÍó?dD±Ã¿ñrÈÀq1?}0?y
0Ò0É1 0 UDE10U Brandenburg10UCottbus1907U
0Brandenburgische Technische Universitaet Cottbus10U 
Rechenzentrum10UBTU-CA (G01 2008)1#0! *?H?÷
 ca-btu (at) tu-cottbus (dot) de [email concealed] ËÀç0 + ?0 *?H?÷
 1  *?H?÷
0 *?H?÷
 1
090518195954Z0# *?H?÷
 1?\çÊ?A¡?*)LB?,?S0R *?H?÷
 1E0C0
*?H?÷
0*?H?÷
?0
*?H?÷
@0+0
*?H?÷
(0ã +?71Õ0Ò0É1 0 UDE10U Brandenburg10UCottbus1907U
0Brandenburgische Technische Universitaet Cottbus10U 
Rechenzentrum10UBTU-CA (G01 2008)1#0! *?H?÷
 ca-btu (at) tu-cottbus (dot) de [email concealed] ËÀç0å *?H?÷
  1Õ Ò0É1 0 UDE10U Brandenburg10UCottbus1907U
0Brandenburgische Technische Universitaet Cottbus10U 
Rechenzentrum10UBTU-CA (G01 2008)1#0! *?H?÷
 ca-btu (at) tu-cottbus (dot) de [email concealed] ËÀç0
 *?H?÷
?jì-Jd«ÚDÉ?`J©|f/?&?Oã?F -ÌSó,ÞÞtÕr6çôÉ`©J?;?è&ÅÅÄ ë|­pÐþ??F"sÏçö,]ˏ²ãoÓèÑ"ròI×ä?ÛJï5ÂîÅ`W
E¶0?ªÌÖC|ª?:??Z
Ü9ÀÁ?/??ÃÜ\ÜlL
£;¾Qé? ÔÿpÎb>¾h`½ÇÞâhhdT;; CÑJÿ6¯f\¦
ëÌ}?EHGÏï®3·N~²
ѨÛgè LóTö?¼`à?ê¥kÇñEBuï¡?îÓH©VV&KÓ?????Wñ­°^kø*â?

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus