Kruegel, Christopher, Lippmann, Richard, Clark, Andrew (Eds.)
2007, XII, 340 p.
Springer eBooks may be purchased by end-customers only and are sold without copy protection (DRM free). Instead, all eBooks include personalized watermarks. This means you can read the Springer eBooks across numerous devices such as Laptops, eReaders, and tablets.
You can pay for Springer eBooks with Visa, Mastercard, American Express or Paypal.
After the purchase you can directly download the eBook file or read it online in our Springer eBook Reader. Furthermore your eBook will be stored in your MySpringer account. So you can always re-download your eBooks.
Presents the refereed proceedings of the 10th International Symposium on Recent Advances in Intrusion Detection
Includes 17 carefully reviewed papers that make important contributions to the study of intrusion detection
Covers anomaly detection, attacks, system evaluation and threat assessment, malware collection and analysis, anomaly- and specification-based detection, and network intrusion detection
On behalf of the Program Committee, it is our pleasure to present the proce- ings of the 10th Symposium on Recent Advances in Intrusion Detection (RAID 2007), which took place in Queensland, Australia, September 5–7, 2007. As in every year since 1998, the symposium brought together leading researchers and practitioners from academia, government, and industry to discuss intrusion - tection research and practice. This year, the RAID Program Committee received 101 paper submissions from all over the world. All submissions were carefully reviewed by at least three members of the Program Committee and judged on the basis of scienti?c novelty, importance to the ?eld, and technical quality. The ?nal selection took place at the Program Committee meeting held in Oakland, USA, May 22–23, 2007. Sixteen full papers and one short paper were selected for presentation and publication in the conference proceedings, placing RAID among the most competitive conferences in the area of computer security. A successful symposium is the result of the joint e?ort of many people. In particular,wewouldliketothankalltheauthorswhosubmittedpapers,whether acceptedornot.WealsothanktheProgramCommitteemembersandadditional reviewers for their hard work in evaluating submissions. In addition, we want to thank the General Chair, George Mohay, for handling the conference arran- ments,ReiSafavi-Nainifor publicizing the conference,AndrewClark forputting together the conference proceedings, and Ming-Yuh Huang for ?nding sponsor support. Finally, we extend our thanks to Northwest Security Institute, SAP, and CERT at the Software Engineering Institute, Carnegie Mellon University for their sponsorship and support.
Host-Based Intrusion Detection.- Exploiting Execution Context for the Detection of Anomalous System Calls.- Understanding Precision in Host Based Intrusion Detection.- Anomaly-Based Intrusion Detection.- Comparing Anomaly Detection Techniques for HTTP.- Swaddler: An Approach for the Anomaly-Based Detection of State Violations in Web Applications.- Network-Based Intrusion Detection and Response.- Emulation-Based Detection of Non-self-contained Polymorphic Shellcode.- The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware.- Cost-Sensitive Intrusion Responses for Mobile Ad Hoc Networks.- Insider Detection and Alert Correlation.- elicit: A System for Detecting Insiders Who Violate Need-to-Know.- On the Use of Different Statistical Tests for Alert Correlation – Short Paper.- Malicious Code Analysis.- Automated Classification and Analysis of Internet Malware.- “Out-of-the-Box” Monitoring of VM-Based High-Interaction Honeypots.- A Forced Sampled Execution Approach to Kernel Rootkit Identification.- Evasion.- Advanced Allergy Attacks: Does a Corpus Really Help?.- Alert Verification Evasion Through Server Response Forging.- Malicious Code Defense.- Hit-List Worm Detection and Bot Identification in Large Networks Using Protocol Graphs.- SpyShield: Preserving Privacy from Spy Add-Ons.- Vortex: Enabling Cooperative Selective Wormholing for Network Security Systems.