Skip to main content
SpringerLink
Log in

Recent Advances in Intrusion Detection

11th International Symposium, RAID 2008, Cambridge, MA, USA, September 15-17, 2008, Proceedings

  • Conference proceedings
  • © 2008

Overview

Editors:
  1. Richard Lippmann
    View editor publications

    You can also search for this editor in PubMed   Google Scholar

  2. Engin Kirda
    View editor publications

    You can also search for this editor in PubMed   Google Scholar

  3. Ari Trachtenberg
    View editor publications

    You can also search for this editor in PubMed   Google Scholar

Part of the book series: Lecture Notes in Computer Science (LNCS, volume 5230)

Part of the book sub series: Security and Cryptology (LNSC)

Included in the following conference series:

Conference proceedings info: RAID 2008.

This is a preview of subscription content, log in via an institution to check access.

Access this book

Log in via an institution
eBook USD 89.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Other ways to access

Licence this eBook for your library

Institutional subscriptions

Table of contents (36 papers)

  1. Front Matter

    Download chapter PDF

  2. Recent Advances in Intrusion Detection

    1. Rootkit Prevention

      1. Guest-Transparent Prevention of Kernel Rootkits with VMM-Based Memory Shadowing
        • Ryan Riley, Xuxian Jiang, Dongyan Xu
        Pages 1-20
      2. Countering Persistent Kernel Rootkits through Systematic Hook Discovery
        • Zhi Wang, Xuxian Jiang, Weidong Cui, Xinyuan Wang
        Pages 21-38

  3. Malware Detection and Prevention

    1. Tamper-Resistant, Application-Aware Blocking of Malicious Network Connections

      • Abhinav Srivastava, Jonathon Giffin
      Pages 39-58

    2. A First Step towards Live Botmaster Traceback

      • Daniel Ramsbrock, Xinyuan Wang, Xuxian Jiang
      Pages 59-77

    3. A Layered Architecture for Detecting Malicious Behaviors

      • Lorenzo Martignoni, Elizabeth Stinson, Matt Fredrikson, Somesh Jha, John C. Mitchell
      Pages 78-97

    4. A Study of the Packer Problem and Its Solutions

      • Fanglu Guo, Peter Ferrie, Tzi-cker Chiueh
      Pages 98-115

  4. High Performance Intrusion Detection and Evasion

    1. Gnort: High Performance Network Intrusion Detection Using Graphics Processors

      • Giorgos Vasiliadis, Spiros Antonatos, Michalis Polychronakis, Evangelos P. Markatos, Sotiris Ioannidis
      Pages 116-134

    2. Predicting the Resource Consumption of Network Intrusion Detection Systems

      • Holger Dreger, Anja Feldmann, Vern Paxson, Robin Sommer
      Pages 135-154

    3. High-Speed Matching of Vulnerability Signatures

      • Nabil Schear, David R. Albrecht, Nikita Borisov
      Pages 155-174

  5. Web Application Testing and Evasion

    1. Swarm Attacks against Network-Level Emulation/Analysis

      • Simon P. Chung, Aloysius K. Mok
      Pages 175-190

    2. Leveraging User Interactions for In-Depth Testing of Web Applications

      • Sean McAllister, Engin Kirda, Christopher Kruegel
      Pages 191-210

    3. Model-Based Covert Timing Channels: Automated Modeling and Evasion

      • Steven Gianvecchio, Haining Wang, Duminda Wijesekera, Sushil Jajodia
      Pages 211-230

  6. Alert Correlation and Worm Detection

    1. Optimal Cost, Collaborative, and Distributed Response to Zero-Day Worms - A Control Theoretic Approach

      • Senthilkumar G. Cheetancheri, John-Mark Agosta, Karl N. Levitt, Felix Wu, Jeff Rowe
      Pages 231-250

    2. On the Limits of Payload-Oblivious Network Attack Detection

      • M. Patrick Collins, Michael K. Reiter
      Pages 251-270

    3. Determining Placement of Intrusion Detectors for a Distributed Application through Bayesian Network Modeling

      • Gaspar Modelo-Howard, Saurabh Bagchi, Guy Lebanon
      Pages 271-290

    4. A Multi-Sensor Model to Improve Automated Attack Detection

      • Magnus Almgren, Ulf Lindqvist, Erland Jonsson
      Pages 291-310

  7. Anomaly Detection and Network Traffic Analysis

    1. Monitoring SIP Traffic Using Support Vector Machines

      • Mohamed Nassar, Radu State, Olivier Festor
      Pages 311-330

    2. The Effect of Clock Resolution on Keystroke Dynamics

      • Kevin Killourhy, Roy Maxion
      Pages 331-350

    3. A Comparative Evaluation of Anomaly Detectors under Portscan Attacks

      • Ayesha Binte Ashfaq, Maria Joseph Robert, Asma Mumtaz, Muhammad Qasim Ali, Ali Sajjad, Syed Ali Khayam
      Pages 351-371
Back to top

Other volumes

  1. Recent Advances in Intrusion Detection

Keywords

About this book

On behalf of the Program Committee, it is our pleasure to present the p- ceedings of the 11th International Symposium on Recent Advances in Intrusion Detection (RAID 2008), which took place in Cambridge, Massachusetts, USA on September 15–17. The symposium brought together leading researchers and practitioners from academia, government and industry to discuss intrusion detection research and practice. There were six main sessions presenting full-?edged research papers (rootkit prevention, malware detection and prevention, high performance - trusion and evasion, web application testing and evasion, alert correlation and worm detection, and anomaly detection and network tra?c analysis), a session ofpostersonemergingresearchareasandcasestudies,andtwopaneldiscussions (“Government Investments: Successes, Failures and the Future” and “Life after Antivirus - What Does the Future Hold?”). The RAID 2008 Program Committee received 80 paper submissions from all over the world. All submissions were carefully reviewed by at least three independent reviewers on the basis of space, topic, technical assessment, and overallbalance.FinalselectiontookplaceattheProgramCommitteemeetingon May 23rd in Cambridge, MA. Twenty papers were selected for presentation and publication in the conference proceedings, and four papers were recommended for resubmission as poster presentations. As a new feature this year, the symposium accepted submissions for poster presentations,whichhavebeen publishedas extendedabstracts,reportingear- stageresearch,demonstrationofapplications,orcasestudies.Thirty-nineposters were submitted for a numerical review by an independent, three-person s- committee of the Program Committee based on novelty, description, and ev- uation. The subcommittee chose torecommend the acceptance of 16 of these posters for presentation and publication.

Bibliographic Information

Publish with us

Policies and ethics

Back to top

Search

Navigation