Recent Advances in Intrusion Detection

1. Front Matter

   PDF

2. Application Security

   1. Minemu: The World’s Fastest Taint Tracker

      • Erik Bosman, Asia Slowinska, Herbert Bos

      Pages 1-20

   2. Dymo: Tracking Dynamic Code Identity

      • Bob Gilbert, Richard Kemmerer, Christopher Kruegel, Giovanni Vigna

      Pages 21-40

   3. Automated Identification of Cryptographic Primitives in Binary Programs

      • Felix Gröbert, Carsten Willems, Thorsten Holz

      Pages 41-60

3. Malware

   1. Shellzer: A Tool for the Dynamic Analysis of Malicious Shellcode

      • Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna

      Pages 61-80

   2. KLIMAX: Profiling Memory Write Patterns to Detect Keystroke-Harvesting Malware

      • Stefano Ortolani, Cristiano Giuffrida, Bruno Crispo

      Pages 81-100

   3. Packed, Printable, and Polymorphic Return-Oriented Programming

      • Kangjie Lu, Dabi Zou, Weiping Wen, Debin Gao

      Pages 101-120

   4. On the Expressiveness of Return-into-libc Attacks

      • Minh Tran, Mark Etheridge, Tyler Bletsch, Xuxian Jiang, Vincent Freeh, Peng Ning

      Pages 121-141

4. Anomaly Detection

   1. Cross-Domain Collaborative Anomaly Detection: So Far Yet So Close

      • Nathaniel Boggs, Sharath Hiremagalore, Angelos Stavrou, Salvatore J. Stolfo

      Pages 142-160

   2. Revisiting Traffic Anomaly Detection Using Software Defined Networking

      • Syed Akbar Mehdi, Junaid Khalid, Syed Ali Khayam

      Pages 161-180

   3. Modeling User Search Behavior for Masquerade Detection

      • Malek Ben Salem, Salvatore J. Stolfo

      Pages 181-200

5. Network Security

   1. Securing Application-Level Topology Estimation Networks: Facing the Frog-Boiling Attack

      • Sheila Becker, Jeff Seibert, Cristina Nita-Rotaru, Radu State

      Pages 201-221

   2. Detecting Traffic Snooping in Tor Using Decoys

      • Sambuddho Chakravarty, Georgios Portokalidis, Michalis Polychronakis, Angelos D. Keromytis

      Pages 222-241

   3. Cross-Analysis of Botnet Victims: New Insights and Implications

      • Seungwon Shin, Raymond Lin, Guofei Gu

      Pages 242-261

6. Web Security and Social Networks

   1. Banksafe Information Stealer Detection Inside the Web Browser

      • Armin Buescher, Felix Leder, Thomas Siebert

      Pages 262-280

   2. IceShield: Detection and Mitigation of Malicious Websites with a Frozen DOM

      • Mario Heiderich, Tilman Frosch, Thorsten Holz

      Pages 281-300

   3. Spam Filtering in Twitter Using Sender-Receiver Relationship

      • Jonghyuk Song, Sangho Lee, Jong Kim

      Pages 301-317

   4. Die Free or Live Hard? Empirical Evaluation and New Design for Fighting Evolving Twitter Spammers

      • Chao Yang, Robert Chandler Harkreader, Guofei Gu

      Pages 318-337

7. Sandboxing and Embedded Environments

   1. Detecting Environment-Sensitive Malware

      • Martina Lindorfer, Clemens Kolbitsch, Paolo Milani Comparetti

      Pages 338-357

   2. Defending Embedded Systems with Software Symbiotes

      • Ang Cui, Salvatore J. Stolfo

      Pages 358-377

This book constitutes the proceedings of the 14th International Symposium on Recent Advances in Intrusion Detection, RAID 2011, held in Menlo Park, CA, USA in September 2011. The 20 papers presented were carefully reviewed and selected from 87 submissions. The papers are organized in topical sections on application security; malware; anomaly detection; Web security and social networks; and sandboxing and embedded environments.

• communications security
• cryptographic primitives
• malicious Websites
• network integrity
• secure networking
• spam filtering
• traffic anomaly
• algorithm analysis and problem complexity

Policies and ethics