Campus Event Calendar: Stefana Nenova (11/29/2006 in E1 4/024)

Campus Event Calendar

Campus Event Calendar:
- All Upcoming:
  - only for D1
  - only for D2
  - only for INET
  - only for D4
  - only for D5
  - only for D6
  - only for RG1
  - Mailing Lists
  - by Speaker
  - by Type
  - by Category
  - by Title
  - Calendar
  - RSS Feed
- History of Events:

Event Entry

What and Who

Automatic Extraction of Attack Signatures

Stefana Nenova

IMPRS

Talk

AG 1, AG 2, AG 3, AG 4, AG 5, SWS

MPI Audience

English

Note: We use this to send email in the morning.

Date, Time and Location

Wednesday, 29 November 2006

13:00

60 Minutes

E1 4

024

Saarbrücken

Abstract

An attack signature is a minimal part of the input vector to the system that makes the system fail. The purpose of attack signatures is to identify the attack. In practice, content-based intrusion detection systems, like Snort, use them to prevent malicious traffic from entering the network. To a large extent attack signatures are still derived manually. The majority of current automatic techniques identify the relevant part of the input by making use of thousands of attack instances with similar input vectors. My goal would be to extract the signature from a one-time attack. Having done this, I would try to use other similar input vectors in order to generalize the signature.

Contact

IMPRS

9325 225

--email hidden

System used:

Meeting URL:

Meeting ID:

Passcode:

passcode not visible

Code Visible for:

logged in users only

Andrea Primm, 11/22/2006 14:26
Jennifer Gerling, 10/06/2006 09:46
Jennifer Gerling, 10/06/2006 09:43 -- Created document.

Imprint / Impressum | Data Protection / Datenschutzhinweis