SPRING 3

Saturday, May 31. 2008
This is a Call for Abstracts for a German workshop for young researchers, thus the following text is in German only.

---------------------------------------------------------------
Arbeitest Du auf dem Gebiet der Reaktiven Sicherheit?

Willst Du Dich mit anderen fachlich austauschen?

Dann haben wir etwas für Dich: Die Fachgruppe SIDAR ("Security - Intrusion Detection and Response") der Gesellschaft für Informatik e.V. veranstaltet die dritte SPRING. SPRING bietet Nachwuchswissenschaftlern auf dem Gebiet der Reaktiven Sicherheit eine Plattform, um themenbezogen Kontakte über die eigene Universität hinaus zu knüpfen. In diesem Jahr findet SPRING am 8. August an der Universität Mannheim statt.

Wir laden Diplomanden und Doktoranden ein, ihre Beiträge zu präsentieren. Die Vorträge können ein breites Spektrum abdecken, von noch laufenden Projekten, die ggf. erstmals einem breiteren Publikum vorgestellt werden, bis zu abgeschlossenen Forschungsarbeiten, die zeitnah auch auf Konferenzen präsentiert wurden bzw. werden sollen oder einen Schwerpunkt der eigenen Diplomarbeit oder Dissertation bilden.

Das Themenspektrum der Reaktiven Sicherheit beinhaltet:
  • Verwundbarkeitsanalyse
  • Intrusion Detection
  • Malware
  • Incident Management
  • Forensik

Mehr Informationen: SPRING 3 Webseite.
---------------------------------------------------------------
Posted by Thorsten Holz in administrativa at 09:55 | Comments (0) | Trackbacks (0)

CanSecWest PWN2OWN 2008

Tuesday, March 18. 2008
Announcing CanSecWest PWN2OWN 2008.
===================================

Three targets, all patched. All in typical client configurations with typical user configurations. You hack it, you get to keep it.

Each has a file on them and it contains the instructions and how to claim the prize.

Targets (typical road-warrior clients):
  • VAIO VGN-TZ37CN running Ubuntu 7.10
  • Fujitsu U810 running Vista Ultimate SP1
  • MacBook Air running OSX 10.5.2

This year's contest will begin on March 26th, and go during the presentation hours and breaks of the conference until March 28th. The main purpose of this contest is to present new vulnerabilities in these systems so that the affected vendor(s) can address them. Participation is open to any registered attendee of CanSecWest 2008.
Posted by Thorsten Holz in administrativa at 09:18 | Comments (0) | Trackbacks (0)

Program for LEET'08 & Storm Paper

Tuesday, March 18. 2008
The tentative program for the First USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET'08) is now available.

We also have a paper accepted: "Measurements and Mitigation of Peer-to-Peer-based Botnets: A Case Study on Storm Worm"
We still need to revise the paper based on the reviewer's feedback, as a teaser the preliminary abstract:

"Botnets, i.e., networks of compromised machines under a common control infrastructure, are commonly controlled by an attacker with the help of a central server: all compromised machines connect to the central server and wait for commands.
However, the first botnets that use peer-to-peer (P2P) networks for remote control of the compromised machines appeared in the wild recently. In this paper, we introduce a methodology to analyze and mitigate P2P botnets. In a case study, we examine in detail the Storm Worm botnet, the most wide-spread P2P botnet currently propagating in the wild. We were able to infiltrate and analyze in-depth the botnet, which allows us to estimate the total number of compromised machines. Furthermore, we present two different ways to disrupt the communication channel between controller and compromised machines in order to mitigate the botnet and evaluate the effectiveness of these mechanisms."
Posted by Thorsten Holz in administrativa at 01:29 | Comments (0) | Trackbacks (0)

Call for Paper: EuroSec 2008

Friday, February 1. 2008
EuroSec is a new workshop associated with the Annual ACM SIGOPS EuroSys conference. The workshop aims to bring together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security of computer systems and networks. The focus of the workshop is on novel, practical, systems-oriented work.

EuroSec explicitly encourages members of the systems community to explore leading-edge topics and ideas before they are presented at a major conference. All submissions will be reviewed by the Program Committee. Only original, novel work will be considered for publication. Accepted papers will be published in the proceedings of EuroSec in the ACM Digital Library

You are hereby invited to submit papers of 6-8 single-spaced pages (including figures, tables and references). Font size should be 10pt.

Important Dates:
Deadline for paper submission: February 4th, 2008 (firm deadline)
Notification of acceptance or rejection: March 1st, 2008
Final paper camera ready copy: March 14th, 2008
Workshop dates: March 31st, 2008

You can find more information at http://www.cs.vu.nl/eurosec08/
Posted by Thorsten Holz in administrativa at 14:23 | Comments (0) | Trackbacks (0)

UCSB iCTF Results

Saturday, December 8. 2007
The 2007 UCSB International Capture The Flag contest finished a few minutes ago. The guys from the UCSB had organized an awesome contest with seven different services and many interesting challenges. The team from our lab had much fun and at the end, we scored second place - just the team from Milano (Chocolate Makers) beat us. Looking forward to next year's contest :-)

Info:
The UCSB International Capture The Flag (also known as the iCTF) is a distributed, wide-area security exercise, whose goal is to test the security skills of the participants from both the attack and defense viewpoints.

The Capture The Flag contest is a multi-site, multi-team hacking contest in which a number of teams compete independently against each other.

Each team is given a virtualized network installation (for example, a Linux host and/or a Windows host). The hosts provide a number of services. The services have a number of undisclosed vulnerabilities, which have been included in the servers' software by the contest organizers.

The goal of each team is to maintain the set of services available and uncompromised throughout the contest phase. Each team can (and should) attempt to compromise other teams' services. Since all the teams receive an identical copy of the virtual network, the task of each team is to find vulnerabilities in their copy of the hosts and possibly fix the vulnerabilities without disrupting the services. At the same time, the teams have to leverage their knowledge about the vulnerabilities they found to compromise the servers run by other teams. Compromising a service will allow a team to bypass the service's security mechanisms and to "capture the flag" associated with the service.

During the contest a scoring system keeps track, for each team, of which services are available, and which services have been compromised.

More info: http://www.cs.ucsb.edu/~vigna/CTF/
Posted by Thorsten Holz in administrativa at 02:28 | Comments (0) | Trackback (1)
(Page 1 of 7, totaling 31 entries) » next page