Light Seminar Schedule - Spring 2006
Conducted by Prof. Liviu Iftode

This seminar is held in Core-B every Thursday from 5-6 pm. We will discuss security related papers covering intrusion detection, trust and privacy.

VULNERABILITIES AND EXPLOITS 

26th Jan 2006 - Lars Ailo Bongo
1. Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software 
James Newsome, David Brumley, Dawn Song , Carnegie Mellon University, NDSS 2006 
http://www.cs.cmu.edu/~dbrumley/pubs/ndss06-vsef.pdf 

2. AccMon: Automatically Detecting Memory-Related Bugs via Program Counter-based Invariants
 Pin Zhou, Wei Liu, Fei Long, Shan Lu, Feng Qin, Yuanyuan Zhou, Sam,  Midkiff and Josep Torrellas , 
UIUC,Purdue University, Micro-architecture (Micro'04) 
http://opera.cs.uiuc.edu/paper/Micro04-AccMon.pdf

2nd Feb 2006 - Arati Baliga
3. DIRA: Automatic Detection, Identification, and Repair of Control-Hijacking Attacks 
 Alexey Smirnov, Tzi-cker Chiueh, NDSS 2005 
http://www.ecsl.cs.sunysb.edu/tr/dira.ps

4. Non-Control Data Attacks Are Realistic Threats
Shuo Chen,  University of Illinois at Urbana-Champaign; Jun Xu, Emre C. Sezer, Department of Computer Science North Carolina State
University; Prachi Gauriar, Ravishankar K. Iyer, University of Illinois at Urbana-Champaign, Security 2005 
http://research.microsoft.com/~shuochen/papers/usenix05data_attack.pdf

9nd Feb 2006 
5. Automatic Diagnosis and Response to Memory Corruption Vulnerabilities? (Nishkam Ravi)
Jun Xu, Peng Ning, Chongkyung Kil, Yan Zhai, and Chris Bookholt 
North Carolina State University, CCS 2005 
http://portal.acm.org/ft_gateway.cfm?id=1102151&type=pdf 

16th Feb 2006 
6. On Deriving Unknown Vulnerabilities from Zero-Day Polymorphic and Metamorphic Worm Exploits  (Vivek Pathak)
 Jedidiah R. Crandall, Zhendong Su, S. Felix Wu, and Frederic T. Chong, UC Davis, CCS 2005 
 http://wwwcsif.cs.ucdavis.edu/~crandall/ccsdacoda.pdf

AUTOMATIC SIGNATURE GENERATION 

7. Fast and Automated Generation of Attack Signatures: - Basis For Building Self-Protecting Servers (Lu Han)
Zhenkai Liang and R.Sekar, SUNY Stony Brook, CCS 2005 
http://portal.acm.org/ft_gateway.cfm?id=1102150&type=pdf 

23rd Feb 2006 
8. An Architecture for Generating Semantics Aware Signatures (Tanvir)
Vinod Yegneswaran, Jonathon T. Giffin. Paul Barford. Somesh Jha, University of Wisconsin, Security 2005 
http://www.cs.wisc.edu/~vinod/nemean.pdf 

9. Automated Worm Fingerprinting  (Pravin Shankar)
Sumeet Singh, Cristian Estan, George Varghese and Stefan Savage, UCSD, OSDI 2004 
http://www.cs.ucsd.edu/~savage/papers/OSDI04.pdf 

NSF Reports (Short but interesting digression from the main topic)

9th March 

T. Anderson, L. Peterson, S. Shenker, J. Tuner, Editors. "Overcoming
Barriers to Disruptive Innovation in Networking," Report of NSF Workshop,
January 2005  (Gang Xu)
http://www.geni.net/barriers_200501.pdf

30th March 

B. Liskov, A. Joseph, and F. Kaashoek, Editors. "Grand Challenges in Distributed Computing Systems," 
NSF Workshop Report, September 2005. (Steven Smaldone)
http://www.geni.net/distributed.pdf

6th April 

D. Raychaudhuri and M. Gerla, Editors. "New Architectures and Disruptive Technologies for the Future Internet:
The Wireless, Mobile and Sensor Network Perspective," Report of NSF Wireless Mobile Planning Group (WMPG) Workshop, August 2005.
http://www.geni.net/wmpg_draft_200508.pdf

20th April 

10. Polygraph: Automatically Generating Signatures for Polymorphic Worms (Tanvir)
James Newsome, Brad Karp, Dawn Song, CMU, S&P 2005 
http://www.ece.cmu.edu/~dawnsong/papers/polygraph.pdf 

ANOMALY DETECTION 

13th April 

11. Context Sensitive Anomaly Monitoring of Process Control Flow To Detect Mimicry Attacks and Impossible Paths (Lu Han)
Haizhi Xu, Wenliang Du, Steve J. Chapin, Syracuse University, RAID 2004 
http://web.syr.edu/~hxu02/mypapers/raid2004.pdf 

April 27

Last class - Talks by Xavier Renault and Jean-Baptiste Voron from LIP6, France


12. Automating Mimicry Attacks Using Static Binary Analysis  (Pravin Shankar)
Christopher Kruegel, Engin Kirda, Technical University Vienna; Darren Mutz, William Robertson, Giovanni Vigna, Reliable Software Group,
University of California, Santa Barbara, Security 2005 
http://www.cs.ucsb.edu/~vigna/pub/2005_kruegel_kirda_robertson_mutz_vigna_USENIX05.pdf 

13. A Fast Automaton-Based Method for Detecting Anomalous Program Behaviors  (Tin Tri Lam)
R. Sekar, M. Bendre, D. Dhurjati, SUNY Stony Brook; P. Bollineni, Iowa State University, S&P 2001 
http://www.cc.gatech.edu/~wenke/ids-readings/automaton.pdf 

14. Anomaly Detection Using Call Stack Information  (Tin Tri Lam)
Henry Hanping Feng, Oleg M. Kolesnikov, Prahlad Fogla, Wenke Lee, Weibo
Gong, GIT, UMass, S&P 2003 
http://www-unix.ecs.umass.edu/~gong/papers/ok_idpc.pdf 

15. Behavioral Distance for Intrusion Detection (Wei Chen)
Debin Gao, Michael K. Reiter, Dawn Song, CMU, RAID 2005 
http://www.ece.cmu.edu/~dgao/raid05.pdf 

 FORENSICS 

16. Worm Origin Identification Using Random Moonwalks (Steve Smaldone)
 Yinglian Xie, Vyas Sekar, David A. Maltz, Michael K. Reiter, Hui Zhang, CMU, S&P 2005 
http://www.cs.cmu.edu/~ylxie/papers/oakland05.pdf 

17. Remote physical device fingerprinting (Steve Smaldone)
Tadayoshi Kohno, Andre Broido, and K.C. Claffy, CAIDA, UCSD, S&P 2005 
http://www.caida.org/outreach/papers/2005/fingerprinting/KohnoBroidoClaffy05-devicefingerprinting.pdf 

TAMPER RESISTANCE 

18. A Generic Attack on Checksumming-Based Software Tamper Resistance  (Wei Chen)
Glenn Wurster, Paul van Oorschot, Anil Somayaji, Carleton University, Canada , S&P 2005
http://www.scs.carleton.ca/~soma/pubs/gwurster-ieeesp-05.pdf