Program

All sessions are at the Tang Center on the MIT campus in Cambridge, Massachusetts. Breakfast and lunch are provided, as well as a Boston Duck Boat Tour and dinner at the Top of the Hub. Wireless internet connections will be available.

Monday, 15 September 2008

  1:00 – 7:00 PM RAID Registration
  1:00 – 5:30 PM Poster Setup
  5:30 – 8:00 PM Joint Catered Poster Session with VizSEC

Tuesday, 16 September 2008

  8:00 – 9:00 AM Breakfast (Ting Foyer in Tang Conference Center)
and Registration
  9:00 – 9:15 AM WelcomeRobert Cunningham, RAID 2008 General Chair
Conference OpeningRichard Lippmann, RAID 2008 Program Chair
Welcome Presentation (pdf)
  Session 1
9:15 – 10:00 AM
Rootkit Prevention
Chair:
Thorsten Holz
  Best Paper Guest-Transparent Prevention of Kernel Rootkits with VMM-based Memory Shadowing Ryan Riley (Purdue University, US); Xuxian Jiang (North Carolina State University, US); Dongyan Xu (Purdue University, US)
Presentation (pdf)
    Countering Persistent Kernel Rootkits Through Systematic Hook Discovery Zhi Wang (George Mason University, US); Xuxian Jiang (North Carolina State University, US); Weidong Cui (Microsoft Research, US); Xinyuan Wang (George Mason University, US)
Presentation (pdf)
  10:00 – 10:30 AM Break

  Panel 1
10:30 – 12:00 Noon
Government Security R&D Investments: Successes, Failures and the Future
Moderator: Robert Cunningham, MIT Lincoln Laboratory
    Panel Members: Jacques Bus, Head of Unit: Security - ICT Programme European Commission; Carl Landwehr, Program Manager, IARPA; Karl Levitt, Cyber Trust Program Director, National Science Foundation; Doug Maughan, Program Manager of Cyber Security R&D, Department of Homeland Security
Presentation (ppt)
  12:00 – 1:30 PM Lunch (MIT Faculty Club)

  Session 2
1:30 – 3:00 PM
Malware Detection and Prevention
Chair:
Engin Kirda
    Tamper-Resistant, Application-Aware Blocking of Malicious Network Flows Abhinav Srivastava (Georgia Institute of Technology, US); Jonathon Giffin (Georgia Institute of Technology, US)
Presentation (pdf)
    A First Step Toward Live Botmaster Traceback Daniel Ramsbrock (George Mason University, US); Xinyuan Wang (George Mason University, US); Xuxian Jiang (North Carolina State University, US)
Presentation (pdf)
    A Layered Architecture for Detecting Malicious Behaviors Lorenzo Martignoni (University of Milan, IT); Elizabeth Stinson (Stanford University, US); Matt Fredrikson (University of Wisconsin, Madison, US); Somesh Jha (University of Wisconsin, US); John Mitchell (Stanford University, US)
Presentation (pdf)
    A Study of the Packer Problem and Its Solutions Fanglu Guo (Symantec Research Labs, US); Peter Ferrie (Symantec Research Labs, US); Tzi-Cker Chiueh (Symantec Research Labs, US)
Presentation (pdf)
  3:00 – 3:30 PM Break

  Session 3
3:30 – 5:00 PM
High Performance Intrusion Detection and Evasion
Chair:
Fanglu Guo
    Gnort: High Performance Network Intrusion Detection Using Graphics Processors Giorgos Vasiliadis (Institute of Computer Science, Foundation for Research and Technology – Hellas, GR); Spiros Antonatos (Institute of Computer Science, Foundation For Research and Technology Hellas, GR); Michalis Polychronakis (ICS-FORTH, GR); Evangelos Markatos (ICS-FORTH, GR); Sotiris Ioannidis (University of Crete, GR)
Presentation (ppt)
    Predicting the Resource Consumption of Network Intrusion Detection Systems Holger Dreger (Siemens AG, DE); Anja Feldmann (Deutsche Telekom Laboratories, DE); Vern Paxson (ICSI, US); Robin Sommer (ICSI and LBNL, US)
Presentation (pdf)
    High-speed Matching of Vulnerability Signatures Nabil Schear (University of Illinois at Urbana-Champaign, US); David Albrecht (University of Illinois at Urbana-Champaign, US); Nikita Borisov (University of Illinois at Urbana Champaign, US)
Presentation (pdf)
    Swarm Attacks against Network-level Emulation/Analysis Simon Pak Ho Chung (University of Texas at Austin, US); Aloysius Mok (University of Texas at Austin, US)
Paper (pdf)
  5:15 PM Climb Aboard Duck Boats for Tour and Dinner at the Top of the Hub. Attendees return to their hotels via the "T", cab, or walking.
    up

Wednesday, 17 September

  8:00 – 9:00 AM Breakfast (Ting Foyer in Tang Conference Center)
and Registration
  9:00 – 9:15 AM Announcements

  Session 4
9:15 – 10:00 AM
Web Application Testing and Evasion
Chair:
Jon Giffin
    Leveraging User Interactions for In-Depth Testing of Web Applications Sean McAllister (Technical University Vienna, AT); Engin Kirda (Institute Eurecom, FR); Christopher Kruegel (University of California, Santa Barbara, US)
Presentation (pdf)
    Model-Based Covert Timing Channels: Automated Modeling and Evasion Steven Gianvecchio (The College of William & Mary, US); Haining Wang (College of William and Mary, US); Duminda Wijesekera (George Mason University, US); Sushil Jajodia (George Mason University, US)
Presentation (pdf)
  10:00 – 10:30 AM Break

  Panel 2
10:30 – 12:00 Noon
Life after Antivirus – What Does the Future Hold?
Moderator:
Richard Lippmann, MIT Lincoln Laboratory
    Panel Members: Martin Fréchette, Symantec Senior Principal Engineer leads the next generation of whitelist-based security products; John Viega, Founder and CEO of Stonewall Software, past Chief Security Architect at McAfee; Kathy Wang, MITRE Lead Scientist and Information Security Engineer on Honeyclient project, Paul Royal, Damballa Director of Research for botnet detection and remediation.
Presentation (ppt)
  12:00 – 1:30 PM Lunch (MIT Faculty Club)

  Session 5
1:30 – 3:00 PM
Alert Correlation and Worm Detection
Chair:
Benjamin Morin
    Optimal Cost, Collaborative and Distributed Response to Zero-Day Worms – A Control Theoretic Approach Senthil Cheetancheri (University of California, Davis, US); John Agosta (Intel Research, US); Karl Levitt (UC Davis, US); S. Felix Wu (University of California at Davis, US); Jeff Rowe (UC Davis, US)
Presentation (pdf)
    On the Limits of Payload-oblivious Network Attack Detection Michael Collins (CERT, US); Mike Reiter (University of North Carolina at Chapel Hill, US)
Presentation (pdf)
    Determining placement of intrusion detectors for a distributed application through Bayesian network modeling Gaspar Modelo-Howard (Purdue University, US); Saurabh Bagchi (Purdue University, US); Guy Lebanon (Purdue University, US)
Presentation (pdf)
    A Multi-Sensor Model to Improve Automated Attack Detection Magnus Almgren (Chalmers University of Technology, SE); Ulf Lindqvist (SRI International, US); Erland Jonsson (Chalmers University of Technology, SE)
Presentation (pdf)
  3:00 – 3:30 PM Break

  Session 6
3:30 – 5:00 PM
Anomaly Detection and Network Traffic Analysis
Chair:
Robin Sommer
    Monitoring SIP traffic using Support Vector Machines Mohamed Nassar (INRIA Lorraine, FR); Radu State (INRIA - LORIA, FR); Olivier Festor (INRIA-LORIA, FR)
Presentation (pdf)
    The Effect of Clock Resolution on Keystroke Dynamics Kevin Killourhy (Carnegie Mellon University, US); Roy A. Maxion (Carnegie Mellon University, US)
Presentation (pdf)
    A Comparative Evaluation of Anomaly Detectors under Portscan Attacks Ayesha Binte Ashfaq; Maria Joseph; Asma Mumtaz; Muhammad Qasim Ali; Ali Sajjad; Syed Ali Khayam (National University of Sciences & Technology, PK)
Presentation (pdf)
    Advanced Network Fingerprinting Humberto Abdelnur (INRIA Nancy - Grand Est, FR); Radu State (INRIA - LORIA, FR); Olivier Festor (INRIA Nancy - Grand Est, FR)
Presentation (pdf)
     
    The RAID organizing committee would like to thank our sponsors:

The I3P, IBM, MIT Lincoln Laboratory and Symantec.
    up