raid 2009
play

RAID 2009 Engin Kirda Institute Eurecom Exciting and Interesting - PowerPoint PPT Presentation

Welcome to RAID 2009 Engin Kirda Institute Eurecom Exciting and Interesting Program 17 full papers 16 posters Today between 18.00 and 20.00 2 invited talks Luis Corron, Panda Security Fighting Malware Roy Maxion,


  1. Welcome to RAID 2009 Engin Kirda Institute Eurecom

  2. Exciting and Interesting Program • 17 full papers • 16 posters • Today between 18.00 and 20.00 • 2 invited talks – Luis Corron, Panda Security Fighting Malware – Roy Maxion, Carnegie Mellon University When Science Meets Security 2

  3. Physical PC Meeting • Took place at the Claremont hotel, Berkeley, California (IEEE Security and Privacy) on the 21 st of September – Except for 4 people who had valid excuses, all PC members were at the meeting – The PC members who could not make it were from the US, all Europeans made it ;-) – Most submissions were discussed – Meeting took the entire day – No limit was set on the numbers of papers to be accepted – PC was positive and tried to identify positive aspects of each paper being discussed 3

  4. Overview of Sessions • Anomaly and Specification-Based Approaches (Radu State) • Malware Detection and Prevention I (Thorsten Holz) • Network and Host Intrusion Detection and Prevention (Corrado Leita) • Intrusion Detection and Mobile Devices (Benjamin Morin) • High-Performance Intrusion Detection (Robin Sommer) • Malware Detection and Prevention II (Davide Balzarotti) 4

  5. Submission Statistics • 60 papers submitted – 60 full papers – short paper submissions not accepted 5

  6. Submission Statistics • Where are authors from? • United States • Pakistan • France • Germany 6

  7. Acknowledgments 7

  8. Let’s have a bit of fun ;-) • Tradition: Present some statistics – e.g., Christopher Kruegel, RAID 2007, stats on authorships, PC activity 8

  9. Does better wording help? • Hypothesis: Some words you use in your papers might influence its acceptance ;-) – Related Work: Keromytis, USENIX Sec, 2006 • In order to test hypothesis, I conducted thorough experiments – Methodology: 1) Download all submissions 2) Partition submissions into two groups: Accepted, Rejected 3) All text in the PDFs were extracted into TXT files using Perl scripts (making use of pdftotext) 4) Get rid of the, of, and, to, a, is, in, for, that, we, are, on, as, etc. 5) Submissions were analyzed 9

  10. Results • Some words that are popular in both accepted and rejected papers: – DETECTION, ATTACK, SYSTEM • The most popular word in accepted papers is: – MALWARE • The most popular word in rejected papers is: – TRAFFIC • The most popular second word in accepted papers: – MODEL • The most popular second word in rejected papers: – NETWORK 10

  11. Results • Some words that never appear in REJECTED papers: – WHITEBOX, SMARTPHONES, PRECONDITIONS • Some words that never appear in ACCEPTED papers: – HACKER, INFORMATION FLOWS, SELF-ADAPTING • Words that are SELDOM in ACCEPTED papers: – DARPA, LINCOLN ;-) 11

  12. The Perfect Contribution • In this paper, we present a MALWARE detection system for SMARTPHONES that prevents attacks using an efficient MODEL based on effective PRECONDITIONS • Here is your ticket to the next RAID ;-) 12

  13. Keynote Luis Corron ( Panda Security) Fighting Malware 13

Recommend


More recommend