Computer Sciences Dept.

Computer Security and Cryptography Seminar:
June 2004 Events

Date &
Location
Event
Friday, June 25, 2004
1:15 - 2:15 PM
2310 CS
Shai Rubin (web)
University of Wisconsin, Madison (web)
Foundations for Intrusion Prevention

This is a practice talk for DIMVA 2004.

One obvious way to keep burglars from entering your home is to lock the door. In a computer system, known vulnerabilities are like open doors calling attackers in. Very recently, an Internet worm, the Sasser, used a door that had been left open for just 17 days to exploit thousands of machines.

We propose an infrastructure that helps a system administrator to quickly identify a newly published vulnerability on the site hosts and to evaluate the vulnerability's threat with respect to the administrator's security priorities. The infrastructure foundation is the vulnerability semantics, a small set of attributes for vulnerability definition. We demonstrate that with a few attributes it is possible to define the majority of the known vulnerabilities in a way that facilitates their accurate identification and enables the administrator to rank the vulnerabilities found according to the organization's security priorities. A large scale experiment demonstrates that our infrastructure can find significant vulnerabilities even in a site with a high security awareness.

This is a joint work with Ian D. Alderman, David W. Parter, and Mary K. Vernon.

< Back to the Sec & Crypto seminar schedule

Created and maintained by Mihai Christodorescu (http://www.cs.wisc.edu/~mihai)
Created: Wed Aug 13 10:30:10 CDT 2003
Last modified: Fri Feb 27 14:17:36 Central Standard Time 2004
 
Computer Science | UW Home