Thursday
November 11, 2004
4:00 - 5:00 PM
1221 CS
|
Department of Computer Sciences, University of Wisconsin ( web)
Understanding Data Lifetime via Whole System Simulation
This talk is based on the paper by Jim Chow, Ben Pfaff,
Tal Garfinkel, Kevin Christopher and Mendel Rosenblum,
appeared in the 2004 USENIX Security Symposium. In this
talk I will discuss what data lifetime problem is and
how it relates to potential security (especially privacy
and secrecy) risks. Then I present the whole system
simulation approach used to analyzing data lifetime
issue. Pros and cons of the approach is also discussed.
This is an informal presentation, so discussions and
comments are more than welcome.
|
Monday
November 29, 2004
4:00 - 5:00 PM
2310 CS
|
Department of Computer Sciences, University of Wisconsin ( web)
Intrusion Detection Using Sequences of System Calls
This is an informal talk presenting a paper by
S. Hofmeyr, S. Forrest, and A. Somayaji, published in
the Journal of Computer Security Vol. 6, pp. 151-180
(1998). Come ready to critique and brainstorm.
A method is introduced for detecting intrusions at the
level of privileged processes. Evidence is given that
short sequences of system calls executed by running
programs are a good discriminator between normal and
abnormal operating characteristics of several common
UNIX programs. Normal behavior is collected in two
ways: Synthetically, by exercising as many normal modes
of usage of a program as possible, and in a live user
environment by tracing the actual execution of the
program. In the former case several types of intrusive
behavior were studied; in the latter case, we analyze
results were analyzed for false positives.
The original paper can be found at http://www.cs.unm.edu/~forrest/papers.html.
|
Created and maintained by Mihai Christodorescu (
http://www.cs.wisc.edu/~mihai)
Created: Wed Aug 13 10:30:10 CDT 2003
Last modified: Fri Feb 27 14:17:36 Central Standard Time 2004