Proceedings of the 3rd European Conference on Computer Network Defense

The European Conference on Computer and Network Defense addresses security from multiple perspectives. This includes research in computer network security, intrusion detection, denial-of-service, privacy protection, and incident response and management.

The 3rd European Conference on Computer Network Defense took place in September 2007 at Aldemar Hotel, in Heraklion, Crete, Greece in cooperation with the European Network and Information Security Agency (ENISA). The theme of the conference was the protection of computer networks. The conference drew participants from academia and industry in Europe and beyond to discuss hot topics in applied network and systems security. The conference was a great success, with 6 refereed papers and 6 invited presentations on topics ranging from high assurance networks of virtual machines to signaling vulnerabilities in wiretapping systems. This book contains the refereed as well as refereed papers. We are greatful to the authors and presenters for their contributions, as well as the participants of EC2N'07 for making the conference a success. We are looking forward to a successful EC2ND event in 2008. K. G. Anagnostakis, S. Ioannidis, V. Siris Contents 1 Tales from the Crypt: Fingerprinting Attacks on Encrypted Channels by Way of Retainting ........................................1 Michael Valkering, Asia Slowinska, and Herbert Bos 1 Introduction ......................................................................................... 1 2 Architecture ......................................................................................... 3 2.1 Tracking Issues .............................................................................. 4 2.2 Retainting ...................................................................................... 6 2.2.1 Determining the Tag ............................................................. 6 2.2.2 Identifying the SSL Conversation ........................................ 8 2.3 Interposition Details...................................................................... 9 3 Signature Generation ........................................................................... 9 3.1 Pattern-Based Signatures ............................................................. 10 3.2 Signatures for Polymorphic Buffer Overflows ............................ 13 4 Filters ................................................................................................. 14 5 Results ............................................................................................... 15 6 Related Work ..................................................................................... 17 7 Conclusions ....................................................................................... 18 References ............................................................................................ 18 2 Towards High Assurance Networks of Virtual Machines...............21

Presents current research issues and solutions Addresses security from multiple perspectives, including state-of-the-art research on computer network security, intrusion detection, denial-of-service, privacy protection, security policies, and incident response and management

Klappentext

Proceedings of the 3rd European Conference on Computer Network Defense compiles revised and extended articles written by prominent researchers participating in the 3rd European Conference on Computer Network Defense (EC2ND). This volume presents information on intrusion detection and privacy protection.

The text offers the latest information on advances in network security and serves as an excellent reference work for researchers and graduate students working in the area of computer network defense.

Inhalt
Tales from the Crypt: Fingerprinting Attacks on Encrypted Channels by Way of Retainting.- Towards High Assurance Networks of Virtual Machines.- Intrusion Detection Using Cost-Sensitive Classification.- A Novel Approach for Anomaly Detection over High-Speed Networks.- Elastic Block Ciphers in Practice: Constructions and Modes of Encryption.- Vulnerability Response Decision Assistance.- Alice, What Did You Do Last Time? Fighting Phishing Using Past Activity Tests.- QuiGon: The First Tool Against Clone Attack on Internet Relay Chat.- Defending Against Next Generation Through Network/Endpoint Collaboration and Interaction.- ISi-LANA A Secure Basic Architecture for Networks Connected to the Internet.