MonAM 2006 Workshop














MonAM 2006

IEEE / IST Workshop on
"Monitoring, Attack Detection and Mitigation"

Thursday 28 / Friday 29 September, 2006
Tübingen, Germany

[Call for Papers] [Author Information] [Registration] [Workshop Programme] [Local Information]

Workshop Programme

Schedule with Slides, Papers, and Posters

    Day 1: Thursday, 28 September 2006
    08:30-09:00 Registration
    09:00-09:10 Welcome
    Opening Remarks by the Workshop Co-Chairs
    Georg Carle (University of Tübingen), Olivier Paul (GET-INT), Morris Sloman (Imperial College London)
    09:10-10:00 Keynote
    Dr. Wolfgang Klasen, Siemens AG, Corporate Technology
    Voice over IP Security - Threats, Security Requirements and Solutions
         [Download: slides]
    10:00-10:50 Session 1: Network Monitoring Techniques
    Michele Colajanni, Mirco Marchetti
    A Parallel Architecture for Stateful Intrusion Detection in High Traffic Networks
         [Download: slides paper]
    Gorka Aguirre Cascallana, Eduardo Magana Lizarrondo
    Collecting Packet Traces at High Speed
         [Download: slides paper]
    10:50-11:20 Coffee Break
    11:20-13:00 Session 2: Attack Prevention and Mitigation
    Nils Gruschka, Ralph Herkenhöner, Norbert Luttenberger
    WS-SecurityPolicy Decision and Enforcement for Web Service Firewalls
         [Download: slides paper]
    Andreas Hess, Niels Karowski
    Automated Protection of End-Systems Against Known Attacks
         [Download: slides paper]
    Jun Wang
    Defending Against Denial of Web Services Using Sessions
         [Download: slides paper]
    Muhammad Sher, Shaoke Wu, Thomas Magedanz
    Security Threats and Solutions for Application Server of IP Multimedia Subsystem (IMS-AS)
         [Download: slides paper]
    13:00-14:30 Lunch Break
    14:30-16:15 Session 3: Methods and Systems for Network Attack Detection
    Thomas Gamer, Marcus Schöller, Roland Bless
    A Granularity-adaptive System for in-Network Attack Detection
         [Download: slides paper]
    Davide Adami, Christian Callegari, Stefano Giordano, Giada Landi, Michele Pagano
    Design, Implementation, and Validation of a Self-Learning Intrusion Detection System
         [Download: slides paper]
    Emerson Virti, Liane Tarouco, Leandro Bertholdo, Joao Ceron, Lisandro Granville
    Honeypots as a Security Mechanism
         [Download: slides paper]
    Roland Kwitt, Ulrich Hofmann
    Robust Methods for Unsupervised PCA-based Anomaly Detection
         [Download: slides paper]
    Ronny T. Lampert, Christoph Sommer, Gerhard Münz, Falko Dressler
    Vermont - A Versatile Monitoring Toolkit for IPFIX and PSAMP
         [Download: slides paper]
    Venkata K. Pingali, Joseph D. Touch
    Protecting Public Servers from DDoS Attacks Using Drifting Overlays
         [Download: slides paper]
    Common discussion on short presentations
    16:15-16:45 Coffee Break
    16:45-18:00 Panel Discussion: Aspects of High-Speed Network Monitoring
    Moderator:   Herve Debar, France Telecom R&D
         [Download: slides]
    Panelists: Atta Badii, University of Reading
         [Download: slides]
    Philippe Owezarski, LAAS-CNRS
         [Download: slides]
    Yacine Bouzida, Mitsubishi Electrics
         [Download: slides]
    Georg Carle, University of Tübingen
         [Download: slides]
    19:30-22:30 Social Event
    Day 2: Friday, 29 September 2006
    09:00-09:40 Keynote
    Dr. Herve Debar, France Telecom R&D
    Leveraging multiple approaches in intrusion detection
         [Download: slides]
    09:40-10:30 Session 4: Analysis and Modelling of Attacks
    Radu State, Jerome Francois, Oliver Festor
    Tracking global wide configuration errors
         [Download: slides paper]
    Yacine Bouzida, Frederic Cuppens
    Neural networks vs. decision trees for intrusion detection
         [Download: slides paper]
    Elzbieta Nowicka, Marcin Zawada (not presented)
    Modeling Temporal Properties of Multi-event Attack Signatures in Interval Temporal Logic
         [Download: slides paper]
    10:30-11:00 Coffee Break
    11:00-12:50 Session 5: Advanced Topics on Attack Detection and Mitigation
    Yousof Al-Hammadi, Uwe Aickelin
    Detecting Botnets Through Log Correlation
         [Download: slides paper]
    Rytis Rainys
    From Network and Information Security Situation Analyse to Incidents Management
         [Download: slides paper]
    P.D. Smith, D. Hutchison, M. Banfield, H. Leopold
    On Understanding Normal Protocol Behaviour to Detect the Abnormal
         [Download: slides paper]
    Nassima KHIAT, Yannick CARLINET, Nazim AGOULMINE
    The Emerging Threat of Peer-to-Peer Worms
         [Download: slides paper]
    Marcel Waldvogel, Michael Muncan, Mahak Patidar
    Stealth DoS
         [Download: slides paper]
    Daniela Brauckhoff, Ulrich Fiedler, Bernhard Plattner
    Towards Systematically Evaluating Flow-level Anomaly Detection Mechanisms
         [Download: slides paper]
    Ons Jelassi, Olivier Paul
    A two-level packet classification
         [Download: slides paper]
    Common discussion on short presentations
    12:50-14:30 Lunch Break
    14:30-16:00 Session 6: Demo Presentations
    Morris Sloman
    Introduction to the DIADEM Firewall Project
         [Download: slides]
    Olivier Paul
    Presentation of the DIADEM Firewall Demonstrator:
    The Web Server Overloading Use-Case
         [Download: slides]
    Yannick Carlinet
    Presentation of the DIADEM Firewall Demonstrator
    The Syn Flood Use-Case
         [Download: slides]
    Posters on DIADEM Firewall
    Dynamic Distributed Programmable Firewall
         [Download: poster]
    FPGA based Inline Classifier for the DIADEM System
         [Download: poster]
    System Manager: Policy-Based Response Mechanism
         [Download: poster]
    The Violation Detection Framework TOPAS
         [Download: poster]
    TCP SYN Flood Use-case
         [Download: poster]
    Non-Intrusive Traceback
         [Download: poster]
    Tradeoffs for Fast Web Traffic Analysis
         [Download: poster]
    Improving the Detection of Focused Attacks against Web Servers
         [Download: poster paper]