RAID 2009 Engin Kirda Institute Eurecom Exciting and Interesting - - PowerPoint PPT Presentation

raid 2009
SMART_READER_LITE
LIVE PREVIEW

RAID 2009 Engin Kirda Institute Eurecom Exciting and Interesting - - PowerPoint PPT Presentation

Sep 08, 2023 159 likes •302 views

Welcome to RAID 2009 Engin Kirda Institute Eurecom Exciting and Interesting Program 17 full papers 16 posters Today between 18.00 and 20.00 2 invited talks Luis Corron, Panda Security Fighting Malware Roy Maxion,

slide-1
SLIDE 1

Welcome to

RAID 2009

Engin Kirda Institute Eurecom

slide-2
SLIDE 2

2

Exciting and Interesting Program

  • 17 full papers
  • 16 posters
  • Today between 18.00 and 20.00
  • 2 invited talks

– Luis Corron, Panda Security Fighting Malware – Roy Maxion, Carnegie Mellon University When Science Meets Security

slide-3
SLIDE 3

Physical PC Meeting

  • Took place at the Claremont hotel, Berkeley,

California (IEEE Security and Privacy) on the 21st of September

– Except for 4 people who had valid excuses, all PC members were at the meeting – The PC members who could not make it were from the US, all Europeans made it ;-) – Most submissions were discussed – Meeting took the entire day – No limit was set on the numbers of papers to be accepted – PC was positive and tried to identify positive aspects of each paper being discussed

3

slide-4
SLIDE 4

4

Overview of Sessions

  • Anomaly and Specification-Based Approaches (Radu State)
  • Malware Detection and Prevention I (Thorsten Holz)
  • Network and Host Intrusion Detection and Prevention (Corrado

Leita)

  • Intrusion Detection and Mobile Devices (Benjamin Morin)
  • High-Performance Intrusion Detection (Robin Sommer)
  • Malware Detection and Prevention II (Davide Balzarotti)
slide-5
SLIDE 5

5

Submission Statistics

  • 60 papers submitted

– 60 full papers – short paper submissions not accepted

slide-6
SLIDE 6

6

Submission Statistics

  • Where are authors from?
  • United States
  • Pakistan
  • France
  • Germany
slide-7
SLIDE 7

7

Acknowledgments

slide-8
SLIDE 8

Let’s have a bit of fun ;-)

  • Tradition: Present some statistics

– e.g., Christopher Kruegel, RAID 2007, stats on authorships, PC activity

8

slide-9
SLIDE 9

Does better wording help?

  • Hypothesis: Some words you use in your papers

might influence its acceptance ;-)

– Related Work: Keromytis, USENIX Sec, 2006

  • In order to test hypothesis, I conducted thorough

experiments

– Methodology:

1) Download all submissions 2) Partition submissions into two groups: Accepted, Rejected 3) All text in the PDFs were extracted into TXT files using Perl scripts (making use of pdftotext) 4) Get rid of the, of, and, to, a, is, in, for, that, we, are, on, as, etc. 5) Submissions were analyzed

9

slide-10
SLIDE 10

Results

  • Some words that are popular in both accepted and

rejected papers:

– DETECTION, ATTACK, SYSTEM

  • The most popular word in accepted papers is:

– MALWARE

  • The most popular word in rejected papers is:

– TRAFFIC

  • The most popular second word in accepted papers:

– MODEL

  • The most popular second word in rejected papers:

– NETWORK

10

slide-11
SLIDE 11

Results

  • Some words that never appear in REJECTED

papers:

– WHITEBOX, SMARTPHONES, PRECONDITIONS

  • Some words that never appear in ACCEPTED

papers:

– HACKER, INFORMATION FLOWS, SELF-ADAPTING

  • Words that are SELDOM in ACCEPTED papers:

– DARPA, LINCOLN ;-)

11

slide-12
SLIDE 12

The Perfect Contribution

  • In this paper, we present a MALWARE detection

system for SMARTPHONES that prevents attacks using an efficient MODEL based on effective PRECONDITIONS

  • Here is your ticket to the next RAID ;-)

12

slide-13
SLIDE 13

13

Keynote

Luis Corron (Panda Security) Fighting Malware