3. DISCEX 2003: Washington, DC, USA

3rd DARPA Information Survivability Conference and Exposition (DISCEX-III 2003), 22-24 April 2003, Washington, DC, USA. IEEE Computer Society 2003, ISBN 0-7695-1897-4

Volume I

Distributed Denial of Service (DDOS) Defenses

Christos Papadopoulos, Robert Lindell, John Mehringer, Alefiya Hussain, Ramesh Govindan:
COSSACK: Coordinated Suppression of Simultaneous Attacks. 2-13
Roshan K. Thomas, Brian L. Mark, Tommy Johnson, James Croall:
NetBouncer: Client-legitimacy-based High-performance DDoS Filtering. 14-25
W. J. Blackert, D. M. Gregg, A. K. Castner, E. M. Kyle, R. L. Hom, R. M. Jokerst:
Analyzing Interaction Between Distributed Denial of Service Attacks And Mitigation Technologies. 26-

Access Control, Authorization, and Anonymity

Robert Watson, Brian Feldman, Adam Migus, Chris Vance:
Design and Implementation of the TrustedBSD MAC Framework. 38-49
Tatyana Ryutov, B. Clifford Neuman, Dong-Ho Kim:
Dynamic Authorization and Intrusion Response in Distributed Systems. 50-61
H. T. Kung, Chen-Mou Cheng, Koan-Sin Tan, Scott Bradner:
Design and Analysis of an IP-Layer Anonymizing Infrastructure. 62-

Survivability, Fault Tolerance, and Containment

John C. Knight, Elisabeth A. Strunk, Kevin J. Sullivan:
Towards a Rigorous Definition of Information System Survivability. 78-89
Dick O'Brien, Rick Smith, Tammy Kappel, Clint Bitzer:
Intrusion Tolerance Via Network Layer Controls. 90-96
Sandra Murphy, Abhijit Hayatnagarkar, Suresh Krishnaswamy, Wayne Morrison, Robert Watson:
Prophylactic, Treatment and Containment Techniques for Ensuring Active Network Security. 97-

Red Teams and Operational Experimentation

David Levin:
Lessons Learned in Using Live Red Teams in IA Experiments. 110-119
Crispin Cowan, Seth Arnold, Steve Beattie, Chris Wright, John Viega:
Defcon Capture the Flag: Defending Vulnerable Code from Intense Attack. 120-129
Seth Robertson, Eric V. Siegel, Matthew Miller, Salvatore J. Stolfo:
Surveillance Detection in High Bandwidth Environments. 130-

Anomaly Detection

Alfonso Valdes:
Detecting Novel Scans Through Pattern Anomaly Detection. 140-151
Christoph C. Michael:
Finding the Vocabulary of Program Behavior Data for Anomaly Detection. 152-163
Steven J. Templeton, Karl E. Levitt:
Detecting Spoofed Packets. 164-

Trust Management

Angelos D. Keromytis, Sotiris Ioannidis, Michael B. Greenwald, Jonathan M. Smith:
The STRONGMAN Architecture. 178-188
Timothy J. Smith, Gregory T. Byrd, Xiaoyong Wu, Hongjie Xin, Krithiga Thangavelu, Rong Wang, Arpan Shah:
Dynamic PKI and Secure Tuplespaces for Distributed Coalitions. 189-200
Ninghui Li, John C. Mitchell:
A Role-based Trust-management Framework. 201-

Routing and Group Communications

Xiaoliang Zhao, Daniel Massey, Shyhtsun Felix Wu, Mohit Lad, Dan Pei, Lan Wang, Lixia Zhang:
Understanding BGP Behavior through a Study of DoD Prefixes. 214-225
Yair Amir, Cristina Nita-Rotaru, Jonathan Robert Stanton, Gene Tsudik:
Scaling Secure Group Communication Systems: Beyond Peer-to-Peer. 226-237
Jonathan K. Millen, Grit Denker:
MuCAPSL. 238-

Optical and Wireless Networking

Sava Stanic, Suresh Subramaniam, Hongsik Choi, Gokhan Sahin, Hyeong-Ah Choi:
Efficient Alarm Management in Optical Networks. 252-260
Sudarshan Vasudevan, Brian DeCleene, Neil Immerman, James F. Kurose, Donald F. Towsley:
Leader Election Algorithms for Wireless Ad Hoc Networks. 261-272
Rui Jiang, Vikram Gupta, Chinya V. Ravishankar:
Interactions Between TCP and the IEEE 802.11 MAC Protocol. 273-

Attack Modeling and Response

Steven Cheung, Ulf Lindqvist, Martin W. Fong:
Modeling Multistep Cyber Attacks for Scenario Recognition. 284-292
D. Nojiri, Jeff Rowe, Karl N. Levitt:
Cooperative Response Strategies for Large Scale Attack Mitigation. 293-302
Laura Feinstein, Dan Schnackenberg, Ravindra Balupari, Darrell Kindred:
Statistical Approaches to DDoS Attack Detection and Response. 303-

Volume II

Composable High Assurance Trusted Systems (CHATS)

Edward Bubnis, Shelby Evans, Peter Fischer, Elizabeth Meighan, Aswin Almeida:
Open-Source PKI on SELinux A Technology Description. 4-6
Dan DaCosta, Christopher Dahn, Spiros Mancoridis, Vassilis Prevelakis:
Demonstration of COSAK static analysis tools. 7-9
Cynthia E. Irvine, David J. Shifflett, Paul C. Clark, Timothy E. Levin, George W. Dinolt:
MYSEA Technology Demonstration. 10-12
Robert Watson, Brian Feldman, Adam Migus, Chris Vance:
The TrustedBSD MAC Framework. 13-

Cyber Panel

Anita D'Amico, Stephen Salas:
Visualization as an Aid for Assessing the Mission Impact of Information Security Breaches. 18-20
Derek Armstrong, Sam Carter, Gregory Frazier, Tiffany Frazier:
A Controller-Based Autonomic Defense System. 21-23
Walter L. Heimerdinger:
Scyllarus Intrusion Detection Report Correlator and Analyzer. 24-26
Calvin Ko:
System Health and Intrusion Monitoring: Technology Description. 27-29
David J. Musliner:
CIRCADIA Demonstration: Active Adaptive Defense. 30-31
Laura Tinnel, O. Sami Saydjari, Joshua W. Haines:
An Integrated Cyber Panel System. 32-34
J. Ken Williams:
Intelligence Preparation of the Information Battlespace (IPIB). 35-

Dynamic Coalitions (DC)

Himanshu Khurana, Serban I. Gavrila, Rakeshbabu Bobba, Radostina K. Koleva, Anuja Sonalker, Emilian Dinu, Virgil D. Gligor, John S. Baras:
Integrated Security Services for Dynamic Coalitions. 38-40
Thomas Kostas, Diane Kiwior, Gowri Rajappan, Michel Dalal:
Key Management for Secure Multicast Group Communication in Mobile Networks. 41-43
Jim Irrer, Atul Prakash, Patrick McDaniel:
Antigone: Policy-based Secure Group Communication System and AMirD: Antigone-based Secure File Mirroring System. 44-46
Sandeep Bhatt, S. Raj Rajagopalan, Prasad Rao:
Federated Security Management for Dynamic Coalitions. 47-48
Kent E. Seamons, Thomas Chan, Evan Child, Michael Halcrow, Adam Hess, Jason E. Holt, Jared Jacobson, Ryan Jarvis, Aaron Patty, Bryan Smith, Tore Sundelin, Lina Yu:
TrustBuilder: Negotiating Trust in Dynamic Coalitions. 49-51
Timothy J. Smith, Gregory T. Byrd:
Yalta: A Dynamic PKI and Secure Tuplespaces for Distributed Coalitions. 52-54
William Stephens, Brian A. Coan, Sanjai Narain, Vikram Kaul, Kirthika Parmeswaran, Thanh Cheng:
A Toolkit For Building Secure, Fault-Tolerant Virtual Private Networks Technology Description. 55-57
Michael T. Goodrich, Michael Shin, Christian D. Straub, Roberto Tamassia:
Distributed Data Authenication (System Demonstration). 58-59
William H. Winsborough, Jay Jacobs:
Automated Trust Negotiation Technology with Attribute-based Access Control. 60-

Fault Tolerant Networks (FTN)

Yair Amir, Ryan Caudy, Ashima Munjal, Theo Schlossnagle, Ciprian Tutu:
The Wackamole Approach to Fault Tolerant Networks Demo. 64-65
W. J. Blackert, D. M. Gregg, A. K. Castner, R. L. Hom, R. M. Jokerst, E. M. Kyle:
Distributed Denial of Service Defense Attack Tradeoff Analysis (DDOS-DATA). 66-67
Hyeong-Ah Choi, Suresh Subramaniam, Hongsik Choi:
NCAC: Network Congestion Analyzer and Controller. 68-70
Crispin Cowan:
Defcon Capture the Flag: Defending Vulnerable Code from Intense Attack. 71-72
Laura Feinstein, Dan Schnackenberg, Ravindra Balupari, Darrell Kindred:
DDoS Tolerant Networks. 73-75
Roger Knobbe, Andrew Purtell:
Guaranteed Internet Stack Utilization (GINSU) Building Blocks. 76-77
Chen-Mou Cheng, H. T. Kung, Koan-Sin Tan, Scott Bradner:
ANON: An IP-Layer Anonymizing Infrastructure. 78-80
Tom Markham, Lynn Meredith, Charlie Payne:
Distributed Embedded Firewalls with Virtual Private Groups. 81-83
Wes Griffin, Russ Mundy, Sam Weiler, Dan Massey, Naheed Vora:
Fault-Tolerant Mesh of Trust Applied to DNS Security. 84-86
Louise E. Moser, P. M. Melliar-Smith:
Demonstration of Fault Tolerance for CORBA Applications. 87-89
Todd Hughes, Mike Junod, Andy Muckelbauer:
Dynamic Trust-based Resource Allocation. 90
Sandra Murphy, Abhijit Hayatnagarkar, Suresh Krishnaswamy, Wayne Morrison, Robert Watson:
Active Network Fault Response. 91-93
Christos Papadopoulos, Robert Lindell, John Mehringer, Alefiya Hussain, Ramesh Govindan:
COSSACK: Coordinated Suppression of Simultaneous Attacks. 94-96
Kihong Park:
Scalable DDoS Protection Using Route-Based Filtering. 97-97
Ranga S. Ramanujan, S. Kudige, T. Nguyen:
Techniques for Intrusion-Resistant Ad Hoc Routing Algorithms (TIARA). 98-100
Max Robinson, Jelena Mirkovic, B. Scott Michel, Matthew Schnaider, Peter L. Reiher:
DefCOM: Defensive Cooperative Overlay Mesh. 101-102
Scott Rose, Kevin Bowers, Stephen Quirolgico, Kevin Mills:
Improving Failure Responsiveness in Jini Leasing. 103-105
W. Timothy Strayer, Christine E. Jones, Fabrice Tchakountio, Alex C. Snoeren, Beverly Schwartz, Robert C. Clements, Matthew Condell, Craig Partridge:
SPIE Demonstration: Single Packet Traceback. 106-107
Paul F. Syverson:
Onion Routing for Resistance to Traffic Analysis. 108-110
Roshan K. Thomas, Hong Zhu, Tim Huck, Tommy Johnson:
NetBouncer: Client-legitimacy-based High-performance DDoS Filtering. 111
Joseph D. Touch, Lars Eggert, Yu-Shun Wang:
TetherNet Anti-NAT - Secure Internet Subnet Rental System. 112-

Organically Assured and Survivable Information Systems (OASIS)

Robert Balzer:
Safe Email, Safe Office, and Safe Web Browser. 116
Lujo Bauer, Michael A. Schneider, Edward W. Felten, Andrew W. Appel:
Access Control on the Web Using Proof-carrying Authorization. 117-119
Mark Feldman:
Enterprise Wrappers for Information Assurance. 120-122
John C. Knight, Jonathan Hill, Philip E. Varner, Premkumar T. Devanbu, Alexander L. Wolf, Dennis Heimbigner:
Willow System Demonstration. 123-125
William Weinstein, Janet Lepanto:
Camouflage of Network Traffic to Resist Attack (CONTRA). 126-127
Alfonso Valdes, Magnus Almgren, Steven Cheung, Yves Deswarte, Bruno Dutertre, Joshua Levy, Hassen Saïdi, Victoria Stavridou, Tomás E. Uribe:
Dependable Intrusion Tolerance: Technology Demo. 128-130
Peng Liu:
ITDB: An Attack Self-Healing Database System Prototype. 131-133
D. O'Brien:
Intrusion Tolerant Web Servers via Network Layer Controls. 134
P. Pal:
Demonstrating Intrusion Tolerance With ITUA. 135-137
Ranga S. Ramanujan, Maher Kaddoura, J. Wu, C. Sanders, K. Millikin:
VPNshield: Protecing VPN Services from Denial-of-Service (DoS) Attacks. 138-139
J. Reynolds:
On-Line Attack Prevention and Continual Recovery. 140-142
Viren Shah, Frank Hill:
An Aspect-Oriented Security Framework. 143-145
J. Shukla:
OmniVPN. 146
Matthew Stillerman, Dexter Kozen:
Efficient Code Certification for Open Firmware. 147-148
Gregg Tally, Brent Whitmore, David Sames, Brian Matt, Brian Niebuhr, David E. Bakken:
Intrusion Tolerant Distributed Object Systems: Project Summary. 149-151
Tom Van Vleck, Andrew Reisse:
SPMA - Java Binary Enhancement Tool. 152
Feiyi Wang, Raghu Upppalli:
SITAR: A Scalable Intrusion-Tolerant Architecture for Distributed Services-A Technology Summary. 153-

Operational Experimentation (OPX)

M. Miller:
System Detection's Hawkeye Platform. 158-

Composable High Assurance Trusted Systems (CHATS)

Myla Archer, Elizabeth I. Leonard, Matteo Pradella:
Modeling Security-Enhanced Linux Policy Specifications for Analysis. 164-169
Edward Bubnis, Shelby Evans, Peter Fischer, Elizabeth Meighan, Aswin Almeida:
Open-Source PKI on SELinux. 170-175
Cynthia E. Irvine, David J. Shifflett, Paul C. Clark, Timothy E. Levin, George W. Dinolt:
Monterey Security Enhanced Architecture Project. 176-181
Peter G. Neumann:
Achieving Principled Assuredly Trustworthy Composable Systems and Networks. 182-187
Hans T. Reiser:
Enhancing ReiserFS Security In Linux. 188-

Cyber Panel

Anita D'Amico, Stephen Salas:
Visualization as an Aid for Assessing the Mission Impact of Information Security Breaches. 190-195
Joshua W. Haines, Stephen A. Goulet, Robert S. Durst, Terrance G. Champion:
LLSIM: Network Simulation for Correlation and Response Testing. 196-201
Calvin Ko, Karl N. Levitt:
System Health and Intrusion Monitoring (SHIM): Project Summary. 202-207
John J. Shaw:
Predicting the Impact of Cyber-Attacks on BMC3 Enterprises. 208-

Dynamic Coalitions (DC)

Vijay G. Bharadwaj, John S. Baras:
A Framework for Automated Negotiation of Access Control Policies. 216-221
Weifeng Chen, Lakshminath R. Dondeti:
Recommendations in Using Group Key Management Algorithms. 222-227
Jeffrey Kay, Steve Crocker:
DyCER: A Lightweight Data Sharing System Using Replication. 228-233
Patrick McDaniel, Atul Prakash:
A Flexible Architecture for Security Policy Enforcement. 234-239
Kent E. Seamons, Marianne Winslett, Ting Yu, Thomas Chan, Evan Child, Michael Halcrow, Adam Hess, Jason E. Holt, Jared Jacobson, Ryan Jarvis, Bryan Smith, Tore Sundelin, Lina Yu:
Trust Negotiation in Dynamic Coalitions. 240-245
Michael T. Goodrich, Roberto Tamassia:
Efficient and Scalable Infrastructure Support for Dynamic Coalitions. 246-251
William H. Winsborough, Jay Jacobs:
Automated Trust Negotiation in Attribute-based Access Control. 252-

Fault Tolerant Networks (FTN)

Lynn M. Meredith:
A Summary of the Autonomic Distributed Firewalls (ADF) Project. 260-265
W. Timothy Strayer, Christine E. Jones, Fabrice Tchakountio, Alex C. Snoeren, Beverly Schwartz, Robert C. Clements, Matthew Condell, Craig Partridge:
Traceback of Single IP Packets Using SPIE. 266-270
Joseph D. Touch, Gregory G. Finn, Yu-Shun Wang, Lars Eggert:
DynaBone: Dynamic Defense Using Multi-layer Internet Overlays. 271-276
Xiaoyong Wu, Vinay A. Mahadik, Douglas S. Reeves:
A Summary of Detection of Denial-of-QoS Attacks on DiffServ Networks. 277-

Organically Assured and Survivable Information Systems (OASIS)

Peng Liu:
Engineering a Distributed Intrusion Tolerant Database System Using COTS Components. 284-289
Salvatore J. Stolfo, Shlomo Hershkop, Ke Wang, Olivier Nimeskern:
EMT/MET: Systems for Modeling and Detecting Errant Email. 290-

Last update Sun May 19 22:06:37 2013 CET by the DBLP Team —

Data released under the ODC-BY 1.0 license — See also our legal information page