Deploying a New Hash Algorithm
Steven Bellovin, Eric Rescorla
Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites
That Exploit Browser Vulnerabilities
Yi-Min Wang, Doug Beck, Xuxian Jiang, Roussi Roussev, Chad Verbowski, Shuo Chen, Sam King
Inoculating SSH Against Address Harvesting
Stuart Schechter, Jaeyeon Jung, Will Stockwell, Cynthia McLain
Enterprise Security: A Community of Interest Based Approach
Trust Negotiation with Hidden Credentials, Hidden Policies, and Policy Cycles
Keith Frikken, Jiangtao Li, Mikhail Atallah
A Crawler-based Study of Spyware in the Web
Alex Moshchuk, Steven D. Gribble, Henry Levy
Protocol-Independent Adaptive Replay of Application Dialog
Weidong Cui, Vern Paxson, Nicholas Weaver, Randy Katz
Isolating Intrusions by Automatic Experiments
Stephan Neuhaus, Andreas Zeller
Churn as Shelter
Tyson Condie, Varun Kacholia, Sriram Sank, Joseph M. Hellerstein, Petros Maniatis
Software Self-Healing Using Collaborative Application
Stelios Sidiroglou, Michael Locasto, Angelos Keromytis
Toward a Practical Data Privacy Scheme for a Distributed
Implementation of the Smith-Waterman Genome Sequence Comparison
Algorithm Doug Szajda, Michael Pohl, Jason Owen, Barry Lawson
Toward Automated Information-Flow Integrity Verification for Security-
Umesh Shankar, Trent Jaeger, Reiner Sailer
Using Generalization and Characterization Techniques in the Anomaly-
based Detection of Web Attacks
William Robertson, Giovanni Vigna, Christopher Kruegel, Richard A. Kemmerer
Key Regression: Enabling Efficient Key Distribution for Secure
Kevin Fu, Seny Kamara, Yoshi Kohno
Device Identification via Analog Signal Fingerprinting: A Matched
Ryan Gerdes, Thomas Daniels, Mani Mina, Steve Russell
Modeling Botnet Propagation Using Time Zones
David Dagon, Cliff Zou, Wenke Lee
Vulnerability-Specific Execution Filtering for Exploit Prevention on
James Newsome, David Brumley, Dawn Song, Jad Cha
I am pleased to announce the availability of an open source, command-line version of the Cassandra system. For 5 years the Cassandra system (https://cassandra.cerias.purdue.edu) has been delivering free vulnerability notifications based on NIST's ICAT database of CVE entries, and later, Secunia advisories were added. These notifications were based on a profile of interest you entered, saving you time in doing searches for you every day and remembering which entries you had already seen (Meunier and Spafford, FIRST 2002).
However, using Cassandra meant that I (and CERIAS) had a list of
possible vulnerabilities in your organization's systems, and this list
was sent to you in plain text emails. Even though Cassandra was never
compromised, it (and the emails) made a tempting target; risk- averse
people and organizations were therefore unable to benefit from the
service. The new command-line tool, my_cassandra.php, solves these
issues and can be downloaded from my home page:
Because you get the source code and the custody of your profiles, this version of Cassandra should not generate the privacy concerns that the online version did. As it is under your control you can also run it at the intervals you choose. It is made available under an open source license so you can modify it. It runs under PHP so it should run on almost any platform (tested on Windows XP SP2 and PHP 5.1.1, and MacOS 10.4.3 and PHP 4.3.11 -- Windows users need to download also "cassandra.bat").
It works by downloading an XML export of recent entries in NIST's National Vulnerability Database, and comparing them to vendors, products and keywords specified in the file "profile.txt". The tool will then open a browser window for each new and relevant entry, and save the list of seen entries in a file named "seen_CVE.txt" on your workstation.
WARNING: The first time you run it, it will open a large number of
windows. It is then up to you to run it when you have time to read
the new entries.
Purdue University CERIAS
P.S.: Thanks to the NVD team at NIST, and the people at MITRE doing the tedious and cautious work without which Cassandra would have no data, and special thanks for doing it swiftly.
The Institute for Information Infrastructure Protection (I3P) has issued a Call for Proposals from post-doctoral researchers, junior faculty and research scientists.
Applicants must submit proposals to the host institutions by February 27, 2006. Host Institutions must submit completed application packets to the I3P by March 10, 2006. For more information about application requirements see: www.thei3P.org/fellowships.
I3P Research Areas of Interest:
The I3P - a national research consortium of universities, federally-funded labs, and non-profit organizations - is chaired by Dartmouth College The program is funded by the U.S. Department of Homeland Security.