Difference between revisions of "Lecture 11"

Latest revision as of 23:16, 10 November 2005

Large-Scale Internet Criminal Activity

Speakers

Dave Aucsmith, Senior Director, Institute for Advanced Technology in Governments, Microsoft Corp.
Steve Gribble, UW: Spyware
Butler Lampson, Microsoft: Computer Security in the Real World

Readings

David Moore, Geoffrey Voelker, and Stefan Savage, “Inferring Internet Denial of Service Activity.” Proc. 2001 USENIX Security Symposium, August 2001. http://www.cse.ucsd.edu/users/savage/papers/UsenixSec01.pdf
Stefan Saroiu, Steven D. Gribble, and Henry M. Levy, “Measurement and Analysis of Spyware in a University Environment,” Proc. NSDI 2004, March 2004. http://www.cs.washington.edu/homes/gribble/papers/spyware.pdf
The Honeynet Project & Research Alliance, “Know your Enemy: Tracking Botnets,” March 2005. http://www.honeynet.org/papers/bots
Computer Security in the Real World, http://www.research.microsoft.com/lampson/64-SecurityInRealWorld/Abstract.html

Discussion

Participate in the wiki-discussion.

@@ Line 1: / Line 1: @@
---[[User:Gorchard|Gorchard]] 09:47, 10 November 2005 (PST) For the first time, I came out of the lectures last night with a sense of optimism. I thought the first two speakers especially (Dave Aucsmith and Steve Gribble) painted a picture that managing nefarious internet activity is possible and already well under way. We seem to have a pretty good understanding of how these guys operate, and it's comforting to know that the people making the attacks are not actually clever enough to discover the vulnerabilities themselves. They also make mistakes like URL typos and allowing themselves to be tracked down through Watson reports. It seems we're not fighting a losing battle. I also found it reassuring to hear Steve Gribble's spyware statistics - that only a small percentage of spyware programs actually do really bad things like keystroke monitoring and calling expensive toll numbers, while most spyware busies itself with 'harmless' activites such as pop-up ads or browser hijacking.
+'''Large-Scale Internet Criminal Activity'''
+==Speakers==
+* Dave Aucsmith, Senior Director, Institute for Advanced Technology in Governments, Microsoft Corp.
+* Steve Gribble, UW:  Spyware
+* Butler Lampson, Microsoft:  Computer Security in the Real World
+==Readings==
+* David Moore, Geoffrey Voelker, and Stefan Savage, “Inferring Internet Denial of Service Activity.” Proc. 2001 USENIX Security Symposium, August 2001.  [http://www.cse.ucsd.edu/users/savage/papers/UsenixSec01.pdf http://www.cse.ucsd.edu/users/savage/papers/UsenixSec01.pdf]
+* Stefan Saroiu, Steven D. Gribble, and Henry M. Levy, “Measurement and Analysis of Spyware in a University Environment,” Proc. NSDI 2004, March 2004.  [http://www.cs.washington.edu/homes/gribble/papers/spyware.pdf http://www.cs.washington.edu/homes/gribble/papers/spyware.pdf]
+* The Honeynet Project & Research Alliance, “Know your Enemy: Tracking Botnets,” March 2005.  http://www.honeynet.org/papers/bots
+* Computer Security in the Real World, [http://www.research.microsoft.com/lampson/64-SecurityInRealWorld/Abstract.html http://www.research.microsoft.com/lampson/64-SecurityInRealWorld/Abstract.html]
+==Discussion==
+Participate in the [http://cubist.cs.washington.edu/CyberSecurity/index.php/Talk:Lecture_11 wiki-discussion].

Difference between revisions of "Lecture 11"

Latest revision as of 23:16, 10 November 2005

Speakers

Readings

Discussion

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools