CS Colloquium Series @ UCY
Department of Computer Science - University of Cyprus
The Department of Computer Science at the University of Cyprus holds research colloquiums and social hours approximately once weekly. All university students, faculty, and staff are invited to attend. Notifications about new and upcoming events are automatically disseminated to a variety of institutional lists.
If you don't receive these notifications, but want to get informed about upcoming colloquium announcements, you can do the following:
List RSS DirectionsColloquium Coordinator: Demetris Zeinalipour
Colloquium: Real-world Polymorphic Attack Detection, Prof. Evangelos Markatos (FORTH-ICS and Univ. of Crete, Greece), Friday, Nov. 25, 2011, 10:00-11:00 EET.
The Department of Computer Science at the University of Cyprus cordially invites you to the Colloquium entitled:
Real-world Polymorphic Attack Detection
Speaker: Prof. Evangelos Markatos |
Abstract:
As state-of-the-art attack detection technology becomes more prevalent,
attackers have started to employ evasion techniques such as code
obfuscation and polymorphism to defeat existing defenses. We have recently
proposed network-level emulation, a heuristic detection method that scans
network traffic to detect polymorphic attacks. Our approach uses a CPU
emulator to dynamically analyze every potential instruction sequence in
the inspected traffic, aiming to identify the execution behavior of
certain malicious code classes, such as self-decrypting polymorphic
shellcode. In this work, we present results and experiences from
deployments of network-level emulation in production networks. After more
than a year of continuous operation, our prototype implementation has
captured more than a million attacks against real systems, while so far
has not resulted to any false positives. The observed attacks employ a
highly diverse set of exploits, often against less widely used vulnerable
services, and in some cases, sophisticated obfuscation schemes.
Short Bio:
Prof. Evangelos Markatos received his diploma in Computer Engineering from
the University of Patras in 1988, and the M.S and Ph.D. degrees in
Computer Science from the University of Rochester, NY in 1990 and 1993
respectively. Since 1992, he collaborates with the Institute of Computer
Science of the Foundation for Research and Technology - Hellas (ICS-FORTH)
where he is currently the founder and head of the Distributed Computing
Systems Laboratory. He conducts research in several areas including
distributed and parallel systems, the World-Wide Web, Internet Systems and
Technologies, as well as Computer and Communication Systems Security. He
has been the project manager of the LOBSTER and NoAH projects, both funded in part by the European Union and focusing on developing novel approaches
to network monitoring and network security. He is currently the project
manager of the i-code and SysSec projects.
Since 1992, he has also been affiliated with the Computer Science
Department of the University of Crete, where he is currently a full
Professor.
Sponsor: The CS Colloquium Series is supported by a generous donation from |