UC Davis Computer Security Laboratory

CMAD IV Slides
Table of Contents
Download the entire Slide Presentations of CMAD IV in PDF Format (2,786 KB).

Session 1: Policy-Driven Intrusion Detection and the Inside Threat

Misuse
Jim Anderson, James Anderson Co.
Auditing for Database Systems and Applications
Marvin Schaefer, Arca Systems, Inc.
Concept Learning and Searching Over Networks Using Java Agents for Meta-learning
Salvatore J. Stolfo, Columbia University
Distributed Security Policy Database
Dai Vu, Lockheed Martin
Misuse Detection in Database Systems
Raymond Yip, University of California, Davis
Detecting Insider Attacks
E. Eugene Schultz, SRI Consulting

Session 2: Intrusion Detection technology for Small Scale Systems

Haystack Labs, Inc. Product Lines
Steve Smaha, Haystack Labs, Inc.
A NADIR Progress Report
Kathleen A. Jackson, Computing, Information, and Communications (CIC) Division
Immunology and Computer Security
Steven Hofmeyr, University of New Mexico
Lincoln Laboratory Intrusion Detection Research
Richard P. Lippman, MIT Lincoln Laboratory

Session 3: New Attacks and New Twists on Existing Attacks

ATM Firewall Technology: Lessons for Intrusion Detection
Christoph L. Schuba, Purdue University
Denial-of-Service Attacks
Simson Garfinkle
Attacks on Cellular Systems [Paper]
Hai-Ping Ko, GTE Laboratories Incorporated

Session 4: Intrusion Detection in the Large

Miscellaneous Papers from Participants

Internetwork Security Monitor: An Intrusion-Detection System for Large-Scale Networks
L. T. Heberlein, B. Mukherjee, K. N. Levitt, UC Davis

Analysis and Response for Intrusion Detection in Large Networks
Peter G. Neumann, Phillip A. Porras, Alfonso Valdes, SRI International

Distributed Detection of Distributed Attacks
Douglas B. Moran, SRI International

Scalable Intrusion Detection for the Emerging Network Infrastructure
Y. Frank Jou, MCNC

Autonomous Agents
Mark Crosbie, Hewlett-Packard/COAST

Network Management and Operations
JF Mergen, BBN

Session 5: New Environments for Intrusion Detection

Thoughts About Susceptibility to Data Driven Attacks
Marvin Schaefer, Arca Systems, Inc.
The Need for a Standard for the Format and Content of Audit Trails
Katherine Price, Purdue University
Auditing on Sidewinder
Tom Haigh, Secure Computing Corp.
Information Security and the Electric Power Industry
Ab Kader, EPRI

Session 6: Tools for Investigative support

Computer Based Forensics – A Case Study – U. S. Support to the U. N.
Capt. Kevin J. Ziese, AF Information Warfare Center
Interactive Intrusion Detection
Mike Neuman, En Garde Systems, Inc.

Session 7: New Ideas

CMAD IV Summary
Mark Schneider, Office of INFOSEC Research
Some Thoughts
Gene Spafford, Purdue University
New Ideas: Borrowing from other Areas
Mary Ellen Zurko, Open Group Research Institute