3. DISCEX 2003: Washington, DC, USA

Volume I

Distributed Denial of Service (DDOS) Defenses

• Christos Papadopoulos, Robert Lindell, John Mehringer, Alefiya Hussain, Ramesh Govindan:
  COSSACK: Coordinated Suppression of Simultaneous Attacks. 2-13
  
• Roshan K. Thomas, Brian L. Mark, Tommy Johnson, James Croall:
  NetBouncer: Client-legitimacy-based High-performance DDoS Filtering. 14-25
  
• W. J. Blackert, D. M. Gregg, A. K. Castner, E. M. Kyle, R. L. Hom, R. M. Jokerst:
  Analyzing Interaction Between Distributed Denial of Service Attacks And Mitigation Technologies. 26-
  

Access Control, Authorization, and Anonymity

• Robert Watson, Brian Feldman, Adam Migus, Chris Vance:
  Design and Implementation of the TrustedBSD MAC Framework. 38-49
  
• Tatyana Ryutov, B. Clifford Neuman, Dong-Ho Kim:
  Dynamic Authorization and Intrusion Response in Distributed Systems. 50-61
  
• H. T. Kung, Chen-Mou Cheng, Koan-Sin Tan, Scott Bradner:
  Design and Analysis of an IP-Layer Anonymizing Infrastructure. 62-
  

Survivability, Fault Tolerance, and Containment

• John C. Knight, Elisabeth A. Strunk, Kevin J. Sullivan:
  Towards a Rigorous Definition of Information System Survivability. 78-89
  
• Dick O'Brien, Rick Smith, Tammy Kappel, Clint Bitzer:
  Intrusion Tolerance Via Network Layer Controls. 90-96
  
• Sandra Murphy, Abhijit Hayatnagarkar, Suresh Krishnaswamy, Wayne Morrison, Robert Watson:
  Prophylactic, Treatment and Containment Techniques for Ensuring Active Network Security. 97-
  

Red Teams and Operational Experimentation

• David Levin:
  Lessons Learned in Using Live Red Teams in IA Experiments. 110-119
  
• Crispin Cowan, Seth Arnold, Steve Beattie, Chris Wright, John Viega:
  Defcon Capture the Flag: Defending Vulnerable Code from Intense Attack. 120-129
  
• Seth Robertson, Eric V. Siegel, Matthew Miller, Salvatore J. Stolfo:
  Surveillance Detection in High Bandwidth Environments. 130-
  

Anomaly Detection

• Alfonso Valdes:
  Detecting Novel Scans Through Pattern Anomaly Detection. 140-151
  
• Christoph C. Michael:
  Finding the Vocabulary of Program Behavior Data for Anomaly Detection. 152-163
  
• Steven J. Templeton, Karl E. Levitt:
  Detecting Spoofed Packets. 164-
  

Trust Management

• Angelos D. Keromytis, Sotiris Ioannidis, Michael B. Greenwald, Jonathan M. Smith:
  The STRONGMAN Architecture. 178-188
  
• Timothy J. Smith, Gregory T. Byrd, Xiaoyong Wu, Hongjie Xin, Krithiga Thangavelu, Rong Wang, Arpan Shah:
  Dynamic PKI and Secure Tuplespaces for Distributed Coalitions. 189-200
  
• Ninghui Li, John C. Mitchell:
  A Role-based Trust-management Framework. 201-
  

Routing and Group Communications

• Xiaoliang Zhao, Daniel Massey, Shyhtsun Felix Wu, Mohit Lad, Dan Pei, Lan Wang, Lixia Zhang:
  Understanding BGP Behavior through a Study of DoD Prefixes. 214-225
  
• Yair Amir, Cristina Nita-Rotaru, Jonathan Robert Stanton, Gene Tsudik:
  Scaling Secure Group Communication Systems: Beyond Peer-to-Peer. 226-237
  
• Jonathan K. Millen, Grit Denker:
  MuCAPSL. 238-
  

Optical and Wireless Networking

• Sava Stanic, Suresh Subramaniam, Hongsik Choi, Gokhan Sahin, Hyeong-Ah Choi:
  Efficient Alarm Management in Optical Networks. 252-260
  
• Sudarshan Vasudevan, Brian DeCleene, Neil Immerman, James F. Kurose, Donald F. Towsley:
  Leader Election Algorithms for Wireless Ad Hoc Networks. 261-272
  
• Rui Jiang, Vikram Gupta, Chinya V. Ravishankar:
  Interactions Between TCP and the IEEE 802.11 MAC Protocol. 273-
  

Attack Modeling and Response

• Steven Cheung, Ulf Lindqvist, Martin W. Fong:
  Modeling Multistep Cyber Attacks for Scenario Recognition. 284-292
  
• D. Nojiri, Jeff Rowe, Karl N. Levitt:
  Cooperative Response Strategies for Large Scale Attack Mitigation. 293-302
  
• Laura Feinstein, Dan Schnackenberg, Ravindra Balupari, Darrell Kindred:
  Statistical Approaches to DDoS Attack Detection and Response. 303-
  

Volume II

Composable High Assurance Trusted Systems (CHATS)

• Edward Bubnis, Shelby Evans, Peter Fischer, Elizabeth Meighan, Aswin Almeida:
  Open-Source PKI on SELinux A Technology Description. 4-6
  
• Dan DaCosta, Christopher Dahn, Spiros Mancoridis, Vassilis Prevelakis:
  Demonstration of COSAK static analysis tools. 7-9
  
• Cynthia E. Irvine, David J. Shifflett, Paul C. Clark, Timothy E. Levin, George W. Dinolt:
  MYSEA Technology Demonstration. 10-12
  
• Robert Watson, Brian Feldman, Adam Migus, Chris Vance:
  The TrustedBSD MAC Framework. 13-
  

Cyber Panel

• Anita D'Amico, Stephen Salas:
  Visualization as an Aid for Assessing the Mission Impact of Information Security Breaches. 18-20
  
• Derek Armstrong, Sam Carter, Gregory Frazier, Tiffany Frazier:
  A Controller-Based Autonomic Defense System. 21-23
  
• Walter L. Heimerdinger:
  Scyllarus Intrusion Detection Report Correlator and Analyzer. 24-26
  
• Calvin Ko:
  System Health and Intrusion Monitoring: Technology Description. 27-29
  
• David J. Musliner:
  CIRCADIA Demonstration: Active Adaptive Defense. 30-31
  
• Laura Tinnel, O. Sami Saydjari, Joshua W. Haines:
  An Integrated Cyber Panel System. 32-34
  
• J. Ken Williams:
  Intelligence Preparation of the Information Battlespace (IPIB). 35-
  

Dynamic Coalitions (DC)

• Himanshu Khurana, Serban I. Gavrila, Rakeshbabu Bobba, Radostina K. Koleva, Anuja Sonalker, Emilian Dinu, Virgil D. Gligor, John S. Baras:
  Integrated Security Services for Dynamic Coalitions. 38-40
  
• Thomas Kostas, Diane Kiwior, Gowri Rajappan, Michel Dalal:
  Key Management for Secure Multicast Group Communication in Mobile Networks. 41-43
  
• Jim Irrer, Atul Prakash, Patrick McDaniel:
  Antigone: Policy-based Secure Group Communication System and AMirD: Antigone-based Secure File Mirroring System. 44-46
  
• Sandeep Bhatt, S. Raj Rajagopalan, Prasad Rao:
  Federated Security Management for Dynamic Coalitions. 47-48
  
• Kent E. Seamons, Thomas Chan, Evan Child, Michael Halcrow, Adam Hess, Jason E. Holt, Jared Jacobson, Ryan Jarvis, Aaron Patty, Bryan Smith, Tore Sundelin, Lina Yu:
  TrustBuilder: Negotiating Trust in Dynamic Coalitions. 49-51
  
• Timothy J. Smith, Gregory T. Byrd:
  Yalta: A Dynamic PKI and Secure Tuplespaces for Distributed Coalitions. 52-54
  
• William Stephens, Brian A. Coan, Sanjai Narain, Vikram Kaul, Kirthika Parmeswaran, Thanh Cheng:
  A Toolkit For Building Secure, Fault-Tolerant Virtual Private Networks Technology Description. 55-57
  
• Michael T. Goodrich, Michael Shin, Christian D. Straub, Roberto Tamassia:
  Distributed Data Authenication (System Demonstration). 58-59
  
• William H. Winsborough, Jay Jacobs:
  Automated Trust Negotiation Technology with Attribute-based Access Control. 60-
  

Fault Tolerant Networks (FTN)

• Yair Amir, Ryan Caudy, Ashima Munjal, Theo Schlossnagle, Ciprian Tutu:
  The Wackamole Approach to Fault Tolerant Networks Demo. 64-65
  
• W. J. Blackert, D. M. Gregg, A. K. Castner, R. L. Hom, R. M. Jokerst, E. M. Kyle:
  Distributed Denial of Service Defense Attack Tradeoff Analysis (DDOS-DATA). 66-67
  
• Hyeong-Ah Choi, Suresh Subramaniam, Hongsik Choi:
  NCAC: Network Congestion Analyzer and Controller. 68-70
  
• Crispin Cowan:
  Defcon Capture the Flag: Defending Vulnerable Code from Intense Attack. 71-72
  
• Laura Feinstein, Dan Schnackenberg, Ravindra Balupari, Darrell Kindred:
  DDoS Tolerant Networks. 73-75
  
• Roger Knobbe, Andrew Purtell:
  Guaranteed Internet Stack Utilization (GINSU) Building Blocks. 76-77
  
• Chen-Mou Cheng, H. T. Kung, Koan-Sin Tan, Scott Bradner:
  ANON: An IP-Layer Anonymizing Infrastructure. 78-80
  
• Tom Markham, Lynn Meredith, Charlie Payne:
  Distributed Embedded Firewalls with Virtual Private Groups. 81-83
  
• Wes Griffin, Russ Mundy, Sam Weiler, Dan Massey, Naheed Vora:
  Fault-Tolerant Mesh of Trust Applied to DNS Security. 84-86
  
• Louise E. Moser, P. M. Melliar-Smith:
  Demonstration of Fault Tolerance for CORBA Applications. 87-89
  
• Todd Hughes, Mike Junod, Andy Muckelbauer:
  Dynamic Trust-based Resource Allocation. 90
  
• Sandra Murphy, Abhijit Hayatnagarkar, Suresh Krishnaswamy, Wayne Morrison, Robert Watson:
  Active Network Fault Response. 91-93
  
• Christos Papadopoulos, Robert Lindell, John Mehringer, Alefiya Hussain, Ramesh Govindan:
  COSSACK: Coordinated Suppression of Simultaneous Attacks. 94-96
  
• Kihong Park:
  Scalable DDoS Protection Using Route-Based Filtering. 97-97
  
• Ranga S. Ramanujan, S. Kudige, T. Nguyen:
  Techniques for Intrusion-Resistant Ad Hoc Routing Algorithms (TIARA). 98-100
  
• Max Robinson, Jelena Mirkovic, B. Scott Michel, Matthew Schnaider, Peter L. Reiher:
  DefCOM: Defensive Cooperative Overlay Mesh. 101-102
  
• Scott Rose, Kevin Bowers, Stephen Quirolgico, Kevin Mills:
  Improving Failure Responsiveness in Jini Leasing. 103-105
  
• W. Timothy Strayer, Christine E. Jones, Fabrice Tchakountio, Alex C. Snoeren, Beverly Schwartz, Robert C. Clements, Matthew Condell, Craig Partridge:
  SPIE Demonstration: Single Packet Traceback. 106-107
  
• Paul F. Syverson:
  Onion Routing for Resistance to Traffic Analysis. 108-110
  
• Roshan K. Thomas, Hong Zhu, Tim Huck, Tommy Johnson:
  NetBouncer: Client-legitimacy-based High-performance DDoS Filtering. 111
  
• Joseph D. Touch, Lars Eggert, Yu-Shun Wang:
  TetherNet Anti-NAT - Secure Internet Subnet Rental System. 112-
  

Organically Assured and Survivable Information Systems (OASIS)

• Robert Balzer:
  Safe Email, Safe Office, and Safe Web Browser. 116
  
• Lujo Bauer, Michael A. Schneider, Edward W. Felten, Andrew W. Appel:
  Access Control on the Web Using Proof-carrying Authorization. 117-119
  
• Mark Feldman:
  Enterprise Wrappers for Information Assurance. 120-122
  
• John C. Knight, Jonathan Hill, Philip E. Varner, Premkumar T. Devanbu, Alexander L. Wolf, Dennis Heimbigner:
  Willow System Demonstration. 123-125
  
• William Weinstein, Janet Lepanto:
  Camouflage of Network Traffic to Resist Attack (CONTRA). 126-127
  
• Alfonso Valdes, Magnus Almgren, Steven Cheung, Yves Deswarte, Bruno Dutertre, Joshua Levy, Hassen Saïdi, Victoria Stavridou, Tomás E. Uribe:
  Dependable Intrusion Tolerance: Technology Demo. 128-130
  
• Peng Liu:
  ITDB: An Attack Self-Healing Database System Prototype. 131-133
  
• D. O'Brien:
  Intrusion Tolerant Web Servers via Network Layer Controls. 134
  
• P. Pal:
  Demonstrating Intrusion Tolerance With ITUA. 135-137
  
• Ranga S. Ramanujan, Maher Kaddoura, J. Wu, C. Sanders, K. Millikin:
  VPNshield: Protecing VPN Services from Denial-of-Service (DoS) Attacks. 138-139
  
• J. Reynolds:
  On-Line Attack Prevention and Continual Recovery. 140-142
  
• Viren Shah, Frank Hill:
  An Aspect-Oriented Security Framework. 143-145
  
• J. Shukla:
  OmniVPN. 146
  
• Matthew Stillerman, Dexter Kozen:
  Efficient Code Certification for Open Firmware. 147-148
  
• Gregg Tally, Brent Whitmore, David Sames, Brian Matt, Brian Niebuhr, David E. Bakken:
  Intrusion Tolerant Distributed Object Systems: Project Summary. 149-151
  
• Tom Van Vleck, Andrew Reisse:
  SPMA - Java Binary Enhancement Tool. 152
  
• Feiyi Wang, Raghu Upppalli:
  SITAR: A Scalable Intrusion-Tolerant Architecture for Distributed Services-A Technology Summary. 153-
  

Operational Experimentation (OPX)

• M. Miller:
  System Detection's Hawkeye Platform. 158-
  

Composable High Assurance Trusted Systems (CHATS)

• Myla Archer, Elizabeth I. Leonard, Matteo Pradella:
  Modeling Security-Enhanced Linux Policy Specifications for Analysis. 164-169
  
• Edward Bubnis, Shelby Evans, Peter Fischer, Elizabeth Meighan, Aswin Almeida:
  Open-Source PKI on SELinux. 170-175
  
• Cynthia E. Irvine, David J. Shifflett, Paul C. Clark, Timothy E. Levin, George W. Dinolt:
  Monterey Security Enhanced Architecture Project. 176-181
  
• Peter G. Neumann:
  Achieving Principled Assuredly Trustworthy Composable Systems and Networks. 182-187
  
• Hans T. Reiser:
  Enhancing ReiserFS Security In Linux. 188-
  

Cyber Panel

• Anita D'Amico, Stephen Salas:
  Visualization as an Aid for Assessing the Mission Impact of Information Security Breaches. 190-195
  
• Joshua W. Haines, Stephen A. Goulet, Robert S. Durst, Terrance G. Champion:
  LLSIM: Network Simulation for Correlation and Response Testing. 196-201
  
• Calvin Ko, Karl N. Levitt:
  System Health and Intrusion Monitoring (SHIM): Project Summary. 202-207
  
• John J. Shaw:
  Predicting the Impact of Cyber-Attacks on BMC3 Enterprises. 208-
  

Dynamic Coalitions (DC)

• Vijay G. Bharadwaj, John S. Baras:
  A Framework for Automated Negotiation of Access Control Policies. 216-221
  
• Weifeng Chen, Lakshminath R. Dondeti:
  Recommendations in Using Group Key Management Algorithms. 222-227
  
• Jeffrey Kay, Steve Crocker:
  DyCER: A Lightweight Data Sharing System Using Replication. 228-233
  
• Patrick McDaniel, Atul Prakash:
  A Flexible Architecture for Security Policy Enforcement. 234-239
  
• Kent E. Seamons, Marianne Winslett, Ting Yu, Thomas Chan, Evan Child, Michael Halcrow, Adam Hess, Jason E. Holt, Jared Jacobson, Ryan Jarvis, Bryan Smith, Tore Sundelin, Lina Yu:
  Trust Negotiation in Dynamic Coalitions. 240-245
  
• Michael T. Goodrich, Roberto Tamassia:
  Efficient and Scalable Infrastructure Support for Dynamic Coalitions. 246-251
  
• William H. Winsborough, Jay Jacobs:
  Automated Trust Negotiation in Attribute-based Access Control. 252-
  

Fault Tolerant Networks (FTN)

• Lynn M. Meredith:
  A Summary of the Autonomic Distributed Firewalls (ADF) Project. 260-265
  
• W. Timothy Strayer, Christine E. Jones, Fabrice Tchakountio, Alex C. Snoeren, Beverly Schwartz, Robert C. Clements, Matthew Condell, Craig Partridge:
  Traceback of Single IP Packets Using SPIE. 266-270
  
• Joseph D. Touch, Gregory G. Finn, Yu-Shun Wang, Lars Eggert:
  DynaBone: Dynamic Defense Using Multi-layer Internet Overlays. 271-276
  
• Xiaoyong Wu, Vinay A. Mahadik, Douglas S. Reeves:
  A Summary of Detection of Denial-of-QoS Attacks on DiffServ Networks. 277-
  

Organically Assured and Survivable Information Systems (OASIS)

• Peng Liu:
  Engineering a Distributed Intrusion Tolerant Database System Using COTS Components. 284-289
  
• Salvatore J. Stolfo, Shlomo Hershkop, Ke Wang, Olivier Nimeskern:
  EMT/MET: Systems for Modeling and Detecting Errant Email. 290-