*
DIMACS Workshop on Large-Scale Internet Attacks
September 23 - 24, 2003
DIMACS Center, Rutgers University, Piscataway, NJ
Organizers:
Vern Paxson, ICSI, [EMAIL PROTECTED]
Steve Bellovin, ATT Research, [EMAIL PROTECTED]
Stuart Staniford, Silicon Defense
Stefan Savage, University of California, [EMAIL PROTECTED]
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.
As the Internet has grown greatly in size, new forms of attacks that
leverage the network's increasing scale have gained prominence. At the
same time, the network's scale also often increases the difficulty of
countering attacks, making it more difficult to trace back attackers or
deploy widespread defensive measures. This workshop aims to assess the
lay of the land in terms of large-scale Internet attacks and then to look
for principles common to the problem domain. The focus will be on three
general types of large-scale attacks: distributed denial-of-service (DDOS),
self-propagating malicious code (worms), and attacks targetting the
network's components (infrastructure attacks).
Participation in the workshop is quite limited because of the emphasis on
achieving a high degree of interactivity discussion. Potential attendees
interested in participating should contact the organization chair at
[EMAIL PROTECTED], including a description of relevant background and the
specific topic(s) of interest for discussion exploration.
Workshop Program:
Preliminary Program for DIMACS Workshop on Large-Scale Attacks
IMPORTANT: the workshop is meant to be a true workshop, in which the
actual program is fluid, and the emphasis is on interactivity and
incubating new connections (both between people and across areas). We
anticipate last-minute changes, and indeed may alter the program on
the spot as discussion and opportunity suggests.
Tuesday, September 23, 2003
8:30 - 9:30 Breakfast and Registration
9:30 - 9:40 Opening remarks
Melvin Janowitz, Associate Director of DIMACS
9:40 - 10:00 Welcome
Attendee Introductions
10:00 - 12:00 Experiences with large-scale attacks
A Large-scale View of Large-scale Attacks
Sean Donalen, SBC Internet Services
Infrastructure Attack Trends
Craig Labovitz, Arbor Networks
Attacks on services
Discussion
12:00 - 1:30 Lunch
1:30 - 3:00 DDoS
Overview
John Ioannidis, ATT Labs - Research
Defenses
Angelos Keromytis, Columbia University
Source address filtering
Discussion:
is the problem still relevant?
is traceback relevant?
barriers to deploying solutions?
3:00 - 3:30 Break
3:30 - 5:00 Techniques
Telescopes
David Moore, UCSD
Sampling techniques
George Varghese, UCSD
P2P techniques, large-scale coordination
Joel Sandin, Stanford University
Honeynets
Dave Dittrich, University of Washington
Open Mike (i.e., we'll call in advance for presentations here)
Discussion
6:00 Dinner
Wednesday, September 24, 2003
8:30 - 9:00 Breakfast and Registration
9:00 - 11:30 Worms
Overview
Stuart Staniford, Silicon Defense
Diverse axes of scaling
Dan Ellis, MITRE
Modeling/detecting worm propagation
Lixin Gao, University of Massachusetts
Topological worm defenses
Nick Weaver, UCB
Break
Pulsing attacks on routers
Auto-patching
Angelos Keromytis, Columbia University
Discussion
11:30 - 1:00 Lunch
1:00 - 2:30 Attacks on routing
BGP attacks
Targeted link attacks
Steve Bellovin, ATT Labs - Research
Authentication and robustness
Alex Snoeren, UCSD
Discussion
2:30 - 2:45 Break
2:45 - 4:00 Where do we need to go?
Facilitated discussion
Stefan Savage, UCSD
**
Registration Fees:
(Pre-registration deadline: September 17, 2003)
Regular Rate
Preregister before deadline $120/day
After preregistration deadline $140/day
Reduced Rate*
Preregister before deadline $60/day
After preregistration deadline $70/day
Postdocs
Preregister before deadline $10/day
After preregistration deadline $15/day
DIMACS Postdocs $0