Vasilios Siris - Böcker

The 3rd European Conference on Computer Network Defense took place in September 2007 at Aldemar Hotel, in Heraklion, Crete, Greece in cooperation with the European Network and Information Security Agency (ENISA). The theme of the conference was the protection of computer networks. The conference drew participants from academia and industry in Europe and beyond to discuss hot topics in applied network and systems security. The conference was a great success, with 6 refereed papers and 6 invited presentations on topics ranging from high assurance networks of virtual machines to signaling vulnerabilities in wiretapping systems. This book contains the refereed as well as refereed papers. We are greatful to the authors and presenters for their contributions, as well as the participants of EC2N’07 for making the conference a success. We are looking forward to a successful EC2ND event in 2008. K. G. Anagnostakis, S. Ioannidis, V. Siris Contents 1 Tales from the Crypt: Fingerprinting Attacks on Encrypted Channels by Way of Retainting ........................................1 Michael Valkering, Asia Slowinska, and Herbert Bos 1 Introduction ......................................................................................... 1 2 Architecture ......................................................................................... 3 2.1 Tracking Issues .............................................................................. 4 2.2 Retainting ...................................................................................... 6 2.2.1 Determining the Tag ............................................................. 6 2.2.2 Identifying the SSL Conversation ........................................ 8 2.3 Interposition Details...................................................................... 9 3 Signature Generation ........................................................................... 9 3.1 Pattern-Based Signatures ............................................................. 10 3.2 Signatures for Polymorphic Buffer Overflows ............................ 13 4 Filters ................................................................................................. 14 5 Results ............................................................................................... 15 6 Related Work ..................................................................................... 17 7 Conclusions ....................................................................................... 18 References ............................................................................................ 18 2 Towards High Assurance Networks of Virtual Machines...............21

The 3rd European Conference on Computer Network Defense took place in September 2007 at Aldemar Hotel, in Heraklion, Crete, Greece in cooperation with the European Network and Information Security Agency (ENISA). The theme of the conference was the protection of computer networks. The conference drew participants from academia and industry in Europe and beyond to discuss hot topics in applied network and systems security. The conference was a great success, with 6 refereed papers and 6 invited presentations on topics ranging from high assurance networks of virtual machines to signaling vulnerabilities in wiretapping systems. This book contains the refereed as well as refereed papers. We are greatful to the authors and presenters for their contributions, as well as the participants of EC2N’07 for making the conference a success. We are looking forward to a successful EC2ND event in 2008. K. G. Anagnostakis, S. Ioannidis, V. Siris Contents 1 Tales from the Crypt: Fingerprinting Attacks on Encrypted Channels by Way of Retainting ........................................1 Michael Valkering, Asia Slowinska, and Herbert Bos 1 Introduction ......................................................................................... 1 2 Architecture ......................................................................................... 3 2.1 Tracking Issues .............................................................................. 4 2.2 Retainting ...................................................................................... 6 2.2.1 Determining the Tag ............................................................. 6 2.2.2 Identifying the SSL Conversation ........................................ 8 2.3 Interposition Details...................................................................... 9 3 Signature Generation ........................................................................... 9 3.1 Pattern-Based Signatures ............................................................. 10 3.2 Signatures for Polymorphic Buffer Overflows ............................ 13 4 Filters ................................................................................................. 14 5 Results ............................................................................................... 15 6 Related Work ..................................................................................... 17 7 Conclusions ....................................................................................... 18 References ............................................................................................ 18 2 Towards High Assurance Networks of Virtual Machines...............21

The current book provides a final report of activity performed by the COST 290 Action, ‘‘Traffic and QoS Management in Wireless Multimedia Networks,’’ which ran from March 10, 2004, until June 3, 2008. After an introduction to the COST framework and the Action’s survey time-frame and activities, the main part of the book addresses a number of technical issues, which are structured into several chapters. All those issues have been carefully investigated by the COST 290 community during the course of the project – the information presented in this book can be regarded as ultimate for each particular topic; every open research issue addressed in the book is described carefully, corresponding existing studies are analyzed and results achieved by the COST 290 community are presented and compared, and further research directions are defined and analyzed. Because the book covers a wide area of research addressing issues of modern wired and wireless networking at different layers, starting from the physical layer up to the application layer, it can be recommended to be used by researchers and students to obtain a comprehensive analysis on particular research topics including related areas, to obtain broad and ultimate referencing, and to be advised on current open issues. COST 290 is one of the Actions of the European COST Program. Founded in 1971, COST is an intergovernmental framework for European Cooperation in the field of Scientific and Technical Research, allowing the coordination of nationally funded research on a European level.