RESEARCH AND DEVELOPMENT
PAPERS AND PRESENTATIONS
David Dittrich:P2P as botnet command and control: a deeper insight, by David Dittrichand Sven Dietrich, in Proceedings of the 2008 3rd InternationalConference on Malicious and Unwanted Software (Malware), October 2008("Best Paper" award winner)http://staff.washington.edu/dittrich/misc/malware08-dd-final.pdf
New Directions in Peer-to-Peer Malware, by Dave Dittrich and SvenDietrich, IEEE Sarnoff Symposium 2008, April 2008, pp. 1-5http://staff.washington.edu/dittrich/misc/sarnoff08-dd.pdf
On Developing Tomorrow's "Cyber Warriors," by David Dittrich, inProccedings of the 12th Colloquium for Information Systems SecurityEducation, Dallas, Texas, USA, June 2008
"Understanding Emerging Threats: The case of Nugache," (co-presentedwith Bruce Dang, Microsoft), SOURCE Boston conference, March 2008
Arrigo Triulzi: http://www.alchemistowl.org/arrigo/Papers/Arrigo-Triulzi-PACSEC08-Project-Maux-II.pdf
Currently working on the "HTTP Sinkholing" paper/tools for project release. Assisted by Robert Danford. "Proxybot Network threats" "non-public LE centric conference, Feb 2008" (releated to "Socks v666" Honeynet project Lite paper.) "HTTP Sinkholing" "Microsoft GIAIS Summit, July 2008" "Passive Discovery of HTTP Based Malicious code" "non-public LE centric Conference, Oct 2008"
Estonia CERT (EE-CERT) workshop - 10/Sep/08 :"Know Your Enemy, Service Provider update" (DDoS and botnets,VoIP honeypot, SSH/MySQL honeypot (content from Einar/honeynor).