From mdlemay2 at illinois.edu Fri Mar 4 15:53:32 2011 From: mdlemay2 at illinois.edu (LeMay, Michael D) Date: Fri, 4 Mar 2011 15:53:32 -0600 Subject: [cs591rhc] Paper for 3/7: New Security Architectures Based on Emerging Disk Functionality Message-ID: Hello all, On Monday we'll be discussing this paper from the IEEE Security and Privacy magazine. Here's its CiteULike page: http://www.citeulike.org/group/14385/article/8341686 Operating systems used all sorts of mechanisms through the years to provide isolation, and this looks like an interesting, unusual approach that uses the disk itself and a physical token to enforce isolation between VMs. See you on Monday! Michael LeMay PhD Candidate http://m.lemays.org -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.cs.uiuc.edu/mailman/private/cs591rhc/attachments/20110304/a610a122/attachment.html From mmontan2 at illinois.edu Mon Mar 7 08:37:05 2011 From: mmontan2 at illinois.edu (Mirko Montanari) Date: Mon, 7 Mar 2011 07:37:05 -0700 Subject: [cs591rhc] Fwd: Paper for 3/7: New Security Architectures Based on Emerging Disk Functionality References: Message-ID: Hello everybody, This is a reminder that today at 11am in the usual 3124SC we are going to discuss the paper below. Moderator: Michael Pro: Cristina Cons: Keun-Soo Thanks! Mirk Begin forwarded message: > From: "LeMay, Michael D" > Date: March 4, 2011 2:53:32 PM MST > To: "cs591rhc at cs.uiuc.edu" > Subject: [cs591rhc] Paper for 3/7: New Security Architectures Based on Emerging Disk Functionality > > Hello all, > > > > On Monday we?ll be discussing this paper from the IEEE Security and Privacy magazine. Here?s its CiteULike page: http://www.citeulike.org/group/14385/article/8341686 > > > > Operating systems used all sorts of mechanisms through the years to provide isolation, and this looks like an interesting, unusual approach that uses the disk itself and a physical token to enforce isolation between VMs. See you on Monday! > > > > Michael LeMay > > PhD Candidate > > http://m.lemays.org > > > > _______________________________________________ > cs591rhc mailing list > cs591rhc at cs.uiuc.edu > http://lists.cs.uiuc.edu/mailman/listinfo/cs591rhc -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.cs.uiuc.edu/mailman/private/cs591rhc/attachments/20110307/85db0768/attachment.html From mmontan2 at illinois.edu Mon Mar 7 09:15:34 2011 From: mmontan2 at illinois.edu (Mirko Montanari) Date: Mon, 7 Mar 2011 08:15:34 -0700 Subject: [cs591rhc] Fwd: Fwd: Paper for 3/7: New Security Architectures Based on Emerging Disk Functionality References: Message-ID: <83CC3930-DB27-4186-AAA1-4A270ABE489C@illinois.edu> The citeulike link seems to be broken now. Please use the following link to the paper. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=5456358 Thanks, Mirko Sent from my iPhone Begin forwarded message: > From: Mirko Montanari > Date: March 7, 2011 7:37:05 AM MST > To: "cs591rhc at cs.uiuc.edu" > Subject: [cs591rhc] Fwd: Paper for 3/7: New Security Architectures Based on Emerging Disk Functionality > > Hello everybody, > > This is a reminder that today at 11am in the usual 3124SC we are going to discuss the paper below. > > Moderator: Michael > Pro: Cristina > Cons: Keun-Soo > > Thanks! > Mirk > > Begin forwarded message: > >> From: "LeMay, Michael D" >> Date: March 4, 2011 2:53:32 PM MST >> To: "cs591rhc at cs.uiuc.edu" >> Subject: [cs591rhc] Paper for 3/7: New Security Architectures Based on Emerging Disk Functionality >> > >> Hello all, >> >> >> >> On Monday we?ll be discussing this paper from the IEEE Security and Privacy magazine. Here?s its CiteULike page: http://www.citeulike.org/group/14385/article/8341686 >> >> >> >> Operating systems used all sorts of mechanisms through the years to provide isolation, and this looks like an interesting, unusual approach that uses the disk itself and a physical token to enforce isolation between VMs. See you on Monday! >> >> >> >> Michael LeMay >> >> PhD Candidate >> >> http://m.lemays.org >> >> >> >> _______________________________________________ >> cs591rhc mailing list >> cs591rhc at cs.uiuc.edu >> http://lists.cs.uiuc.edu/mailman/listinfo/cs591rhc > _______________________________________________ > cs591rhc mailing list > cs591rhc at cs.uiuc.edu > http://lists.cs.uiuc.edu/mailman/listinfo/cs591rhc -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.cs.uiuc.edu/mailman/private/cs591rhc/attachments/20110307/59a3825f/attachment.html From mmontan2 at illinois.edu Tue Mar 8 23:10:54 2011 From: mmontan2 at illinois.edu (Mirko Montanari) Date: Tue, 8 Mar 2011 22:10:54 -0700 Subject: [cs591rhc] Internship opportunity at Intel in Systems Security References: Message-ID: Hello everybody, > Sruthi shared an interesting internship opportunity. Intel Labs is looking for somebody who works in systems security for an internship this summer. The contact's name is Ravi Sahita (ravi.sahita at intel.com). You can contact Ravi directly and mention that Sruthi forwarded the message. thanks! mirko. Begin forwarded message: > From: Sruthi Bandhakavi > Date: March 8, 2011 5:44:58 PM MST > To: Mirko Montanari > Subject: Fwd: query for availability for an internship > > > Hi Mirko, > > Intel Labs is looking for somebody who works in systems security for an internship this summer. The contact's name is Ravi Sahita (ravi.sahita at intel.com). Could you please forward this message to the security reading group and ask people to contact Ravi directly if they are interested? They can mention that I forwarded the message. > > Thanks, > Sruthi > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.cs.uiuc.edu/mailman/private/cs591rhc/attachments/20110308/636273cf/attachment.html From mmontan2 at illinois.edu Sat Mar 12 16:09:09 2011 From: mmontan2 at illinois.edu (Mirko Montanari) Date: Sat, 12 Mar 2011 16:09:09 -0600 Subject: [cs591rhc] =?windows-1252?q?Paper_for_03/14=3A__Don=92t_Trust=2E_?= =?windows-1252?q?And_Verify=2E_A_Security_Architecture_Stack_for_the_Clou?= =?windows-1252?q?d?= Message-ID: <2A9829EF-6A2E-4CCE-B7BC-918E5A9550C4@illinois.edu> Hello everybody, Monday at 11am in 3124SC we are going to talk about the following paper: Don't Trust. And Verify: A Security Architecture Stack for the Cloud Gunnar Peterson IEEE Security & Privacy Magazine, Vol. 8, No. 5. (September 2010), pp. 83-86. This paper is a quick introduction to some ideas about cloud security. I would like to take this paper as a starting point to discuss more in general about what kind of security problems research should address in the context of cloud computing from the perspective of enterprise networks. We don't have anybody signed up for pro and cons, but the paper is short and I think everybody can come up with some interesting discussion points. Abstract: This article is for security architects whose companies are moving critical systems to the cloud. Whenever technology architecture changes, it's worth revisiting the assumptions that went into security architecture and design. This is particularly relevant for security and cloud computing; although many organizations rate security as a critical issue in moving to the cloud, few know what to do about it. Thanks! mirko. From mmontan2 at illinois.edu Sat Mar 12 16:10:56 2011 From: mmontan2 at illinois.edu (Mirko Montanari) Date: Sat, 12 Mar 2011 16:10:56 -0600 Subject: [cs591rhc] =?windows-1252?q?Paper_for_03/14=3A__Don=92t_Trust=2E_?= =?windows-1252?q?And_Verify=2E_A_Security_Architecture_Stack_for_the_Clou?= =?windows-1252?q?d?= In-Reply-To: <2A9829EF-6A2E-4CCE-B7BC-918E5A9550C4@illinois.edu> References: <2A9829EF-6A2E-4CCE-B7BC-918E5A9550C4@illinois.edu> Message-ID: <21B9DBB7-866E-474F-BCCE-7E1E8276620A@illinois.edu> A direct link to the paper is the following: http://arctecgroup.net/pdf/donttrustandverify.pdf thanks, mirko. On Mar 12, 2011, at 4:09 PM, Mirko Montanari wrote: > Hello everybody, > > Monday at 11am in 3124SC we are going to talk about the following paper: > > Don't Trust. And Verify: A Security Architecture Stack for the Cloud > Gunnar Peterson > IEEE Security & Privacy Magazine, Vol. 8, No. 5. (September 2010), pp. 83-86. > > This paper is a quick introduction to some ideas about cloud security. I would like to take this paper as a starting point to discuss more in general about what kind of security problems research should address in the context of cloud computing from the perspective of enterprise networks. > > We don't have anybody signed up for pro and cons, but the paper is short and I think everybody can come up with some interesting discussion points. > > Abstract: This article is for security architects whose companies are moving critical systems to the cloud. Whenever technology architecture changes, it's worth revisiting the assumptions that went into security architecture and design. This is particularly relevant for security and cloud computing; although many organizations rate security as a critical issue in moving to the cloud, few know what to do about it. > > Thanks! > mirko. > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.cs.uiuc.edu/mailman/private/cs591rhc/attachments/20110312/bea07bdd/attachment.html From mmontan2 at illinois.edu Mon Mar 14 08:59:12 2011 From: mmontan2 at illinois.edu (Mirko Montanari) Date: Mon, 14 Mar 2011 08:59:12 -0500 Subject: [cs591rhc] =?windows-1252?q?Fwd=3A_Paper_for_03/14=3A__Don=92t_Tr?= =?windows-1252?q?ust=2E_And_Verify=2E_A_Security_Architecture_Stack_for_t?= =?windows-1252?q?he_Cloud?= References: <21B9DBB7-866E-474F-BCCE-7E1E8276620A@illinois.edu> Message-ID: <50C04037-BC35-496A-8A6B-5FCAF60AD39E@illinois.edu> Hello folks, This is a reminder that Today we are meeting at 11am in 3124SC for discussing the short paper below. thanks! mirko. Begin forwarded message: > From: Mirko Montanari > Date: March 12, 2011 4:10:56 PM CST > To: cs591rhc at cs.uiuc.edu > Subject: Re: Paper for 03/14: Don?t Trust. And Verify. A Security Architecture Stack for the Cloud > > A direct link to the paper is the following: > > http://arctecgroup.net/pdf/donttrustandverify.pdf > > thanks, > mirko. > > On Mar 12, 2011, at 4:09 PM, Mirko Montanari wrote: > >> Hello everybody, >> >> Monday at 11am in 3124SC we are going to talk about the following paper: >> >> Don't Trust. And Verify: A Security Architecture Stack for the Cloud >> Gunnar Peterson >> IEEE Security & Privacy Magazine, Vol. 8, No. 5. (September 2010), pp. 83-86. >> >> This paper is a quick introduction to some ideas about cloud security. I would like to take this paper as a starting point to discuss more in general about what kind of security problems research should address in the context of cloud computing from the perspective of enterprise networks. >> >> We don't have anybody signed up for pro and cons, but the paper is short and I think everybody can come up with some interesting discussion points. >> >> Abstract: This article is for security architects whose companies are moving critical systems to the cloud. Whenever technology architecture changes, it's worth revisiting the assumptions that went into security architecture and design. This is particularly relevant for security and cloud computing; although many organizations rate security as a critical issue in moving to the cloud, few know what to do about it. >> >> Thanks! >> mirko. >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.cs.uiuc.edu/mailman/private/cs591rhc/attachments/20110314/b6213075/attachment.html From kenrowe at uillinois.edu Mon Mar 14 10:28:03 2011 From: kenrowe at uillinois.edu (Rowe, Ken) Date: Mon, 14 Mar 2011 10:28:03 -0500 Subject: [cs591rhc] Fwd: Paper for 03/14: Don't Trust. And Verify. A Security Architecture Stack for the Cloud In-Reply-To: <50C04037-BC35-496A-8A6B-5FCAF60AD39E@illinois.edu> References: <21B9DBB7-866E-474F-BCCE-7E1E8276620A@illinois.edu> <50C04037-BC35-496A-8A6B-5FCAF60AD39E@illinois.edu> Message-ID: <056567AE69EB764BBFE2048FE4381B02C308CC4C9B@ADMINMAIL12.ui.uillinois.edu> If you are not familiar with the Cloud Security Alliance, see https://cloudsecurityalliance.org/ NIST's work (http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-144 ) is based on foundations from the Alliance. Ken. From: cs591rhc-bounces at cs.uiuc.edu [mailto:cs591rhc-bounces at cs.uiuc.edu] On Behalf Of Mirko Montanari Sent: Monday, March 14, 2011 8:59 AM To: cs591rhc at cs.uiuc.edu Subject: [cs591rhc] Fwd: Paper for 03/14: Don't Trust. And Verify. A Security Architecture Stack for the Cloud Hello folks, This is a reminder that Today we are meeting at 11am in 3124SC for discussing the short paper below. thanks! mirko. Begin forwarded message: From: Mirko Montanari > Date: March 12, 2011 4:10:56 PM CST To: cs591rhc at cs.uiuc.edu Subject: Re: Paper for 03/14: Don't Trust. And Verify. A Security Architecture Stack for the Cloud A direct link to the paper is the following: http://arctecgroup.net/pdf/donttrustandverify.pdf thanks, mirko. On Mar 12, 2011, at 4:09 PM, Mirko Montanari wrote: Hello everybody, Monday at 11am in 3124SC we are going to talk about the following paper: Don't Trust. And Verify: A Security Architecture Stack for the Cloud Gunnar Peterson IEEE Security & Privacy Magazine, Vol. 8, No. 5. (September 2010), pp. 83-86. This paper is a quick introduction to some ideas about cloud security. I would like to take this paper as a starting point to discuss more in general about what kind of security problems research should address in the context of cloud computing from the perspective of enterprise networks. We don't have anybody signed up for pro and cons, but the paper is short and I think everybody can come up with some interesting discussion points. Abstract: This article is for security architects whose companies are moving critical systems to the cloud. Whenever technology architecture changes, it's worth revisiting the assumptions that went into security architecture and design. This is particularly relevant for security and cloud computing; although many organizations rate security as a critical issue in moving to the cloud, few know what to do about it. Thanks! mirko. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.cs.uiuc.edu/mailman/private/cs591rhc/attachments/20110314/d41bb57d/attachment.html From sbandha2 at illinois.edu Mon Mar 14 12:06:17 2011 From: sbandha2 at illinois.edu (Sruthi Bandhakavi) Date: Mon, 14 Mar 2011 12:06:17 -0500 Subject: [cs591rhc] [Academic Job Talks] Practice Seminar - Tuesday, March 15th from 10 to 11 a.m. in 2405 - Presenter is Sruthi Bandhakavi In-Reply-To: References: Message-ID: ---------- Forwarded message ---------- From: McElroy, Rhonda Kay Date: Sun, Mar 13, 2011 at 2:47 PM Subject: [cs-grads] [Academic Job Talks] Practice Seminar - Tuesday, March 15th from 10 to 11 a.m. in 2405 - Presenter is Sruthi Bandhakavi To: "McElroy, Rhonda Kay" , "faculty at cs.illinois.edu" , "cs-grads at cs.illinois.edu" < cs-grads at cs.illinois.edu>, "postdocs at cs.illinois.edu" < postdocs at cs.illinois.edu>, "announce at cs.illinois.edu" < announce at cs.illinois.edu> Cc: "Dig, Daniel" , "Campbell, R H" University of Illinois at Urbana-Champaign Department of Computer Science Thomas M. Siebel Center for Computer Science 201 North Goodwin Avenue Urbana, IL 61801-2302 USA COMPUTER SCIENCE PRACTICE FOR ACADEMIC JOB TALKS SEMINAR Automated Detection of Flow-based Vulnerabilities in Web-Applications Sruthi Bandhakavi Tuesday, March 8th from 10 to 11 a.m. 2405 Siebel Center [cid:image001.jpg at 01CACCCA.52A1DC80] Abstract: Web applications and browsers embed code from different origins, each of which could have different privileges. These applications provide rich functionality to the users by interacting with each other and with the host machine--usually by sending and receiving information. Exploits like SQL injection, cross-site scripting, and privilege escalation attacks can result from such information exchange. In my thesis, I show that information-flow based analysis techniques can be effectively used for detecting and preventing vulnerabilities in web-applications. In this talk, I would go over my most recent work on analyzing web-browser extensions for security vulnerabilities. I will describe VEX, a framework that analyzes JavaScript programs to identify security vulnerabilities in browser extensions. VEX analyzes Firefox JavaScript extensions for several vulnerable flow patterns using high-precision, context-sensitive, flow-sensitive static information flow analysis. We have been able to find several exploitable extensions using this technique. Apart from the above work, I will briefly describe my other work on language-based security and some of my future research ideas. Biography: Sruthi Bandhakavi is a is a PhD student at the University of Illinois at Urbana Champaign. Her research interests are in using program analysis techniques for analyzing programs for security vulnerabilities. Her most recent work focuses on developing tools for analyzing vulnerabilities in web-applications. Her work on finding vulnerabilities in Firefox browser extensions won the best paper award at USENIX Security Symposium in 2010 and was invited for publication at the Communications of the ACM. For more information about the PACAJOT seminar and to sign up to participate, please visit the homepage: https://agora.cs.illinois.edu/display/pacajot/Home _______________________________________________ cs-grads mailing list cs-grads at cs.uiuc.edu http://lists.cs.uiuc.edu/mailman/listinfo/cs-grads -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.cs.uiuc.edu/mailman/private/cs591rhc/attachments/20110314/59c23540/attachment-0001.html -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 27699 bytes Desc: not available Url : http://lists.cs.uiuc.edu/mailman/private/cs591rhc/attachments/20110314/59c23540/attachment-0001.jpg From mmontan2 at illinois.edu Wed Mar 16 14:05:00 2011 From: mmontan2 at illinois.edu (Mirko Montanari) Date: Wed, 16 Mar 2011 14:05:00 -0500 Subject: [cs591rhc] No meeting next week (spring break), but add papers to citeulike Message-ID: <61303D54-E4C2-4EF0-90F1-BB154246EC1A@illinois.edu> Hello folks, Next week is Spring Break so we won't have our usual meeting. Please take this as a chance for adding new papers in the citeulike website: http://www.citeulike.org/group/14385/order/group_rating. To avoid cluttering I clean up the group by moving the articles we read to the group "University of Illinois Security Reading Group - Past Papers" : http://www.citeulike.org/groupfunc/14874/home. Our normal meetings will resume on 03/28 with Shivaram as a moderator. After that, we are going to have three more meetings before our end-of-semester lunch on 04/25. thanks! mirko. From yim6 at illinois.edu Mon Mar 21 04:02:58 2011 From: yim6 at illinois.edu (Yim, Keun Soo) Date: Mon, 21 Mar 2011 04:02:58 -0500 Subject: [cs591rhc] No meeting next week (spring break), but add papers to citeulike In-Reply-To: <61303D54-E4C2-4EF0-90F1-BB154246EC1A@illinois.edu> References: <61303D54-E4C2-4EF0-90F1-BB154246EC1A@illinois.edu> Message-ID: Hi, What about discussing one popular security vulnerability in mobile phones during this break via emails? Just realized ~10% of iPhone users are using jailbreaking and consequently iPhone application piracy are not rare. Do you know what are the security vulnerabilities exploited by jailbreaking or rooting (in Android)? I assume it's okay to talk as it's legal now and believe many of us have been studied this before. Thanks in advance. - Keun Soo On Wed, Mar 16, 2011 at 2:05 PM, Mirko Montanari wrote: > Hello folks, > > Next week is Spring Break so we won't have our usual meeting. > > Please take this as a chance for adding new papers in the citeulike > website: http://www.citeulike.org/group/14385/order/group_rating. To avoid > cluttering I clean up the group by moving the articles we read to the group > "University of Illinois Security Reading Group - Past Papers" : > http://www.citeulike.org/groupfunc/14874/home. > > Our normal meetings will resume on 03/28 with Shivaram as a moderator. > After that, we are going to have three more meetings before our > end-of-semester lunch on 04/25. > > thanks! > mirko. > > > _______________________________________________ > cs591rhc mailing list > cs591rhc at cs.uiuc.edu > http://lists.cs.uiuc.edu/mailman/listinfo/cs591rhc > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.cs.uiuc.edu/mailman/private/cs591rhc/attachments/20110321/f43ceff6/attachment.html From venkata4 at illinois.edu Thu Mar 24 14:33:59 2011 From: venkata4 at illinois.edu (Shivaram Venkataraman) Date: Thu, 24 Mar 2011 14:33:59 -0500 Subject: [cs591rhc] Paper for 03/28: Analysis of Security Data from a Large Computing Organization Message-ID: Hello, We will be discussing the following paper in the Security Reading Group on Monday, March 28 at 11 AM: Analysis of Security Data from a Large Computing Organization Aashish Sharma (UIUC),Zbigniew Kalbarczyk (UIUC),Jim Barlow (UIUC) and Ravi Iyer (UIUC) To appear in Proceedings of 41st IEEE International Conference on Dependable Systems and Networks (DSN 2011), The paper is to appear in DSN 2011, but a technical report version of the paper can be found at http://www.iti.illinois.edu/sites/www.iti.illinois.edu/files/docs/tcip/Incident-Analysis-Report.pdf This paper presents an analysis of the security incidents that have occurred at NCSA over five years and classifies them on different characteristics. I think this is a very interesting paper as it presents data on the kinds of attacks that have been seen and their frequency. The paper also presents details on which security monitors were more helpful and how it affects the detection latency. Abstract: In this work, we study security incidents that occurred over period of 5 years at the National Center forSupercomputing Applications at the University of Illinois. The analysis conducted: (i) quantifies the key characteristics of the incidents, such as category, severity, and detection latency, (ii) develops a data-driven, finite state machine model for describing incidents and exemplifies its use in the context of a credential compromise incident, and (iii) can facilitate the design and deployment of new techniques for security monitoring Thanks Shivaram From mmontan2 at illinois.edu Sun Mar 27 18:01:08 2011 From: mmontan2 at illinois.edu (Mirko Montanari) Date: Sun, 27 Mar 2011 18:01:08 -0500 Subject: [cs591rhc] Paper for 03/28: Analysis of Security Data from a Large Computing Organization References: Message-ID: <5EC1F670-F48B-4693-980D-B4030C4600D0@illinois.edu> Hello folks, This is a reminder that Tomorrow at 11am in 3124SC we are going to discuss the paper "Analysis of Security Data from a Large Computing Organization" from DSN 2011. Pro: Kevin Cons: Mirko Shivaram informed me that one of the authors, Jim Barlow, might be joining us at the meeting. I am sure we are going to have a good discussion! cheers, mirko. Begin forwarded message: > From: Shivaram Venkataraman > Date: March 24, 2011 2:33:59 PM CDT > To: cs591rhc at cs.uiuc.edu > Subject: [cs591rhc] Paper for 03/28: Analysis of Security Data from a Large Computing Organization > > Hello, > > We will be discussing the following paper in the Security Reading > Group on Monday, March 28 at 11 AM: > Analysis of Security Data from a Large Computing Organization > Aashish Sharma (UIUC),Zbigniew Kalbarczyk (UIUC),Jim Barlow (UIUC) and > Ravi Iyer (UIUC) > To appear in Proceedings of 41st IEEE International Conference on > Dependable Systems and Networks (DSN 2011), > > The paper is to appear in DSN 2011, but a technical report version of > the paper can be found at > http://www.iti.illinois.edu/sites/www.iti.illinois.edu/files/docs/tcip/Incident-Analysis-Report.pdf > > This paper presents an analysis of the security incidents that have > occurred at NCSA over five years and classifies them on different > characteristics. I think this is a very interesting paper as it > presents data on the kinds of attacks that have been seen and their > frequency. The paper also presents details on which security monitors > were more helpful and how it affects the detection latency. > > Abstract: > In this work, we study security incidents that occurred over period of > 5 years at the National Center forSupercomputing Applications at the > University of Illinois. The analysis conducted: (i) quantifies the key > characteristics of the incidents, such as category, severity, and > detection latency, (ii) develops a data-driven, finite state machine > model for describing incidents and exemplifies its use in the context > of a credential compromise incident, and (iii) can facilitate the > design and deployment of new techniques for security monitoring > > Thanks > Shivaram > _______________________________________________ > cs591rhc mailing list > cs591rhc at cs.uiuc.edu > http://lists.cs.uiuc.edu/mailman/listinfo/cs591rhc