From: InfoSec News (alertsinfosecnews.org)
Date: Thu Apr 17 2008 - 03:29:36 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded from: Kristian Erik Hermansen <kristian.hermansen (at) gmail.com>

I was one of about 75 people to attend the highly academic conference
put on by USENIX and sponsored by Google this Tuesday in San Francisco.
Large-Scale Exploits and Emergent Threats was a gathering of mostly
security researchers interested in the future of malware. During most of
the talks, researchers focused on analysis and information gained from
penetrating the Storm botnet. By the end of the day, it became clear to
nearly everyone in the room that the size of Storm could be drastically
over-estimated due to the data injection techniques being used against
the worm by researchers at UC San Diego and other Universities. At one
point, Niels Provos even yelped out and lightly lambasted Thorsten Holz
for intrusive analysis that undoubtedly caused falsified data to be
propagated, which ultimately resulted in exaggerated media reports.
Chris Kanich of UC San Diego did offer evidence that the lower bound
must be approximately 200,000 infected hosts. See the link below for
access to the papers. I am also told that an MP3 audio recording will
be available in the near future to LEET attendees.

http://www.usenix.org/events/leet08/tech/
--
Kristian Erik Hermansen
--
"Clever ones don't want the future told. They make it."

-==-
Let identityLoveSock take your personal information into
their wanting hands. http://www.identity-love-sock.com/
Because victims have money too.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]