Detection of Intrusions and Malware, and Vulnerability Assessment

On behalf of the Programand Steering Committees it is our pleasure to present to you the proceedings of the 7th GI International Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), documenting the work presented at the conference this year. As in the past, the conference broughttogetherinternationalexpertsfromacademia,industry,andgovernment to present and discuss novel security research. Thisyearthe27membersoftheProgramCommitteereceived34submissions from 18 countries. The committee, selected to represent a balanced mixture of both mature and young excellence in the ?eld, honesty, and good judgement, carefully reviewed and evaluated all submissions at least threefold, according to scienti?c novelty, relevance, and technical quality. The ?nal selection took place on March 29, 2010 at the Technische Universitat Munc hen, Germany. In the end, we accepted 12 papers for publication and presentation at the conference, including two extended abstracts. DIMVA 2010took placeatthe Centre ofSciences in Bonn,Germany,onJuly 8 and 9. The program featured work from a wide range of topics in security, grouped into ?ve sessions that are re?ected in the chapters of the proceedings you are now reading. In addition, the conference featured three invited talks which greatly contributed to the event. We are very grateful to Jos e Nazario (Arbor Networks), Carel van Straaten (Spamhaus), and Marc Dacier (Sym- tec/Eurecom) for their insightful and entertaining presentations. Thanks also to Sven Dietrich (Stevens Institute of Technology) for once again organizing and hosting the rump session, which contained a diverse range of forthcoming work.

Unique visibility, state-of-the-art survey,

Host Security.- HookScout: Proactive Binary-Centric Hook Detection.- Conqueror: Tamper-Proof Code Execution on Legacy Systems.- dAnubis - Dynamic Device Driver Analysis Based on Virtual Machine Introspection.- Trends.- Evaluating Bluetooth as a Medium for Botnet Command and Control.- Take a Deep Breath: A Stealthy, Resilient and Cost-Effective Botnet Using Skype.- Covertly Probing Underground Economy Marketplaces.- Vulnerabilities.- Why Johnny Can't Pentest: An Analysis of Black-Box Web Vulnerability Scanners.- Organizing Large Scale Hacking Competitions.- Intrusion Detection.- An Online Adaptive Approach to Alert Correlation.- KIDS - Keyed Intrusion Detection System.- Web Security.- Modeling and Containment of Search Worms Targeting Web Applications.- HProxy: Client-Side Detection of SSL Stripping Attacks.