Skip to main content
USENIX
  • Conferences
  • Students
Sign in

connect with us


  •  Twitter
  •  Facebook
  •  LinkedIn
  •  Google+
  •  YouTube

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home ยป Towards Attack-Agnostic Defenses
Tweet

connect with us

Towards Attack-Agnostic Defenses

Abstract: 

Internet attackers control hundreds of thousands to perhaps millions of computers, which they can use for a variety of different attacks. Common attacks include spam delivery, phishing, and DDoS. The current research community focus is on defenses for each specific attack type compromised hosts may launch. However, attack-specific approaches almost always have two fundamental drawbacks: they do not address the root problem that attackers control an army of compromised hosts, and they do not provide the right incentives for users to properly secure their machines. As a result, attack-specific defenses may be defeated by new attacks, even those that may be only slightly different from old attacks.
We argue researchers should also focus on attackagnostic defenses whose effectiveness does not depend on the particular attack type. We initiate this line of research by investigating the design space for attack-agnostic defenses, and then detailing two extreme points within the design space: an InternetWatch List and an Internet Reputation System.

We argue researchers should also focus on attackagnostic defenses whose effectiveness does not depend on the particular attack type. We initiate this line of research by investigating the design space for attack-agnostic defenses, and then detailing two extreme points within the design space: an InternetWatch List and an Internet Reputation System.

David Brumley, Carnegie Mellon University

Dawn Song, Carnegie Mellon University

Links

Paper: 
http://usenix.org/events/hotsec06/tech/full_papers/brumley/brumley.pdf
  • Log in or    Register to post comments

© USENIX

  • Privacy Policy
  • Contact Us