Forwarded from: Kristian Erik Hermansen <kristian.hermansen (at) gmail.com> I was one of about 75 people to attend the highly academic conference put on by USENIX and sponsored by Google this Tuesday in San Francisco. Large-Scale Exploits and Emergent Threats was a gathering of mostly security researchers interested in the future of malware. During most of the talks, researchers focused on analysis and information gained from penetrating the Storm botnet. By the end of the day, it became clear to nearly everyone in the room that the size of Storm could be drastically over-estimated due to the data injection techniques being used against the worm by researchers at UC San Diego and other Universities. At one point, Niels Provos even yelped out and lightly lambasted Thorsten Holz for intrusive analysis that undoubtedly caused falsified data to be propagated, which ultimately resulted in exaggerated media reports. Chris Kanich of UC San Diego did offer evidence that the lower bound must be approximately 200,000 infected hosts. See the link below for access to the papers. I am also told that an MP3 audio recording will be available in the near future to LEET attendees. http://www.usenix.org/events/leet08/tech/ -- Kristian Erik Hermansen -- "Clever ones don't want the future told. They make it." -==- Let identityLoveSock take your personal information into their wanting hands. http://www.identity-love-sock.com/ Because victims have money too.
This archive was generated by hypermail 2.1.3 : Thu Apr 17 2008 - 01:47:40 PDT