The research community needs reference databases for work in intrusion detection, software engineering issues, penetration testing, trend analysis, forensics, and other advanced security research. Current holders and builders of such databases have shown little willingness to share their data because they view it as dangerous, or because it has a perceived commercial advantage. Thus, there have been almost no successful instances of data sharing. This continues to hinder important research in a number of areas. On January 21 & 22, the CERIAS at Purdue is hosting the 2nd workshop on vulnerability databases. The goal of the workshop is to bring together researchers from academia, government, and industry to discus how such data can be shared for research. The workshop announcement is available at <http://www.cerias.purdue.edu/vdbw.html>. Note that registration closes January 13! Also note that we may have some funding to offset the costs for full-time graduate students to attend the workshop. See the WWW page for more details. This is a *working* meeting intended for researchers. Please do not register to attend unless you plan on actively contributing to the discussions and break-out sessions -- attendance will be limited, and we do not want to fill up space with observers! Actual databases will not be exchanged, and specific vulnerability information will not be discussed. Thus, this workshop will definitely NOT be of interest to vendors seeking only to acquire data, or to hackers simply interested in finding out about new hacks.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:27:19 PDT