Proceedings of the 3rd European Conference on Computer Network Defense (eBook)

The European Conference on Computer and Network Defense draws contributions and participation both from academia and industry, and addresses security from multiple perspectives, including state-of-the-art research in computer network security, intrusion detection, denial-of-service, privacy protection, security policies, and incident response & management. The conference is organized jointly by the Institute of Computer Science of the Foundation for Research and Technology - Hellas (FORTH) and the European Network and Information Security Agency (ENISA).

---

The 3rd European Conference on Computer Network Defense took place in September 2007 at Aldemar Hotel, in Heraklion, Crete, Greece in cooperation with the European Network and Information Security Agency (ENISA). The theme of the conference was the protection of computer networks. The conference drew participants from academia and industry in Europe and beyond to discuss hot topics in applied network and systems security. The conference was a great success, with 6 refereed papers and 6 invited presentations on topics ranging from high assurance networks of virtual machines to signaling vulnerabilities in wiretapping systems. This book contains the refereed as well as refereed papers. We are greatful to the authors and presenters for their contributions, as well as the participants of EC2N'07 for making the conference a success. We are looking forward to a successful EC2ND event in 2008. K. G. Anagnostakis, S. Ioannidis, V. Siris Contents 1 Tales from the Crypt: Fingerprinting Attacks on Encrypted Channels by Way of Retainting ........................................1 Michael Valkering, Asia Slowinska, and Herbert Bos 1 Introduction ......................................................................................... 1 2 Architecture ......................................................................................... 3 2.1 Tracking Issues .............................................................................. 4 2.2 Retainting ...................................................................................... 6 2.2.1 Determining the Tag ............................................................. 6 2.2.2 Identifying the SSL Conversation ........................................ 8 2.3 Interposition Details...................................................................... 9 3 Signature Generation ........................................................................... 9 3.1 Pattern-Based Signatures ............................................................. 10 3.2 Signatures for Polymorphic Buffer Overflows ............................ 13 4 Filters ................................................................................................. 14 5 Results ............................................................................................... 15 6 Related Work ..................................................................................... 17 7 Conclusions ....................................................................................... 18 References ............................................................................................ 18 2 Towards High Assurance Networks of Virtual Machines...............21