Publications

Abstract not provided.

Abstract not provided.

We present the forensic analysis repository for malware (FARM), a system for automating malware analysis. FARM leverages existing dynamic and static analysis tools and is designed in a modular fashion to provide future extensibility. We present our motivations for designing the system and give an overview of the system architecture. We also present several common scenarios that detail uses for FARM as well as illustrate how automated malware analysis saves time. Finally, we discuss future development of this tool.

Abstract not provided.

Abstract not provided.

Abstract not provided.

We present the design and implementation of InfoStar, an adaptive visual analytics platform for mobile devices such as PDAs, laptops, Tablet PCs and mobile phones, InfoStar extends the reach of visual analytics technology beyond the traditional desktop paradigm to provide ubiquitous access to interactive visualizations of information spaces. These visualizations are critical in addressing the knowledge needs of human agents operating in the field, in areas as diverse as business, homeland security, law enforcement, protective services, emergency medical services and scientific discovery. We describe an initial real world deployment of this technology, in which the InfoStar platform has been used to offer mobile access to scheduling and venue information to conference attendees at Supercomputing 2004. © 2005 IEEE.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Network administrators and security analysts often do not know what network services are being run in every corner of their networks. If they do have a vague grasp of the services running on their networks, they often do not know what specific versions of those services are running. Actively scanning for services and versions does not always yield complete results, and patch and service management, therefore, suffer. We present Net-State, a system for monitoring, storing, and reporting application and operating system version information for a network. NetState gives security and network administrators the ability to know what is running on their networks while allowing for user-managed machines and complex host configurations. Our architecture uses distributed modules to collect network information and a centralized server that stores and issues reports on that collected version information. We discuss some of the challenges to building and operating NetState as well as the legal issues surrounding the promiscuous capture of network data. We conclude that this tool can solve some key problems in network management and has a wide range of possibilities for future uses.