Software patching has not been an effective first-line defense preventing large-scale worm attacks, even when patches had long been available for their corresponding vulnerabilities. Generally, people have been reluctant to patch their systems immediately, because patches are perceived to be unreliable and disruptive to apply. To address this problem, we propose a first-line worm defense in the network stack, using shields -- vulnerability-specific, exploit-generic network filters installed in end systems once a vulnerability is discovered and before the patch is applied. These filters examine the incoming or outgoing traffic of vulnerable applications, and drop traffic that exploits vulnerabilities. Shields are less disruptive to install and uninstall, easier to test for bad side effects, and hence more reliable than traditional software patches. In this paper, we show...

Grammarware comprises grammars and all grammar-dependent software, i.e., software artifacts that directly involve grammar knowledge. The term grammar is meant here in the widest sense to include XML schemas, syntax definitions, interface descriptions, APIs, and interaction protocols. The most obvious examples of grammar-dependent software are document processors, parsers, import/export functionality, and generative programming tools. Even though grammarware is so omnipresent, it is somewhat neglected --- from an engineering point of view. We lay out an agenda that is meant to promote research on improving the quality of grammarware and on increasing the productivity of grammarware development.

The Shield project relied on application protocol analyzers to detect potential exploits of application vulnerabilities. We present the design of a second-generation generic application-level protocol analyzer (GAPA) that encompasses a domain-specific language and the associated run-time. We designed GAPA to satisfy three important goals: safety, real-time analysis and response, and rapid development of analyzers. We have found that these goals are relevant for many network monitors that implement protocol analysis. Therefore, we built GAPA to be readily integrated into tools such as Ethereal as well as Shield. GAPA preserves safety through the use of a memorysafe language for both message parsing and analysis, and through various techniques to reduce the amount of state maintained in order to avoid denial-of-service attacks. To support online analysis, the GAPA runtime uses a streamprocessing model with incremental parsing. In order to speed protocol development, GAPA uses a syntax similar to many protocol RFCs and other specifications, and incorporates many common protocol analysis tasks as built-in abstractions. We have specified 10 commonly used protocols in the GAPA language and found it expressive and easy to use. We measured our GAPA prototype and found that it can handle an enterprise client HTTP workload at up to 60 Mbps, sufficient performance for many end-host firewall/IDS scenarios. At the same time, the trusted code base of GAPA is an order of magnitude smaller than Ethereal. 1

Massive amounts of useful data are stored and processed in ad hoc formats for which common tools like parsers, printers, query engines and format converters are not readily available. In this paper, we explain the design and implementation of PADS/ML, a new language and system that facilitates the generation of data processing tools for ad hoc formats. The PADS/ML design includes features such as dependent, polymorphic and recursive datatypes, which allow programmers to describe the syntax and semantics of ad hoc data in a concise, easy-to-read notation. The PADS/ML implementation compiles these descriptions into ML structures and functors that include types for parsed data, functions for parsing and printing, and auxiliary support for user-specified, format-dependent and format-independent tool generation.

In this paper we study privacy issues regarding the use of the SSL/TLS protocol and X.509 certi cates. Our main attention is placed on subscription-based remote services (e.g., subscription to newspapers and databases) where the service manager charges a at fee for a period of time independent of the actual number of times the service is requested.

Although several applications need to know the format of network packets to perform their tasks, till now, each application uses its own packet description database. This paper addresses this problem by proposing the NetPDL, an XML-based language for describing packet headers, which has the potential of enabling the realization of a common, application-independent protocol description database that can be shared among several applications. Further, common functionalities related to the protocol database can be implemented in a library, which can be a basic building block for implementing networking applications.

Unlike traditional mobile intelligent agent systems where a small set of APIs are provided to support limited agent (code) mobility capabilities, a novel agent system, called WAVE, offers a complete high-level language that is, despite its fairly simple syntax, rich in semantics and mechanisms for integration, control and management for rapid, effective realization of seamless, cooperative distributed applications. However like many other mobile agent systems, the lack of security in WAVE highly restricts its scope of applications. In this thesis, we propose a security architecture and implement a security system based on this architecture to secure the original WAVE system. This security system makes use of a rich security model that gives identification to each principal user and provides access control to a very fine level of granularity. The security system also provides methods for detecting whether the behavior or data of a wave agent has been tampered. Although the security architecture was developed for WAVE, its applicability can be generally suited to any mobile intelligent system.

Abstract not found

This document describes a procedure for mapping between Service Location Protocol (SLP) service advertisements and lightweight directory access protocol (LDAP) descriptions of services. The document covers two aspects of the mapping. One aspect is mapping between SLP service type templates and LDAP directory schema. Because the SLP service type template grammar is relatively simple, mapping from service type templates to LDAP types is straightforward. Mapping in the other direction is straightforward if the attributes are restricted to use just a few of the syntaxes defined in RFC 2252. If arbitrary ASN.1 types occur in the schema, then the mapping is more complex and may even be impossible. The second aspect is representation of service information in an LDAP directory. The recommended representation simplifies interoperability with SLP by allowing SLP directory agents to backend into LDAP directory servers. The resulting system allows service advertisements to propagate easily between SLP and LDAP. Table of Contents 1.0

Abstract. This paper describes our experience with the first steps towards integrating pathway and protein interaction data with other data sets within the framework of a federated database system based on the functional data model. We have made use of DTD and XML files produced by the BIND project. The DTD provides a specification for information about biomolecular interactions, complexes and pathways, and can be translated semi-automatically to a database schema. The load utility uses metadata derived from this schema to help identify data items of interest when recursively traversing a Prolog tree structure representing the XML data. We also show how derived functions can be used to make explicit those relationships that are present in data sets but which are not fully described in DTD files. 1