lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <Pine.BSF.4.40.0403041942380.81499-100000@grift.com>
Date: Thu, 4 Mar 2004 19:45:42 +0000 (GMT)
From: Sharif Torpis <faust@...ft.com>
To: bugtraq@...urityfocus.com, <isn@....org>
Subject: IEEE Security & Privacy CFP



http://www.computer.org/security/cfp.htm

Attacking Systems (July/August 2004)

Submissions due 4 April 2004

Guest editors: Ivn Arce and Gary McGraw
ivan.arce-AT-coresecurity.com, gem-AT-cigital.com

Some security practitioners believe that the only way to know how to
protect a system against attack is to know how attacks really work. Such
people advocate teaching about attacks when building security expertise,
carrying out attacks as part of testing, and thinking and writing
creatively about attacks. Others feel that discussing, publishing, and
teaching attacks is irresponsible. Where do you stand?

This special issue is devoted to the idea of attacking systems in order to
better understand how to defend them. We're looking for a set of papers
exploring the following ideas:

    * exploiting software
    * attack categories: bugs and flaws
    * worms, viruses, and malicious code as an attack vector
    * attacking modern extensible systems: Java and .NET
    * rootkits, injection vectors, and networked machines
    * the politics of breaking systems
    * teaching students to break systems (pros and cons)
    * ethical hacking, red teaming, and penetration testing
    * attack modeling

---
"note that i hold the single-author record for total CERT advisories,
proving that in my copious youth i knew how to sling code but not how to
manage risk." - paul vixie, 26 feb 2002



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ