Abstract:

The R & D Initiative is executing the periodical “Intensive Practical Security Trainings,” as a part of the project of “Development of Education Systems for Information Security,” sponsored by the Ministry of Education, Culture, Sports, Science and Technology (MEXT). These intensive courses include Windows Security, Unix Security, Secure Programming, etc. Among them, Windows Security course was held 4 times and earned some reputation among students.

This course is unique as a university class, in the respect of treating a specific commercial platform and including an exercise of using real malicious softwares including password cracking tools, BoF exploits, and rootkits. Making students use real hacking tools and MITM tools was really effective in realizing them of the danger of intrusion and sniffing, because it is widely accepted concept that IT security people should “think like hackers.” Here I would like to report what kind of training is needed to security people and what effect was acquired from the class. Simultaneously I would like to supply a material for discussing what kind of experience of “mock hacking” is necessary and what, such as writing malwares themselves, is harmful.

Abstract:

Abstract: Network virus are always detected in serial device such as router and firewall generally, limited to the performance of device, the effect cannot be detected accurately that the virus impose on Internet. To resolve this problem, we have developed a Virus Detection System (VDS) based on bypass monitor that can work on GE level network. With VDS, the virus can be detected in package or data stream according to four methods like binary, URL, E-mail, script. The statistical information of the virus including the virus name, source IP, target IP, spread times and the traffic are provided accurately and presented in charts.

Keywords: VDS virus detection

Sponsors
Platinum					Gold

Silver		Bronze