ACM Transactions on Information and System Security (TISSEC)
Strategies for sound internet measurement
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
MapReduce: simplified data processing on large clusters
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
A comparison of approaches to large-scale data analysis
Proceedings of the 2009 ACM SIGMOD International Conference on Management of data
Automatically patching errors in deployed software
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Automatic Generation of String Signatures for Malware Detection
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Do you know your IQ?: a research agenda for information quality in systems
ACM SIGMETRICS Performance Evaluation Review
Improving MapReduce performance in heterogeneous environments
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Detection of recurring software vulnerabilities
Proceedings of the IEEE/ACM international conference on Automated software engineering
An analysis of rogue AV campaigns
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
An experimentation workbench for replayable networking research
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Experimental challenges in cyber security: a story of provenance and lineage for malware
CSET'11 Proceedings of the 4th conference on Cyber security experimentation and test
Ask WINE: are we safer today? evaluating operating system security through big data analysis
LEET'12 Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats
Benchmarking cloud security level agreements using quantitative policy trees
Proceedings of the 2012 ACM Workshop on Cloud computing security workshop
Before we knew it: an empirical study of zero-day attacks in the real world
Proceedings of the 2012 ACM conference on Computer and communications security
Industrial espionage and targeted attacks: understanding the characteristics of an escalating threat
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
On the feasibility of online malware detection with performance counters
Proceedings of the 40th Annual International Symposium on Computer Architecture
Spatio-temporal mining of software adoption & penetration
Proceedings of the 2013 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining
Towards automatic software lineage inference
SEC'13 Proceedings of the 22nd USENIX conference on Security
Hi-index | 0.00 |
Unlike benchmarks that focus on performance or reliability evaluations, a benchmark for computer security must necessarily include sensitive code and data. Because these artifacts could damage systems or reveal personally identifiable information about the users affected by cyber attacks, publicly disseminating such a benchmark raises several scientific, ethical and legal challenges. We propose the Worldwide Intelligence Network Environment (WINE), a security-benchmarking approach based on rigorous experimental methods. WINE includes representative field data, collected worldwide from 240,000 sensors, for new empirical studies, and it will enable the validation of research on all the phases in the lifecycle of security threats. We tackle the key challenges for security benchmarking by designing a platform for repeatable experimentation on the WINE data sets and by collecting the metadata required for understanding the results. In this paper, we review the unique characteristics of the WINE data, we discuss why rigorous benchmarking will provide fresh insights on the security arms race and we propose a research agenda for this area.