By Bob Rudis (@hrbrmstr)
Wed 21 January 2015 | tags: blog, papers, research, -- (permalink)

This morning, both David Severski & Gabe the Engineer shot me links to the MC2 Workshop on Data-Driven Approaches to Security and Privacy that was held at the University of Maryland recently (Jan 8-9).

I couldn’t find any proceedings or presentations from that conference, but I did take a stroll through the Google Scholar profiles of the participants (focusing mostly on 2014 publications). Here are some papers and research efforts that I thought would be of most interest to the broader DDSec community:

• AUTOPROBE: Towards Automatic Active Malicious Server Probing Using Dynamic Binary Analysis
• Targeted Threat Index: Characterizing and Quantifying Politically-Motivated Targeted Malware
• Analysis of SSL Certificate Reissues and Revocations in the Wake of Heartbleed
• Some Vulnerabilities Are Different Than Others
• Stream Computing for Large-Scale, Multi-Channel Cyber Threat Analytics
• MUSE: asset risk scoring in enterprise network with mutually reinforced reputation propagation
• Intentional Network Monitoring: Finding the Needle without Capturing the Haystack
• PEERING: An AS for Us

If you find some other interesting ones from the list of participants (or other ones in general), defintely drop a note in the comments with a link. We’re not trying to duplicate Jason Trost‘s excellent resource of papers at https://www.covert.io/, so make sure to check that first before suggesting new ones.