Thursday, April 18, 2013
Friday, January 18, 2013
The deadline for submissions is Friday February 8, 2013.
Applicants will be notified of decisions by February 22, 2013.
The application process is outlined here.
Friday, November 2, 2012
We are happy to announce the ICSI Certificate Notary today. This service provides near real-time reputation information on a large number of TLS/SSL certificates seen in the wild, collected continuously from a set of partner network sites. The notary’s data includes the time when a certificate was first and last seen, and whether we can establish a valid chain to a root certificate from the Mozilla root store.
Since the beginning of this year we collaborate with operations at about ten large network sites to passively extract certificates from their upstream traffic using Bro. This has allowed us to build a certificate database that now comprises roughly half a million unique web certificates from over 8 billion connections, representing the activity of estimated 220,000 users. (In fact, we have collected 7 million unique certificates but the majority is non-web activity and hence excluded from the notary.)
You can use the service by sending a DNS request for an A or TXT record to:
<sha1> represents the SHA1 digest of the certificate to query,
which you may find when consulting your browser for details about a
certificate. For A record queries, the result comes back either as the address
127.0.0.1 to indicate that our data providers have seen the certificate, as
127.0.0.2 if we could recently validate the certificate against the Mozilla
root store, or
NXDOMAIN if we have not seen the certificate. For TXT record
queries, the notary returns key-value pairs with more details. Here is an
"version=1 first_seen=15387 last_seen=15646 times_seen=260 validated=1"
For further details, usage instructions, and background reading, please visit the notary website at http://notary.icsi.berkeley.edu. We much appreciate your feedback at this early stage, both positive works-for-me notices as well as problems and suggestions for improvements.
Monday, February 6, 2012
The Networking Group is now accepting applications for Summer 2012 internships. Applicants should be Ph.D. students with a solid research background in networking and/or security. To apply, send a resume to email@example.com, and arrange for a letter of reference to be sent to that address too. The deadline for applications is February 24, 2012.
Thursday, June 9, 2011
At this year's IEEE Symposium on Security and Privacy we presented two papers.
The first presents an extensive measurement study our team of 15 researchers, postdocs and graduate students at UCSD and ICSI has worked on for two years. It expands the analysis of the spam value chain into the financial domain, illuminates the affiliate program landscape for pharmaceuticals, replica goods, and software, and identifies three banks that together receive the credit card transactions of 95% of the spam we observe.
- K. Levchenko, A. Pitsillidis, N. Chachra, B. Enright, M. Felegyhazi, C. Grier, T. Halvorson, C. Kanich, C. Kreibich, H. Liu, D. McCoy, N. Weaver, V. Paxson, G. M. Voelker, and S. Savage. Click Trajectories: End-to-End Analysis of the Spam Value Chain. IEEE Symposium on Security and Privacy, 2011, Oakland, USA.
The second paper presents Monarch, a real-time system that crawls URLs as they are submitted to web services and determines whether the URLs direct to spam. The paper evaluates the fundamental challenges that arise due to the diversity of web service spam. Monarch could protect a service such as Twitter—which needs to process 15 million URLs/day—for a bit under $800/day.
- K. Thomas, C. Grier, J. Ma, V. Paxson and D. Song. Monarch: Providing Real-Time URL Spam Filtering as a Service. IEEE Symposium on Security and Privacy, 2011, Oakland, USA.
Wednesday, June 8, 2011
ACM has awarded this year's SIGCOMM award to Vern Paxson, for his seminal contributions to the fields of Internet measurement and Internet security, and for distinguished leadership and service to the Internet community.
SIGCOMM's Test-Of-Time Award recognizes papers published at least ten years ago that have turned out to make significant contributions to the field of networking. This year one of the two papers chosen is "A Scalable Content-addressable Network" which appeared in SIGCOMM 2001 and is authored by current and past ICSI researchers Sylvia Ratnasamy, Paul Francis, Mark Handley, Richard Karp and Scott Shenker.