Friday, October 31, 2008

CCS'08 paper on measuring spam conversion rates

At this week's CCS conference we presented a measurement study of spam conversion rates, based on infiltration of a real-world botnet responsible for billions of spams: the Storm botnet. This is joint work with UCSD as part of our CCIED effort.

Friday, October 17, 2008

Bro 1.4 released

We've released a new distribution of our Bro intrusion detection system, version 1.4.  This release includes significant new functionality as well as numerous refinements and fixes, per the changelog entries.

Thursday, October 16, 2008

cFlow: A High-Performance Cluster Front-End

cPacket Networks has just announced their new product cFlow, a high-performance load-balancer that implements the traffic distribution scheme we developed for the Bro Cluster. As our initial research prototypes were not suitable for a reliable production deployment, the Lawrence Berkeley National Lab collaborated with the cPacket team to develop this appliance, which delivers a load balancing front-end at full 10 GigE line rate. cPacket did a great job with this, and the cFlow will become a key component of the Lab's new, high-performance intrusion detection infrastructure. See the full press release for more information.