Vulnerability database workshop

[spaf () CS PURDUE EDU (Gene Spafford)]

The research community needs reference databases for work in
intrusion detection, software engineering issues, penetration
testing, trend analysis, forensics, and other advanced security
research. Current holders and builders of such databases have shown
little willingness to share their data because they view it as
dangerous, or because it has a perceived commercial advantage. Thus,
there have been almost no successful instances of data sharing. This
continues to hinder important research in a number of areas.
On January 21 & 22, the CERIAS at Purdue is hosting the 2nd workshop
on vulnerability databases.  The goal of the workshop is to bring
together researchers from academia, government, and industry to
discus how such data can be shared for research.    The workshop
announcement is available at
<http://www.cerias.purdue.edu/vdbw.html>.

Note that registration closes January 13!

Also note that we may have some funding to offset the costs for
full-time graduate students to attend the workshop. See the WWW page
for more details.

This is a *working* meeting intended for researchers. Please do not
register to attend unless you plan on actively contributing to the
discussions and break-out sessions -- attendance will be limited, and
we do not want to fill up space with observers!   Actual databases
will not be exchanged, and specific vulnerability information will
not be discussed.  Thus, this workshop will definitely NOT be of
interest to vendors seeking only to acquire data, or to hackers
simply interested in finding out about new hacks.