The Internet is under increasing attacks with unwanted traffic in the form of spam, distributed denial of service, virus, worms, etc. Unwanted traffic on the Internet has manifested itself as attacks on many protocols (IP, TCP, DNS, BGP, and HTTP) and popular applications (e.g., Email, Web). Recently, attacks combining multiple exploits have become common. Many solutions have been proposed for specific attacks, some of which have had limited success. SRUTI seeks research on the unwanted traffic problem that looks across the protocol stack, examines attack commonalities, and investigates how various solutions interact and whether they can be combined to increase security. Original research, promising ideas, and steps towards practical solutions at all levels are sought. We look for ideas in networking and systems, and insights from other areas such as databases, data mining, and economics. SRUTI aims to bring academic and industrial research communities together with those who face the problems at the operational level. SRUTI 2005 will be a one and a half day event. Each session chair will play the role of a discussant and present a summary of the papers in the session and a state-of-the-art synopsis of the topic. The workshop will be highly interactive, with substantial time devoted to questions and answers. Submissions must contribute to improving the current understanding of unwanted traffic and/or suggestions to reducing it. The proceedings of the workshop will be published. To ensure a productive workshop environment, attendance will be by invitation and/or acceptance of paper submission.

Relevant topics include:

    * Architectural solutions to the unwanted traffic problem.

    * Scientific assessment of the spread and danger of the attacks

    * Practical countermeasures to various aspects of unwanted traffic (Spam, DoS, worms,...)

    * Cross-layer solutions and solutions to combination attacks

    * Attacks on emerging technologies (e.g., sensors, VOIP, PDAs) and their countermeasures

    * Privacy and anonymity

    * Intrusion avoidance, detection, and response

    * Virus, worms, and other malicious code

    * Analysis of protocols and systems vulnerabilities

    * Handling errors/misconfigurations that might lead to unwanted traffic

    * Attacks on specific distributed systems or network technologies (e.g., P2P, wireless networks)

    * Data mining with application to unwanted traffic

    * New types of solutions: incentive-based, economic, statistical, collaborative, etc.

Program Committee

    Paul Barford, University of Wisconsin

    Steven M. Bellovin, Columbia University

    Herve Debar, France Telecom R&D

    Mark Handley, University College London

    Dina Katabi, MIT

    Balachander Krishnamurthy, AT&T Labs—Research

    Doug Maughan, U.S. Dept. of Homeland Security

    Chris Morrow, UUNET

    Vern Paxson, ICIR/ICSI

    Dawn Song, Carnegie Mellon University

    Paul Vixie, ISC

Steering Committee

    Dina Katabi, MIT.

    Balachander Krishnamurthy, AT&T Labs—Research.

Deadlines

    Submission deadline: March 30, 2005 (11:59 PM EST, HARD)

    Acceptance notification: May 3, 2005.

    Final papers due: May 23, 2005.

    Workshop: July 7-8, 2005.

Submissions

All submissions must be in English, must include a title and the authors’ names and affiliations. Submissions should be no more than six (6) pages long, and submitted in Postscript or PDF only. Each submission should have a contact author who should provide full contact information (e-mail, phone, fax, mailing address). One author of each accepted paper will be required to present the work at the workshop.