26 July 2008

Welcome to the Zero-Day Defense blog

Welcome to Zero-Day Defense. This blog will be officially launched at DEFCON, so consider this a teaser post.

Unlike most other infosec/ITsec blogs (hereinafter "infosec" rather than "ITsec"), this blog will not focus on news items; this blog is already providing links to the five most recent items from an aggregated feed that I run covering several dozen infosec news blogs.

Instead, this blog will focus on infosec R&D, split roughly between emerging endeavors over the next 1-2 years and 3-5 years. If you want to know how Worf thwarts nanobots, read Kurzweil's stuff; this blog is focused on practical apps.

Volume will be relatively low (1-2 items each week) and each post will be relatively brief (about 200-300 words), usually an original article summary with a bottom line recommendation.

Sample topics:
  • PEI framework for collaborative computing
  • Securing a desktop data grid
  • Trust-by-wire in IP networks
  • WLAN steganography
  • Behavioral modeling of ideologically-motivated snowball attacks
Sample sources:
  • ACM Transactions on Information and System Security
  • Computers & Security
  • Journal of Parallel and Distributed Computing
  • International Conference on Availability, Reliability and Security (ARES), Proceedings of the
  • IEEE International Symposium on Applied Machine Intelligence and Informatics (SAMI), Proceedings of the
Sample affiliations:
  • IBM Thomas J. Watson Research Center
  • Sandia National Laboratories
  • Thomson R&D, Security Laboratory
  • Philips Research Europe, Information & System Security Group
  • Fraunhofer IESE (Institut Experimentelles Software Engineering)

Once again, welcome to Zero-Day Defense.

- David Scott Lewis