Forwarded from: Roger Safian <r-safianat_private> 14th Annual Computer Security Incident Handling Conference Hilton Waikoloa Village, Hawaii June 24-28, 2002 Call for Papers Overview This text is also available at <http://www.first.org/conference/2002/cfp.html>. The Forum of Incident Response and Security Teams (FIRST, http://www.first.org/) is a global organization whose aim is to facilitate the sharing of security-related information and to foster cooperation in the effective prevention, detection, and recovery from computer security incidents. Its members are CSIRTs (Computer Security Incident Response Teams) from government, commercial, academic, and other environments. The FIRST conference ( http://www.first.org/conference/2002/) brings together IT managers, system and network administrators, security specialists, academics, security solutions vendors, CSIRT personnel and anyone interested in * the most advanced techniques in detecting and responding to computer security incidents * the latest improvements in computer security tools, methodologies, and practice * sharing their views and experiences with those in the computer security incident response field The Conference The conference is a five day event, comprising two days of tutorials and three days of technical sessions which include refereed paper presentations, invited talks, and panel discussions. The conference will discuss the most recent practical issues in computer and network security, focusing on incident response. The program committee solicits original contributions on the following topics: * Incident Response Specific Incidents: o large computer virus outbreaks o Distributed Denial-of-Service (DDOS) attacks o Privacy and Intellectual Property incidents o insider incident response General Issues: o intrusion detection, analysis, and response automation o collecting evidence o computer and network forensics * CSIRT Operation and Tools o CSIRT Best Practices o automation of CSIRT operations o informing customers of new security threats (vulnerabilities, exploitation tools, viruses, etc.) o vulnerability analysis and advisory process o drafting incident response and security policies o experience with security tools, both commercial and free, both experimental and stable o new approaches to attack analysis o OS-specific log analysis tools o multi-source intrusion detection analysis * Response Team Cooperation and Legal Issues o coordinating international incident handling o trust relationships in incident response o international legal and liability in incident response o dealing with black hats * New Technologies, New Vulnerabilities o impact of new technologies (IPSEC and others) on incident response o vulnerabilities in WAP enabled web applications o vulnerabilities in PDA and Pocket PC's o forensics on wireless devices o experiences with deploying VoIP o commercial shopping and banking systems * Other Topics o competition, espionage, and information warfare o secure system and network administration o secure programming techniques and practices o Internet service providers and security o intruder profiling o outsourcing security -- managed security services Tutorial Submission Three tutorial tracks are planned: * The first track is oriented toward IT managers and will deal with topics such as drafting security policies incorporating policies for incident response, computer forensics, setting up security infrastructures, etc. * The second track is oriented toward technical staff and will provide in-depth information on security tools, designing security architectures, intrusion detection and monitoring tools, web security, etc. - in particular COMPUTER FORENSICS is a special interest topic this year. * The third track is tailored for people interested in building and organizing an incident response team or related services like security advisories, vulnerability analysis, etc. Proposals are solicited from experts interested in giving a tutorial. Tutorials may be half or full day in length and can cover topics either at an introductory or advanced level. All tutorial submissions will be handled electronically. Authors should email the completed submission form (attached below) to tuto2002at_private Individuals interested in submitting tutorial proposals are encouraged to contact the program chair before the deadline to discuss the proposed content. Panel Submission Panels are solicited that examine innovative, controversial, or otherwise provocative issues of interest. All panel submissions will be handled electronically. Authors should e-mail the completed submission form (attached below) to panel2002at_private A reduction of the conference fee will be offered to panel organizers. Paper Submission Authors are invited to submit papers, preferably in PostScript or PDF format (RTF and HTML are also accepted). The length should not exceed 12 pages typeset in a 12-point font. A detailed synthesis (2 pages minimum) will be considered if it gives a clear reflection of the contents and key points of the coming paper. All paper submissions will be handled electronically. Authors should email a version of their paper and the completed submission form (attached below) to paper2002at_private Authors will receive an immediate notification of the successful receipt of the file containing their paper. Subsequently, a second notification of receipt will be sent after the paper has been printed successfully. A reduction of the conference fee will be offered to one author of each accepted paper. Process of Selection Papers, tutorials, and panels will be evaluated by the program committee based on their quality and relevance. Each proposal will be reviewed by at least three independent reviewers, whose reviews will be relayed to the corresponding author. All submissions are held in confidentiality prior to publication in the proceedings. Submissions received after the deadline will not be considered unless an extension has been granted. Authors must obtain employer, client, or government releases prior to submitting the final manuscript. Accepted papers will be presented by their authors and will be published in the conference proceedings. The proceedings are provided free of charge to conference attendees. Additional copies will be available for purchase at the conference. Copyright FIRST requires a non exclusive copyright license for all the papers presented at the conference and for the presentation material. This includes potential distribution on a conference CD and/or the FIRST website. Important Dates Submission deadline: November 16, 2001 Notification of acceptance: January 11, 2002 Final version of the paper due: March 11, 2002 Final presentation material (slides) due: May 1, 2002 Note that tutorial and panel proposals, as well as papers (or detailed syntheses, as described above) are expected to arrive prior to the submission deadline (NOVEMBER 16) in order to be considered. Questions If you have questions about the submission process, don't hesitate to send them to the appropriate email address: * paper2002at_private * tuto2002at_private * panel2002at_private Program Committee Cristina SERBAN (Chair), chair2002at_private - AT&T Labs, USA Anne BENNETT - Concordia University - Canada David CROCHEMORE - CERT Renater - France Kathy FITHEN - PriceWaterhouseCoopers - USA Dan GARRETT - ETG Inc. - USA Klaus-Peter KOSSAKOWSKI - Germany Larry LEIBROCK - eforensic - USA Xing LI - CCERT - China Chaeho LIM - CERTCC-KR - Korea Francisco MONSERRAT COLL - IRIS-CERT - Spain David MAILLARD - Intexxia - France David MORTMAN - Siebel Systems - USA Claudia NATANSON - British Telecom - UK Steve ROMIG - Ohio State University - USA Roger SAFIAN - Northwestern University - USA Kurt SAUER - Sun Microsystems - France Derrick SCHOLL - Sun Microsystems - USA Elizabeth SIEMERS - Guardent - USA Gordon STEELE - PARA-PROTECT - USA Hironobu SUZUKI - JPCERT/CC - Japan Franck VEYSSET - Intranode - France Proposal Submission Form The Proposal Submission Form for the FIRST 2002 Conference is available on-line at http://www.first.org/conference/2002/submission.txt. -- Roger A. Safian r-safianat_private (email) public key available on many key servers. (847) 491-4058 (voice) (847) 467-5690 (Fax) "You're never too old to have a great childhood!" - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Oct 25 2001 - 03:13:47 PDT