THE 12th ANNUAL FIRST CONFERENCE on
COMPUTER SECURITY and INCIDENT HANDLING
CHICAGO, IL 25 - 30 JUNE 2000
CALL FOR PAPERS
OVERVIEW The Forum of Incident Response and Security Teams (FIRST,
http://www.first.org/) brings security incident response teams together
including government, commercial, and academic organizations.
World-wide,
FIRST aims to foster cooperation and coordination in incident prevention
to prompt rapid reaction to incidents and to promote information sharing
among members and the global community.
The FIRST conference (http://www.first.org/conference/2000/) brings
together IT managers, system and network administrators, security
practitioners, academia, security solutions vendors, Computer Security
Incident Response Team personnel and everyone interested in:
- the most advanced techniques in detecting and responding to computer
security incidents,
- the latest advances in computer security tools, methodologies and
practice,
- sharing their views and experience in the computer security field.
The conference is a five day event, two days of tutorials and three days
of technical sessions including refereed paper presentations, invited
talks, and panel discussions.
Technical sessions
The focus of the conference is on the most recent practical advances in
computer security in all its aspects. The Program Committee is
soliciting
original papers analyzing, among other topics, methodologies for
drafting
security policies, recent intrusion techniques, describing experiences
in
building incident response capabilities, working security architectures,
pros and cons of both commercial and experimental pro-active security
tools.
The presentation of new security tools and methodologies, when their
actual
effectiveness and applicability are shown, is also welcome.
Topics of interest include, but are not limited to, the following:
- security policy writing
- risk analysis
- international legal issues
- computer forensics
- liability issues
- legal and administrative issues in incident handling
- competition, espionage, information warfare
- vulnerability analysis and advisory process
- coordinating international incidents
- intrusion detection, response, and analysis
- building perimeter defenses
- secure network administration
- building security infrastructures against internal attacks
- securing operating systems
- experiences with virus/antivirus
- experiences with commercial security tools
- Java/ActiveX security
- proactive security tools
- Internet service providers and security
- programming securely
- collecting evidences
- experience with PKI'’.
Tutorial Submission
Two tutorial tracks are planned. One oriented to IT managers will deal
with
topics such as drafting a security policy, organizing incident response
teams, computer forensics, setting up a PKI. The second track is
oriented to
technical staff and will provide information on security tools,
designing
security architectures, monitoring tools and web security, etc.
Proposals
are solicited from individuals interested in giving a tutorial.
Tutorials
may be half or full day in length and cover topics at an introductory or
advanced level. Proposals for tutorials should be submitted to the
following
address: tuto2000at_private and should include an extended abstract
describing the topic and objectives, a detailed outline of the content,
a
description of the intended audience, a biography of the speaker(s), and
an
indication of length (full or half day). Individuals interested in
submitting
tutorial proposals are encouraged to contact the Program Chair before
the
deadline to discuss the proposed content.
Panel Submission
Panels are solicited that examine innovative, controversial, or
otherwise
provocative issues of interest. Panel proposals should not exceed 3
pages,
including biographical sketches of the panelists. Potential panel
organizers
should contact the Program Chair.
Paper Submission
Authors are invited to submit papers, preferably in Post Script or PDF
format,
RTF and HTML are also accepted, whose length does not exceed 15 double
spaced
typeset pages. All paper submissions will be handled electronically.
Authors
should e-mail a version of their full paper to first2000at_private
In addition, authors should separately send via e-mail title, author
names
and full address, specifying the corresponding author, and abstract of
their
paper to the Program Chair. Authors will receive an immediate
notification
of the successful receipt of the file containing their paper.
Subsequently,
a formal notification will be sent after verifying that the paper can be
printed successfully. Papers will be evaluated by the program committee
based
on their quality and relevance. Each paper will be reviewed by three
independent reviewers, whose reviews will be relayed to the
corresponding
author. All submissions are held in the highest confidentiality prior to
publication in the proceedings. Papers submitted after the deadline will
not be accepted unless an extension has been granted. Authors must
obtain
employer, client, or government releases prior to submitting the final
manuscript. Accepted papers will be presented during the conference and
will be published in the conference proceedings. The proceedings are
provided free of charge to conference attendees. Additional copies will
be
available for purchase at the conference.
IMPORTANT DATES
Submission Deadline: November 15, 1999
Notification of Acceptance: January 20, 2000
Final Version Due: March 15, 2000
PROGRAM COMMITTEE
M. Bishop, UC Davis (USA)
D. Bruschi, Univ. di Milano (IT), PC Chair, chair2000at_private
W. Caelli, Queensland Univ. of Tech. (AU)
D. Crochemore, CERT - Renater (FR)
D. Gollmann, Microsoft (UK)
K. Hooker, Univ. of Wisconsin (USA)
K. Houle, CERT-CC (USA)
K. Kossakowski, SECU-CERT (D)
M. Miqueu, CERT-IST (FR)
C. Nathanson, BT (UK)
M. J. Ranum, NFR (USA)
C. Serban, ATT (USA)
P. Sommer, LSE (UK)
D. Stikvoort, Stelvio (NL)
MICHELE SENSALARI
CERT-IT
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:07:51 PDT