14th Annual Computer Security
Incident Handling Conference
Hilton Waikoloa Village, Hawaii
June 24-28, 2002
Call for Papers
Overview
The Forum of Incident Response and Security Teams (FIRST, https://www.first.org/) is a global organization whose aim is to facilitate the sharing of security-related information and to foster cooperation in the effective prevention, detection, and recovery from computer security incidents. Its members are CSIRTs (Computer Security Incident Response Teams) from government, commercial, academic, and other environments.The FIRST conference ( https://www.first.org/conference/2002/) brings together IT managers, system and network administrators, security specialists, academics, security solutions vendors, CSIRT personnel and anyone interested in
- the most advanced techniques in detecting and responding to computer security incidents
- the latest improvements in computer security tools, methodologies, and practice
- sharing their views and experiences with those in the computer security incident response field
The Conference
The conference is a five day event, comprising two days of tutorials and three days of technical sessions which include refereed paper presentations, invited talks, and panel discussions.The conference will discuss the most recent practical issues in computer and network security, focusing on incident response.
The program committee solicits original contributions on the following topics:
- Incident Response
Specific Incidents:- large computer virus outbreaks
- Distributed Denial-of-Service (DDOS) attacks
- Privacy and Intellectual Property incidents
- insider incident response
- intrusion detection, analysis, and response automation
- collecting evidence
- computer and network forensics
- CSIRT Operation and Tools
- CSIRT Best Practices
- automation of CSIRT operations
- informing customers of new security threats (vulnerabilities, exploitation tools, viruses, etc.)
- vulnerability analysis and advisory process
- drafting incident response and security policies
- experience with security tools, both commercial and free, both experimental and stable
- new approaches to attack analysis
- OS-specific log analysis tools
- multi-source intrusion detection analysis
- Response Team Cooperation and Legal Issues
- coordinating international incident handling
- trust relationships in incident response
- international legal and liability in incident response
- dealing with black hats
- New Technologies, New Vulnerabilities
- impact of new technologies (IPSEC and others) on incident response
- vulnerabilities in WAP enabled web applications
- vulnerabilities in PDA and Pocket PC's
- forensics on wireless devices
- experiences with deploying VoIP
- commercial shopping and banking systems
- Other Topics
- competition, espionage, and information warfare
- secure system and network administration
- secure programming techniques and practices
- Internet service providers and security
- intruder profiling
- outsourcing security -- managed security services
Tutorial Submission
Three tutorial tracks are planned:
- The first track is oriented toward IT managers and will deal
with topics such as drafting security policies incorporating policies
for incident response, computer forensics, setting up security
infrastructures, etc.
- The second track is oriented toward technical staff and will
provide in-depth information on security tools, designing security
architectures, intrusion detection and monitoring tools, web
security, etc. - in particular COMPUTER FORENSICS is a
special interest topic this year.
- The third track is tailored for people interested in building and organizing an incident response team or related services like security advisories, vulnerability analysis, etc.
Proposals are solicited from experts interested in giving a tutorial. Tutorials may be half or full day in length and can cover topics either at an introductory or advanced level.
All tutorial submissions will be handled electronically. Authors should email the completed submission form (attached below) to tuto2002@first.org.
Individuals interested in submitting tutorial proposals are encouraged
to contact the program chair before the deadline to discuss the
proposed content.
Panel Submission
Panels are solicited that examine innovative, controversial, or
otherwise provocative issues of interest.
All panel submissions will be handled electronically. Authors should e-mail the completed submission form (attached below) to panel2002@first.org.
A reduction of the conference fee will be offered to panel organizers.
Paper Submission
Authors are invited to submit papers, preferably in PostScript or
PDF format (RTF and HTML are also accepted). The length should not
exceed 12 pages typeset in a 12-point font. A detailed synthesis
(2 pages minimum) will be considered if it gives a clear reflection
of the contents and key points of the coming paper.
All paper submissions will be handled electronically. Authors should email a version of their paper and the completed submission form (attached below) to paper2002@first.org.
Authors will receive an immediate notification of the successful receipt of the file containing their paper. Subsequently, a second notification of receipt will be sent after the paper has been printed successfully.
A reduction of the conference fee will be offered to one author of
each accepted paper.
Process of Selection
Papers, tutorials, and panels will be evaluated by the program
committee based on their quality and relevance. Each proposal will
be reviewed by at least three independent reviewers, whose reviews
will be relayed to the corresponding author. All submissions are
held in confidentiality prior to publication in the proceedings.
Submissions received after the deadline will not be considered unless an extension has been granted. Authors must obtain employer, client, or government releases prior to submitting the final manuscript.
Accepted papers will be presented by their authors and will be published in the conference proceedings. The proceedings are provided free of charge to conference attendees. Additional copies will be available for purchase at the conference.
Copyright
FIRST requires a non exclusive copyright license for all the papers
presented at the conference and for the presentation material. This
includes potential distribution on a conference CD and/or the FIRST
website.
Important Dates
| Submission deadline: | November 16, 2001 |
| Notification of acceptance: | January 11, 2002 |
| Final version of the paper due: | March 11, 2002 |
| Final presentation material (slides) due: | May 1, 2002 |
Note that tutorial and panel proposals, as well as papers
(or detailed syntheses, as described above) are expected to arrive
prior to the submission deadline (NOVEMBER 16) in order to be
considered.
Questions
If you have questions about the submission process, don't hesitate
to send them to the appropriate email address:
Program Committee
Cristina SERBAN (Chair), chair2002@first.org - AT&T Labs, USAAnne BENNETT - Concordia University - Canada
David CROCHEMORE - CERT Renater - France
Kathy FITHEN - PriceWaterhouseCoopers - USA
Dan GARRETT - ETG Inc. - USA
Klaus-Peter KOSSAKOWSKI - Germany
Larry LEIBROCK - eforensic - USA
Xing LI - CCERT - China
Chaeho LIM - CERTCC-KR - Korea
Francisco MONSERRAT COLL - IRIS-CERT - Spain
David MAILLARD - Intexxia - France
David MORTMAN - Siebel Systems - USA
Claudia NATANSON - British Telecom - UK
Steve ROMIG - Ohio State University - USA
Roger SAFIAN - NorthWestern University - USA
Kurt SAUER - Sun Microsystems - France
Derrick SCHOLL - Sun Microsystems - USA
Elizabeth SIEMERS - Guardent - USA
Gordon STEELE - PARA-PROTECT - USA
Hironobu SUZUKI - JPCERT/CC - Japan
Franck VEYSSET - Intranode - France