14th Annual Computer Security
                  Incident Handling Conference
                Hilton Waikoloa Village, Hawaii
                        June 24-28, 2002

                        Call for Papers

Overview

This text is also available at
<http://www.first.org/conference/2002/cfp.html>.

The Forum of Incident Response and Security Teams (FIRST,
http://www.first.org/) is a global organization whose aim is to
facilitate the sharing of security-related information and to foster
cooperation in the effective prevention, detection, and recovery
from computer security incidents. Its members are CSIRTs (Computer
Security Incident Response Teams) from government, commercial,
academic, and other environments.

The FIRST conference ( http://www.first.org/conference/2002/) brings
together IT managers, system and network administrators, security
specialists, academics, security solutions vendors, CSIRT personnel
and anyone interested in

   * the most advanced techniques in detecting and responding to
     computer security incidents
   * the latest improvements in computer security tools, methodologies,
     and practice
   * sharing their views and experiences with those in the computer
     security incident response field

The Conference

The conference is a five day event, comprising two days of tutorials
and three days of technical sessions which include refereed paper
presentations, invited talks, and panel discussions.

The conference will discuss the most recent practical issues in
computer and network security, focusing on incident response.

The program committee solicits original contributions on the
following topics:

   * Incident Response
     Specific Incidents:
        o large computer virus outbreaks
        o Distributed Denial-of-Service (DDOS) attacks
        o Privacy and Intellectual Property incidents
        o insider incident response
     General Issues:
        o intrusion detection, analysis, and response automation
        o collecting evidence
        o computer and network forensics

   * CSIRT Operation and Tools
        o CSIRT Best Practices
        o automation of CSIRT operations
        o informing customers of new security threats (vulnerabilities,
          exploitation tools, viruses, etc.)
        o vulnerability analysis and advisory process
        o drafting incident response and security policies
        o experience with security tools, both commercial and free,
          both experimental and stable
        o new approaches to attack analysis
        o OS-specific log analysis tools
        o multi-source intrusion detection analysis

   * Response Team Cooperation and Legal Issues
        o coordinating international incident handling
        o trust relationships in incident response
        o international legal and liability in incident response
        o dealing with black hats

   * New Technologies, New Vulnerabilities
        o impact of new technologies (IPSEC and others) on incident
          response
        o vulnerabilities in WAP enabled web applications
        o vulnerabilities in PDA and Pocket PC's
        o forensics on wireless devices
        o experiences with deploying VoIP
        o commercial shopping and banking systems

   * Other Topics
        o competition, espionage, and information warfare
        o secure system and network administration
        o secure programming techniques and practices
        o Internet service providers and security
        o intruder profiling
        o outsourcing security -- managed security services

Tutorial Submission

Three tutorial tracks are planned:

   * The first track is oriented toward IT managers and will deal
     with topics such as drafting security policies incorporating
     policies for incident response, computer forensics, setting
     up security infrastructures, etc.

   * The second track is oriented toward technical staff and will
     provide in-depth information on security tools, designing
     security architectures, intrusion detection and monitoring
     tools, web security, etc. - in particular COMPUTER FORENSICS
     is a special interest topic this year.

   * The third track is tailored for people interested in building
     and organizing an incident response team or related services
     like security advisories, vulnerability analysis, etc.

Proposals are solicited from experts interested in giving a tutorial.
Tutorials may be half or full day in length and can cover topics
either at an introductory or advanced level.

All tutorial submissions will be handled electronically. Authors
should email the completed submission form (attached below) to
tuto2002first.org.

Individuals interested in submitting tutorial proposals are encouraged
to contact the program chair
before the deadline to discuss the proposed content.

Panel Submission

Panels are solicited that examine innovative, controversial, or
otherwise provocative issues of interest.

All panel submissions will be handled electronically. Authors
should e-mail the completed submission form (attached below) to
panel2002first.org.

A reduction of the conference fee will be offered to panel organizers.

Paper Submission

Authors are invited to submit papers, preferably in PostScript or
PDF format (RTF and HTML are also accepted). The length should not
exceed 12 pages typeset in a 12-point font. A detailed synthesis
(2 pages minimum) will be considered if it gives a clear reflection
of the contents and key points of the coming paper.

All paper submissions will be handled electronically. Authors
should email a version of their paper and the completed submission
form (attached below) to paper2002first.org.

Authors will receive an immediate notification of the successful
receipt of the file containing their paper. Subsequently, a second
notification of receipt will be sent after the paper has been
printed successfully.

A reduction of the conference fee will be offered to one author of
each accepted paper.

Process of Selection

Papers, tutorials, and panels will be evaluated by the program
committee based on their quality and relevance. Each proposal will
be reviewed by at least three independent reviewers, whose reviews
will be relayed to the corresponding author. All submissions are
held in confidentiality prior to publication in the proceedings.

Submissions received after the deadline will not be considered
unless an extension has been granted. Authors must obtain employer,
client, or government releases prior to submitting the final
manuscript.

Accepted papers will be presented by their authors and will be
published in the conference proceedings. The proceedings are provided
free of charge to conference attendees. Additional copies will be
available for purchase at the conference.

Copyright

FIRST requires a non exclusive copyright license for all the papers
presented at the conference and for the presentation material. This
includes potential distribution on a conference CD and/or the FIRST
website.

Important Dates

 Submission deadline: November 16, 2001
 Notification of acceptance: January 11, 2002
 Final version of the paper due: March 11, 2002
 Final presentation material
 (slides) due: May 1, 2002

Note that tutorial and panel proposals, as well as papers (or
detailed syntheses, as described above) are expected to arrive
prior to the submission deadline (NOVEMBER 16) in order to be
considered.

Questions

If you have questions about the submission process, don't hesitate
to send them to the appropriate email address:

   * paper2002first.org
   * tuto2002first.org
   * panel2002first.org

Program Committee

Cristina SERBAN (Chair), chair2002first.org - AT&T Labs, USA
Anne BENNETT - Concordia University - Canada
David CROCHEMORE - CERT Renater - France
Kathy FITHEN - PriceWaterhouseCoopers - USA
Dan GARRETT - ETG Inc. - USA
Klaus-Peter KOSSAKOWSKI - Germany
Larry LEIBROCK - eforensic - USA
Xing LI - CCERT - China
Chaeho LIM - CERTCC-KR - Korea
Francisco MONSERRAT COLL - IRIS-CERT - Spain
David MAILLARD - Intexxia - France
David MORTMAN - Siebel Systems - USA
Claudia NATANSON - British Telecom - UK
Steve ROMIG - Ohio State University - USA
Roger SAFIAN - Northwestern University - USA
Kurt SAUER - Sun Microsystems - France
Derrick SCHOLL - Sun Microsystems - USA
Elizabeth SIEMERS - Guardent - USA
Gordon STEELE - PARA-PROTECT - USA
Hironobu SUZUKI - JPCERT/CC - Japan
Franck VEYSSET - Intranode - France

Proposal Submission Form

The Proposal Submission Form for the FIRST 2002 Conference is
available on-line at http://www.first.org/conference/2002/submission.txt.

--
Roger A. Safian
r-safiannwu.edu (email) public key available on many key servers.
(847) 491-4058   (voice)
(847) 467-5690   (Fax) "You're never too old to have a great childhood!"
============================================================================
Delivery co-sponsored by Trend Micro, Inc.
============================================================================
TREND MICRO SCANMAIL FOR EXCHANGE 2000 -- SECOND to NONE
If you are worried about email viruses, you need Trend Micro ScanMail for
Exchange. ScanMail is the first antivirus solution that seamlessly
integrates with the Microsoft Exchange 2000 virus-scanning API 2.0. ScanMail
ensures 100% inbound and outbound email virus scanning and provides remote
software management. Download a FREE 30-day trial copy of ScanMail and find
out why it is the best:
http://www.antivirus.com/banners/tracking.asp?si=8&BI;=240&UL;=/smex2000
============================================================================

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]