AusCERT 2004 Programme Schedule

AusCERT Asia Pacific
Information Technology Security Conference 2004
Computer Security: Are we there yet?

23rd May 2004 - 27th May 2004

Programme Schedule as at 21st May 2004

Day Zero: Sunday, 23rd May 2004

From 1300	Golf sponsored by IBM Tivoli Software - Please note that the Golf afternoon is now full.
1330 - 2100	*Conference registration*
1400 - 1600	*Free Workshop* So you want to establish a CSIRT; a Dutch perspective on the do's and don'ts Hedy van der Ende, General Manager, GOVCERT.NL Henk Bronk, Manager Technical Team, GOVCERT.NL
1400 - 1720	*Tutorial* Deploying Remote-Access IPSec VPNs Tony Saunders, Cisco Systems (see below for details)
1900 - 2100	*Welcome Reception sponsored by Check Point Software Technologies*

Day One: Monday, 24th May 2004 (Morning)

0800 - 1730	Registration desk open
0800 - 0830	Coffee sponsored by RSA Security
0830 - 0835	Welcome Nick Tate, Director, AusCERT Graham Ingram, General Manager, AusCERT
0835 - 0925	Keynote address Forty years of Internet Arms Races Bill Cheswick, Lumeta
0925 - 1005	Protecting NII Larry Hale, Deputy Director of the Department of Homeland Security, National Cyber Security Division, Computer Emergency Readiness Team (US-CERT)
1005 - 1035	2004 Australian Computer Crime and Security Survey Results Kathryn Kerr, Analysis and Assessments Manager, AusCERT Alastair MacGibbon, Director of the Australian High Tech Crime Centre
1035 - 1105	Morning Tea sponsored by VASCO Data Security Australia
	Technical Stream	Business Stream	Sponsors Stream	Sponsors Stream
1105 - 1145	Why isn't the Internet secure yet, dammit Peter Gutmann, Researcher, Auckland University	Malicious Code Attacks in the 21st Century Vincent Weafer, Senior Director of Development Symantec Security Response	Juniper Secure Access products - the new generation of remote access Matthew Miller, Juniper Networks	Getting value from Vulnerability Assessment and keeping it Neal Wise, Principal Consultant, Dimension Data
1145 - 1230	Passive Network Discovery Systems & Asset-centric Security Marty Roesch, Founder and CTO, Sourcefire	Is a 21st Century Australia Card a recipe for increased Identity Fraud? Malcolm Crompton, Former Federal Privacy Commissioner	The 3D Threat: How the rules have changed Scott Ferguson, Check Point Software Technologies	Preventative security measures: balancing business needs with security & investment Wayne Weisse, Network Associates
1235 - 1315	Honeynets and Honeypots: Companion technology for detection and response Cristine Hoepers, Senior Security Analyst, NIC BR Security Office (NBSO), Brazilian Computer Emergency Response Team	Security Breaches: Who is responsible Hamish Fraser, Lawyer, Optus	The content report: an in-depth look into email management practices Lindsay Durbin, Clearswift Asia Pacific	Securing your environment with the IBM Tivoli Identity Management portfolio Paul Ashley, IBM Software Group, Australia
1315 - 1430	Lunch sponsored by Trend Micro

Day One: Monday, 24th May 2004 (Afternoon)

1430 - 1510

Stopping MalWare: Has the battlefield changed?

Alex Shipp, Senior Anti Virus Technologist, MessageLabs

Security Response at Microsoft: Tales from the Trenches

Iain Mulholland, Manager, Microsoft Security Response Center

Security Management - corporate accountability and market maturity affecting incident and vulnerability management programs

Chris Pick, Vice-President Security Management, NetIQ

SPAM - a threat to security

Andrew Gordon, Brightmail

1515 - 1555

Highly Distributed Intrusion Detection Systems and Trust Relationships

Raven Alder, True North Solutions

Building a Computer Forensics Program in a Global Company

Kathy Fithen, Manager of the KO-CIRT and Computer Forensics team at The Coca-Cola Company

Beyond the signature files

Chris Poulos, Trend Micro

Email security: are we there yet?

Ned Engelke, IronPort Systems

1555 - 1625

Afternoon Tea sponsored by Proofpoint with Unixpac

1625 - 1705

The Internet Storm Center in Korea (Internet Forecasting by Monitoring Project)

Arnold Yoon, KRCERT/CC

Biometric *In*security

Roger Clarke, Consultant

High speed security - perimeter security in the gigabit age

Leigh Costin, Fortinet Inc

New menaces, new defences - a vendor perspective

Paul A. Henry, CyberGuard Corp

1710 - 1750

Wireless Security - Don't Bet the Farm Just Yet

Stephen Glass, IBM Tivoli/Griffith University

Security Fatigue: Threatening the Culture of Security

Nick Ellsmore, Director and Principal Consultant of SIFT Pty Ltd

International trends in IT security

Glen Noble, Macquarie Corporate
James B. Southworth, Secure Pathways

Conditioning More Effective Incident Response in the Enterprise

Kim Valois, CSC Australia

1750 - 1800

Coffee Break sponsored by b-sec

BOF Sessions

1805 - 1845

AusCERT member's only briefings

AusCERT

The security challenges facing Small to Medium Enterprises(SMEs) and how security should be approached in their environment.

ISIG

From 1900

Sponsors Cocktail Party

Day Two: Tuesday, 25th May 2004 (Morning)

0730 - 1730	Registration desk open
0730 - 0800	Coffee sponsored by Tripwire with Unixpac
0800 - 0805	Welcome Graham Ingram, General Manager, AusCERT
0805 - 0825	E-Security Policy Developments in Australia Keith Besgrove, Chief General Manager, Regulation and Analysis, NOIE
0825 - 0915	Keynote address The Internet: What we'd fix if we thought it was broken Fred Baker, Cisco Fellow, Cisco Systems
0915 - 0955	Legal Liability and Security Incident Investigation Jennifer Stisa Granick, Director of the Center for Internet and Society (CIS), Stanford Law School
0955 - 1045	Debate sponsored by NetIQ Who are we kidding? Too many vulnerability disclosures are bad for security. *Facilitator:* Chris Pick, Vice-President Security Management, NetIQ *Debaters:* Hamish Fraser, Lawyer, Optus; Mark McPherson, Training and Education Manager, AusCERT; Jennifer Stisa Granick, Director of the Center for Internet and Society (CIS), Stanford Law School; Karl Hanmore, Bank of Queensland; Marty Roesch, Founder and CTO, Sourcefire; Greg Shipley, CTO, Neohapsis;
1045 - 1115	Morning Tea sponsored by Vectra Corporation Limited
	Technical Stream	Business Stream	Sponsors Stream	Sponsors Stream
1115 - 1155	Log Analysis - How to Be In The Know Tim Daly, Atos Origin	Exploring Grand Challenges in Trustworthy Computing Eugene Spafford, Professor, Department of Computer Sciences, Purdue University	IT Security at Microsoft Corporation Greg Galford, Microsoft	Managed security services Lou Talevski, Symantec
1200 - 1240	VoIP security Ofir Arkin, Sys-Security Group	Cyber Threats to Critical Information Infrastructure: Local Case Studies Zahri Hj Yunos, National ICT Security and Emergency Response Centre (NISER)	Building the self-defending network Sam Trad, Cisco Systems Australia	Connectivity without Compromise Ken Long, Tenix Datagate
1240 - 1400	Lunch sponsored by Sun Microsystems

Day Two: Tuesday, 25th May 2004 (Afternoon)

	Technical Stream	Business Stream	Sponsors Stream	Sponsors Stream
1400 - 1440	Vulnerability research methodology Greg Shipley, CTO, Neohapsis	Corporate Security: A VeriSign Perspective Ken Silva, Vice President, Networking and Information Security, Verisign	Who's watching the door? Daniel Zatz, Computer Associates	Network identity infrastructures Darren Fowler, Sun Microsystems
1445 - 1525	A scalable virus scanning architecture for service provider email gateways Amar Shrestha, Telstra Corporation Ltd	Establishing security as a part of the business John Geurts, General Manager, Group Security, Commonwealth Bank	On Computable Numbers, with an application to the Entscheidungs problem (or why anti-virus and anti-spam is hard) Paul Ducklin, Sophos	The Shrinking Perimeter: The Case for Data-Level Risk Management Glenn Johnson, Senior IT Security and Management Consultant, Guardian Tech.
1525 - 1555	Afternoon Tea sponsored by MessageLabs
1555 - 1635	Network Forensics - Concepts and Tools Bruce Talbot, CA	AS 13335, The New Standard for IT Security? Rob Siganto, Bridge Point Communications	The future of the datacenter: utility computing, management technologies and information security implications Marcio Saito, Cyclades	We still need to drain the swamp Andrew Walls, Betrusted
1640 - 1720	Securing passwords over the wire; Implementing proxy digest authentication Sean Burford, The University of Adelaide	Comparing Handheld Operating System Security Eric Chien, Senior Software Engineer Symantec	Centrally managed endpoint security from Zone Labs Jonathan Mabie, Zone Labs	No presentation scheduled
1720 - 1730	*Coffee Break sponsored VeriSign Australia*
1730 - 1810	BOF Sessions ISSPCS certification exam preview forum Test your IT Security Knowledge and enjoy wine and cheese with: Nick Tate, Director, AusCERT John P Hopkinson, President ISSEA Mark McPherson, Training and Education Manager, AusCERT Scott Sinclair, The University of Queensland
From 1830	*Board Buses for Gala Dinner*
	*Gala Dinner sponsored by Microsoft Corporation*

Day Three: Wednesday, 26th May 2004 (Morning)

0800 - 1630	Registration desk open
0805 - 0835	Coffee sponsored by Ceanet Pty Ltd
0835 - 0840	Welcome Graham Ingram, General Manager, AusCERT
0840 - 0900	Fighting High Tech Crime Mick Deats, Detective Superintendent, Deputy Head, NHTCU
0900 - 0950	Keynote address Clarice Meets The Matrix: The Science of Profiling Takes a Whole New Direction Max Kilger, Psychologist, Honeynet Project
0950 - 1030	Honeynets: Detecting Insider Threats Kirby Kuehl, Honeynet Project
1035 - 1105	Morning Tea sponsored by Eracom Technologies
	Technical Stream	Business Stream	Sponsors Stream	R&D Stream
1105 - 1145	Advances in security scanning Renaud Deraison, Director of Research, Tenable Network Security	New Spam laws: risks and compliance issues? David Vaile, Executive director, Baker & McKenzie Cyberspace Law and Policy Centre, University of NSW	No presentation scheduled	Honeypot-based Forensics Fabien Pouget, Eurecom, France
				Trustworthy Routing with the TORA Protocol Asad Pirzada, UWA, Australia
1150 - 1230	Are you spamming today? Matthew Sullivan, The University of Queensland	The Cost of Risk - Passing it back to the business Karl Hanmore, Bank of Queensland	Next generation high performance network security architectures Matt Barrie, Sensory Networks	Understanding Attacks via Distributed IDS Till Dorges, Presecure Consulting, Germany
				Network-based Buffer Overflow Detection by Exploit Code Analysis Stig Andersson, QUT, Australia
1230 - 1350	Lunch sponsored by Brightmail

Day Three: Wednesday, 26th May 2004 (Afternoon)

	Technical Stream	Business Stream	Sponsors Stream	R&D Stream
1350 - 1430	Email Filtering and Mitigating Circumvention Techniques Dr Michael Cohen, Senior Technical Adviser Steven McLeod, Technical Adviser Defence Signals Directorate (DSD)	It's 11 o'clock - Do You Know Where Your Kids Are? Marcus Sachs, Director of the Internet Storm Center, SANS	No presentation scheduled	A Privacy Logging and Reporting Framework Paul Ashley, IBM Software Group, Australia
				Legal and Regulatory Issues of Implementation of Electronic Signatures Raj Gururajan, USQ, Australia
1435 - 1515	Microsoft Patch Analysis Russ Cooper, Surgeon General, TruSecure Corporation; Founder and Moderator of NTBugtraq	SCADA Systems Security - Why the IT Security approach might fail! Andreas Tilch, ISIG Mark Ames, ISIG	No presentation scheduled	A Protocol for Secrecy and Authentication within Proxy-based SPKI/SDSI Mobile Networks Craig Pearce, RMIT, Australia
				Protecting Stateful Security Policies Using One-Way Functions Hakan Kvarnstrom, TeliaSonera, Sweden
1520 - 1530	Afternoon Tea sponsored by nCipher Australia
1530 - 1620	Personal and Corporate Identity Theft: How to Spot and Avoid Today's Common Techniques of Elicitation and Social Engineering? Chris Pick, Vice-President Security Management, NetIQ
1620 - 1640	Lessons Learnt Conference Close
1645 - 1950	Tutorials 2 and 3 from 1645 to 1950 (see below for details)

Tutorials

Day Zero: Sunday, 23rd May 2004

1330 - 1400	*Registration & Coffee*
1400 - 1530	Tutorial 1 Deploying Remote-Access IPSec VPNs Tony Saunders, Cisco Systems
1530 - 1550	*Afternoon Tea sponsored by TippingPoint with Unixpac*
1550 - 1720	Tutorial 1 (cont.) Deploying Remote-Access IPSec VPNs Tony Saunders, Cisco Systems

Day Three: Wednesday, 26th May 2004

1645 - 1800

Tutorial 2
Information System Threat & Risk Assessment (ISTRA) - the Vital Precursor to Establishing an Appropriate Security Strategy

Sue Dudley, Victoria Police

(Introductory)

Tutorial 3
Securing your Windows Network (Security advice from the front-line)

Robert Hensing, PSS Security Incident Response Specialist, Microsoft

1800 - 1820

Coffee Break sponsored by Atos Origin

1820 - 1950

Tutorial 2 (cont.)
Information System Threat & Risk Assessment (ISTRA) - the Vital Precursor to Establishing an Appropriate Security Strategy

Sue Dudley, Victoria Police

(Introductory)

Tutorial 3 (cont.)
Securing your Windows Network (Security advice from the front-line)

Robert Hensing, PSS Security Incident Response Specialist, Microsoft

Day Four: Thursday, 27th May 2004 (Morning)

0830 - 0900	Registration & Coffee sponsored by EWA-Australia
0900 - 1030	Tutorial 4 Wireless Hacking: How to do it and how to avoid it happening to you Phillip Yialeloglou, Senior Systems Engineer Cisco Systems Australia	Tutorial 5 Working with Snort Marty Roesch, Founder and CTO, Sourcefire	Tutorial 6 Patch Warfare - Losing the battle? How to win the war . . . Robert Hensing, PSS Security Incident Response Specialist, Microsoft	Tutorial 7 Applied Information Security Risk Assessment Gary Gaskell, Infosec Services Pty Ltd Mark Ames, ICT Risk Pty Ltd (Advanced)
1035 - 1055	Morning Tea sponsored by Deloitte
1100 - 1230	Tutorial 4 (cont.) Wireless Hacking: How to do it and how to avoid it happening to you Phillip Yialeloglou, Senior Systems Engineer Cisco Systems Australia	Tutorial 5 (cont.) Working with Snort Marty Roesch, Founder and CTO, Sourcefire	Tutorial 6 (cont.) Enterprise Incident Response Planning Robert Hensing, PSS Security Incident Response Specialist, Microsoft	Tutorial 7 (cont.) Applied Information Security Risk Assessment Gary Gaskell, Infosec Services Pty Ltd Mark Ames, ICT Risk Pty Ltd (Advanced)
1235 - 1335	Lunch sponsored by Macquarie Corporate

Day Four: Thursday, 27th May 2004 (Afternoon)

1340 - 1510

Tutorial 8
Incident Response and Intrusion Analysis - Intermediate Level

Dr Michael Cohen, Senior Technical Adviser
Scott MacLeod, Leader
Steven McLeod, Technical Adviser
David Collett, Technical Computer Security Analyst
Steven Stroud, Manager, Technical Services

Defence Signals Directorate (DSD)

Tutorial 9
Introduction to Nessus

Renaud Deraison, Director of Research, Tenable Network Security

Tutorial 10
CANCELLED
Using the APNIC Whois Database to find contacts for the source or target of an attack

Samantha Dickinson, APNIC
Champika Wijayatunga, Senior Training Specialist, APNIC

Tutorial 11
Hacking Techniques and Defensive Measures

Marcus Sachs, Director of the Internet Storm Center, SANS

1515 - 1535

Afternoon Tea sponsored by Zantech

1540 - 1710

Tutorial 8 (cont.)
Incident Response and Intrusion Analysis - Intermediate Level

Steven Stroud, Manager, Technical Services
David Collett, Technical Computer Security Analyst
Steven McLeod, Technical Adviser
Scott MacLeod, Leader
Dr Michael Cohen, Senior Technical Adviser

Defence Signals Directorate (DSD)

Tutorial 9 (cont.)
Introduction to Nessus

Renaud Deraison, Director of Research, Tenable Network Security

Tutorial 10 (cont.)
CANCELLED
Using the APNIC Whois Database to find contacts for the source or target of an attack

Samantha Dickinson, APNIC
Champika Wijayatunga, Senior Training Specialist, APNIC

Tutorial 11 (cont.)
Hacking Techniques and Defensive Measures

Marcus Sachs, Director of the Internet Storm Center, SANS

Conference program subject to change