Fifth Conference on
|
|
![]() of the German Informatics Society (GI). |
|
|
TXT-PDF |
|
|
|
(doc)(pdf)(txt) |
(doc)(pdf)(rtf) |
| 08:30 | Registration |
| 09:00 | Opening remarks |
| 09:15 | Session: Malware detection and prevention (I) (chair: Ludovic Me) |
|
|
| 10:45 | Coffee break |
| 11:15 | Session: Attack prevention (chair: John McHugh) |
|
|
| 12:45 | Lunch |
| 14:00 | Keynote talk: "The Future of Network Security Monitoring" Richard Bejtlich, Director of Incident Response, General Electric |
| Abstract: Richard Bejtlich explored Network Security
Monitoring (NSM) in his first book, the Tao of Network Security
Monitoring: Beyond Intrusion Detection, in 2004. Richard based his
discussion on a historical foundation reaching back to the early
1990s. In this talk, Richard will briefly explore that history and
provide context for current NSM implementations. Richard will then
look forward to see how NSM fits in a world where the cloud is the
computer, most endpoints are terminals (again), and the network is one
of many simultaneous connections not under control of the IT
department. speaker bio:Richard Bejtlich is Director of Incident Response for General Electric. Prior to joining GE, Richard operated TaoSecurity LLC as an independent consultant, protected national security interests for ManTech Corporation's Computer Forensics and Intrusion Analysis division, investigated intrusions as part of Foundstone's incident response team, and monitored client networks for Ball Corporation. Richard began his digital security career as a military intelligence officer at the Air Force Computer Emergency Response Team (AFCERT), Air Force Information Warfare Center (AFIWC), and Air Intelligence Agency (AIA). Richard is a graduate of Harvard University and the United States Air Force Academy. He wrote "The Tao of Network Security Monitoring" and "Extrusion Detection," and co-authored "Real Digital Forensics." He also writes for his blog (taosecurity.blogspot.com) |
|
| 15:15 | Coffee break |
| 15:45 | Session: Attack techniques and Vulnerability assessment (chair: Ulrich Flegel) |
|
| 08:30 | Registration |
| 09:00 | Keynote talk: "From Virtual Machines to Virtual Infrastructure: How Virtualization is Reshaping the Enterprise and What this Means for Security", Tal Garfinkel, VMware/Stanford University |
| Abstract: The move to virtual machine based computing
platforms is perhaps the most significant change in how enterprise
computing systems have been built in the past decade. In this talk
Tal Garfinkel will look at how virtualization is reshaping the way
that enterprise data centers are built and managed. He will then share
some of the challenges and surprises encountered along the
way. Finally, he will explore the unique opportunities these changes
are offering to rethink how we design host and network security. speaker bio:Tal Garfinkel is a senior scientist in the advanced development group at VMware where he splits his time between developing new technologies and setting the direction for the core platform security architecture. He is currently completing a PhD at Stanford University and holds a bachelor's degree in computer science from the University of California, Berkeley. |
|
| 10:15 | Coffee break |
| 10:45 | Session: Malware detection and prevention (II) (chair: Sven Dietrich) |
|
|
| 12:15 | Lunch |
| 13:45 | Rump session (chair: Sven Dietrich) |
| 14:45 | Coffee break |
| 15:15 | Session: Intrusion detection and Activity correlation (chair: Bernhard Haemmerli) |
|
|
| 16:45 | Concluding remarks |