spaf@cs.purdue.edu (Gene Spafford) (04/12/89)
COMPUTER VIRUSES '89 at the IBM & DEC Users Conference May 1-3, 1989 * Hyatt Regency O'Hare * Chicago Sponsored by Computer Security Institute PROGRAM OVERVIEW Partial list of speakers addressing virus-related topics: Eugene H. Spafford, Purdue University, will present an in-depth analysis of the Internet worm incident. Michael Karels, head of UNIX development at UC Berkeley, will discuss how UNIX is meeting the virus challenge. Kenneth R. van Wyk, creator of Lehigh University's VIRUS-L bulletin board, will talk about lessons learned. Richard D. Pethia, Carnegie Mellon University, will describe the first DARPA CERT (Computer Emergency Response Team), which he heads. Davis McCown, prosecutor in the "Texas Virus Trial" which convicted Donald Gene Burleson in September 1988, will recount the investigation and the trial. ----------------------------------------------------------------------------- Demonstrations of viruses, hacking, bulletin boards: Ross Greenberg, author of FLU_SHOT+, will demo viruses and describe PC Magazine's evaluation of 11 anti-virus products. Thomas V. Sobczak of Application Configured Computers will demonstrate hacking, underground bulletin boards, virus behavior, and public domain solutions. John McAfee, Computer Virus Industry Association, will demonstrate virus and anti-virus programs and present new statistical information on viruses. ----------------------------------------------------------------------------- Information on new security-related products: CA-ACF2/VAX and CA-Top Secret/VAX, which can help unify security and access control in mixed IBM-DEC shops. ClydeSentry, LJK/Security, Secure Pak, and The Security Toolkit, for assessing and monitoring security in DEC environments. ----------------------------------------------------------------------------- Exhibition -- A wide range of computer security products will be displayed during this two-day show. Workshop Orientation -- 42 half-day sessions; attendees choose two each day PROGRAM DETAILS COMPUTER VIRUS WORKSHOPS 1. Computer Viruses: Background, Detection, John McAfee, Computer Virus and Recovery Industry Association 2. Applying Traditional Management Techniques Roger Shaw, to Controlling Computer Viruses IBM Corp. 3. Protecting Against Unauthorized System Albert H. Decker, Attacks Coopers & Lybrand 4. Virus Emergency Response Richard Pethia, Software Engineering Institute, Carnegie Mellon University 5. Virus-Resistant Networked Unix System Michael J. Karels, Univ. of California, Berkeley 6. Viruses and Worms--What Can You Do? Stanley A. Kurzban, IBM Corp. 15. Policies and Procedures for Controlling John G. O'Leary, the Virus Threat Computer Security Institute 16. A Technical Analysis of the Internet Worm Eugene H. Spafford, Incident Purdue University 17. Practical Risk Management Techniques for Robert V. Jacobson, Controlling Computer Viruses International Security Technology, Inc. 18. An Evaluation of Anti-Virus PC Software Ross M. Greenberg, PC Magazine 19. Legal & Insurance Issues of Computer Robert W. Baker, Jr., Viruses Weinberg and Green 20. Managing a Virus Awareness Program Nicholas M. Elsberg, Aetna Life & Casualty 29. System Attack Demonstrations Thomas V. Sobczak, Ph.D., Application Configured Computers (ACC,Inc.) 30. The Successful Prosecution of Donald Gene Davis McCown, Tarrant Burleson: A Case History Cty (TX) Dist Atty's Ofc 31. Setting the Record Straight on Computer Robert H. Courtney, Jr., Viruses RCI 32. Lessons Learned from Computer Viruses Kenneth R. van Wyk, Lehigh University 33. Auditing Techniques for Controlling Viruses Michael Thayer, Price Waterhouse 34. Computer Viruses and Your Disaster Recovery Edward S. Devlin, Plan Harris Devlin Associates ----------------------------------------------------------------------------- IBM-SPECIFIC WORKSHOPS 7. Overview of IBM Security Curtis L. Symes, IBM Corp. 8. Using CA-ACF2 to Protect Against Computer Georgene Piper, Computer Viruses Associates International 9. Controlling Security Risks of Personal James P. Dwyer, Blue Cross Computers Blue Shield of Maryland 10. Comparing the Security Review Process in Emily Lonsford, IBM and DEC Environments The Mitre Corp. 21. AS/400 Security and Control Wayne O. Evans, IBM Corp. 22. RACF Overview Robert W. Spitz, IBM Corp. 23. Network Security for an IBM Environment William H. Murray, Ernst & Whinney 24. Introducing CA-ACF2/VAX Dan Wilkinson, Computer Associates International 35. Living with DB2 Security Martin G. Hubel, The Systems Center 36. Using CA-Top Secret to Protect Against Kimberly Bell, Computer Computer Viruses Associates International 37. Auditing MVS and VM System Software F. J. (Phil) Dolan, IBM Corp. 38. Managing Security in a Large-Scale IBM John Blackley, Capital Environment Holding Corporation ----------------------------------------------------------------------------- DEC-SPECIFIC WORKSHOPS 11. Overview of Digital Security Features and Steve Bold, Products Digital Equipment Corp. 12. Introduction to VAX/VMS Security Edward J. Norris, Digital Equipment Corp. 13. Managing a Comprehensive Security Program Robert J. Melford, in a DEC Environment R.J. Melford Associates 14. Security for Networked VAX/VMS Systems Geoff Cooke, DEMAC Software 25. Mapping VAX/VMS and IBM Mainframe Security Colin C. Rous, Digital Equipment of Canada 26. Advanced VAX/VMS Security Pamela Kelly, Digital Equipment Corp. 27. Security Tools for Safeguarding the DEC Adolph F. Cecula, Jr., Environment: A Panel Bureau of the Census 28. Building Applications Security on Andy Goldstein, Operating System Security Digital Equipment Corp. 39. Introducing CA-Top Secret/VAX Kurt Seibert, Computer Associates International 40. DECnet Security Lawrence J. Kilgallen, Software Consultant 41. The Ethernet Security System Jeffrey R. Sebring, Digital Equipment Corp. 42. A Checklist Approach to Auditing Pat McGovern, VMS Security Bankers Trust Company For more information, Contact: Van McGuirk (508) 393-2600 Computer Security Institute 360 Church Street Northborough, MA 01532