Klaus-Peter Kossakowski: IT Incident Response Capabilities


Zur Person

Größere Projekte

IT Incident Response




3rd Workshop on Computer Security Incident Handling 1991

Die Arbeit  |  Teams  |  Konferenzen  |  Bibliographie

2001 2000 1999
1998 1997 1996 1995 1994
1993 1992 1991 1990 1989


Herndon, Va.


August 1991


Mit diesem Workshop erhielt die Veranstaltung ihren endgültigen Namen.


  • Vortrag von Scott Charney (DoJ, USA)
  • Steve Crocker (TIS, USA) / Will the Network Ever Be Safe(r)? - The Role of Intrusion Detection in the Overall Scheme of Network Security
  • Richard D. Pethia (CERT/CC, USA) / On Forming the CERT System
  • John Wack (NIST, USA) / Establishing a Computer Security Incident Response Capability (CSIRC)

 Vendor Activities:

  • Stephen C. O'Brien (RAXCO, USA) / Asessing VMS Security With the Security Toolkit
  • Beverly J. Ulbrich (SUN, USA) / SUN's Customer Warning System
  • Steve Redfern (DEC, USA) / Security Incident Management at Digital [Redfern 1991]

 Network Intrusions:

  • James E. Molini (NASA, USA) / Integrity Tools for Intrusion and Virus Detection
  • Jeffrey I. Schiller (MIT, USA) / Computer Incident Handling at the Massachusetts Institute of Technology [Schiller 1991]
  • Kenneth J. Kutz (Bowling Green State University) / An Intrusion from the Netherlands: An Internet and Unix Security Case Study

 Legal / Liability Issues:

  • E. Eugene Schultz Jr. (CIAC, USA) / The Computer Fraud and Abuse Act of 1986 and the Computer Security Act of 1987 : Impact on Incident Response Efforts [Schultz Jr. 1991b]
  • David J. Icove and Karl A. Seger (FBI, USA) / Project CASIAT : An Update
  • Geoffrey S. Stewart (Hale and Door, USA) / Legal Liabilities of Software Publishers for Distribution of Software Containing Security Holes [Stewart 1991]

 Vulnerabilities / Malicious Code:

  • Thomas A. Longstaff and E. Eugene Schultz Jr. (CIAC, USA) / Beyond Preliminary Analysis of the WANK and OILZ Worms : A Case Study of Malicious Code
  • Gordon Hama and Maurice Massart (Royal Canadian Mounted Police, CDN) und Ron Hysert (Communications Security Establishment, CDN) / Government of Canada PC-Virus Training Package
  • Ray Kaplan (Univ. of Arizona, USA) / Speculations on the Nature of Future Attacks and How we Will Defend Ourselves Against Them

 Procedures, Policies & Techniques:

  • David E. Post (Siemens Corporate Research, USA) / Computer Security Incidents [Post 1991]
  • Matt Bishop (Dartmouth College, USA) / Comparing Authentication Techniques
  • Mike Nicholson (Westinghouse, USA) / One Corporation's Approach to Information Systems Security
  • Dennis M. Flanders (Boeing, USA) / Information Security : Understanding and Selling the Need
  • Charlie Atterbury (Eastman Kodak, USA) / Managing Microcomputer Virus Concerns within A Large Diverse Environment
  • A. Padgett Peterson (Martin-Marietta, USA) / Developing the Internal Computer Security Program [Peterson 1991]


  • David S. Brown (CIAC, USA) / The CIAC Binary Inspector Tool (BIT) : A Non-Intrusive Vulnerability Detection Mechanism
  • James S. Rothfuss (LLNL, USA) / Update on the VMS Security Profile Inspector
  • Thomas D. Garvey (Artificial Intelligence Center, USA) und Teresa F. Lunt (SRI, USA) / Using Models of Intrusions
  • Steven R. Snapp, Biswanath Mukherjee and Karl N. Levitt (UC Davis, USA) / Detecting Intrusions Through Attack Signature Analysis
  • Barbara Lawrence (Westinghouse, USA) / Cost Conscious Network Security : Prioritizing Requirements

© 1998-2001 by Klaus-Peter Kossakowski, Germany.