From: dac@zurich.ibm.com (Marc Dacier)
Date: Wed, 3 Jun 1998 03:28:09 -0700 (PDT)
To: cypherpunks@toad.com
Subject: Last Call For Participation - RAID 98
Message-ID: <9806031027.AA140462@collon.zurich.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain



		Last Call For Participation - RAID 98

      (also available at http://www.zurich.ibm.com/~dac/RAID98)

   First International Workshop on the Recent Advances in Intrusion
			      Detection

	   September 14-15, 1998 Louvain-la-Neuve, Belgium

We solicit your participation in the first International Workshop on the 
Recent Advances in Intrusion Detection (RAID 98). 

This workshop, the first in an anticipated annual series, will bring 
together leading figures from academia, government, and industry to talk 
about the current state of intrusion detection technologies and paradigms 
from the research and commercial perspectives. 

Research into and development of automated intrusion detection systems 
(IDS) has been under way for nearly 10 years. By now a number of systems 
have been deployed in the commercial or government arenas, but all are 
limited in what they do. At the same time, the numerous research and 
prototype systems developed have been more engineering than scientific 
efforts, with scant quantitative performance figures. As we survey the 
field of automated intrusion detection, we are faced with many questions: 

1.	What research questions have yet to be answered (or even
        asked) about IDS? 
2.	What are the open challenges, limitations, and fundamental
        concerns about present intrusion detection methodologies? 
3.	What metrics can we use to measure IDS performance and thus 
        compare different systems and methodologies? These
        measurements should highlight the successes and expose the
        limitations of current IDS approaches. 
4.	What factors are inhibiting transfer of research ideas into 
        functional deployed systems? How can those be addressed? 
5.	What is the role of a deployed IDS? How should or can it fit in 
        with other security systems? 
6.	What are the typical IDS operating environments? What can be 
        done to configure IDS to unique operating environments?
7.	What are the challenges for IDS in very large environments, such 
        as the Internet? 
8.	Is it time to contemplate IDS standards? What are the advantages
        and disadvantages of standardizing components of IDS?
        What forums (e.g., IETF, ISO) would be appropriate for
        pursuing such standards? 
9.	What are the problems of turning the results of intrusion
        detection tools into legally reliable evidence? What are the
        problems of admissibility and of courtroom presentation? 

We invite proposals and panels that explore these questions or any other 
aspect of automated intrusion detection. We especially solicit proposals 
and panels that address: 

1.	New results related to intrusion detection methodologies and 
        technologies. 
2.	Innovative ways of thinking about intrusion detection; for 
        example, the applicability of R&D in the fields of survivable
        and/or dependable systems, data mining, etc. 
3.	User experiences and lessons learned from fielded intrusion 
        detection systems. 
4.	IDS for emerging computer environments (e.g., Java, CORBA, and 
        NT). 
5.      Commercial intrusion detection systems.

We have scheduled RAID 98 immediately before ESORICS 98, at the same time 
as CARDIS 98, and at the same location as both of these conferences. This 
provides a unique opportunity for the members of these distinct, yet 
related, communities to participate in all these events and meet and share 
ideas during joined organized external events. 

GENERAL CO-CHAIRS
*****************

Marc Dacier (IBM Zurich Research Laboratory, Switzerland)
Kathleen Jackson (Los Alamos National Laboratory, USA)

PROGRAM COMMITTEE
*****************

Matt Bishop (University of California at Davis, USA)
Dick Brackney (National Security Agency, USA)
Yves Deswarte (LAAS-CNRS & INRIA, France)
Baudouin Le Charlier (Universite de Namur, Belgium)
Stuart Staniford-Chen (University of California at Davis, USA)
Rowena Chester (University of Tennessee, USA)
Deborah Frincke (University of Idaho, USA)
Tim Grance (National Institute of Standards and Technology, USA)
Sokratis Katsikas (University of the Aegean, Greece)
Jean-Jacques Quisquater (Universite Catholique de Louvain, Belgium)
Mark Schneider (National Security Agency, USA)
Marv Schaefer (Arca Systems, USA)
Peter Sommer (London School of Economics & Political Science, England)
Steve Smaha (Free Agent, USA)
Gene Spafford (Purdue University, USA)
Chris Wee (University of California at Davis, USA)
Kevin Ziese (Cisco, USA)

SUBMISSIONS
***********

The program committee invites proposals for both technical and general 
interest talks and panels.

Each talk or panel submission must contain:

1)  A separate title page with:
      The type of submission (talk or panel);
      The title or topic; and
      The name(s) of the speaker or panel chair and probable
      panelists, with their organizational affiliation(s), telephone
      and FAX numbers, postal address, and Internet electronic mail
      address.
2)  A brief biography of each participant.
3)  The time desired for the talk or panel.

Talk proposals must also include an abstract that is a maximum of 600 
words in length. Papers are not required, but if included as an addendum, 
will be used as supplementary information for the evaluation of the talk 
proposal. The program committee will allocate each accepted presenter 
either a 15 or 30-minute slot for the talk, based on the complexity and 
interest of the proposed topic and the wishes of the speaker. The 
presenter will be informed the slot length when notified of acceptance.

Panel proposals must also include a description that is a maximum of 300 
words, the format of the presentation, and short rationale for the panel. 
The program committee will allocate accepted panel sessions one to 
two-hour time slots, based on the complexity and interest of the proposed 
topic, the number of panelists, and the wishes of the panel chair. The 
panel chair will be informed the slot length when notified of acceptance.

All proposals must be in English. Plan to give all panels and talks in 
English. 

We must receive all proposals before June 15, 1998. We strongly prefer 
they be submitted by e-mail to raid98@zurich.ibm.com. Various formats 
(ASCII, postscript, Word, WordPro, Framemaker, and LaTex) are acceptable. 
If necessary, hardcopy proposals may be sent to: 

Marc Dacier
Global Security Analysis Lab
IBM Zurich Research Laboratory
Saeumerstrasse 4
CH-8803 Rueschlikon
Switzerland

Each submission will be acknowledged by e-mail.  If acknowledgment is not 
received within seven days, please contact the one of the General 
Co-Chairs.

A preliminary program will be available at the RAID web site
(http://www.zurich.ibm.com/~dac/RAID98) by August 1, 1998.

CORPORATE SPONSORS
******************

We solicit interested organizations to contribute to student travel 
expenses for RAID 98. Corporate sponsorship will cost 2500 US$, and will 
entitle the organization to four general attendance workshop passes. 
Please contact a General Co-Chair for more information.
 
REGISTRATION
************

Registration will open on 1 August 1998, at which point detailed 
registration information (including a list of recommended hotels) will be 
provided at the RAID 98 web site (http://www.zurich.ibm.com/~dac/RAID98). 
Travel instructions to Louvain-la-Neuve are available at 
http://www.dice.ucl.ac.be/crypto/acces-lln.html (courtesy of the UCL 
Crypto Group). Registration will close on 21 August 1998. Late 
registration will continue until 4 September 1998, but only on a 
space-available basis, and will include a penalty of 50 US$ (in addition 
to the fees specified below). 

Fees will be levied on a sliding scale, as follows:

Student: $200
Speaker or Panel Member: 250 US$
General attendance: 350 US$

This fee will include workshop sessions, banquet, hosted reception, 
luncheons, light breakfast service, and coffee and refreshment breaks. 
There will be no special rate for one-day or other limited attendance. 
Payment in full will be required at registration. 

We are negotiating a registration discount for those attending both the 
ESORICS conference and the RAID or CARDIS workshops, and for 
interchangeable workshop registration. Further information will be 
available when detailed registration information is posted.

PROCEEDINGS
***********

On-line workshop proceedings will be posted on the RAID web site
(http://www.zurich.ibm.com/~dac/RAID98) immediately following the workshop. 
It will include:

1)	The final program;
2)	A list of corporate sponsors;
3)	A list of attendees (subject to each attendee's approval);
4)	The submitted abstract and slides used by each speaker;
5)	The submitted description and rationale for each panel;
6)	The slides used by each panelist; and,
7)	Written position statements from each panelist.

In addition, the most outstanding workshop participants will be invited to 
submit an analogous formal paper to a special RAID edition of the refereed 
journal "Computer Networks and ISDN Systems."

IMPORTANT DATES
***************

Deadline for submission: 15 June 1998 
Registration opens: 1 August 1998
Notification of proposal acceptance or rejection: 1 August 1998
Preliminary program posted to web: 1 August 1998
Registration closes: 21 August 1998
Late registration closes: 4 September 1998
Workshop: 14-15 September 1998

MORE INFORMATION
****************

For further information contact one of the General Co-chairs: 

Marc Dacier 
IBM Zurich Research Laboratory 
Switzerland 
E-mail: dac@zurich.ibm.com 
Tel.: +41-1-724-85-62 
Fax.: +41-1-724-89-53 
                                         
Kathleen Jackson
Los Alamos National Laboratory
USA
E-mail: kaj@lanl.gov
Tel.: +41-1-724-86-29
Fax.: +41-1-724-89-53

The RAID 98 web site: http://www.zurich.ibm.com/~dac/RAID98,

The ESORICS 98 web site: http://www.dice.ucl.ac.be/esorics98. 

The CARDIS 98 web site: http://www.dice.ucl.ac.be/cardis98/