|Session||Network Security Workshop|
|Chair||Yoshiaki Kasahara [firstname.lastname@example.org]
Yasuichi Kitamura [email@example.com]
Rahmat Budiarto [firstname.lastname@example.org]
|Objective||- To raise the security awareness and knowledge within APAN community
- To exchange experience and knowledge in network security technologies and issues, and
- To cooperate with other international security efforts to raise security awareness, capabilities and interoperation globally.
Security related topics includes protection of the physical, intellectual, and electronic assets of the APAN and other network, including its security policies, network access controls, virus protection, network administration, auditing, and transaction security.
|Target Audience||Researchers, Scientists, Network Engineers|
|Program Details||Chair: Yoshiaki Kasahara [email@example.com]
1. Transparent Firewall for Wireless Network
Kasom Koht-arsa, Surasak Sanguanpong, Anan Phonphoem (Kasetsart University)
This presentation describes a wireless network design based on campus WLAN deployment which serves more than five thousands unique wireless clients each day and more than one thousand concurrent wireless clients. Three main implementation issues are: (1) How to increase security and availability due to effects from a rouge DHCP server and broadcast storm (2) How to provide seamless wireless roaming within the campus (3) How to allocate and utilize IP addresses for a large number of WLAN concurrent users. In this presentation, Multiple Linux bridges with custom filtering rules as transparent firewalls will be presented. The system is currently deployed for solving these issues in the real campus network.
Keywords: WLAN, L2 firewall, broadcast storm, rouge DHCP server
2. Automatic Phishing Site Detection and Blocking System
Surachai Chitpinityon, Kasom Koht-arsa, Surasak Sanguanpong (Kasetsart University)
Phishing site can be harmful especially when it has been setup inside the organization by outside hacker. This presentation describes a method to automatically detect and block phishing sites which reside in a campus network. Our solution is deployed by checking for signatures in both URLs and contents of the web site. The system will capture the requested URL from the outside network and also the replied data from the website that located inside our network. The information will be analyzed for the possible signature to identify the phishing site. The blocking system will then be performed by using the session hijacking technique.
Keywords: phishing detection, automatic phishing site blocking
3. Evolution and requirements for DPI in network security infrastructure.
Bob Wiest (Director of Technical Services, Bivio Networks)
This session examines how policy-centric network security devices such as intrusion detection and prevention systems (IDS/IPS) are deployed using high-performance deep packet inspection (DPI) and processing technology to ensure maximum network traffic awareness and protection.
Keywords: DPI, intrusion detection, traffic awareness, policy enforcement
4.[VCS] Digitalization of Medical Record in Hospitals in Japan (* remote *)
Naoki Nakashima (Department of Medical Informatics, Kyushu University Hospital)
Japanese government had targeted 60% of penetration of electronic medical record system (EMR) in hospitals for 5 years from 2001. However, EMR has been installed only in less than 20% of hospitals in 2007. The government is still strongly promoting digitalization of medical record.
The government started a service of healthcare PKI for hospital to retain medical record authenticity, and formulated information security guidelines of medical information system in past a few years. It is aiming at a 100% of online claim for reimbursement of medical insurance in 2011.
Our hospital, Kyushu university hospital, is one of the biggest hospitals in Japan. We have installed an EMR system developed by Japan IBM Co. at the end of 2007.
In this presentation, I would like to introduce about system concept of new EMR system in our hospital, including confidentiality, integrity, availability, and future issues.