Title Joint Workshop of Security and Network Engineering
Chair Yoshiaki Kasahara [kasahara@nc.kyushu-u.ac.jp]
Rahmat Budiarto [rahmat@cs.usm.my]
Yasuichi Kitamura [kita@jp.apan.net]
Objective To increase a network security awareness among APAN community members
-To exchange experience and knowledge in network security technologies and issues
-To encourage security related collaboration between APAN community members
Target Audience Researchers, Scientists, Network Engineers
Expected No. of Participants 30-50
Session Chair & Speakers First slot: NOC Security (4 speakers) Chair: Yasuichi Kitamura
Second slot: Network Security (4 speakers) Chair: Yoshiaki Kasahara

1st Session--Chair: Yasuichi Kitamura [kita@jp.apan.net]

1. Title: Developments with the REN-ISAC and our Peakflow SP

Presenter: John Hicks

Security is a critical part of any network deployed today. Appropriate levels of insuring the security and integrity of the network infrastructure and protecting connected cyberinfrastructures against threats that transit the network are required. TransPAC2 works in concert with the Research and Education Networking - Information Sharing and Analysis Center (REN-ISAC) to analyze security issues and take appropriate actions. This talk will concentrate on the REN-ISAC tools and operational procedures.

2. Title: New technologies of lightning's prevention and protection during the electrical storms. other files

Presenters: Angel Rodriguez and Jacobe Rodriguez

Lightning causes every year repeated accidents and destruction in all kinds of structures and buildings even protected by Franklin lightning rods. The most damaged structures every year are the telecommunication towers. The current Lightning rod systems like Franklin, guarantee neither the apprehension of the lightning nor the intensity of this one. Every lightning impact generates electromagnetic direct and indirect dangerous effects for the persons and facilities. The current of exhaust generates returns and dangerous tensions in the capture of land.
The investigations on the lightning phenomenon in different geographical, keraunical conditions, and in structures confirm that before the lightning impact, there is high tension electrical progressive field in the structures or buildings. Electrical high tension field is the causer of the top effect's generation, air ionization or Leader effect, formation of the tracer and canalizes the lightning impact in land. The conclusions of the study are "If electrical field does not exist in land, the lightning has not been formed" The new technologies of deionizer lightning rod of charge "CTS" remove the electrical field of the structures to land. The aim is to avoid the Leader formation, and this effect is obtained reducing the electrical field in the highest point of the structures and buildings. 48 facilities of lightning rod deionizers of charge, laboratory and field tests, demonstrate that the new technologies are effective and annul the lightning impact in a radius of 120 meters. The climatic change is modifying the storms seasons and with it, the lightning activity. It is necessary to adapt the protection technologies to guarantee the safety of the persons and to reduce accidents in the industry in general.

3. Title: VPN construction with independence of client environment

Presenter: Shin Takeuchi

Virtual Private Network (VPN) is a technology to construct safe communication pipe over public networks. For construction of VPN, software for example OpenVPN is easily used, that does not need any expert knowledge. However, client side has to pass many procedures such as configuration and negotiation, with construction of VPN. In this research, we propose an application that supports VPN-client configuration, and that the composition of VPN-client/server is changed by the client environment. We also implemented the prototype of the proposal method, and show that the client can easily construct VPN without relaying fixed VPN-server.

4. (IP traceback experiment report)

Presenter: Hiroaki Hazeyama

IP traceback is a tracking technique the true forwarding path of packets/flows, even if the target packet is source-spoofed. Now we are trying to deploy a hash based IP traceback and an ineter-AS traceback exchange architecture in the real internet, with 3 Japan comercial ISPs and WIDE backbone. In this presentation, we breifly present our activity.

2nd Session--Chair: Yoshiaki Kasahara [kasahara@nc.kyushu-u.ac.jp]

5. Title: JEnterprise Suite for Network Security (* remote *)

Presenter: Sureswaran Ramadass, Rahmat Budiharto, M. Ahmad and M. Selvakumar.

While the security world looks to prtecting a network from the outside world and the Internet, security within the network and from internal users is still quite vunerable. The Jenterprise Suite looks to providing protection and intelligent analysis of the oranisations internal network.

6. Title: The NoAH project - a European platform for cyberattack detection and containment

Presenter: Catalin Meirosu

The NoAH (European Network of Affined Honeypots) project is developing an infrastructure for security monitoring based on honeypot technology. The NoAH project integrates low-interaction and high-interaction honeypots in a geographically-dispersed early warning system. In addition, a program (known as honey@home) that redirects traffic sent to unused IP addresses in a network towards the NoAH infrastructure was developed by the group at ICS/FORTH. The high-interaction honeypot is based on the Argos emulator, developed by the collaborators from the Vrije Universiteit Amsterdam. The presentation will describe the overall NoAH architecture. The Argos and honey@home components will be presented in more detail. The strategies for generating signatures for the attacks will also be described.

7. Title: Proposal of New Benchmark Data to Evaluate Mining Algorithms for Intrusion Detection

Presenters: JungSuk Song, Hiroki Takakura

Although KDD Cup '99 data set has been long utilized for evaluating data mining algorithms, there exist several shortcomings. For example, simulated attacks are so old that the set cannot reflect current malicious activities. Furthermore, we show its insufficient characteristics for evaluation purpose. To solve these problems we will propose new data set retrieved from real environment. By utilizing IDS and honeypots deployed on the real network environment, fresh data set which includes a large number of false positive alerts is obtained.

8. Title: The Philippine Honeynet Project Experience

Presenters: Ryan Talabis, John Ruero

The Philippine Honeynet Project is a non-profit, all volunteer group dedicated to honeynet and security research. We are currently a member in the Honeynet Reseach Alliance (http://www.honeynet.org. The Philippines Honeynet Project used Gen III technology (ROO) as the cornerstone of our honeynet. The objectives of the Philippine Honeynet Project are: - To determine and highlight any unique findings, attacks, tools and methods through the Philippine Honeynet Project; - To learn about attacks and threats that characterize and/or predominate in the Philippine setting; - To learn of techniques and motivations of the blackhat community, specially those targeting Philippine organizations; - To study threats and attack trends to provide an "early warning system" for Philippine organizations; - To provide training for Philippine organizations on how to improve their security against cyber threats; and - To provide students and IT professionals here in the Philippines an experiment environment to learn about real-world attacks.

*: topics are subject to change by status of candidate speakers
Remarks(including Special arrangements if Any) LCD Projector, wireless Internet access, enough power strips to accomodate the number of laptops expected

Last Updated 30 Jan 2007