1st session Chair: Yoshiaki Kasahara [kasahara@nc.kyushu-u.ac.jp]
1.Title:
Design and Implementation of Large Scale URL Filtering 
Speakers: Kasom Koth-Arsa2, Surachai Chitpinityol1, Surasak Sanguanpong1,
Anan Phonphoem1, and Chalermpol Chatampan1
^1Office of Computer Services, Kasetsart University, Bangkok, THAILAND
^2Faculty of Engineering, Kasetsart University, Bangkok, THAILAND
A web filtering is one of a mandatory system for control and managing Internet
access under necessary situations and security reasons (such as Phishing
sites). The filtering system should be able to detect and restrict web
accesses, based on the administrative criteria, to both inside and outside
organization's web servers despite of such traffic would connect through any
web proxy or not. Currently, many web hosting sites deploy virtual hosts or
share the same host names which cause the web filtering system based on only
target IP addresses to come up with the undesired fault-positive match
results. Although URL-based filtering can be solved using proxy servers; but
it would be not appropriate for the case of large traffic volume and a large
number of URLs to be filtered.
In this presentation, we will explain a system design and implementation of
“pass-by” URL filtering technique. Pass-by filtering offers inspection and
filtering web traffic without interfering legitimate Internet access. We
present the system's design and architecture which is able to handle maximum
268 million URLs on a single machine. URL compression techniques based on
delta encoding is the key component to handle a large number of URLs solely in
the main memory without access to secondary storage. Finally, we describe an
implementation which has been deployed to an International Internet Gateway
and show the collected statistics of 4.6 Gbps peak aggregated traffic with
around 64K packets per second of HTTP requests.
2.Title:
Experiences in Deploying Machines Registration and Integrated Linux
Firewall with Traffic Shaper for Large Campus Network 
Speakers: Surachai Chitpinityol1, Kasom Koth-Arsa2, Surasak Sanguanpong1,
Pirawat Watanpongse2, and Chalermpol Chatampan1.
^1Office of Computer Services, Kasetsart University, Bangkok, THAILAND
^2Faculty of Engineering, Kasetsart University, Bangkok, THAILAND
The presentation will be divided into two parts: the SMART system and the
Experiences in using Linux firewall and traffic shaper.
For a large scale campus network, registering and managing network hosts is
not a trivial task. Simple Machine Address Registration Tools (SMART) has been
developed for the network administrator to easily take care of the task. Each
user has to register his/her network interface card's MAC address once in
advanced before allowing access to the Internet. During the registration
process, SMART will update the RADIUS server's configuration database in
real-time. SMART will only grant the permission to the registered machine for
network access.
SMART is composed of three main components: “command center”, “overlord”, and
“observer”. The command center is a centralized database for recording the
registered user and equipment information. The overlord is the policy
enforcement unit that redirects any web request of the unregistered equipments
to the command center web interface. The observer is the monitoring unit to
detect any anomaly usage such as sync flood or port scanning. If any suspected
misuse has been detected, the observer will report the incident to the command
center which trigs the overlord to perform a blocking procedure.
For the Linux firewall part, the system is deployed on the large scale campus
network which composes of more than ten thousand active hosts, five hundred
thousand active network connections, and gigabit per second of aggregate
network throughput. The network topology and how Linux firewall deployment as
a traffic shaper will be discussed in details (such as P2P shaping). Finally,
we conclude with the challenges, experiences, and comments on the future
direction.
2nd session Chair: Yasuichi Kitamura [kita@jp.apan.net]
3. (spam statistics report from APAN Tokyo XP)
Takatoshi Ikeda, KDDI
APAN Tokyo XP is managing some mailing lists for managing the APAN
network operation. The mailing list accounts should be opened for
accepting a lot of requests from the researchers. But, unfortunately,
the account is very easy to get for the spam generators, too.
ops@jp.apan.net is one of the most important and active accounts at
Tokyo XP and it's the target of the spam generators. In this report,
we will report the statistics of the spam mails at Tokyo XP.
4. Title:
The design of connectivity detect system by reuse of SPAM Mail

Speakers: Koji Okamura and Hiroaki Towata (Kyushu Univ., Japan)
This presentation explains the system which can detect connectivity of
Internet using many SPAM Mail over Internet. The authors show the
design how to reuse useless SPAM Mail for management of Internet and
have discussion to collaboration between another organizations in APAN.
5. (TBD)