1. Welcome to Cybersecurity CASCON, Toronto October 17, 2005

2. What is cybersecurity? Ü policies for the security of citizens and society in electronic communications, transactions and interactions. Source: http://cybersecurity.jrc.it/CyberSecurity.htmlhttp://cybersecurity.jrc.it/CyberSecurity.html Ü Potential subareas:  Digital identity management and privacy Digital identity management and privacy  Trustworthy eGovernment and consumer protection information systems Trustworthy eGovernment and consumer protection information systems  Digital evidence systems for combating cybercrime Digital evidence systems for combating cybercrime  Information infrastructure interdependencies and risks Information infrastructure interdependencies and risks  E-Health E-Health

3. What is cybersecurity (part 2) Ü Information assurance, including information security, information technology disaster recovery, and information privacy. Source: Bitpipe Ü Areas:  Cyberterrorism Cyberterrorism  Data Security Data Security  Disaster Recovery Disaster Recovery  Homeland Security Homeland Security  Intrusion Detection Intrusion Detection  Intrusion Prevention Intrusion Prevention  Privacy Rights Privacy Rights

4. Key Concepts  A vulnerability is an error or a weakness in the design, implementation, or operation of a system.  A threat is an adversary that is motivated to exploit a system vulnerability and is capable of doing so.  Risk refers to the likelihood that a vulnerability will be exploited, or that a threat may become harmful Source: Cybersecurity: Today and Tomorrow

5. Goal of this workshop Ü Nurture discussion amongst diverse members interested in cybersecurity Ü Exchange information Ü Network Ü Advance an agenda for a national information and network security research network Ü Have fun!

6. Some people to thank Ü IBM CAS  Julie Waterhouse, Jen Hawkins Ü Organizers:  Walid Rjaibi (IBM)  Jacob Slonim (Dalhousie)  Paul Von Oorschot (Carleton)  David Lie (Toronto, ECE)  David Evans (Dalhousie)  John McHugh (Dalhousie)  Michael McAllister (Dalhousie)  Rosa Esteireiro (ECE, Toronto)

7. Some people to thank (Cont’d) Ü FISIC (Forum for Information Security Innovation in Canada)  Craig Hillier (Bell Canada) Ü MITACS  Jim Brookes

8. Today’s Agenda Ü 8:30-9:00 Registration + Networking  (Registration opens at 8:00) Ü 9:00-9:15 Workshop Introduction Ü 9:15-9:45 Talk #1: Elias Levy (Symantic):  Dionaea: On the automatic collection of malicious code samples through honey pot farms. Ü 9:45-10:15 Talk #2: Paul Van Oorschot (Carleton University):  Information Security 2105 Ü 10:15-10:30 Break Ü 10:30-11:45 Short research intros from attendees (about 3 minutes each) Ü 12:00-1:00 Lunch (Provided)

9. Today’s Agenda Ü 1:00-1:30 Talk #3: Bob Blakley (IBM):  TBA Ü 1:30-2:00 Talk #4: John McHugh (Dalhousie University): ]  Network Awareness and Network Security Ü 2:00-2:30 Talk #5: Bill Aiello (University of British Columbia):  Enterprise Security: A Community of Interest Based Approach Ü 2:30-2:45 Break Ü 2:45-3:50 Jim Brookes  Canadian security research networking session Ü 3:50-4:00 Wrap-up

10. Mini-presentations 1. Lewis Robart and David Gibson, Industry Canada 2. Stefan Saroiu, University of Toronto 3. Eric Yu, University of Toronto 4. Michel Barbeau, Carleton University 5. Rene Struik, Certicom 6. Stephan Neville, U of Victoria 7. David Lie, University of Toronto 8. Marsha Chechik, University of Toronto 9. Hugh Williams, U of Calgary 10. Urs Hengartner, Waterloo 11. Ashraf Matrawy, Carleton 12. Jose Fernandez, Ecole Polytechnique de Montreal 13. Mark Perry, Western 14. Nadia Tawbi, Laval 15. Andrew Patrick, NRC 16. Gord Agnew, Waterloo 17. Patrick Hung, UOIT 18. Konstantin Beznosov, UBC 19. Victor Ralevich, Sheridan College 20. Andrew Marshall, TD 21. Ken Barker, Univ. of Calgary