BIRDS-OF-A-FEATHER SESSIONS
Lead or attend a BoF! Meet with your peers! Present new work! Don't miss these special activities designed to maximize the value of your time at the conference. The always popular evening Birds-of-a-Feather sessions are very informal gatherings of persons interested in a particular topic.
Vendor BoFs
Want to demonstrate a new product or discuss your company's latest technologies with USENIX Security attendees? Host a Vendor BoF! These sponsored one-hour sessions give companies a chance to talk about products and proprietary technologyand they include promotional benefits. Email sponsorship@usenix.org if you're interested in sponsoring a Vendor BoF. Click here for more information about sponsorship opportunities.
Scheduling a BoF
To schedule a BoF, simply write the BoF title as well as your name and affiliation on one of the BoF Boards located in the registration area. If you have a description of our BoF you'd like posted on this Web page, please schedule your BoF on the BoF board, then send its title, the organizer's name and affiliation, and the date, time, and location of the BoF to bofs@usenix.org with "USENIX Security '09 BoF" in the subject line.
BoF Schedule (as of August 12, 2009)
Tuesday, August 11, 2009 |
ROOM |
# of seats |
7:00 p.m.– 8:00 p.m. |
8:00 p.m.– 9:00 p.m. |
9:00 p.m.– 10:00 p.m. |
10:00 p.m.– 11:00 p.m. |
Salon 4 & 5 (Level 2) No A/V |
65 |
|
|
|
|
Salon 6 & 7 (Level 3) A/V provided |
75 |
|
|
|
|
Salon Jarry & Joyce (Level A) A/V provided |
75 |
Student Meetup |
|
|
|
BoF Descriptions
Student Meetup
Tuesday, August 11, 7:00 p.m.–8:00 p.m., Salon Jarry & Joyce (Level A)
Calling all students! Join us for pizza, refreshments, and the opportunity to meet with other students. You'll also have the chance to chat with the USENIX leadership and tell us how we can serve you better.
Large-Scale Security Simulation - Requirements and Feasibility Discussion
Jelena Mirkovic, USC/ISI
Wednesday, August 12, 7:30 p.m.–8:30 p.m., Salon 4 (Level 2)
Internet-scale security incidents are becoming increasingly common, and researchers need tools to replicate and study them in a controlled setting. Current network simulators, mathematical event models and testbed emulation cannot faithfully replicate events at such a large scale. They either omit or simplify relevant features of the Internet environment to meet the scale challenge, thus compromising fidelity.
This BoF will explore requirements for a realistic, high-fidelity, large-scale security simulator and the feasibility of their implementation. We will start by describing our work on the large-scale worm simulator called PAWS and its extensions to simulate other security events. PAWS can currently achieve higher fidelity and speed than state of the art simulators thanks to its detailed Internet model and its selective simulation of worm-relevant network events. What would it take to make PAWS into an extensible, customizable community resource such as ns-2?
Security Experimentation on Testbeds
Jelena Mirkovic, USC/ISI
Wednesday, August 12, 8:30 p.m.–9:30 p.m., Salon 4 (Level 2)
This BoF discusses testbed experimentation for security. This is also a
major focus of the CSET workshop on Monday at the USENIX Security Symposium. We will mostly focus on the DETER testbed but will also touch upon other
testbeds and experimental platforms used for security experimentation.
DETER testbed is funded jointly by NSF and DHS and consists of ~400 machines located at USC ISI and UC Berkeley. It has various hardware and software, and a set of experimental tools we developed to lower the learning curve for novice users. Tools consist of traffic generators, routing generators, measurement
tools, several scripting languages for experiment control, and two visualization tools.
We will also discuss recent additions to the DETER testbed: ability to federate with other testbeds for large-scale experimentation, support for risky experiments, and tools to monitor experiment correctness.
Finally, we will discuss our efforts to increase use of testbeds in security education and promote sharing between security researchers.
Virtualization: Discussion Concerning Its Impact on Security and Current Trends
Todd Deshane and Patrick F. Wilbur, Clarkson University
Thursday, August 13, 8:30 p.m.–9:30 p.m., Salon 6 (Level 3)
This discussion will investigate the security pros and cons of virtualization. Pros discussed will include the usefulness of virtualization for secure virtual appliance deployment, convenient sandboxing, and convenient software distribution. Cons will be discussed relating to the additional security demands of virtualization and its weaknesses or complications, including the addition of another exploitable layer, the increased performance overhead, and the reduced granularity of access of control.
While considering the current trends in virtualization technology development and adoption, questions that will be discussed include: Does virtualization have anything additional to offer for enforcing the principle of least privilege (POLP), or for more secure or more convenient sandboxing? Does virtualization offer a more convenient secure software distribution mechanism? In which ways does virtualization unnecessarily complicate securing applications, and in which ways does it simplify application security? In which scenarios is the actual performance impact of virtualization too great for it to be viably used, and in which scenarios is its performance impact outweighed by its potential security benefits?
Security in a Higher Education/Academic Environment (Informal Discussion)
RuthAnne Bevier, Caltech
Thursday, August 13, 9:30 p.m.–10:30 p.m., Salon 4 (Level 2)
|