Bill Cheswick logged into his first computer in 1969 and has worked on operating system security for more than 25 years. Since joining Bell Laboratories in 1987, he has worked on network security, PC viruses, mailers, the Plan 9 operating system, and kernel hacking. With Steve Bellovin, he co-authored the first full book on Internet security, Firewalls and Internet Security, Repelling the Wily Hacker. Cliff Stoll has called Ches "one of the seven avatars of the Internet." Ches's current work includes various Internet munitions, a new edition of the book, and maybe a way to hunt down anonymous denial-of-service attacks.

A Comparison of Methods for Implementing Adaptive Security Policies
Brian Loe and Michael Carney, Secure Computing Corporation

The CRISIS Wide Area Security Architecture
Eshwar Belani, Amin Vahdat, Thomas E. Anderson, Michael Dahlin, University of California at Berkeley

The computer security products market is expected to grow from a $100m/year market in 1995 to a $1b/year market by the year 2000. Such a magnitude in growth will trigger major changes in the industry. I will outline the main factors influencing different aspects of the security products market, and describe how those factors are likely to direct product and technology trends.

Bro: A System for Detecting Network Intruders in Real-Time
Vern Paxson, Lawrence Berkeley National Laboratory

Cryptographic Support for Secure Logs on Untrusted Machines
Bruce Schneier and John Kelsey, Counterpane Systems

StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks
Crispan Cowan, Oregon Graduate Institute

Data Mining Approaches for Intrusion Detection
Wenke Lee and Salvatore J. Stolfo, Columbia University

Because of buggy, vendor-supplied software, someone breaks into your site and causes damage. Who is liable? You? The hacker? The vendor? Some real live lawyers will try to answer this question.

Panelists: Ed Cavazos, Interliant Corporation Others to be announced.

Securing Classical IP Over ATM Networks
Carsten Benecke and Uwe Ellermann, Universitaet Hamburg, Fachbereich Informatik

A Java Beans Component Architecture for Cryptographic Protocols
Pekka Nikander and Arto Karila, Helsinki University of Technology

Secure Videoconferencing
Peter Honeyman, Andy Adamson, Kevin Coffman, Janani Janakiraman, Rob Jerdonek, and Jim Rees, CITI, University of Michigan

In theory, the security of most Public Key Cryptosystems is based on the assumption that a number theoretical problem (such as integer factorization or computing discrete logarithms) is hard. In practice, when using Public Key Cryptosystems to secure Internet traffic for instance, the situation is not so clear. In this talk I will discuss various security assumptions and I will show how our credulity may lead to interesting business opportunities.