News
| May 8, 2009: | Program online |
| April 14, 2009: | List of hotels available for download |
| April 2, 2009: | List of Speakers online |
| March 18, 2009: | Flyer available for download |
| March 9, 2009: | Call for participation published |
Scope
The conference covers four thematic areas. In each area, experts will address current issues and set the tone for in-depth discussion.
1. Technical Issues of IT Security
IT systems no longer serve the sole purpose of stabilizing a working environment. Instead, they have become the very backbone of society. Vulnerable systems therefore pose a risk to individuals, companies, and all kinds of modern infrastructure. The first section aims to identify current risk patterns to IT systems, especially from a technical point of view.
Subjects in this section include risks to firewalls, protocol proxy systems, weaknesses of intrusion detection systems, micro fraud schemes, botnet-developments, etc.
2. Individual Victimization and Damages
The impact of cybercrime remains one of the unsolved questions of IT security. Often, individuals are not even aware that they are victims of computer crime. Even if the victimization is perceived, many businesses do not make reports to outside organizations, either because they fear setbacks vis-à-vis their competitors or because they do not know to whom to report. In other cases, the possible gain does not seem to be worth the effort. The aim of the second section is to highlight questions regarding the extent of victimization.
Subjects in this section include the extent of victimization by computer crime, models for the analysis of cyber crime, etc.
3. Future Developments
While botnets and phishing scams are already well-known forms of computer criminality (at least to experts), future threats still remain to be evaluated. The third section of the conference highlights possible developments and implications.
Subjects in this section include cyber terrorism, online radicalization, dangers to supply chains and critical infrastructure, etc.
4. Cultural, Sociological, and Political Implications and Control Issues
The phenomena of cybercrime highlight various aspects of the medium “Internet," some of which can be described as dualisms, for example, “use vs. abuse,” “control vs. freedom,” “co-evolution of security measures and malware.” The unique possibilities of the Internet and the ubiquity of digital media open many different (legal, illegal, and “grey”) possibilities. Society has to cope with those challenges. Furthermore, a successful fight against computer crime and its repercussions can only be fought if the underlying aspects (e.g., phenomena, extent, and possible future threats) are known, and a successful fight can only take place on an international scale since individual actions undertaken at the national level are doomed to failure from the very beginning. The fourth section will cover current and developing measures against computer crime.
Subjects in this section include national and international legal instruments in the fight against cyber crime, technical instruments in the fight against cyber crime (such as data retention and online remote searches), effectiveness of legal instruments (e.g., use of traffic data and surveillance measures in Germany), and possible policy extensions.
List of Speakers
Below you will find a preliminary list of speakers during the conference. All titles of presentations as well as the appearance of speakers are still subject to change. A program of the conference can be found below in the download section of this page.
Area 1: Technical Issues of IT Security
| Andreas Mayer | Indevis | Next Generation Firewalling |
| Jochen Jähnke | MPICC | Hack the MPI |
| Markus Wöhrle | Datadirect | Negligent Security at International Speech and Data Communication |
| Martin Fillers | Dell | Notebook Security |
| Dirk von Suchodoletz | University of Freiburg | GSM and DECT Security |
Area 2: Individual Vicitimization and Damages
| Ramona Rantala | US DoJ | Cybercrime against businesses |
| Hans-Peter Merkel / Armin Reese | HPM Consulting / German Police |
Mass SMS Chat Fraud |
| David Wall | University of Leeds | Cybercrime and the Organization of Crime Online |
| Eneken Tikk (tbc) | NATO CCD COE | DDoS Attacks on Estonia |
Area 3: Future Developments
| Gerhard Schneider | University of Freiburg | Consequences of Cloud Computing |
| Marco Gercke | University of Cologne | Attacks on Critical Infrastructure |
| Lauren Saadat | US DHS | Cyber Security and Privacy |
| Jan Spoenle | MPICC | The Fight against Cyber Crime |
Area 4: Implications and Control Issues
| Katalin Parti | Hungarian National Institute of Criminology | Alterations in danger-awareness along the info communication revolution |
| Amir Alsbih | Kabel BW | Abuse – the other side of the coin |
| Meinrad Rombach | Computer Academy for Lifelong Learning | Laymen's responsibility for IT security |
| Ales Zavrsnik | University of Ljublijana/Slovenia | Criminal justice systems' (over) reactions to cybersecurity threats |
| Soumyo Moitra | CERT/Software Engineering Institute Carnegie Mellon University |
Internet Policy and Security Management |
Venue and Organizational Remarks
The conference will be held on the premises of the Max Planck Institute for Foreign and International Criminal Law in Freiburg i.Br./Germany. Due to its proximity to the airports of Basel/Mulhouse/Freiburg, Stuttgart, Frankfurt, and Strasbourg, the Institute is easily accessible to participants from Germany and abroad.
The conference, which will be limited to 60 participants, will begin on May 12, 2009, at 14:00 and end on May 14, 2009, at 14:00. Proposals for presentations can be submitted immediately. Requests from persons who would like to attend the conference but not to make a presentation will be considered beginning on April 15, 2009 (send request to security09@mpicc.de) and will be granted in the order in which they are received. The results of the conference will be published. If no written material is to be published (e.g., for security reasons), please notify us in advance.