ACSAC Update

Today’s the last day of ACSAC, and so far, the conference has been pretty good. For me, the highlights have been the plenary speakers:

  • Wednesday morning, Doug Maughn of DHS opened the conference with an interesting talk about the problems of taking research projects and commercializing them.
  • Wednesday evening, Giovanni Vigna of UCSB revisited his NetStat paper with some interesting observations about the state of network intrusion detection… which contrary to some reports isn’t dead… it’s just been renamed botnet detection.
  • Wednesday evening there was also moving tributes to two of the computer security luminaries we lost in the last year: Paul Karger and Bob Arnold.
  • Thursday morning, Tom Longstaff spoke about the lack of the scientific method in Computer Security and Computer Science. I’m not sure I agree with him, but it was a provacative talk. In some sense, Computer Science is as much science as Software Engineering is engineering.
  • Thursday evening, Ches (Bill Cheswick) gave an entertaining talk about his history and of Berferd.

I also attended an interesting paper session on security in social media, and to that end, I’d like to highlight an interesting exporation of bots on Livejournal.

Lastly, a question for folks reading my journal. I’ve had the suggestion to rename the tutorial program to increase attendance. Which of the following names would make you more likely to attend the Monday/Tuesday educational program: