Working Agenda

Working Agenda
** Please Note, the agenda is a work in progress till just before the meeting.  We will add sessions as they are accepted but most of the details will not be updated before August.
Sunday, 15 September  
Early Bird Registration  
Early Bird Reception Join us to start our discussions and meet the other attendees at a reception in the hotel Sunday afternoon.
Monday, 16 September  
8:00 Registration  
9:00 Welcome and Opening Remarks Peter Cassidy
  APWG Cybercrime Assessment
9:15 Phishing, Spear-Phishing and Advanced Persistent Threats: What's Old is New Again. Dave Jevans
9:45 Trojans in the Wild: Stalking the New Mutations Limor Kessem
RSA Security
10:15 Break
10:50 Achieving Zen with a new Security Venn Dan Hubbard
11:20 The Bot-Infected Systems Alerting and Notification System Pat Cain
11:50 Member Data Resources Report:
  • Phishing Reports Application and API
  • Malicious Domain Suspension Requests
  • Botnet Data Exchange
  • Building Toward a Response Without Frontiers

Mike D'Ambrogia

12:20 Lunch Break
13:30 A French Connection:
Global Mustering Meeting of the STOP THINK CONNECT Messaging Convention
Michael Kaiser
NCSA/STOP THINK CONNECT Messaging Convention
14:00 Takedowns: We're Doing It Wrong! Przemek Jaroszewski
CERT Polska
  Maximal-Scale Safety and Security Infrastructures
14:30 DMARC and Email Authentication as a Proactive eCrime fighting Mechanism: Exploring its Usefulness and Limitations Ken Takahashi
15:00 The Science and Engineering of Global-Scale Reputation and Intelligence Systems Jeb Haber
15:30 Networking Break
16:00 APWG Steering Committee Meeting  
  All registered attendees from APWG Steering Committee member organizations and invited guest are invited to attend this meeting. Expect the meeting to run about 1.5 hours.
18:30 Steering Committee & Speaker Dinner  

After the Steering Committee Meeting all of our speakers are invited to join the Steering Committee as our guest for a special dinner hosted at the California Academy of Sciences.
We will meet to catch the shuttle busses at 6:30 PM for our tour to begin at 7:00 PM. After the tour we will have dinner and return via the same courtesy shuttle around 9:30 PM

Tuesday, 17 September  
8:30 Registration  
9:30 Welcome and Opening Remarks Foy Shiver
  eCrime Research Summit Day One
9:45 Why Today's Spam Filters Fail to Catch 419 Spam Markus Jakobsson
10:20 Put the F@ckers in Jail, Part Deux!
Direct-to-Prosecutor Referrals

Robert Capps II

Eric Boles

10:50 Break
11:20 Beyond the Machine: The Science of Security and Human Behavior

Nathan Good

Jens Grossklags
Penn State

Markus Jakobsson

Serge Egelman
University of California, Berkeley

Rainer Böhme
Universität Münster

12:10 eCrime Research Paper Presentations
  Password Advice Shouldn't Be Boring: Visualizing Password Guessing Attacks Leah Zhang-Kennedy
Sonia Chiasson and Robert Biddle
Carleton University
  Voice of the Customer: What is the Real Experience? Brad Wardman
Lisa Kelly and Michael Weideman
  Case Study:
$1.00 per RT #BostonMarathon #PrayForBoston: Analyzing Fake Content on Twitter
Aditi Gupta
Hemank Lamba and Ponnurangam Kumaraguru
Indraprastha Institute of Information Technology
  Case Study:
10v3.c0ns: A Criminological Investigation of Online Dating Crimes
Aunshul Rege
Rutgers University
13:15 Behavioral Aspects Segment Review, Questions and Wrap-Up
13:30 Lunch
14:15 Technologies and Techniques of eCrime Response and Investigation
  An Intelligence-Lead Approach to Defending Against DDoS Attacks John LaCour
  eCrime Research Paper Presentations
14:45 A Notation for Describing the Steps in Indicator Expansion Jonathan Spring
Carnegie Mellon University (CERT)
  Favicon: A Clue to Phishing Sites Detection

Guanggang Geng and Wei Wang
Computer Network Information Center
Chinese Academy of Sciences

Xiaodong Li
China Internet Network Information Center

Shian-Shyong Tseng
Asia University

  Empirical Analysis of Factors Affecting Malware URL Detection

Marie Vasek and Tyler Moore
Southern Methodist University

15:45 Break
16:15 Case Study:
Preventing Detection of Malicious Content Via Geolocation-based .htaccess Restriction

Aaron Sommer
Internet Identity

  Phish-Net: Investigating Phish Clusters Using Drop Email Addresses

Shams Zawoad,
Amit Dutta,
Alan Sprague,
Ragib Hasan,
Jason Britt and Gary Warner
University of Alabama at Birmingham

  eCrime Research Paper Presentations:
eCrime Economics
  Honor Among Thieves: A Common's Analysis of Cybercrime Economies

Sadia Afroz, Rachel Greenstadt
Drexel University

Vaibhav Garg
Indiana University

Damon McCoy
George Mason University

  Modeling Malicious Domain Name Take-down Dynamics: Why eCrime Pays Jonathan Spring
Carnegie Mellon University
17:30 Tuesday Ending Announcements
  Birds of a Feather (BOF)  
  Botnet Data Exchange for Botnet Node Remediation and Network Reputation Ranking Pat Cain

John S. Quarterman
Quarterman Creations
19:30 Award Dinner  
  Registered attendees for CeCOS, Speakers and Staff are invited to join us for refreshments and dinner this evening at the hotel.
Wednesday, 18 September  
9:30 Welcome and Opening Remarks Foy Shiver
  The Technology and Techniques of eCrime
9:35 Global Phishing Survey: Trends and Cybergang Domain Name Abuse in 1H2013

Rod Rasmussen

Greg Aaron

10:15 eCrime Research Paper Presentations:
eCrime Economics (Continued)
  An Inquiry into Money Laundering Tools in the Bitcoin Ecosystem Malte Möser, Rainer Böhme and Dominic Breuker
University of Münster
  An Exploration of the Factors Affecting the Advertised Price For Stolen Data

Thomas Holt
School of Criminal Justice, Michigan State University

Olga Smirnova
Department of Political Science, East Carolina University

Yi-Ting Chua
School of Criminal Justice, Michigan State University

  Folex: An Analysis of an Herbal and Counterfeit Luxury Goods Affiliate Param Mohammad Karami, Shiva Ghaemi and Damon McCoy
George Mason University
11:15 Break
  Infrastructure and Cybercrime Management Segment
11:45 After The Gold Rush : Cui bono? Neil Schwartzman
12:10 ccTLD Abuse Management Protocols and Practices

John Crain

Piotr Kijewski
CERT Polska

Don Blumenthal

Hiro Hotta
Japan Registry Services

Roy Arends

13:00 Lunch
14:00 Case Study:
Monitoring a Fast Flux Botnet Using Recursive and Passive DNS: A Case Study
Dhia Mahjoub
14:30 Privacy/Proxy/Perfidy: Measuring What Criminals
(and Non-criminals) Record in Domain Whois Data
Richard Clayton
Cambridge University
  Internet Policy Committee - Programs in Development Review
15:00 Moderator:
Rod Rasmussen

Greg Aaron


15:45 Closing Announcements
Special Sessions:
ICANN Security, Stability, and Resiliency Update
On Thursday ICANN will host a half day update on policies and discussion topics of particular interest to the APWG Members
Thursday, 19 September  
10:00 Opening Remarks Dave Piscitello
  WEIRDS: Successor to Whois Protocol Murray S. Kucherawy
  New Registrar Accreditation Agreement Margie Milam
  ICANN Expert Working Group on WHOIS Rod Rasmussen
Internet Identity
  Abuse Recidivism in Domain Registrations Christopher Davis
The Secure Domain Foundation
13:30 Closing Refreshments and Open Discussion
SILVER SPONSOR StubHub! StubHub! ReturnPath
BRONZE SPONSOR PhishLabs RiskIQ VISA BrandProtect Wombat Security
PROGRAM SPONSORS Organization of American StatesSTOP. THINK. CONNECT.