Workshop on "Internet Crime: Prevention, Detection and Investigation"

As businesses and other institutions increase their online presence and dependency on information assets, the number of computer incidents also rises. Consequently, businesses and organizations are finally increasing their security postures. Waiting until the incident occurs is too late to begin planning how to address the situation. Incident response planning requires both administrative and technical roles. Both parties need to be familiar with the other's role, responsibilities and capabilities. In addition, technical people need to have a current understanding both of the specific environment of the organization and of the current state of the attacks that are likely to be experienced.

Responding to this need, AIT's Internet Education and Research Laboratory (intERLab) is organizing a workshop on the theme "Internet Crime: Prevention, Detection and Investigation" from 16-19 October 2007 at the Asian Institute of Technology (AIT), located in Pathumthani, 40-km north of Bangkok.

A Pre-workshop Open Seminar on 16 October 2007 will be devoted to the topic "Underground Economy" and participants can learn the extent and nature of financial crimes on the Internet, as explained by Team Cymru (http://www.cymru.com). This Open Seminar will be held at Room B-108, AIT Conference Center from 9:30 am –12:30 pm.

The main Workshop at the intERLab Training Center will take place on 16 October from 2:00 – 4:30 pm, and on 17-19 October from 9:30 am – 4:30 pm. The instructors for the workshop will include members from APNIC, ICANN, JPCERT/CC, Team Cymru and intERLab researchers.

This workshop will provide a venue for exchange of information on internet crime, sophisticated methods used by cyber criminals and the techniques used to perpetrate them and how to tackle, reduce and stop it. It will also include presentations by invited speakers and hands-on exercises. Law enforcement and user education are playing an important role in the fight against Internet crime but face an uphill battle in an Internet infrastructure famously designed with insufficient regard for security issues.

Target audience:

Law enforcement or legal staffs, security officers from financial institutions targeted by Internet crime, system and network administrators, and technical staff members who manage or support networked information systems.

Topics to be covered:

1. Discussion on the Anatomy of a network attack, including:

- Botnets
- Malware
- DDoS attacks and
- Spam

2. Tutorial on using the ‘whois’ database and interacting with the RIR.

3. Case study on tracking and identifying attackers using domain names and IP addresses.

4. Incident management and the interaction with CERTs by JPCERT/CC, including:

- Decision Support System
- Information Providing System
- Traffic Monitoring System

5. Discussion on network forensics, analysis and tools.

6. Tutorial on Anti-Spam.