As we head towards the close of the year, the highlight of the anti-virus calendar in Asia approaches. Now in its' fifth year, the Association of Anti-Virus Asia Researchers International Conference will be held in Seoul, Korea on 21 - 22 November. Previous years have seen the event grow to about 180 participants from around the globe.
Following the trend of previous years, several speeches are reports from government agencies in the region. Seung-Cheol Goh of the Korea Information Security Agency will cover the incident response of the Korean Government, with particular reference to the efforts made for the 2002 Korea and Japan World Cup. Zhang Jian of the China National Computer Virus Emergency Response Center will survey the situation in China, including dealing with a new virus found in China and testing of anti-virus products. Shigeru Ishii of the Information technology Promotion Agency in Japan will summarise the results of their computer virus infection surveys in Japan and overseas. The surveys also show usage rates of anti-virus software on clients, servers, groupware and gateways, and rate of pattern file update, which should interest developers, to see how their software is really being used.
As a counterpoint to these government reports, Costin Raiu will present an outsiders' view of anti-virus protection in Asia. What can a Romanian say about Asia? Quite a lot, by using statistics from his "Smallpot" project - a very specific honeypot used to monitor CodeRed, Nimda and Spida infections, Mr Raiu will provide a review of the average security status of the large mass of computers connected to the Internet in Asia.
Larry Bridwell will add data from America to the debate and show how the problem is out of control. I certainly look forwards to seeing what new insights can be gleaned by comparing and contrasting the data from these disparate sources.
Policy is the foundation that information security is built on, and Takuya Yamazaki of the Ministry of Economy, Trade, and Industry Deputy in Japan will present the most current concept and views of information security policy of Japan, indicating the boundary of the role between public sector and private sector.
The management level is also addressed. In the second day keynote speech, Jimmy Kuo will review the year. Always and entertaining speaker, Paul Ducklin will tell us how to avoid being a victim. Looking at blended threats, Motoaki Yamamura will provide a big picture view of what computer systems managers need to know now in order to stay ahead of emerging viruses and hacking techniques.
Some presentations are definitely heading towards the technical aspects. Alex Shipp will discuss the different strategies useful for desktop and Internet level anti-virus protection. Randy Abrams will describe and demonstrate the automated virus scanning system in use at Microsoft. Jong Purisima addresses the increasing problem of malware that targets systems as a whole and the future of System Disinfection.
Naming, apart from providing a rare opportunity to quote Shakespeare in an anti-virus context, has been a controversial topic for a long time. Nick FitzGerald will take the rose by the thorns and make the first public presentation of the Revised CARO Naming Convention.
Then there are the firmly technical speeches. Vesselin Bontchev and Katrin Tocheva give the keynote speech on the first day, discussing the future of macro and script polymorphism. Last year, Dr. Bontchev's keynote on the responsibilities of the anti-virus researcher prompted some debate so I am sure this will be an eye-opener.
Won-Hyok Choi will discuss how to detect and repair viruses that hook the Windows API and attack Win32. Turning this around, Yoshihiro Yasuda will consider the appropriate Win32 hooking that can be used for malware analysis and the design of research tools.
SiHaeng Cho will discuss the influence of double-byte character sets in script viruses and worms, and how to prevent this from influencing the integrity of anti-virus software. Completing the line-up, Myles Jordan will discuss metamorphism, its evolution and the application of a meta-heuristic system to detect this latest generation of viral techniques.
The programme also features a panel discussion, banquet, the AVAR AGM and a hospitality programme. Overall, the programme covers the full range, from Government policy down to the last technical bit. To close with the words of the Conference Chairman, Charles Ahn, "The dream of building a robust information society can become a reality only when information security is guaranteed, and I believe, the 5th AVAR International Conference will be the small yet meaningful step toward that dream."
- Conference: AVAR 2002
- Dates: 21-22 November 2002
- Venue: Ritz-Carlton Hotel, Seoul