Modern Malware: Underlying Causes and Potential Solutions: Difference between revisions

“Fighting Modern Malware”

Santa Fe Institute Workshop November 1-2, 2006

Modern malware is a serious problem. It affects consumers whose personal information is stolen and privacy violated, financial institutions, businesses and governments. It is a complex problem involving economic, legal and technical issues. The development of new technologies and the arms race between attackers and defenders make it very dynamic.

Complex problems like these are best understood by examining the fundamental principles at work. And that requires both gathering information from many perspectives and having time to reflect on the issues.

The Fighting Modern Malware workshop at the Santa Fe Institute is a forum for this work. It will pull together highly qualified contributors from a range of disciplines relevant to the malware problem (technical, legal, policy, consumer, law enforcement etc.) and give them the structure and time to delve deeply into the problem and possible solutions.

The goals for the workshop are for each attendee to collaborate in creating a deep analysis of the current landscape, an understanding of future trends and fresh insights into successful defence strategies.

The workshop will take place over two days. On the first day we will gather data and sharpen our understanding through a series of presentations and discussions touching on the main aspects of the problem. On the second day we will reflect on the information shared, constructing models of the malware ecosystem. Our aim is to produce tangible output (pictures, flow diagrams, documents, etc.) embodying the accumulated knowledge and insights created at the workshop.

’’’TENTATIVE AGENDA’’’

’’‘October 31:’’’

6:00 – 8:00 p.m. Welcome reception, drinks and snacks, Hotel Santa Fe

’’‘November 1:’’’

8:00 – 9:00 a.m. Registration & Buffet Breakfast, Santa Fe Institute

9:00 – 9:10 Welcome, C. C. Wood, SFI Vice President

9:10 - 9:30 Meeting Overview and Introductions, Matthew Williamson, Principal Scientist, Sana Security and Esther Dyson, Release 1.0

9:30 – 10:00 Malware Landscape and Trends, Andy Lee, CTO ESET

10:00 – 10:30 Break

10:30 – 12.00 p.m. Financial aspects of the malware problem • Phishing Exposed, Lance James, CTO, Secure Science Corporation, author of “Phishing Exposed”

• Money Laundering and Internet Crime, TBD

• What Modern Malware means to a Large Financial Institution. William Edwards, CSO TD Ameritrade 12:00 – 1:30 Lunch

1:30 – 3:00 Consumer/Legal aspects • Legal/Policy issues for Malware/Spyware, Alissa Cooper, Center for Democracy and Technology

• Malware and Government, Eileen Harringon, Federal Trade Commission

• Malware and Google, Eric Davis, Google

3:00 – 3.30 Coffee break

3:30 – 4.30 Enterprises and Vendors • Malware and the Enterprise, Bob Gleichauf, CTO for Security, CISCO Systems • Comparative Analysis of Anti-Malware Technologies, Matthew Williamson, Principal Scientist, Sana Security

4:30 – 5.00 First day wrapup

7.00 Group Dinner, The Railyard, Santa Fe

’’‘November 2:’’’

8:00 – 9:00 a.m. Buffet Breakfast, Santa Fe Institute

9:00 – 9:30 Introduction and planning for Day 2, Matthew Williamson and Esther Dyson

9:30 – 12:00 Discussion and Breakout Session – Landscape [10:00 – 10:30 Coffee Break]

12:00 – 1:00 p.m. Lunch

1:00 – 2:30 Breakout Session – Trends

2:30 – 3:00 Reports from Breakout Sessions

3:00 – 3:30 Coffee Break

3:30 – 4:30 Breakout Session – Solutions and Next Steps

4:30 – 5:00 Wrap up