The Forum of Incident Response and Security Teams (FIRST, http://www.first.org/) is a global organization dedicated to bringing together computer security incident response teams (CSIRTs). The annual FIRST conference not only provides a setting for participants to attend tutorials and hear presentations by leading experts in the CSIRT community, it also creates opportunities for networking, collaboration, and sharing of technical information. Equally important, this conference enables the attendees to meet with their peers and build trusted relationships. FIRST continues to enjoy a steady increase in membership internationally and is represented by teams from government, commercial and research/educational communities.
FIRST conference participants include not only CSIRT staff, but also IT managers, network and system administrators, software and hardware vendors, security solutions providers, telecommunications organizations, ISPs, and general computer and network security personnel. FIRST conferences cover a number of different areas such as (but are not limited to):
- advanced techniques in security incident prevention, detection and response.
- latest advances in computer and network security tools.
- shared views, experiences, and resolutions in the computer security incident response field.
The conference is a five-day event, comprised of two days of Tutorials, three days of Plenary sessions focused on either Business or Technical issues. These include paper presentations, keynote speeches and/or panel discussions.
The theme for the 2006 conference is Sharing Intelligence in Global Response working smarter and sharing knowledge in this environment, finding ways to further our initiatives on collaborative and cooperative approaches to find solutions to the problems we face in computer and network security incident response.
Conference presentations are generally 30-45 minutes in length, including any Q&A session.
The conference language is English.
The program committee welcomes original contributions on network security for refereed paper presentations, tutorials, invited talks and panel sessions, and can include topics such as:
- Incident Response
- Response Team Operational Issues and Tools
- Response Team Cooperation, Methods and Techniques for information sharing, collaboration and discussion of legal issues
- Traffic monitoring, detection, and real-time situational awareness
- Vulnerability Handling
- Software assurance
- New Technologies
- New Vulnerabilities
- Risk Assessment and Information Analysis
- New threats and incident trends
- Lessons learned from establishing National Teams
Process of Selection
The program committee will evaluate papers, tutorials, and panels based on quality and relevance. All submissions are held in confidence prior to publication in the proceedings.
Submissions received after the deadline (see Important Dates below) will not be considered unless an extension has been granted by the program chair. Where employer, client, or government authorization is needed, it is the responsibility of the author(s) to obtain such authorization prior to submitting the final materials.
Accepted papers will be presented by their author(s) and will be published in the conference proceedings. The proceedings are provided free of charge to conference attendees. The papers will also be published on the FIRST Members portion of the website. These are restricted to the FIRST membership until 01 January 2007, after which time the documents will be publicly accessible on the FIRST website.
FIRST requires a non-exclusive copyright license for all the papers presented at the conference and for the presentation materials. This includes distribution on the conference CD-ROM and the FIRST website.
Two tutorial tracks are planned. Tutorials should have either a technical or business/management focus. Technical tutorials should be targeted at a technical audience consisting of IT or security professionals. Business tutorials should be targeted for an audience of directors, managers, policy makers, legal and law enforcement staff, and IT professionals who may have managerial responsibilities. Ideas for subject matter may be pulled from the example topics listed above.
Tutorials may be a half or full day in length and can cover topics either at an introductory or advanced level.
All tutorial submissions will be handled electronically. Authors should email the completed submission form (available on the FIRST website) to: first-2006papersfirst.org
Authors are invited to submit papers in PDF format (RTF and HTML are also accepted). The length should not exceed 12 pages typeset in a 12-point font. A detailed extended abstract (2 pages minimum) will be considered if it gives a clear reflection of the contents and key points of the coming paper.
All paper submissions will be handled electronically. Authors should email their paper or detailed abstract and the completed submission form available on the FIRST website to: first-2006papersfirst.org
Panels are solicited that examine innovative, controversial, or otherwise provocative issues of interest.
All panel submissions will be handled electronically. Authors should e-mail the completed submission form which may be obtained on the FIRST website to: first-2006papersfirst.org
|Extended Submission deadline||Closed|
|Notification of acceptance||January 31, 2006|
|Final version of presentations/paper due||May 1, 2006|
Note that tutorial and panel proposals, as well as papers (or detailed abstracts, as described above) are expected to arrive prior to the submission deadline in order to be considered.
If you have any questions about the conference or submission process, please contact the program comittee at program committee chair: first-2006papersfirst.org
Program Committee Chair
Georgia Killcrece (CSIRT Development Team, CERT/CC)
Proposal Submission Form
The form for submissions is available here.