Program Overview

The FIRST Technical Colloquium (TC) event will be held in Nov 13-15, 2012 at the Kyoto International Community House in Kyoto, Japan. FIRST Seminar and FIRST Hands-On Classes hosted by FIRST Japan Teams. Summit Days (Future of Global Vulnerability Reporting Summit) hosted by JPCERT/CC and IPA.

Download the event program

Program firsttckyoto.pdf PDF format, 1.5Mb

Tuesday, November 13th

FIRST Seminar (Room 1&2)Summit Days (Room Kenshu)
13:00 – 13:10
 JP

FIRST TC Opening

Suguru Yamaguchi (FIRST, JP)

13:10 – 13:15

Short Break

13:15 – 14:00
 TH

Security Activities in Thailand

Dr. Soranun Jiwasurat (ThaiCERT, TH)

 US JP

The Current State of Vulnerability Reporting

Harold Booth (NIST, US); Masashi Ohmori (IPA, JP)

14:00 – 14:45

Smartphone Security: Pitfalls to Avoid

Ken Van Wyk (KRvW Associates, LLC)

 JP

The Value of Global Vulnerability Reporting

Dave Waltermire (NIST); Masato Terada (IPA, JP)

14:45 – 15:15

Coffee & Networking Break

15:15 – 16:00
 JP

Smartphone Security and Finding "Third- Party" Risks

Tsukasa Oi (Fourteenforty Research Institute, Inc., JP)

 US

Global Vulnerability Identification and Usage: A Vendor’s Perspective

Kent Landfield (McAfee, US)

16:00 – 16:45
 DE

Chasing the Fox: A closer look at an APT malware

Andreas Schuster (Deutsche Telekom AG, DE)

 US

CVE Perspectives on Global Vulnerability Reporting

Steve Christey (MITRE, US)

16:45 – 17:30
 TW

Tracing Botnet in Taiwan

Kai-chi Chang (III, ICST, TW)

Wednesday, November 14th

FIRST Seminar (Room 1&2)Summit Days (Room Kenshu)
09:30 – 09:40
 JP

Opening Remarks

Suguru Yamaguchi (FIRST, JP)

09:40 – 09:50
 US

Report from FIRST Educational Committee

Shin Adachi (FIRST Education Committee, US)

09:50 – 10:00

About 25th Annual FIRST Conference (Bangkok, Thailand, 16-21 June 2013)

10:00 – 10:45
 DE

Role of Cyber Security in Civil Protection

Maurice Cashman (McAfee, DE)

 JP

Vulnerability Handling in Japan and linking through CVE

Takayuki Uchiyama (JPCERT/CC, JP)

10:45 – 11:00

Coffee & Networking Break

11:00 – 11:45
 JP

Public-Private partnership for counter Cyber-Intelligence and Malware analysis case study

Takehiko Nakayama, Yuuji Kubo (CFC, JP)

 TH

ThaiCERT Activities and how vulnerability information is being used

Dr. Soranun Jiwasurat (ThaiCERT, TH)

11:45 – 12:30
 NL

How we Collaborate and Share

Wim Biemolt (SURFnet-CERT, NL)

 KR

Activities for vulnerability by KrCERT/CC

HongSoon Jung (KrCERT/CC, KISA, KR)

12:30 – 14:00

Lunch Break

14:00 – 14:45
 ID

Hot Topics in Internet Measurement : Power-law Properties in Indonesia Internet Traffic. Why do we care about it ?

Bisyron Wahyudi (Id-SIRTII, ID)

 JP

Structure and numbering of JVN, and Security content automation framework

Masato Terada (IPA, JP)

14:45 – 15:00
 MY

Responding to Security Incident: MyCERT approach and case study

Megat Muazzam Abdul Mutalib (MyCERT, MY)

 JP

Public-Private Partnership and Control System Security

Hideaki Kobayashi (IPA, CSSC, JP)

14:45 – 15:30

15:30 – 16:00

Coffee & Networking Break

16:00 – 16:45
 JP

Tracing Attacks on Advanced Persistent Threats in Networked Systems

Hiroshi Koide (Kyushu Institute of Technology, IPA, JP)

 TW

Introduce SCADA vulnerability and a little suggest for vulnerability numbering format

Kai-chi Chang (III, ICST, TW)

16:45 – 17:30
 JP

Effective Discovery of Malicious Websites

Mitsuaki Akiyama (NTT-CERT, JP)

Clean up Room

17:30 – 18:00

Short Break

18:00 – 20:00

Thursday, November 15th

FIRST Hands-On Classes (Room 4)FIRST Hands-On Classes (Room Kenshu)Summit Days (Room 1&2)
09:30 – 09:40
 JP

Opening Remarks

Masato Terada (HIRT, JP)

09:40 – 10:00

Short Break

10:00 – 11:00
 DE

Introduction to YARA

Andreas Schuster (Deutsche Telekom AG, DE)

Smartphone App Security: Breaking and Building Secure Apps

Ken Van Wyk (KRvW Associates, LLC)

Discussion of common themes and use cases from previous day

Coordinator: Harold Booth (NIST), US

11:00 – 11:15
 DE

Introduction to YARA

Andreas Schuster (Deutsche Telekom AG, DE)

Smartphone App Security: Breaking and Building Secure Apps

Ken Van Wyk (KRvW Associates, LLC)

Coffee & Networking Break

11:15 – 12:30
 DE

Introduction to YARA

Andreas Schuster (Deutsche Telekom AG, DE)

Smartphone App Security: Breaking and Building Secure Apps

Ken Van Wyk (KRvW Associates, LLC)

Discussion of ideas for solutions to use cases

Coordinator: Dave Waltermire (NIST), US

12:30 – 14:00

Lunch Break

14:00 – 15:15
 DE

Introduction to YARA

Andreas Schuster (Deutsche Telekom AG, DE)

 JP

Forensic Investigation & Malware Analysis against Targeted Attack using Free Tools (13:00-17:00)

Hiroshi Suzuki, Takahiro Haruyama (IIJ-SECT, JP)

Additional Discussion of Ideas

Coordinator: Kent Landfield (McAfee), US

15:15 – 15:45
 DE

Introduction to YARA

Andreas Schuster (Deutsche Telekom AG, DE)

 JP

Forensic Investigation & Malware Analysis against Targeted Attack using Free Tools (13:00-17:00)

Hiroshi Suzuki, Takahiro Haruyama (IIJ-SECT, JP)

Coffee & Networking Break

15:45 – 17:00
 DE

Introduction to YARA

Andreas Schuster (Deutsche Telekom AG, DE)

 JP

Forensic Investigation & Malware Analysis against Targeted Attack using Free Tools (13:00-17:00)

Hiroshi Suzuki, Takahiro Haruyama (IIJ-SECT, JP)

Proposal of FIRST SIG planning "Vulnerability Reporting and Data eXchange"

Coordinator: Takayuki Uchiyama (JPCERT/CC), JP and Steve Christey (MITRE), US

17:00 – 17:10
 JP

Closing Remarks

Masato Terada (HIRT, JP)