CPE SESSION 22 - Wednesday, 1:00 PM - 5:00 PM

Information Systems Security &
Datamining for Security Auditing

Description/Objectives:
The workshop will introduce the basic technology, techniques, terminology for audits of information systems and network security, and so no prior background in the areas is assumed. Current research in security auditing and avenues for future research in the area will be discussed.

Information system security modeling; Fundamentals of communications protocols in relation to security and privacy; Cryptography, digital signatures, and the Public Key Infrastructure; Digital watermarking and steganography; Operating systems (Unix and Microsoft Windows) security and auditing; Basics of security in multi-tiered architectures with java examples; Network penetration studies, intrusion detection, intrusion signature analysis. Methods for collection of data for datamining in systems and network security (snorting, sniffing, etc).

Format/Structure:
The workshop will include lectures relating to the technologies, software, and case studies. The workshop will consist of the following components:

Introduction to the technologies and protocols
Security modeling
Cryptography and steganography
Operating systems security
Network security: Penetration testing
Network security: Intrusion detection and signature analysis

Intended Audience:
Academics in accounting/auditing; doctoral students and researchers in security and auditing; practitioners in accounting firms; consultants in security and audit practices.

Presenter:
Jagdish S. Gangolly, SUNY at Albany

Sponsor:
Artificial Intelligence/Emerging Technologies Section