About the Internet Society 

NDSS Symposium 2002

Network and Distributed System Security Symposium
Catamaran Resort Hotel
San Diego, California
6-8 February 2002

Program Chairs' Message

The events of the past year have been dramatic. The devastating terrorist attacks of September 11, 2001 have forever changed our view of the world. The implications for network security are enormous. Early in the year, concerns were voiced that an electronic Pearl Harbor was a when rather than if question. Post 9-11, concerns about protecting critical infrastructures are at an all-time high. These systems - including all utility, financial and government infrastructures - are now recognized as being at higher risk to electronic attacks than ever before. The role of network security researchers and practitioners has never been more important. Nor has the future ever held as many challenges.

With the development and deployment of new technologies continuing at break-neck pace, the IT budget cuts resulting from the 2001 technology meltdown exacerbated concerns. The Internet looms as an ever larger target for attacks of all flavors, as companies continue to spend more money on coffee than security. The past year featured the continued exploitation of operating system and server vulnerabilities by more sophisticated worms, viruses and electronic exploits such as the file-stealing Sircam worm, Code Red, and Nimda; Gnutella worms; malicious code in PDF files; and attacks on PDAs. The evolution of worm technology is alarming, albeit predicted by experts - they are propagating more cleverly and faster (the worms, not the experts). As VPNs and personal firewalls become mainstream, more credit card numbers continue to be stolen from servers. More frequent DoS and DDoS attacks have lead to further growth in intrusion detection and vulnerability assessment tools, spawning a new sub-industry promising product solutions to these problems.

Security continues to prove elusive in practice. A prominent example is the devastating attack on the WEP security protocol for 802.11 wireless LANs (see these proceedings). Industry seems destined to relearn old lessons with each new communications architecture and networked device. Buffer overflows continue to lead the list of software flaws making systems vulnerable. Major software vendors continue to release patch after patch on widely deployed browsers, mail clients and operating systems, expecting customers to continually re-test and re-install software. It continues to be disappointing that many of these problems arise from issues well-known to the research community and discussed in the open literature. Every indication is that network security experts have a bright future.

This year 's Program Committee meeting and dinner were graciously hosted by Virgil at his residence in Chevy Chase, Maryland. The committee selected 16 papers from a record 79 submissions; one accepted paper was withdrawn, leaving 15. The 20% acceptance rate confirms that NDSS has become one of the most competitive technical conferences. Topics on this year 's technical program include wireless security, anonymity, intrusion detection, DDoS defenses, server-aided signatures, management of certificates (PKI) and privileges (PMI), and transport layer security (TLS). Other special topics include a paper on detecting steganographic content plus a panel chaired by Steve Kent; a panel on software security chaired by Gary McGraw; and an invited talk on user-friendly cryptographic systems by Mike Reiter.

The excellent technical program would not have been possible without the very generous time and unparalleled expertise of the Program Committee members and their external reviewers as listed on an adjacent page. We thank them for their critical contribution - ensuring the continued progression of the field of network and distributed system security. The tasks of processing electronic submissions, facilitating their dissemination to the committee, and electronically processing reviewer comments was expertly handled by Laurent Eschenauer, our program committee email and web master. We also thank all those who made our job of delivering the technical program a pleasure, including various other chairs but especially Mahesh Tripunitara (publications), Cliff Neuman (general chair), Michele Estadt (logistics), and Dave Balenson (publicity). It is an honor to serve this community.