Biographical info

The following bios are usable for conference organizers, etc.

Short form bio #1

[1403 characters]

Dave Dittrich is a Principal Software Engineer/Cyber Security researcher in
the Center for Data Science and the University of Washington Tacoma.  He is
also a member of the Honeynet Project and Seattle's "Agora" computer security
group. He served on one of the University of Washington's Institutional
Review Board (IRB) Committees from 2009 to 2015.

Dave is widely known for his research into Distributed Denial of Service
(DDoS) attack tools and host/network forensics. He was one of the first to
lead workshops on "Active Defense" and to consider the legal and ethical
boundaries of computer network defense.  He has presented talks and courses
at dozens of computer security conferences, workshops, and government/private
organizations world wide, contributed articles and chapters to several
magazines and books, and co-authored the first complete book on DDoS, titled
"Internet Denial of Service: Attack and Defense Mechanisms." He, along with
Erin Kenneally, co-edited the Department of Homeland Security documents,
"The Menlo Report: Ethical Principles Guiding Information and Communication
Technology Research," first published in the Federal Register in December,
2011, and "Applying Ethical Principles to Information and Communication
Technology Research: A Companion to the Department of Homeland Security Menlo
Report."

His home page can be found at http://staff.washington.edu/dittrich/

Short form bio #2

[731 characters]

Dave Dittrich is a Principal Software Engineer/Cyber Security Researcher
in the Center for Data Science at the University of Washington Tacoma and
served on one of the UW's Institutional Review Board (IRB) Committees from
2009 to 2015.  His background is in computer security incident response and
dealing with massive distributed attack tools that take over the computers
of millions of individuals on a regular basis for all kinds of financial
crimes, political protests, or just fighting in online forums by disrupting
services for extended periods of time.  This led him in turn to research
the ethical and legal bounds within which "white hat" researchers can
justifiably act to respond to "black hat" hackers and criminals.

Short form bio #3

[1033 characters]

Dave Dittrich is a Principal Software Engineer/Cyber Security Researcher in
the Center for Data Science at the University of Washington Tacoma.  He has
been involved in investigating and countering computer crimes going back to
the late-1990s.  Dave was the first person to describe the technical
details of DDoS attack tools in 1999, was an early researcher into bots and
botnets, and one of the first to study P2P for botnet command and control.
Dave has pushed the limits, but he tries to do it in a way that is
ethically defensible.  He has written extensively on ethics and the "Active
Response Continuum," served on one of the UW's Institutional Review Boards
evaluating human subjects research, and with Erin Kenneally co-edited the
Department of Homeland Security documents, "The Menlo Report: Ethical
Principles Guiding Information and Communication Technology Research" and
"Applying Ethical Principles to Information and Communication Technology
Research: A Companion to the Department of Homeland Security Menlo Report."

Short form bio #4

[995 characters]

Dave Dittrich is an applied Cyber Security Researcher in the Center for
Data Science at UW Tacoma.  He's been investigating, studying, and
countering computer crimes since the mid-1990s.  He was the first to
describe technical details of DDoS attack tools in 1999, was an early
researcher into botnets, and one of the first to study P2P for botnet
command and control. This lead him to research the ethical and legal bounds
within which "white hat" researchers can justifiably act to respond to
"black hat" hackers and criminals.  He has written extensively on ethics
and the "Active Response Continuum," served for 6 years on one of the UW's
Institutional Review Boards evaluating human subjects research, and with
Erin Kenneally co-edited the "The Menlo Report: Ethical Principles Guiding
Information and Communication Technology Research" and "Applying Ethical
Principles to Information and Communication Technology Research: A
Companion to the Department of Homeland Security Menlo Report."

Long form bio #1

[1630 characters]

David Dittrich has been actively involved in security operations going
back to the mid 1990s.  He got his start supporting others whose computers
had been compromised and maintains an applied focus to his research,
striving to teach others what he has learned. Dave was the first person to
publicly describe Distributed Denial of Service (DDoS) attacks in 1999,
precursors to today's botnets, and has a keen interest in identifying
technical, legal, and ethical options to allow advanced responses to
advanced threats.  Dave was one of the original members of the Honeynet
Project and has served as an Officer for much of the group's history
(currently as Chief Legal and Ethics Officer).  He coined the term "Active
Response Continuum" in 2005 to describe the socio-technical hurdles that
defenders must overcome and to guide researchers and security operators in
bridging the gaps between skill levels of responders and between private
actors and law enforcement, all the while acting in ways that maintain the
trust and confidence of the general public.  Dave has published several
documents concerning the ethical issues faced by computer security
researchers and others responding to advanced malware threats, and served
as a member on one of the University of Washington's Institutional Review
Board (IRB) Committees from 2009 to 2015.  Along with Erin Kenneally, he
co-edited the Department of Homeland Security document, "The Menlo Report:
Ethical Principles Guiding Information and Communication Technology
Research," first published in the Federal Register in December, 2011.

His home page is http://staff.washington.edu/dittrich/

Long form bio #2

[3339 characters]

Dave Dittrich is a Principal Software Engineer/Cyber Security Researcher
in the Center for Data Science at the University of Washington Tacoma.  He
has worked at the University of Washington in several positions since 1990.
He is a member and Cheif Legal and Ethics Officer for the Honeynet Project,
member of Seattle's "Agora" computer security group, and served as a
member on one of the University of Washington's Institutional Review Board
(IRB) Committees from 2009 to 2015.

Dave is perhaps most widely known for his research into Distributed Denial
of Service attack tools, starting with the first public analyses of DDoS
and an invited talk at the November 1999 CERT Distributed System Intruder
Tools Workshop and leading to talks at SANS, the USENIX Security Symposium,
JASON summer workshop, DDoS BoF sessions at RSA 2000, NANOG, and SANS. Dave
received one of SANS' Security Technology Leadership Awards in 2000 for his
work in understanding DDoS tools, and was named by Information Security
Magazine as one of the "Security Seven" for 2005 (representing the
education sector.)

Dave has authored chapters in the first edition of the Honeynet Project's
"Know Your Enemy" and "The Hacker's Challenge", co-authored two articles
with Kenneth Himma -- "Active Response to Computer Intrusions" and
"Hackers, Crackers, and Computer Criminals" -- for the "Handbook on
Information Security" (John Wiley and Sons, 2003) and co-authored the first
complete book on DDoS, titled "Internet Denial of Service: Attack and
Defense Mechanisms" (Mirkovic, Dietrich, Dittrich, and Ryher, Prentice Hall
PTR, December, 2004.)

In the area of Computer Forensics, Dave has taught Unix Forensic Analysis
at the Black Hat Briefings, lead the Honeynet Project's popular Forensic
Challenge in 2001, and both taught in and co-chaired SANS' first forensic
track at SANS FIRE '01, and has guest lectured and collaborated on labs
with faculty at several Universities and Community Colleges.

Dave is a leading researcher of the Active Response Continuum", involving
the legal, ethical, and technical frameworks for responding to large-scale
computer attacks.  He has presented on the topic at an I4 meeting; several
Agora workshops in 2001 and 2003; a workshop at George Mason University in
2005; panels at SecureWorld Expo Seattle, Washington State Bar Association
Cybercrime III conference, and American Bar Association summer meeting in
2004; a keynote address at the 2003 Society for the Policing of Cyberspace
(POLCYB) conference in Richmond, BC, Canada; and a talk at AusCERT 2005 in
Brisbane, Australia.  Board (IRB) Committees from 2009 to 2015.  Along
with Erin Kenneally, he co-edited the Department of Homeland Security
document, "The Menlo Report: Ethical Principles Guiding Information and
Communication Technology Research", first published in the Federal Register
in December, 2011.

Dave has also spoken at CanSecWest (Vancouver, Canada), OlymFair (Seoul,
South Korea), HAL 2001 (the Netherlands), AusCERT (Brisbane, Australia),
and to groups at the NSA, CIA, DoD, and the FBI Academy.

In his "spare" time, Dave enjoys photography (a side business), hiking,
rock climbing, and ski mountaineering the volcanos and Cascade mountain
range in the Pacific Northwest.

His massive home page can be found at <http://staff.washington.edu/dittrich/>