• Invited Keynote Speaker, “Responding to Complex Intrusions (or ‘How to Play Kick the Can in Cyberspace’),” REN-ISAC Annual Member Meeting (RIMM) 2016, Seattle, WA, April 21, 2016



  • Dr. Paul Vixie’s Overview of Internet Takedowns, M3AAWG Town Hall, October 22, 2014 [@27:22 I provide a brief description of a proposed framework for “active response continuum” presented by Katherine Carpenter and me at CyCon 2014, link below.]

  • Ethics in Computer Security Research and Operations,” by David Dittrich, UW CSE / Microsoft Research Summer Institute 2014, July 28, 2014

  • “Protecting Property in Cyberspace Using “Force”: Legal and Ethical Justifications,” by David Dittrich and Katherine Carpenter, NATO Cyber Defense Center of Excellence Cyberconflict Conference (CyCon) 2014, Tallinn, Estonia, June 4, 2014. [Local copy of CyCon 2014 slides Talk is online in the Strategy and Law track, 04.06.14, at the CyCon 2014 web site]

  • “The Legal and Ethical Challenges with Aggressive Computer Security Research and Operations Actions,” by David Dittrich and Katherine Carpenter, Microsoft Digital Crimes Consortium 2014 meeting, Singapore, Singapore, March 4, 2014. [Local copy of DCC 2014 slides]

  • Panelist, “Botnet Takedowns,” Malware, Messaging, and Mobile Anti-Abuse Working Group (M3AAWG) 27th General Meeting, San Francisco, CA, February 20, 2014

  • Panelist, “Dismantling and disrupting malware-facilitated crime: case studies and future collaboration opportunities,” Microsoft Global Cybercrime Enforcement Summit, February 11, 2014

  • Panelist, “Anatomy of Data Security Breaches: Who is Behind Them,; How Law Enforcement and Targets Respond,” with Richard D. Boscovich (Microsoft) and Jenny A. Durkan (US Attorney, Western District of Washington), Cybersecurity Law and Strategies Conference, Seattle, Washington, January 27, 2014

  • Panelist, “Can Companies Afford an Active Defense Strategy?”, with Katherine Carpenter (moderator), Christofer Hoff, Anup Ghosh, Jody Westby, Suits and Spooks 2014, Washington, DC, January 20, 2014

  • Panelist, “Exploiting End Points, Devices, and the Internet of Things” with Kurt Baumgartner, Remy Baumgarten, Terry McCorkle, Suits and Spooks 2014, Washington, DC, January 20, 2014



  • “Session B18 (Advanced): Ethical Guidelines for Information and Communication Technology Research: The Menlo Report,” David Dittrich, Erin Kenneally, Wendy Visscher, PRIM&R’s Advancing Ethical Research 2012 Conference, San Diego, CA, December 4, 2012

  • Panelist, “Joint Cooperation,” United States Attorney’s Office Cybercrime Conference, Seattle, WA, October 27, 2012

  • Keynote speaker, “So you want to take over a botnet…,” Discovery 2015 workshop, Pacific Northwest National Laboratory, Richland, WA, September 20, 2012

  • So You Want to Take Over a Botnet…, by David Dittrich, LEET ‘12: Fifth USENIX Workshop on Large-Scale Exploits and Emergent Threats, April 2012.

  • “A Refined Ethical Impact Assessment Tool and a Case Study of its Application,” by Michael Bailey, Erin Kenneally, and David Dittrich, in Workshop on Ethics in Computer Security 2012, Bonaire, Dutch Antilles, March, 2012


  • “Data Breach Then and Now” (Keynote presentation), by David Dittrich, Information Assurance, Network Forensics, Industry and Educators Workshop, September 8, 2011 (Hosted by Highline Community College, Funded by NSF Grant # DUE 0919593)

  • “Human Subjects, Agents, or Bots: Current Issues in Ethics and Computer Security Research,” by John Aycock, Elizabeth Buchanan, Scott Dexter, and David Dittrich, in Workshop on Ethics in Computer Security 2011, St. Lucia, April, 2011 [Local copy of paper and slides]

  • “Session D3: An Evolved Ethical Framework for Network and Security Research,” David Dittrich, Erin Kenneally, Wendy Visscher, PRIM&R’s Social, Behavioral and Educational Research 2011 Conference, Boston, MA April 29, 2011

  • “Session C8: Watching ‘Bad’ Behavior in the Context of Research,” PRIM&R’s Social, Behavioral and Educational Research Conference, Boston, MA, April 28, 2011


  • “Visual Analytics in Support of Secure Cyber-Physical Systems,” David Dittrich and Mark P. Haselkorn, Department of Homeland Security Workshop on Future Directions in Cyber-Physical Systems Security, July 22-24, 2009

  • Keynote speaker, “The Fight Against Spam: Should We Start to Hit Back?,” Conference on Email and Anti-Spam, Mountain View, CA, July 16, 2009

  • Panel: Common Research Issues, DHS S Workshop on Ethical Issues in Network Research, Washington, DC, May 26-27, 2009 + Panel: Ethics in Botnet Research, LEET 09, Boston, April 21, 2009

    [Network World published a story about the panel. The discussion of DDoS tool relates to the Trinoo Distributed Denial of Service Tool writeup, in which I wrote, “During investigation of these intrusions, the installation of a trinoo network was caught in the act and the trinoo source code was obtained from the account used to cache the intruders’ tools and log files. This analysis was done using this recovered source code.” The hole in question that I used to copy the files (a + + in a .rhosts file, granting anyone on the internet the ability to access the account) is depicted in this [anonymized] command: echo "rcp /usr/sbin/rpc.listen" in generating a script that was then run on the compromised computer. While I did get permission to view the files, the questionable action was that I had initiated the copying before I had finished identifying someone who could authorize the action and grant me permission. They did, and asked me to promise I would give them full details of how their system was compromised and used, to never disclose the name of their company, or publish any customer data. I have adhered to all aspects of this promises.]






  • The Manuka Project” (database for cataloging clean/compromised system disk images), paper presentation, IEEE Information Assurance Workshop, June 11, 2004 (Power Point)

  • Honeypots, Honeynets, and the Honeywall,” ARO Information Assurance Workshop, UW, March 3, 2004 (Power Point)





  • Sun’s Java langauge, 1996

  • Talks on Java and Unix Security at AUUG WET’96 in Darwin, Northern Territory, Australia (4/96)


  • KUOW Weekday: The Virus Hunters, (Guests: Dave Dittrich, Affiliate Researcher with the I-School and UW’s Center for Information Assurance and Cybersecurity, Stephen Toulouse, Security Program Manager, Microsoft Security Response Center, and Sam Curry, Vice President for Security Management at Computer Associates), May 14, 2004 [Weekday MP3] [Weekday RealAudio archive]

  • Audio interview on DDoS attacks with Brian Martin [attrition.org] and Dave Dittrich, by Brian S. McWilliams, PC-radio.com, February 22, 2000

  • Panelist on the Diane Rehm show (WAMU radio, NPR affiliate) along with Jeffrey Hunker (coordinator for security, infrastructure protection, and counter-terrorism for the National Security Council), James Adams (CEO of iDefense), and Elias Levy (SecurityFocus.com), February 17, 2000

  • Info.sec.radio interview (Originally broadcast March 6, 2000)