Lecture: Better Architectures and New Security Applications for Coarse Network Monitoring

Su	Mo	Tu	We	Th	Fr	Sa
28	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31	1	2	3

ISU > Dept > College of Engineering : College of Engineering

Date/Time:	Friday, 12 Mar 2010 from 1:00 pm to 2:00 pm
Location:	Auditorium, Howe Hall
Cost:	free
Phone:	515-294-2664
Channel:	College of Engineering
Categories:	Lectures
Actions:	Download iCal/vCal \| Email Reminder

Michael Reiter, University of North Carolina at Chapel Hill, part of the ECpE distinguished lecture series.

Abstract: Busy networks today cannot afford to log all traffic traversing them, and consequently many network-monitoring applications make due with coarse traffic summaries. In this talk, we will describe an approach we have developed to improve the fidelity of these traffic summaries, by coordinating the monitoring performed by the network's routers so as to achieve network-wide monitoring goals while respecting each router's processing constraints. We also will describe our use of traffic summaries to detect a variety of stealthy network abuses (e.g., file-sharing traffic masquerading on other application ports, "hit-list" scans and malware propagation, data exfiltration by spyware, and botnet command-and-control) and even to identify the origin of epidemic malware spreads.

Speaker biography: Michael Reiter is the Lawrence M. Slifkin Distinguished Professor in the Department of Computer Science at the University of North Carolina at Chapel Hill (UNC). He received his bachelor's degree in mathematical sciences from UNC in 1989, and master's and PhD degrees in computer science from Cornell University in 1991 and 1993, respectively. He joined AT&T Bell Labs in 1993 and became a founding member of AT&T Labs - Research when NCR and Lucent Technologies (including Bell Labs) were split away from AT&T in 1996. He then returned to Bell Labs in 1998 as director of secure systems research. In 2001, he joined Carnegie Mellon University as a professor of electrical and computer engineering and computer science, where he was also the founding technical director of CyLab. He joined the UNC faculty in 2007.

Reiter's research interests include all areas of computer and communications security and distributed computing. He regularly publishes and serves on conference organizing committees in these fields, and has served as program chair for the flagship computer security conferences of the IEEE, the ACM, and the Internet Society. He presently serves on the editorial board of Communications of the ACM, and has previously served as editor-in-chief of ACM Transactions on Information and System Security and on the editorial boards of IEEE Transactions on Software Engineering, IEEE Transactions on Dependable and Secure Computing, and the International Journal of Information Security. He currently serves on the Board of Visitors for the Software Engineering and on the Emerging Technology and Research Advisory Committee for the U.S. Department of Commerce. Reiter was named an ACM Fellow in 2008.