[Nrg-l] Networking Colloquium: this Friday, 11am

Mark Crovella crovella at cs.bu.edu
Wed Aug 26 17:01:26 EDT 2009


Dear WINGers and NRGers,

On Friday we will (also) have the great opportunity to hear from Michael
Collins.  Michael is a prominent researcher in network security who is on
the front lines of intrusion detection and prevention.  Furthermore, he is
the author of the Œsilk¹ toolkit which is arguably the best set of tools for
processing network flow data.   He has extensive experience in defending US
government networks, which he will share with us.    Please plan to attend!

Mark
----

Networking Colloquium
11 am, MCS 135
Michael Collins
Redjack LLC

The role of measurement in IDS and IPS: are we ready to ask the
right questions?

IDS and IPS are "bolt-on" solutions; the implicit hope in their design
and operation is that by attaching them
to networks, we can provide an environment that is, depending on one's
point of view, tolerably secure or tolerably insecure.Historically,
intrusion detection and prevention systems have relied on the assumption
that attacks are rare, external and targeted specifically at high-
value targets.  Attackers, in the meantime, have adapted to these
assumptions and focus on largely disinterested attacks against the
entire Internet.

In my talk, I will discuss the impact of constant and adaptive attacks
on the training, use and application of IDS.   In particular, I will
discuss modeling IDS as design specifications for attackers -
attackers have concrete goals, and if we can model their behavior
rationally, we can ask the hard questions about IDS: is it feasible for
such bolt-on defenses to work, and what are the alternatives?


Bio:
Michael Collins is the chief scientist for RedJack, LLC., a Network
Security and Data Analysis company located in the Washington
D.C. area.  Prior to his work at RedJack, Dr. Collins was a member of
the technical staff at the CERT/Network Situational Awareness group at
Carnegie Mellon University.  His primary focus is on network
instrumentation and traffic analysis, in particular on the analysis of
large datasets and the impact of distributed attacks on Internet
infrastructure.

Dr. Collins graduated with a PhD in Electrical Engineering from
Carnegie Mellon Univeristy in 2008, he holds Master's and Bachelor's
Degrees from the same institution.  In his spare time, he enjoys talking
about himself in the third person.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cs-mailman.bu.edu/pipermail/nrg-l/attachments/20090826/d2e4165e/attachment.html 


More information about the Nrg-l mailing list