As the Internet assumes an ever more important role in our lives, it becomes increasingly vital to secure it from those seeking to exploit it through misuse. The nature of the network's technology and end systems, however, makes this a formidable challenge. Not only must we secure myriad forms of mechanisms and services, but we must do so (1) faced with adversaries who continually improve their tactics, (2) armed only with technology we can "bolt on" to an architecture not designed with defense in mind, (3) in the presence of ambiguities, some fundamental, regarding semantics and intent, and (4) as the reach of the network and breadth of its applications continue to race forward.
This talk draws upon my experiences from over a decade of conducting network security research in a hands-on operational setting at the Lawrence Berkeley National Laboratory. I will frame the range of real-world constraints that shape the efforts, the deep problem of "evasion," and the successes and challenges of tackling the threat posed by the large-scale compromise of Internet hosts due to automated malware such as worms and botnets.
Reception to follow in 301 CSL
Dr. Vern Paxson is a senior scientist at the International Computer Science Institute (ICSI) in Berkeley, California, USA, as well as a staff scientist with the Lawrence Berkeley National Laboratory and an adjunct associate professor at the University of California, Berkeley. His main active research projects address network intrusion detection in the context of Bro, a high-performance network intrusion detection system he developed; large-scale network measurement and analysis; and Internet-scale attacks, particularly rapidly-propagating network "worms." The last item is realized as part of CCIED, the US NSF-sponsored Collaborative Center for Internet Epidemiology and Defenses, which he co-directs with Prof. Stefan Savage of the University of California, San Diego. Some of his other professional activities include service as the vice-chair of ACM SIGCOMM, program co-chair for the 2006 IEEE Symposium on Security & Privacy and the ACM SIGCOMM HotNets 2007, and co-founder of the ACM Internet Measurement Conference.