Finding Very Damaging Needles in Very Large Haystacks

Speaker : Vern Paxon
University of California, Berkeley - International Computer Science Institute - Lawrence Berkeley National Laboratory
Date: 18/05/2016
Time: 2:00 pm - 3:00 pm
Location: LINCS Meeting Room 40

Abstract

Abstract: Many of the most costly security compromises that enterprises suffer manifest as tiny trickles of behavior hidden within an ocean of other site activity. This talk exams design patterns applicable to developing robust detectors for particular forms of such activity. The themes include research pitfalls, the crucial need to leverage domain knowledge in an apt fashion, and why machine learning is very difficult to effectively apply for such detection.
Biography: Vern Paxson is a Professor of Electrical Engineering and Computer Sciences at UC Berkeley. He also leads the Networking and Security Group at the International Computer Science Institute in Berkeley, and has an appointment as a Staff Scientist at the Lawrence Berkeley National Laboratory. His research focuses heavily on measurement-based analysis of network activity and Internet attacks. He works extensively on high performance network monitoring, detection algorithms, cybercrime, and countering censorship.In 2006 he was inducted as a Fellow of the Association for Computing Machinery (ACM). In 2011 he received ACM’s SIGCOMM Award, which recognizes lifetime contribution to the field of communication networks, “for his seminal contributions to the fields of Internet measurement and Internet security, and for distinguished leadership and service to the Internet community.” His measurement work has also been recognized by ACM’s Grace Murray Hopper Award and by the 2015 IEEE Internet Award. In 2013 he co-founded Broala, a startup that provides commercial-grade support and products for the “Bro” network monitoring system that he created and has advanced through his research for many years.