Security Seminar and ITI Disting

Security Seminar and ITI Distinguished Seminar

Richard A. Kemmerer
University of California at Santa Barbara

Designing a Web of Highly-Configurable Intrusion Detection Sensors

TIME: Monday, April 18, 2005, 4:00-5:00 p.m.

PLACE: B02 Coordinated Science Lab

Reception immediately following in 301 CSL

ABSTRACT

Intrusion detection relies on the information provided by a number of sensors deployed throughout the monitored network infrastructure.
Sensors provide information at different abstraction levels and with different semantics. In addition, sensors range from lightweight probes and simple log parsers to complex software artifacts that perform sophisticated analysis. Managing a configuration of heterogeneous sensors can be a very time-consuming task.
Management tasks include planning, deployment, initial configuration, and run-time modifications. This talk describes a new approach that leverages off the STAT model to support a highly configurable sensing infrastructure. The approach relies on a common sensor model, an explicit representation of sensor component characteristics and dependencies, and a shared communication and control infrastructure. The model allows an Intrusion Detection Administrator to express high-level configuration requirements that are mapped automatically to a detailed deployment and/or reconfiguration plan.

This approach supports automation of the administrator tasks and better assurance of the effectiveness and consistency of the deployed sensing infrastructure.

BIOGRAPHY

Richard A. Kemmerer is a Professor and past Chair of the Department of Computer Science at the University of California, Santa Barbara. He is a Fellow of the IEEE Computer Society, a Fellow of the Association for Computing Machinery, a member of the IFIP Working Group 11.3 on Database Security, and a member of the International Association for Cryptologic Research. He leads the Reliable Software Group at UCSB. Under his direction the Reliable Software Group has addressed the need for better languages and tools for designing, building, validating, and securing software systems.

He is a past Editor-in-Chief of IEEE Transactions on Software Engineering and served on the board of the ACM Computing Surveys and IEEE Security and Privacy magazine. He is a past Vice President of the IEEE Computer Society, and he currently serves on the Board of Governors of the IEEE Computer Society and Microsoft's Trustworthy Computing Academic Advisory Board.

Dr. Kemmerer has written numerous papers on the subjects of computer security, formal specification and verification, software testing, programming languages, and software complexity measures. He is the author of the book "Formal Specification and Verification of an Operating System Security Kernel" and a co-author of "Computers at Risk:
Safe Computing in the Information Age," "For the Record: Protecting Electronic Health Information,"
and "Realizing the Potential of C4I: Fundamental Challenges."