Home
About
- Welcome
- History
- Directions
- Sennott Square Maps
- Industry Board
- Contact Us
- Affiliated Programs:
- Intelligent Systems Program (ISP)
- Pittsburgh Supercomputing Center
- Organizations:
- Women in Computer Science
- Technology Leadership Initiative
People
Research
Graduate
- CS Events & Talks
- News & Announcements
- Course Schedule:
- Course Schedule (Spring 2012)
- Course Schedule (Summer 2012)
- Course Schedule (Fall 2012)
- Course Descriptions
- Graduate Degrees in Computer Science:
- Program Overview
- PhD Degree
- MS Degree
- Admissions
- Joint Programs:
- Computer Engineering
- Dual MS Degree
Undergraduate
- CS Events & Talks
- News & Announcements
- Course Schedule:
- Spring 2012
- Summer 2012
- Fall 2012
- Course Descriptions
- Degree in Computer Science:
- Program Overview
- Bachelors Degree
- CS Major Concentrations
- BS+MS Degree
- Minor
- Related Areas
- Degree Specializations:
- Bioinformatics
- Computer Engineering
- Scientific Computing
- Financial Assistance
- Financial Assistance
- Grants & Scholarships
- Career Opportunities:
- CS Opportunities
- Internships
- Co-Op Program
News
Intranet
Loading

Empirical Foundations for Network Defense

Vinod Yegneswaran, University of Wisconsin

Wednesday, March 1st
10:30am - SENSQ 5317
Students meet the speaker at 11:30 a.m.

Refreshments at 10:15am

Abstract

Over the past few years, the Internet has witnessed alarming growth in the volume and diversity of malicious traffic. The objective of my thesis is in simplifying and automating the tasks of network security analysts in the face of these escalating threats. In this talk, I will describe a collection of tools that we have developed for measurement, monitoring and automated analysis of malicious traffic that provide a foundation for Internet situational awareness. In the first part of the talk, I will motivate the need for a distributed network monitoring system and describe a highly scalable measurement architecture that we have developed called the Internet Sink (iSink). iSink is a configurable honeypot monitoring system that includes flexible simulated response capability for a wide range of network services. The scaling capabilities of iSink combined with its deep response component enables robust monitoring and classification of attack sources over large subnets. The results of our measurement studies attest to the diversity of "Internet Background Radiation" traffic, and the extreme dynamicism of its constituents. iSink data also forms the basis for Nemean, our protocol-aware system that automates construction of NIDS signatures. Signatures generated by Nemean provide high resilience to false positives with detection rates that are comparable to popular NIDS. I will conclude the talk with a discussion of some of my current work and my future research plans.

Biography of Speaker

Vinod Yegneswaran is a graduating CS Ph.D. student at the University of Wisconsin, Madison. He is part of the Wisconsin Advanced Internet Lab and his advisor is Dr. Paul Barford. Vinod's areas of interest involve computer networks, including network security, network measurement, network protocols, sensor/wireless networks and distributed systems.

You are using an older browser that does not support current Web standards. Although this site is viewable in all browsers, it will look much better in a browser that supports Web standards.

Empirical Foundations for Network Defense

Vinod Yegneswaran, University of Wisconsin

Abstract

Biography of Speaker

Quick Links