"Designing a Web of Highly-Configurable
Intrusion Detection Sensors"
Dr. Richard Kemmerer
Dept. of Computer Science
University of California at Santa Barbara
January 17, 2003
Talk: 10:00-11:00 a.m.
Location: Room 1225 Engineering Bldg.
Host: L. Dillon
Abstract: Intrusion detection relies on the information provided by a number of sensors deployed throughout the monitored network infrastructure. Sensors provide information at different abstraction levels and with different semantics. In addition, sensors range from lightweight probes and simple log parsers to complex software artifacts that perform sophisticated analysis. Managing a configuration of heterogeneous sensors can be a very time-consuming task. Management tasks include planning, deployment, initial configuration, and run-time modifications. This talk describes a new approach that leverages off the STAT model to support a highly configurable
sensing infrastructure. The approach relies on a common sensor model, an explicit representation of sensor component characteristics and dependencies, and a shared communication and control infrastructure. The model allows an Intrusion Detection Administrator to express
high-level configuration requirements that are mapped automatically to a detailed deployment and/or reconfiguration plan. This approach supports automation of the administrator tasks and better assurance of the effectiveness and consistency of the deployed sensing
Biography: Richard A. Kemmerer is a Professor and past Chair of the Department of Computer Science at the University of California, Santa Barbara. He is a Fellow of the IEEE Computer Society, a Fellow of the Association for Computing Machinery, a member of the IFIP Working Group 11.3 on Database Security, and a member of the International Association for Cryptologic Research. He is a past Editor-in-Chief of IEEE Transactions on Software Engineering and served on the board of the ACM Computing Surveys. He currently serves on the Board of Governors of the IEEE Computer Society, the NSF/CISE Advisory Committee, and Microsoft's Trustworthy Computing Academic Advisory Board.
Dr. Kemmerer has served on numerous program committees and was the program chair of the Testing Analysis and Verification Symposium (TAV3/SIGSOFT89) and the program co-chair of the IEEE Symposium on Research in Security and Privacy in 1982 and in 1983, and of the 20th International Conference on Software Engineering (ICSE98). He has served as a member of the National Academy of Science's Committee on Computer Security in the DOE, the System Security Study Committee, the Committee for Review of the Oversight Mechanisms for Space Shuttle Flight Software Processes, the Committee on Maintaining Privacy and Security in Health Care Applications of the National Information Infrastructure,and the Committee on the Review of Programs for C4I. He has also served as a member of the National Computer Security Center's Formal Verification WorkingGroup and was a member of the NIST's Computer and Telecommunications Security Council. Dr. Kemmerer is also the past Chair of the IEEE Technical Committee on Security and Privacy and a past member of the Advisory Board for the ACM's Special Interest Group on Security, Audit, and Control.
Dr. Kemmerer has written numerous papers on the subjects of computer security, formal specification and verification, software testing, programming languages, and software complexity measures. He is the author of the book "Formal Specification and Verification of an Operating System Security Kernel" and a co-author of "Computers at Risk: Safe Computing in the Information Age," "For the Record: Protecting Electronic Health Information," and "Realizing the Potential of C4I: Fundamental Challenges."
Dr. Kemmerer has made significant contributions in the areas of computer security and formal verification. He has been a Principal Investigator on numerous government and private sector sponsored projects and leads the Reliable Software Group at UCSB. Under his direction the Reliable Software Group has addressed the need for better languages and tools for designing, building,validating, and securing software systems.