ESP and Poly^2: Challenging the Conventional Wisdom

Page Content

Eugene H. Spafford - CERIAS

Apr 16, 2003

Abstract

We have seen about 15 years of development of intrusion detection systems, and almost 8 years of development of Internet servers. Despite that experience, we continue to have severe problems securing Internet enterprises. Break-ins, defacements of WWW pages, and self-propagating malicious code continue to multiply.



With all the research and money being directed to issues of security, one might think that a solution would be in reach. However, in this talk I will point out how the concept of "intrusion detection" has been blurred, and the assumptions behind current efforts to secure servers are likely to fail. At CERIAS, we are challenging some of this conventional wisdom when designing security services. By focusing on the design of securable systems instead of interoperation with existing platforms we have developed a highly-effective IDS (ESP), and are now building a high-performance testbed (Poly^2) to host it. This talk will describe our approach and the results to date.

About the Speaker

Spaf is a well-known bow-tie wearer. He is fond of bad movies, bad jokes, and politically incorrect behavior. When he isn't traveling to meetings, he is alleged to be the director of CERIAS and a computer scientist involved with information security issues.



More information may be found at http://www.cerias.purdue.edu/homes/spaf.




Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52, West Lafayette Campus. More information...

© 1999-2013 Purdue University. All rights reserved.

Use/Reuse Guidelines

CERIAS Seminar materials are intended for educational, non-commercial use only and any or all commercial use is prohibited. Any use must attribute "The CERIAS Seminar at Purdue University." Opinions expressed in the recordings are not necessarily representative of the views of CERIAS or of Purdue University.