Gene Kim - Tripwire Security Systems Inc.
"Trends in Intrusion Detection: Perspectives from a Security Tool Vendor"
Feb 19, 1999
AbstractIntrusion detection tool vendors have done a surprisingly poor job in educating customers about their offerings. All the product data sheets from different vendors seem identical, their products seem to solve the same problems, and yet use radically different approaches. Pity the customer, the IS manager who is ultimately accountable and responsible for securing their corporate networks, who have been mandated by upper management to spend money to solve "that intrusion detection problem".
In the first half of this talk, a brief history of last ten years of computer security threats is presented. Much has changed since the Morris worm, and if one connects the dots and squints in the right way, one might conclude that things are actually much, much worse now. The threat of more sophisticated rootkits and worms, script kiddies, and an increasingly vulnerable and homogeneous target demographic make computer security an exciting area to be working in.
In the second half of this talk, I present the emerging taxonomy of intrusion detection tools being provided by commercial vendors, along with a survey of their capabilities, and then present an alternate taxonomy which better accomodates the emerging need for forensic tools. Some challenges faced by virtually all tool vendors is then presented.
About the Speaker
Gene Kim is co-founder and chief technology officer at Tripwire Security Systems, Inc. Along with Dr. Eugene Spafford, Gene developed the Tripwire security tool in 1992 while at Purdue University COAST Laboratory. At TSS, he leads the development effort for the TripwireTM family of computer security products, and architected the first fully-supported, commercial release of Tripwire. Gene has published numerous papers on computer security, operating systems, and networking in Usenet, ACM, and IEEE publications. He received an M.S. in computer science from University of Arizona and a B.S. in computer science from Purdue University.
Gene's other notable achievement at Purdue is purchasing Spaf's 1975 Oldsmobile Cutlass. Due to pending law suits and international treaty violations, stories are currently unavailable.
Unless otherwise noted, the security Fall and Spring seminar series is held on Wednesdays at 4:30P.M. STEW G52 (Suite 050B), West Lafayette Campus. More information...