Marc Brooks - MITRE
Sep 26, 2012
Download: MP4 Video
Watch in your Browser
Watch on YouTube
"Leveraging internal network traffic to detect malicious activity: Lessons learned"
The detection of malicious activity can occur at many places within an enterprise. One area that is a natural extension of perimeter based approaches is that of internal network monitoring.
This talk will discuss work done to better detect malicious activity
on an enterprise by monitoring internal network traffic. The state of
the art will be discussed, as well as the limitations inherent in this
monitoring approach. Promising results will be discussed as well as
methods that were not as effective.
About the Speaker
Mr. Marc Brooks is a cyber security researcher at the MITRE
corporation, a non-profit organization chartered to work in the public
interest. He is the focal point for the Insider Threat capability
within the Cyber Security Division of the MITRE Corporation. He is
responsible for helping coordinate division support to various Insider
Threat activities, as well as being actively involved in research
activities on the topic.
Mr. Brooks has worked in the defense, intelligence, and law
enforcement communities for more than ten years. Mr. Brooks began his
career at MITRE developing internet based technologies for the Air
Force out of the MITRE Bedford, MA location. Since then, Mr. Brooks
has supported technology research and development within MITRE via its
internal research program, DISA, a DOJ sponsor, and other government
sponsors. Mr. Brooks also served as the chief engineer for the MITRE
Information Analysis and Engineering department, while supporting an
operational Insider Threat program. Mr. Brooks currently works on
research in detecting the advanced cyber threat and malicious
Mr. Brooks has a bachelor's degree in computer science from Amherst
College, a master's in business administration from the University of
Maryland, and is currently earning a PhD in computer science at
George Mason University.
Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M.
STEW G52 (Suite 050B), West Lafayette Campus. More information...