The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Marc Brooks - MITRE

Students: Spring 2024, unless noted otherwise, sessions will be virtual on Zoom.

Leveraging internal network traffic to detect malicious activity: Lessons learned

Sep 26, 2012

Download: Video Icon MP4 Video Size: 446.2MB  
Watch on Youtube Watch on YouTube

Abstract

The detection of malicious activity can occur at many places within an enterprise. One area that is a natural extension of perimeter based approaches is that of internal network monitoring.

This talk will discuss work done to better detect malicious activity
on an enterprise by monitoring internal network traffic. The state of
the art will be discussed, as well as the limitations inherent in this
monitoring approach. Promising results will be discussed as well as
methods that were not as effective.

About the Speaker

Marc Brooks
Mr. Marc Brooks is a cyber security researcher at the MITRE
corporation, a non-profit organization chartered to work in the public
interest. He is the focal point for the Insider Threat capability
within the Cyber Security Division of the MITRE Corporation. He is
responsible for helping coordinate division support to various Insider
Threat activities, as well as being actively involved in research
activities on the topic.

Mr. Brooks has worked in the defense, intelligence, and law
enforcement communities for more than ten years. Mr. Brooks began his
career at MITRE developing internet based technologies for the Air
Force out of the MITRE Bedford, MA location. Since then, Mr. Brooks
has supported technology research and development within MITRE via its
internal research program, DISA, a DOJ sponsor, and other government
sponsors. Mr. Brooks also served as the chief engineer for the MITRE
Information Analysis and Engineering department, while supporting an
operational Insider Threat program. Mr. Brooks currently works on
research in detecting the advanced cyber threat and malicious
insiders.

Mr. Brooks has a bachelor's degree in computer science from Amherst
College, a master's in business administration from the University of
Maryland, and is currently earning a PhD in computer science at
George Mason University.


Ways to Watch

YouTube

Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!