Institute for Security Technology Studies (ISTS)
      
SEARCH: 
  Advanced Search  
Dartmouth CollegeInstitute for Security Technology Studies
Cyber Security and Trust Research & Development
Contents
ISTS Home
About
Projects
Past Projects
Library
People
People Database
Events
Newsroom
Academic Programs
Jobs & Internships
Sponsors
Links of Interest
Dartmouth College
Contact Us
Mailing List
Past Speakers - Documentation & Media
<< Back to ISTS Events
Dr. Greg Shannon
"Robust and Predictable Network Anomaly Detectors"

Abstract: In spite of our best efforts to protect the national infrastructure against cyber threats, our adversaries continue to enjoy asymmetric advantages against our defenses. After we summarize how our adversaries use the properties of complexity and scale to their advantage, we discuss how we can leverage those same properties to defended mission-critical networks with robust and predictable network anomaly detectors. In particular, we describe CounterStorm's UPAD (unsupervised parametric anomaly detection) and SPA (statistical payload analysis) sensors, and demonstrate how these robust and predictable sensors detect targeted attacks such as botnets, worms and data exfiltration. We believe that such statistical anomaly detection sensors will continue to evolve as increasingly valuable tools for defending critical networks against malicious adversaries.

Bio: Dr. Greg Shannon, as Chief Scientist, is the principle investigator for CounterStorm's two SBIR Phase II awards from DHS. He joined CounterStorm in 2003 after leading R&D teams at Lucent, Indiana University and other startups. He received his PhD from Purdue University and his B.S. from Iowa State University. His specialties are the design and analysis of algorithms, data mining and analysis, and network security.

Presentation Slides [PDF]
Copyright © 2003-2008 Trustees of Dartmouth CollegeProcess Query Systems, LLC.