Skip to main content



Find us on

facebook youtube flickr twitter itunes u logo

Upcoming Events

 ISTS logo

Securing the e-Campus 2017 - Exact time and dates TBD

Recent Talks

Dan Wallach

STAR-Vote: A Secure, Transparent, Auditable and Reliable Voting System

Professor Dan Wallach
Rice University
Thursday April 27, 2017
Carson L01, 5:00 PM

Ben Miller Dragos

Pandora's Power Grid - What Can State Attacks Do and What Would be the Impact?

Ben Miller
Chief Threat Officer, Dragos, Inc.
Tuesday May 2, 2017
Kemeny 007, 4:30 PM
Brendan Nyhan




Factual Echo Chambers? Fact-checking and Fake News in Election 2016.

Professor Brendan Nyhan
Dartmouth College
Thursday May 4, 2017
Rocky 001, 5:00 PM

Dickie George


Espionage and Intelligence

Professor Dickie George
Johns Hopkins University
Thursday May 11, 2017
Rocky 001, 5:00 PM

Dan Wallach

A Nation Under Attack: Advanced Cyber-Attacks in Ukraine

Ukrainian Cybersecurity Researchers
Thursday April 6, 2017
Oopik Auditorium 5:30 PM

RIOTS logo 

Professor Sean Smith, Director of the ISTS and Bill Nisen, Associate Director, spoke at the

School House residential cluster on the Internet of Risky Things  - February 21, 2017, 5:30 PM

Craig Smith




You Don't Own Your Car
Craig Smith
Tuesday May 10, 2016 
Carson L02 @4:15

David Safford


Hardware Based Security for GE's Industrial Control Systems
David Safford
GE Global Research
Tuesday May 17, 2016
Carson L02 @4:15



"It's Fine," They Said. "Just Ship It," They Said.
Dan Tentler
The Phobos Group
Tuesday April 12, 2016 
Carson L02 @4:15

Harold Thimbleby




The Best Way to Improve Healthcare is to Improve Computers
Harold Thimbleby
Swansea University
April 23, 2015

Craig Shue




Managing User-Level Compromises in Enterprise Network
Craig Shue
Worcester Polytechnic Institute
March 31, 2015



Oct news 2015


ISTS Information Pamphlet



Institute for Security, Technology, and Society
Dartmouth College
6211 Sudikoff Laboratory
Hanover, NH 03755 USA

Shadow Intrusion and Network Analysis

Project Summary

Forensic-grade analysis of network traffic has traditionally been limited by the logging capabilities of firewalls, routers and intrusion detection systems (IDS). In common implementations, these devices compare certain characteristics of network traffic against a list of known signatures of malicious actions. Unfortunately, only known attacks will be detected, since there can be no signature for a previously unknown attack. Shadow, an intrusion-detection system from the Naval Surface Warfare Center, shows promise in detecting previously unknown attacks. IRIA is undertaking an overhaul of the current Shadow system to improve its efficiency, detection capabilities, and installation procedures.

IDABench has met its goals of extending the SHADOW Intrusion Detection System into a pluggable framework for analysis. Featuring simplified installation & configuration, clear documentation and a simple, yet comprehensive API for plugin development, IDABench has been downloaded by hundreds of organizations including:

  • CIA-Open Source Information Service
  • United States Postal Service
  • National Institutes of Health
  • US Navy Surface & Underwater Warfare Centers
  • US Army Research Labs
  • National Public Radio

IDABench has been chosen by the ISTS as one of the key analysis tools for the Distributed Honeypot System project. Under this project, IDABench version 2.0 development will continue, in order to support not only packet data represented as database records, but also many other data types to be correlated against network events.

  • Project Leads: George Cybenko, Robert Gray, Susan McGrath