Browsing by Subject "Network security"

Now showing 1 - 2 of 2
  • Thumbnail Image
    Item
    A data collection, storage, and analysis framework for network security.
    (2007-10) Eilertson, Eric
    As the number, severity and sophistication of computer network attacks increase network administrators have an increasingly difficult time identifying and cleaning up compromised computers. In this thesis some of the areas where existing tools and techniques are deficient are identified, and possible solutions are proposed and evaluated on synthetic as well as real networks. This thesis has four major contributions. The first is a lightweight semi-stateful network data capture module. The second contribution is a framework for storing and accessing raw packet information as well as meta information, such as network sessions. The third contribution is a set of analysis routines for identifying computer network attacks, and computers that have been successfully compromised. The fourth contribution is a framework for iteratively building and analyzing the communication patterns of networked computers. This allows security analysts and researchers to identify compromised computers, as well as perform forensic analysis to answer questions like What computer compromised this computer? When did the compromise occur? How did the compromise happen? What data was stolen or modified?
  • Thumbnail Image
    Item
    Oral history interview with Matt Bishop
    (Charles Babbage Institute, 2013-06-06) Bishop, Matt
    This interview with computer security pioneer Matt Bishop discusses his doctoral research (access controls and the Take-Grant Protection Model) working with Dorothy Denning at Purdue University and subsequent career as a computer scientist and computer security specialist at the Research Institute of Advanced Computer Science, on the faculty at Dartmouth University, and on the faculty at University of California-Davis. Bishop’s research is wide-ranging and the interview touches on his work on Unix security and vulnerabilities, network security, intrusion detection, electronic voting systems, and other areas. Bishop recounts the project he launched to provide public (Web) access to seminal early papers in computer security, an important effort to facilitate computer security history and learning from the past. And he relates the evolution of the UC-Davis Computer Security Lab and its influence on the research field and education in computer security. He also discusses his role as an educator and the authoring of his textbook Computer Security: Art and Science (2002). This material is based upon work supported by the National Science Foundation under Grant No. 1116862, “Building an Infrastructure for Computer Security History.”