Content Correlation for Collaborative Intrusion Detection

Shanika Karunasekera

Department of Computer Science and Software Engineering, University of Melbourne

Date and time: 11.30am - 12.30pm, Friday 8th August, 2008

Venue: 10.08.03 (Building 10, Level 8, Room 3)

Abstract:

Distributed coordinated attacks, such as stealthy scans, worms, distributed denial-of-service (DDoS), and Internet infrastructure attacks impose a major threat to the reliability of Internet services. Traditional intrusion detection systems (IDSs) that focus on monitoring a single host or a sub-network are limited in their ability to detect coordinated attacks, since they do not correlate evidence from multiple sub-networks.  In this talk we present content correlation algorithms and architectures for detecting different types of coordinated attacks.

About the speaker:

Shanika Karunasekera has been a Senior Lecturer at the Department of Computer Science and Software Engineering, University of Melbourne since 2003.  From 1995 to 2002, she was a Software Engineer and a Distinguished Member of Technical Staff at Lucent Technologies, Bell Labs Innovations, USA.  Shanika received the B.Sc in Electronics and Telecommunications Engineering from the University of Moratuwa, Sri Lanka, in 1990 and the Ph.D. degree in electrical engineering from the University of Cambridge, UK, in 1995. Her current research interests are distributed computing and software engineering.

Seminar Organisation

Seminars are free and open to the general public. No booking is necessary. If you are interested in giving a presentation in this seminar series, or to make suggestions for speakers, please contact Xiaodong Li, the seminar co-ordinator.