Reversing the Curse of Dimensionality for Security Analysis
Speaker: Mark Crovella, Boston University
Time and Place: Friday, December 5, at 11am in 10.099, 2 MTC
In this talk I will present a general approach to detecting unusual behavior — including malicious or fraudulent behavior — in computer systems driven by human activity. This approach is based on the idea that normal human behavior can often be captured in a low-dimensional linear model. In that case, the fact that measurement data appears to lie in a high dimensional space can be an advantage rather than a problem. I will describe the application of this principle to two different settings: the detection of malicious behavior in network traffic, and the detection of fraudulent activity in Facebook.
Mark Crovella is Professor and Chair of the Department of Computer Science at Boston University, where he has been since 1994. He also currently serves as Chief Scientist of Guavus, Inc, a 500-person startup focusing on analytics for streaming data. Prof. Crovella's research interests center on improving the understanding, design, and performance of parallel and networked computer systems, mainly through the application of data mining, statistics, and performance evaluation. He has made contributions to the measurement and modeling of Internet traffic and infrastructure, and to anomaly detection in networks. He has also made contributions to the design of Web servers, network protocols, and network routing. Most recently, he has contributed methods and results in the analysis of social and biological networks. Professor Crovella has served as an editor for the major journals in his field, has chaired a number of conferences, and from 2007 to 2009 served as Chair of ACM SIGCOMM. Professor Crovella is co-author of "Internet Measurement: Infrastructure, Traffic, and Applications" (Wiley Press, 2006), holds nine patents, and is the author of over two hundred papers on networking and computer systems, which have been cited over 20,000 times. Prof. Crovella is a Fellow of the ACM and of the IEEE.