Speaker: Gabriela Ciocarlie, SRI International
In this talk, I will focus on the security, reliability and accountability of large infrastructure systems, combining security by design and data analysis for behavior modeling. Specialized environments, such as Industrial Control Systems (ICS) and radio networks for mobile broadband, can not use most commercial solutions, as these rely only on pre-defined signatures, do not handle zero-day attacks, and fail to recognize degradation and outages. For ICS, I will present a content-based analysis that characterizes normal command and data sequences applied at the network level, and introduce mechanisms for achieving a low false positive rate. For mobile broadband networks, anomaly detection can identify partial and complete degradations in cell-service performance, modeling cell and network behavior based on key performance indicators. Finally, for cloud computing environments, I will introduce the concept of Accountable Clouds, an approach that collects the provenance of data and commits it to long term storage for subsequent auditing, aiming to make cloud computation accountable without sacrificing data owners’ privacy.
Bio: Gabriela Ciocarlie is a Senior Computer Scientist at SRI International working on infrastructure security. Her expertise is in anomaly detection and distributed alert correlation, network and application level security and distributed system security, with focus on critical infrastructure. Gabriela earned her B.S. in Computer Engineering from the Polytechnic University of Bucharest, and then completed her Ph.D. in Computer Science at Columbia University in New York, where she was a member of the Intrusion Detection Systems Group. Prior to joining SRI International, Gabriela was a Senior Security Research Engineer at Real-Time Innovations, working on new security models for distributed systems, combining large-scale deployment with real-time and quality-of-service requirements, customizing them for specific contexts such as SCADA systems. As a member of the research community, Gabriela has served on the Program or Organizing Committees of conferences such as IEEE S&P, RAID and ACSAC, including service as Program Chair and Deputy Co-Chair of the ACSAC Layered Assurance Workshop, and as a panelist at conferences and events for both academia and industry.
For more information, please contact Prof. Justin Cappos.