A Brief History of Symbiote Defense

Seminar / Lecture
For NYU Community

Speaker: Salvatore Stolfo, Columbia University


Market watchers estimate the IoT Security marketplace is now valued at over $6 Billion and expected to reach $22 Billion by 2020. Just 5 years ago, embedded device security was barely on the map. Our early work in the IDS Lab at Columbia demonstrated the seriousness of the embedded device insecurity problem, and the relatively easy exploitation of devices such as printers, IP phones and routers. Recent advances in offensive technologies targeting a wide range of IoT devices have shown that the exploitation of these lucrative but poorly designed devices is not terribly difficult, including medical products, SCADA devices, automobiles and refrigerators. The goal of our early work was to defend embedded devices with an entirely new defensive capability we call the Software Symbiote, a host-based defensive technology that automatically injects intrusion detection functionality within the firmware of any device. In this talk we will provide a brief history of our work on the Symbiote technology, and the transition from academic research to practical and wide-spread use in common commodity products.


Salvatore Stolfo is a Professor of Computer Science at Columbia University. He is regarded as creating the area of machine learning applied to computer security in the mid-1990’s and has created several anomaly detection algorithms and systems addressing some of the hardest problems in securing computer systems. Of particular note is his recent interest in the practical application of deception security in scale. Stolfo is also co-inventor of the Symbiote technology that automatically injects intrusion detection functionality into arbitrary embedded devices. Stolfo has had numerous best papers and awards, most recently the RAID Most Influential Paper and Usenix Security Distinguished Paper awards. He has published well over 230 papers and has been granted over 60 patents and has been an advisor and consultant to government agencies, including DARPA, the National Academies and others, for well over 2 decades. Two security companies were recently spun out of his IDS lab, Allure Security Technology and Red Balloon Security.