Coming to Grips with Live Attackers

As the Internet assumes an evermore important role in our lives, it becomes
increasingly vital to secure it from those seeking to exploit it through
misuse. The nature of the network's technology and end systems, however,
makes this a formidable challenge. Not only must we secure myriad forms of
mechanisms and services, but we must do so (1) faced with adversaries who
continually improve their tactics, (2) armed only with technology we can
"bolt on" to an architecture not designed with defense in mind, (3) in the
presence of ambiguities, some fundamental, regarding semantics and intent,
(4) as the reach of the network and breadth of its applications continues
to race forward. This talk draws upon experiences from conducting network
security research in a number of operational settings: detecting attackers,
blocking their activity, and measuring their efficacy. Along with looking
at some specific research problems, I will frame both a range of real-world
constraints that shape such investigations, and the extensive evolution of
the landscape over the past decade.
Vern Paxson is an Associate Professor in EECS at the University of California,
Berkeley, and a Senior Scientist at the International Computer Science
Institute, also in Berkeley. He codirects the NSF-sponsored Center for
Internet Epidemiology and Defenses, and pursues a variety of research
efforts in detecting and blocking network-borne attacks. He is an ACM
Fellow and recipient of the 2008 ACM Grace Murray Hopper Award for his
work on Internet measurement.