|
|
|
Experiences with Internet and Intranet Mapping
Bill Cheswick
Lumeta Corp
Abstract:
The Internet Mapping Project started at Bell Labs in 1997 to collect long term
Internet topological data and visualize the results. In 1999, we focused on
the Serbian internet during the NATO bombing, and observed major connectivity
disruptions. In 2000, this technology was spun off to a startup company,
Lumeta.
Since then, Lumeta has enhanced this technology and scanned over fifty large
corporate intranets, and a number of critical government networks. We can now
report generalized characteristics of these large networks, showing variations
in network management techniques and control over large networks. We are now
working on tools to configure the honeyd anti-hacking tool to emulate these
large networks.
Biography:
Ches logged into his first computer in the fall on 1968, and was graduated from
Lehigh University in 1975. In 1987 he joined Bell Labs, where he worked on
early
firewall and IDS designs. With Steve Bellovin, he wrote Firewalls and Internet
Security: Repelling the Wily Hacker, a fairly popular book on the subject. The
second edition came out in March 2003 with the help of a third co-author, Avi
Rubin. Ches also worked on commercial munitions, application gateways, PC
viruses,
and a variety of other Internet diversions. He started the Internet Mapping
Project with Hal Burch in 1998. In 2000, he co-founded Lumeta, a spin-off from
Bell Labs to commercialize various intranet exploration techniques. In his
spare
time, Ches flies RC airplanes, computerizes his house, and has scanned in over
80 GB of images of old photos. He is partial to steak (medium rare), and mint
imperials.
|
|
Towards building a secure Internet.
Alan Boulanger
IBM Research
Abstract:
The Governments and businesses racing to use the Internet have chosen a
dangerous track.
The current Internet is an inherently insecure and unstable platform on which
to conduct
business critical operations. There are several bridging technologies that have
been
developed to mitigate the vulnerability of current security exposures, however
large
security gaps remain. These gaps can only be addressed though significant
changes in
the underlying architectures of the systems that comprise the Internet. This
need for
security is now a powerful force influencing current and future technical
innovation.
Many companies deploying new applications and systems are beginning to build
security
into the product in the design phase. Organizations are beginning to understand
that
security is important. The recent news reports of high profile security related
incidents,
such as the Melissa Virus and DDOS attacks, has brought the issue of computer
security
into public view. Once restricted to the domain of fantasy books and fiction,
hackers
and virus authors have become an increasingly visible threat to everyday users.
Why is
this possible? How can we as a community protect ourselves? This talk will
address the
current security related problems with the current implementation of the
Internet and
the technologies that are currently under development, along with future
technologies,
that are designed to make the Global Internet an safer place for users and
businesses alike.
Biography:
Alan Boulanger joined IBM in October 1995 as a research member of the TJ Watson
Global
Security Analysis Laboratory. His research interests include network security,
intrusion
detection systems, applied penetration testing tools and techniques, data
forensics,
telephony related security, and researching new system vulnerabilities. As a
result of
his research, Mr. Boulanger has numerous filed patent applications related to
computer
security issues. Since joining IBM, Mr Boulanger has provided technical
assistance to
numerous Federal Law Enforcement and Intelligence Agencies and Businesses
conducting
computer security related investigations. As a result of his efforts, Mr.
Boulanger has
recieved many awards and commendations from IBM and Government Agencies. Mr.
Boulanger
is an invited long standing member of the New York Electronic Crimes Task Force.
|
|
Network Security: More than an End-to-End Problem
Tom Tarman
Sandia National Labs
Abstract:
Network security is often regarded as an "end to end problem," meaning that if
the
endpoints perform appropriate cryptographic and key management, all network
security
problems are solved. However, network security involves more than encrypted
pipes and
end-to-end authentication - it requires protection of the network
infrastructure as
well. This talk describes the shortcomings of regarding network security purely
as
an end-to-end problem, presents mechanisms for protecting network
infrastructure,
and introduces future research challenges in securing network infrastructure.
Biography:
Tom Tarman is a distinguished member of the technical staff at Sandia National
Laboratories, in Albuquerque New Mexico, where he primarily performs network
security
research. Tom has been active in the field of ATM network security for the past
eight
years, having published several conference papers and journal articles on
topics such
as high-speed ATM encryption, algorithm-agile ATM encryption, and ATM security
protocols. In addition, Tom has been an active participant in the ATM Forum
Security
Working Group, where he has authored numerous contributions and has served as
editor
for the ATM Security Specifications Versions 1.0 and 1.1. Tom received the ATM
Forum's
Spotlight Award for his technical and "PR" contributions to ATM security, and
has
recently co-authored (with Edward Witzke) a book entitled "Implementing
Security for
ATM Networks," available from Artech House Publishers. Tom's current research
interests
include security for MPLS and all-optical networks, network modeling and
simulation,
and networked multimedia applications.
|
|
Simulation of Ultra Large Networks: Simulation, Emulation and Modeling
Erol Gelenbe
University of Central Florida
Abstract:
We will discuss some of our ideas for testing advanced network techniques in
"the large"
by combining simulation and emulation techniques which allow novel non-IP
protocols to be
experimented in a realistic setting combining the Internet with experimental
systems.
Some related experiments that we have conducted on Cognitive Packet Networks
will be
presented. If time permits, we will also discuss some new research directions
in the
theory of network QoS.
Biography:
Erol Gelenbe (FIEEE, FACM) has served as the Nello L. Teer Professor and Chair
of
Electrical Engineering at Duke University (1993-98) and as the University Chair
Professor
of EECS and Founding Director of the School of EECS at UCF (1998-2003). His
research
interests include self-adaptive and autonomic networks and systems, as well as
performance
modeling and simulation.
|
|
Secure Networked Systems and the Future
Sumit Ghosh
Stevens Institute of Technology
Abstract:
Networked Systems are here to stay, not for the next 50 or 100 years, but for
thousands
of years into the foreseeable future. They will be an integral part of us and
it is
critical that we design it correctly. The origin of many of the winding and
confusing
roads in New Jersey may be traced back to the colonial days when the world was
a very
different place and most people did not have a clue of what U.S. was going to
become.
Over the past 50 years and continuing well into the future, drivers along these
roads
will be confused, delayed, lost, and angry. The cumulative cost is unimaginably
high,
a very heavy burden for the design decisions of the past. Networked systems are
literally
the road systems of tomorrow and, it is imperative, that we make every effort
not to
impose the slightest burden on the future. This presentation will focus on the
fundamental
attributes of secure networked systems, the challenges that arise from these
attributes,
and new strategies to deal with them.
Biography:
Sumit is the Thomas E. Hattrick Professor of Information Systems Engineering at
Stevens
Institute of Technology. He is the author of "Principles of Secure Network
Systems Design"
(Springer-Verlag, April 2002), "Modeling and Asynchronous Distributed
Simulation"
(IEEE Press, June 2000), "Algorithms for Networked Information Technology
Systems"
(Springer-Verlag, Aug 2003), "Intelligent Transportation Systems: New
Principles and
Architectures" (CRC Press, Jan 2000), and "Hardware Description Languages:
Concepts and
Principles" (IEEE Press, September 1999). He is coeditor of "Guarding Your
Business: An
Architecture for Security" (Kluwer Publisher, August 2003). His research
interests include
network security, networking, hardware design languages, computational
intelligence,
engineering creativity, ethics, and engineering education.
|
|
Embedded Values: the importance of a multi-discipline approach to network
security.
Elliot Turrini
MDM
Abstract:
Our current and future reliance on digital networking technology has made
network security
an important social, legal, and economic issue. Businesses, governments, and
individuals
have raced to adopt digital networking technology -- with little concern for
the downside.
The upside of digital networking is clear: substantial improvements in
communication
capabilities. Unfortunately, however, the downside has been hidden, neglected,
or a
combination of the two. My presentation contends that a multi-discipline
approach involving
law, technology, psychology, economics, and risk management/insurance is
required to (a)
reveal the downside of digital networking technology and (b) improve the
probability that
digital networking technology will provide a net social gain. Moreover, I will
contend that
the scientists, engineers, and technologists working on digital network
technology must be
aware of the multi-discipline issues, so that they can incorporate that
knowledge into
their work. Digital networking technology, standing alone, may provide one of
the most
effective ways to reduce the downside of this technology. Doing so, however,
requires a
broad scope of knowledge, which can be applied through a multi-discipline
approach.
Biography:
ELLIOT TURRINI received a Bachelor's degree from Yale University in 1987 and
his Juris
Doctorate Summa Cum Laude from Seton Hall University School of Law in 1992,
where he was
an Articles Editor for the Law Review. He is the former law clerk to the
Honorable Morton
I. Greenberg, United States Court of Appeals for the Third Circuit, and to the
Honorable
Kenneth C. MacKenzie, Presiding Judge, Chancery Division, Morris and Sussex
Counties. He
was previously associated with the firm of Lowenstein Sandler in Roseland, New
Jersey,
before joining the United States Attorney's Office in Newark where he served
for seven
years. During his tenure as a federal prosecutor, he prosecuted some of the
Department
of Justice's most significant chemical diversion cases, as well as one of the
Department's
largest international money laundering investigations. Moreover, he conducted
complex
federal criminal trials. His major accomplishments at the United States
Attorney's Office
came in his capacity as a Computer and Telecommunication Coordinator, where he
prosecuted
computer criminals including David Smith for having disseminated the Melissa
Virus. As a
result of his expertise in computer crime and information security, Wadsworth
Publishing
asked him to edit an information security/computer crime book that is due to be
published
summer 2003. The book is a multi-discipline contributed reader that brings
together experts
in law, technology, psychology, economics, risk management, and insurance to
assist the
private and public sectors develop efficient, effective, and responsible
computer
crime/information security strategies. At MDM, as more fully described below,
Mr. Turrini's
practice will focus on two areas: (1) Information Security, Cyberlaw, and
Privacy, and (2)
Controlled Substances -- such as pseudoephedrine and ephedrine. He will also be
doing
corporate investigations, complex civil litigation, white collar criminal
defense, and
anti-money laundering compliance/counseling.
|
|
Large-Scale Network Simulation: How Big? How Fast?
Richard Fujimoto
Georgia Institute of Technology
Abstract:
Parallel and distributed network simulation tools are emerging that offer the
ability to
simulate networks containing millions of network nodes and hundreds of
thousands of
concurrent traffic flows in real- or near-real-time. This capability offers
enormous
opportunities for researchers to study scalability issues that could not be
previously
addressed. At the same time, it also creates challenges to the networking
research
community to create scenarios and configurations that are realistic relative to
current
and future Internet configurations. It creates challenges to tool builders to
create
verified and validated simulators that are easy to use and execute efficiently
on
parallel and distributed computers over a wide range of network configurations
and
scenarios. This presentation will describe an approach to realizing scalable
network
simulations that leverage existing sequential simulation models and software.
Specifically,
two parallel network simulators have been developed, one based on the widely
used ns2
simulator (termed pdns), and another based on a tool developed at Georgia Tech
called
GTNets. Packet-level simulations using pdns executing on 1024 processors at the
Pittsburgh
Supercomputer Center yielded performance as high as 80 Million simulated packet
transmissions per second of wallclock time for a network containing over 3.8
million
network nodes. This research represents joint work with Drs. Mostafa Ammar,
Kalyan
Perumalla, George Riley and several PhD students at Georgia Tech, and is funded
by NSF
(grants ANI-9977544 and ANI-0136939) and DARPA (contract N66001-00-1-8934).
Biography:
Dr. Richard Fujimoto is a professor in the College of Computing at the Georgia
Institute
of Technology. He received the Ph.D. and M.S. degrees from the University of
California
at Berkeley in 1980 and 1983 in Computer Science and Electrical Engineering,
and B.S.
degrees from the University of Illinois at Urbana in 1977 and 1978 in Computer
Science
and Computer Engineering, respectively. He has been an active researcher in the
parallel
and distributed simulation community since 1985, and has published numerous
technical
papers as well as a book on this subject. He has led the development of
parallel/distributed simulation software systems including the Georgia Tech
Time Warp
(GTW) simulation executive on which the TeD parallel network simulator is
based, and
the Federated Simulation Development Kit (FDK) used to create parallel versions
of ns2
and GTNets. He has given several tutorials on parallel and distributed
simulation at
leading conferences. He led the definition of the time management services for
the U.S.
Department of Defense High Level Architecture (HLA). Fujimoto is
Co-Editor-in-Chief of
SCS Transactions (as of July 1, 2003), and has been an area editor for ACM
Transactions
on Modeling and Computer Simulation since it was founded in 1990. He has served
on the
organizing and program committees of several major simulation conferences such
as the
Workshop on Parallel and Distributed Simulation (PADS) and the Simulation
Interoperability
Workshop (SIW).
|
|
Modeling and simulation of security in ULN: can we apply ideas of how brains
focus
attention on the most urgent inputs?
Bernard Zeigler
University of Arizona
Abstract:
Concepts in cognitive science have been developed on how the brain focuses its
perceptual
resources on the most active elements of its sensory inputs. Such mechanisms
have been
shown to explain how visual search, otherwise computationally intractable, is
rendered
feasible. Taking the analogy between the brain and a large scale network one
step further,
we have developed some distributed attention management mechanisms and studied
them via
modeling and simulation. The results suggest how detection of threats in ULNs
can be
implemented in a distributed, scalable manner.
Biography:
Bernard P. Zeigler is Professor of Electrical and Computer Engineering at the
University
of Arizona, Tucson and Director of the Arizona Center for Integrative Modeling
and
Simulation. He is internationally known for his 1976 foundational text Theory
of Modeling
and Simulation, recently revised for a second edition (Academic Press, 2000),
He has
published numerous books and research publications on the Discrete Event System
Specification (DEVS) formalism. In 1995, he was named Fellow of the IEEE in
recognition
of his contributions to the theory of discrete event simulation. In 2000 he
received the
McLeod Founder's Award by the Society for Computer Simulation, its highest
recognition,
for his contributions to discrete event simulation. In June 2002, he was
elected
President of the Society (recently, renamed The Society for Modeling and
Simulation,
International.) In 2003, his autobiographical retrospective and the evolution
of the
theory of modeling and simulation will appear in the International Journal of
General
Systems.
|
|
Changes Required to Secure the Distributed Intelligent Network of the Future
Bill Way
Bytex Corporation
Abstract:
The net.CARE system provides the critical information needed to control and
manage today's
complex & dynamic high-performance enterprise networks. I will present how this
system has
evolved from work done at NSA, DISA, and Sandia. The issues I would note are
the different
owners (stakeholders) of each network layer and intermediate transports. Thus
potentially
conflicting security goals. I will also address our use of models and
simulation (micro vs.
macro modeling). The fact that most simulations do not perform well in the
end-case
situations of the real networks. Those being congestion, buffer overflows,
interfaces that
are not clearly defined. The simulation tool costs are such that they are
generally used
only by vendors and are representative of only that vendors' products. Issues
faced in
providing security for the future optical networks such as GigBE. This is one
DOD version
of an Ultra Large Network.
Biography:
Bill Way has forty years of work experience in computers, supercomputers and
networking.
Served in the role of Business Development for several high tech companies and
enjoyed
dialog with almost every computer and networking company in the capacity of
buying ,
licensing or selling technology or potential M&A. During the last twenty years
I have
been involved in product planning. First for Network Systems with HyperChannel
and Hippi
- then internetworking. At Network we were early leaders in packet filtering
and provider
of the first NSA network. Network Systems acquired Bytex, Vitalink and BusTech
to fill
out their internetworking line. StorageTech acquired Network System to create
storage
networks (SANs). I played an active role in this process learning from many of
the
founders of internetworking. I acquired Bytex three years ago with the mission
of
developing broadband management and security tools. The system has evolved
starting
with Network Systems research for NSA and the development of the first ATM
Firewall
then adding the NSA research on mapping and monitoring and Sandia's effort in
SNIDE.
He holds a Masters Degree in Econometrics from University of Minnesota.
|
