We're a free community of over 18,000 Texas technology professionals here to network and promote our local tech scene.
If you're working in semiconductors, hardware, software, or IT in Texas, join us!
IEEE: Talk on "On the Fly Intrusion Detection Methods"
Submitted by sureka on Sat, 02/06/2010 - 3:16pm.
Share this on Facebook!
02/18/2010 - 6:00pm
02/18/2010 - 7:30pm
The IEEE Central Texas Section's ComSoc / Signal Processing Chapter invites you to participate on a talk on Intrusion detection methods for on the fly applications.
Abstract:
This presentation discusses the searching of encoded data streams for known cleartext using regular expressions in a streaming, low-latency context. In many cases, devices may wish to monitor streams of data for interesting patterns, but such analysis engines may be limited in the complexity of operations supported for such analysis or by strict latency or memory constraints. A practical example of this is a common one: a network intrusion detection system may wish to analyze email messages without having to store and forward each message. Many email systems encode binary data using the Base64 transform, a bitwise encoding scheme. For performance reasons, it is sometimes desirable to not first decode the message before analyzing its contents. This paper presents a tool, b64re, that analyzes a regular expression and transforms it such that it will now match its input when said input has been encoded using Base64. While searching for static cleartext in encoded static data is a common operation, extending this operation to regular expressions in a streaming context is considerably more interesting.
Speaker Profile:
Rob is a principal researcher with TippingPoint's DVLabs organization, where he specializes in Unix and network security, encryption, encoding, and various esoterica.
Rob has over ten years' experience in the security field and has presented at numerous conferences and authored several papers on topics ranging from computational linguistics to statistical analysis to good Snort deployment strategies. He has been invited in a private capacity to lecture and instruct at a variety of governmental and private organizations.
Outside of work, he holds an unhealthy fascination for ancient and obscure computer science history, complex board games, and other suitably geeky pursuits. He currently lives in Austin with his wife Betsy and several quadrupeds of various species.
