Network, subnet, and host analysis through visualization - Dr. John McHugh

On tuesday the 8th of July The School of Computer Science and LDSS (Laboratory for Dependable and Secure Systems) invites you to a lecture by Dr. John McHugh entitled "Network, subnet, and host analysis through visualization".

The lecture will be held in Room K-5 in Kringlan 1. Refreshments will be served from 15.30 but the lecture itself will start at 16.00 . The lecture is open for everyone.

TITLE:  Network, subnet, and host analysis through visualization

ABSTRACT:

Routine acquisition and aggregation of network data offers an opportunity to understand some of the forces that drive the internet. It also offers an opportunity to detect and understand a variety of phenomena that are related to overtly questionable or malicious activities on the part of network users and abusers. Carried out on a smaller scale, if offers an opportunity to perform passive monitoring on the activities on your own network, including the detection of spyware and other forms of compromise. By monitoring the unoccupied portions of an organization's address space, scanning and other activities that are often precursors to attacks can be identified. In this talk, I will summarize a variety of large and small scale observations that have resulted from such monitoring activities.  We are currently investigating a variety of techniques for visualizing large scale network data, looking for techniques that can be used to provide insight into the observed activities, whether they are benign or malicious.

SPEAKER:

John McHugh is a professor and Canada Research Chair in Privacy and Security at Dalhousie University in Halifax, NS where he also directs the Privacy and Security Laboratory. Before joining the faculty at Dalhousie, he was a senior member of the technical staff at the CERT Coordination Center, part of the Software Engineering Institute at Carnegie Mellon University where he did research in survivability, network security, and intrusion detection. He was also affiliated with CyLab and the Center for Wireless and Broadband Research, both part of the Department of Electrical and Computer Engineering at CMU.

Prior to joining CERT, Dr. McHugh was a professor and chairman of the Computer Science Department at Portland State University in Portland, Oregon where he held a Tektronix Professorship.  He has been a member of the research faculty at the University of North Carolina and has taught at UNC and at Duke University.  For a number of years, Dr. McHugh was a Vice President of Computational Logic, Inc., a contract research company formed to further the application of formal methods of software design and analysis in support of security and safety critical systems.  While at CLI, he developed tools for the analysis of covert channels in multilevel secure systems and worked on the problems associated with the efficient implementation of formally specified systems.  He has also worked for the Research Triangle Institute, the Naval Research Laboratory, the National Oceanic and Atmospheric Administration, the University of Minnesota, and the U.S. Patent Office.

Dr. McHugh received his PhD degree in computer science from the University of Texas at Austin.  He has a MS degree in computer science from the University of Maryland, and a BS degree in physics from Duke University.  He is the author of numerous technical papers and reports.  He has served as the chair of the IEEE Computer Society's Technical Committee on Security and Privacy and is a member of the advisory board for the International Journal of Information Security. He serves on the program or advisory committees of many of the major conferences and workshops in the computer security field.