FRIDAY seminar: Catching Hackers: Towards Holding Computer Attackers Responsible for their Actions Responsible for their Actions.

October 1, 2004

1:30 - 2:30 pm

Halligan 111

Speaker: Dr. Clay Shields, Georgetown University

Host: Carla Brodley

Abstract

On the Internet virtually anyone can commit sophisticated crimes. Attack tools created by expert attackers embed the knowledge of their creator in the tools themselves, and others only have to apply the correct tool to break into a system. Because there is a lack of appropriate technology for tracing the source of attacks, system crackers can and do strike repeatedly and with virtual impunity.

In this talk I will describe some mechanisms attackers use to hide their location in the network, focusing on attackers who forward connections through a series of compromised computers. I will then describe my research into techniques that can assist investigators in locating the source of an attack. Finally, I will hypothesize on some future methods that attackers might use to hide their location, and ongoing research in detection in those instances.

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Bio: Clay Shields was born in Washington, D.C, and spent much of his childhood living overseas as required by the career of his stepfather, who was a covert agent for the CIA. Clay earned an undergraduate degree in electrical engineering from the University of Virginia, and after a short time working on Capitol Hill, joined the U.S. Army. As an infantry officer with the 101st Airborne Division, he served overseas with the peace-keeping force in the Sinai Peninsula, later leaving the Army to return to graduate school. He received his graduate degrees from the University of California at Santa Cruz, and for his dissertation he studied computer networking, particularly multicast routing and network security issues. Clay taught at Purdue for two years, and is now an assistant professor in computer science at Georgetown University, where he studies issues in network security, particularly means of providing individual privacy, methods of locating the source of network attacks, and security in wireless networks.