DISTINGUISHED LECTURE SERIES: The Dynamics and Control of Internet Attacks

Abstract

The design of the internet did not anticipate malicious behavior. The lack of security in its architecture has rendered this vital system vulnerable to misuse by so-called `malware:' viruses, spam, spoofing, etc. A variety of strategies have been developed to defend against these different attacks, but attackers find ways to work around them within hours or days of their deployment. Viewing the internet as a complex, distributed, nonlinear adaptive system is an effective way to understand the dynamics of malware and develop viable defenses against it. In this talk, I'll discuss how to build stochastic models of the behavior of a resource like a webserver or router that is the target of a "denial of service" attack. I will then show how one can use such a model as the core of a nonlinear adaptive model-reference controller that allows that resource to survive an attack gracefully, and with mathematically guaranteed performance. In lab bench tests, this controller allowed a server that was under attack on one port to successfully service 100% of the requests on its other ports. (Without the controller, 97% of those requests were dropped.) This strategy is the topic of a US patent, and is currently deployed in commercial webserver hardware.

This is joint work with Dr. James Garnett of Secure64.

Bio:

Elizabeth Bradley did her undergraduate and graduate work at MIT, interrupted by a one-year leave of absence to row in the 1988 Olympic Games, and has been with the Department of Computer Science at the University of Colorado at Boulder since January of 1993. Her research interests include nonlinear dynamics, artificial intelligence, and control theory. She is the recipient of a NSF National Young Investigator award, a Packard Fellowship, a Radcliffe Fellowship, and the 1999 student-voted University of Colorado College of Engineering teaching award.