Richard Bejtlich (M1, T1) is founder of TaoSecurity, a company
that helps clients detect, contain, and remediate intrusions using network
security monitoring (NSM) principles. He was previously a principal
consultant at Foundstone, performing incident response, emergency NSM, and
security research and training. He has created NSM operations for ManTech
International Corporation and Ball Aerospace & Technologies Corporation. From
1998 to 2001, Richard defended global American information assets
in the Air Force Computer Emergency Response Team (AFCERT), performing and
supervising the real-time intrusion detection mission.
Formally trained as an intelligence officer, he holds degrees from Harvard
University and the United States Air Force Academy. Richard wrote The Tao of Network
Security Monitoring: Beyond Intrusion Detection and the forthcoming
Extrusion Detection: Security Monitoring for Internal Intrusions and Real
Digital Forensics. He also wrote original material for Hacking
Exposed, 4th Edition, Incident Response, 2nd Edition, and Sys Admin magazine. Richard holds the CISSP, CIFI, and CCNA certifications. His popular
Web log resides at https://taosecurity.blogspot.com.
Steven M. Bellovin (M4) is a professor of computer science at Columbia
University, where he does research on networks, security, and
especially why the two don't get along. He joined the faculty in
2005 after many years at Bell Labs and AT&T Labs Research, where
he was an AT&T Fellow. He received a BA degree from Columbia
University, and an MS and PhD in Computer Science from the University
of North Carolina at Chapel Hill. While a graduate student, he
helped create Netnews; for this, he and the other perpetrators were
award the 1995 USENIX Lifetime Achievement Award. He is a member of
the National Academy of Engineering and the Department of Homeland
Security's Science and Technology Advisory Board.
Bellovin is the co-author of Firewalls and Internet Security:
Repelling the Wily Hacker, and holds several patents on cryptographic
and network protocols. He has served on many National Research
Council study committees, including those on information systems
trustworthiness, the privacy implications of authentication
technologies, and cybersecurity research needs; he was also a member
of the information technology subcommittee of an NRC study group
on science versus terrorism. He was a member of the Internet
Architecture Board from 19962002; he was co-director of the Security
Area of the IETF from 2002 through 2004.
Sven Dietrich (M2) is a senior member of the technical staff at CERT Research at
Carnegie Mellon University and also holds an appointment at the Carnegie
Mellon University CyLab, a university-wide cybersecurity research and
education initiative. Previously he was
a senior security architect at the NASA Goddard Space Flight Center, where
he observed and analyzed the first distributed denial-of-service attacks
aainst the University of Minnesota in 1999. He taught Mathematics and
Computer Science as adjunct faculty at Adelphi University, his alma mater,
from 1991 to 1997.
His research interests include survivability, computer and network
security, anonymity, cryptoraphic protocols, and cryptography. His
previous work has included a formal analysis of the secure sockets layer
protocol (SSL), intrusion detection, analysis of distributed
denial-of-service tools, and the security of IP communications in space.
His publications include the recent book Internet Denial of Service:
Attack and Defense Mechanisms (Prentice Hall, 2004), as well as
the articles "Analyzing Distributed Denial of Service Tools: The Shaft
Case" (2000) and "The 'mstream' Distributed Denial of Service Tool"
(2000), and others on Active Network Defense, DDoS tool analysis, and
survivability.
David Dittrich (M2) is a Senior Security Enineer and Researcher for the UW
Center for Information Assurance and Cybersecurity and the Information
School at the University of Washington, where he has worked since 1990. Dave is also a member of the
Honeynet Project and Seattle's "Agora" security group.
He is most widely known for his research into Distributed Denial of
Service (DDoS) attack tools and host & network forensics. He has
presented talks and courses at dozens of computer security
conferences, workshops, and government/private organizations
worldwide. He has been a prolific self-publisher of white papers, FAQs,
and malware tool analyses, all intended to make his (and everyone
else's) life easier in dealing with computer intrusions. Dave has
contributed to the books Know Your Enemy, by the Honeynet Project
(Addison-Wesley, 2001), The Hacker's Challenge, edited by Mike
Schiffman (McGraw Hill, 2001), and two articles in the Handbook of
Information Security, edited by Hossein Bidoli (John Wiley & Sons,
2005), and was another co-author of Internet Denial of Service:
Attack and Defense Mechanisms (Prentice Hall, 2004). Dave was recently
named one of Information Security Magazine's "Security Seven"
(representing the education sector) in 2006. His home page can be found here.
Kevin Fu (T3) is an assistant professor in Computer Science at
UMass Amherst where he
develops privacy-preserving RFID tickets for
public transportation. He has a PhD from MIT.
Dan Geer (M3)Milestones: The X Window System and Kerberos (1988), the first information security consulting firm on Wall Street (1992), convenor
of the first academic conference on electronic commerce (1995), the
"Risk Management Is Where the Money Is" speech that changed the
focus of security (1998), the presidency of the USENIX Association
(2000), the first call for the eclipse of authentication by
accountability (2002), principal author of and spokesman for
Cyberinsecurity: The Cost of Monopoly (2003), and co-founder of
SecurityMetrics.Org (2004).
Ari Juels (T3) is presently the research manager and principal research
scientist at RSA Laboratories, where he has worked for nearly a
decade. He has a PhD from UC Berkeley.
Vern Paxson (T2) is a
principle investigator of the 5-year,
NSF-sponsored Collaborative Center for Internet Epidemiology and
Defenses. He is also a senior scientist at the International
Computer Science Institute (ICSI) and a staff scientist at the
Lawrence Berkeley National Laboratory. His main active research
projects are network intrusion detection in the context of Bro, a
high-performance network intrusion detection system he developed;
large-scale network measurement and analysis; and Internet-scale
attacks.
Paul Robertson (T4) has over 22 years of experience. Currently he is an
independent consultant providing IT, security, computer forensics,
training, telecom, and RFID services. He moderates the Firewall-Wizards
mailing list and is the editor of the Network Firewalls FAQ.
Mr. Robertson was Director of Risk Assessment for TruSecure (now
CyberTrust,) where he founded their computer forensics, and ISAC
programs, and assisted ICSA Labs in its IDS and firewall testing
programs. Prior to TruSecure, he worked at Gannett Company, putting
USAToday.com on the Internet, providing corporate-wide Internet and
information security expertise, investment analysis, and network design.
Mr. Robertson spent a number of years as a mainframe assembly language
programmer for an ISV writing DBMS software. Mr. Robertson started his
career in the U.S. Army, including a tenure at The White House during the
Reagan administration providing computer and telecommunications support to
the President of the United States, Vice President, National Security
Advisor, National Security Council, and others as directed.
Stefan Savage (T2) is a
principle investigator of the 5-year,
NSF-sponsored Collaborative Center for Internet Epidemiology and Defenses. He also serves on the
faculty of the Computer Science and Engineering Department at the
University of California, San Diego. He has published extensively
on the characterization of and defense against large-scale
denial-of-service and worm attacks on the Internet.
Abe Singer (T4) is a Computer Security Researcher in the Security Technologies
Group at the San Diego Supercomputer Center. In his operational security
responsibilities, he participates in incident response and forensics
and in improving the SDSC logging infrastructure. His research is in
pattern analysis of syslog data for data mining. He is co-author of
of the SAGE booklet Building a Logging Infrastructure and author of a forthcoming O'Reilly book on log analysis.
Adam Stubblefield (T3) is a research professor at the JHU Information
Security Institute and a partner at Independent Security Evaluators.
Adam specializes in evaluating the security of devices ranging from
RFID payment systems to electronic voting and wireless security. He has a PhD from Johns Hopkins University.
Geoff Voelker (T2) is a
principle investigator of the 5-year, Collaborative Center for Internet Epidemiology and Defenses. He also serves on the
faculty of the Computer Science and Engineering Department at the
University of California, San Diego. He has published extensively
on the characterization of and defense against large-scale
denial-of-service and worm attacks on the Internet. Prof. Voelker
likes to surf.
Nicholas Weaver (T2) is a
principle investigator of the 5-year,
NSF-sponsored Collaborative Center for Internet Epidemiology and
Defenses. He is also a researcher at ICSI,
specializing in automated detection and response systems, with a
particular interest in hardware-friendly algorithms and
implementations.
|