Tu19: ENTERPRISE NETWORK SECURITY: MANAGING AND TRACING CYBERATTACKS
Duration: Half Day (Friday pm, Dec. 3)

Instructor:
Pradeep Ray, University of New South Wales, Australia
Nirwan Ansari, New Jersey Institute of Technology

Abstract:
Mission-critical business processes now depend on the secure functioning of networked applications. Millions of business dollars are being lost every time a new virus or worm (e.g., MyDoom) appears in the cyber-horizon, and recent high profile cyber attacks have caught much attention; they have also revealed the vulnerability of the existing information technology (IT) infrastructure. *A number of approaches to network security have been proposed, each attempting to mitigate a specific set of concerns. *Techniques, such anti-virus, firewalls, public key encryption, smart cards, Kerberos authentication and intrusion detection systems are already a part of the software environment of enterprise networks today. However, none of these systems provide a comprehensive security of enterprise networks that have exposure to risks of cyberattacks. Since these risks can not be eliminated, there is a strong need to manage them.

This tutorial takes a comprehensive look at issues related to network security management with a view to manage and trace cyberattacks. It is organized into two parts:
•  Managing Cyberattacks
•  Tracing Cyberattacks

The first part begins with a brief review of the evolving models and processes for the integrated management of   enterprise network security in the context of some international standards, such as ISO17799. This is followed by a discussion of some emerging technologies, such as those for profiling cyberattacks. Some of these concepts are illustrated in the context of managing intrusion detection systems.

It is important to trace the source of cyberattacks if they have to be managed effectively on a sustained basis. Many of the Distributed Denial of Service (DDoS) are anonymous attacks, which are difficult to trace and prevent. The second part of the tutorial discussed the specific technology of IP traceback to perform this function. The tutorial will conclude with a brief discussion of some new research projects that have the potential to revolutionise this area in near future.

Instructor Bios:
Pradeep Ray has been teaching Information Systems and Technology (IS/IT) networking courses at Masters and Bachelor's levels in Australian universities for last ten years. His research interests include networked network /systems/services management, network security, networked enterprise services and mobile computing. He has more than sixty international refereed publications (including two books published as part of the international series of Network and Systems Management published by Kluwer Academic/Plenum Publishers) in these areas. Pradeep has had more than ten years' technical and managerial experience in the international information technology and telecommunications industry. He has been teaching courses related to networking in both regular graduate programs and in executive programs in Australia, Europe and Americas. He delivers tutorials at top international telecommunication conferences, such as SUPERCOMM and NOMS. Pradeep is a member of the editorial board of the International Journal of Network and Systems Management. He is the Chair of the IEEE Technical Committee on Enterprise Networking (EntNet) that sponsors events, such as EntNet@SUPERCOMM , Healthcom and Financecom. He is a Co-Chair of the IEEE Globecom2004 Symposium on Network Management and Security. He has organised a number of international conferences in this field. More details can be found at Pradeep's home page http://www.sistm.unsw.EDU.AU/people/pradeep/

Nirwan Ansari received the B.S.E.E. (summa cum laude), M.S.E.E., and Ph.D. from NJIT, University of Michigan, and Purdue University in 1982, 1983, and 1988, respectively. He joined the Department of Electrical and Computer Engineering, NJIT, as an assistant professor in 1988, and has been promoted to a full professor since 1997. His current research focuses on various aspects of multimedia communications and high speed networks. He is a technical editor of the IEEE Communications Magazine, the Journal of Computing and Information Technology, and the ETRI Journal. He authored with E.S.H. Hou Computational Intelligence for Optimization (1997, and translated into Chinese in 2000), and edited with B. Yuhas Neural Networks in Telecommunications (1994), both published by Kluwer Academic Publishers. He has frequently been invited to give talks and tutorials. He was a distinguished speaker at the 2004 Sendai International Workshop on Internet Security and Management, and a keynote speaker at the IEEE/ACM co-sponsored International Conference on E-Business and Telecommunication Networks (ICETE2004). He has also contributed over 200 publications in journals, edited books, and conferences. He initiated (as the General Chair) the First IEEE International Conference on Information Technology: Research and Education (ITRE2003), was instrumental, while serving as its Chapter Chair, in rejuvenating the North Jersey Chapter of the IEEE Communications Society which received the 1996 Chapter of the Year Award and a 2003 Chapter Achievement Award, served as the Chair of the IEEE North Jersey Section and in the IEEE Region 1 Board of Governors during 2001-2002, and currently serves in various IEEE committees. He was the 1998 recipient of the NJIT Excellence Teaching Award in Graduate Instruction, and a 1999 IEEE Region 1 Award.