[Eecs-news-links] Fwd: UO CIS Faculty Candidate Colloquium, TUESDAY April 26, 2016 @ 3:30pm in 220 Deschutes Hall

Batten, Tina tina.batten at oregonstate.edu
Fri Apr 22 09:47:12 PDT 2016

Begin forwarded message:

From: Adriane Bolliger <adriane at cs.uoregon.edu<mailto:adriane at cs.uoregon.edu>>
Date: April 22, 2016 at 8:29:52 AM PDT
To: "colloquia at cs.uoregon.edu<mailto:colloquia at cs.uoregon.edu>" <colloquia at cs.uoregon.edu<mailto:colloquia at cs.uoregon.edu>>, <dept at cs.uoregon.edu<mailto:dept at cs.uoregon.edu>>
Cc: <grads-mail at cs.uoregon.edu<mailto:grads-mail at cs.uoregon.edu>>
Subject: UO CIS Faculty Candidate Colloquium, TUESDAY April 26, 2016 @ 3:30pm in 220 Deschutes Hall

Lorenzo De Carli
University of Wisconsin-Madison

Effective network security in the golden age of online threats


Intrusion prevention systems (IPSs), which analyze network traffic to detect signs of malicious activity, are a long-standing cornerstone of network security. Nowadays, the combination of advanced, targeted online threats and increasing bandwidth usage is making existing tools increasingly ineffective. In order to cope with the large amounts of data moved by network links, current IPSs limit themselves to simple threat detection strategies which match each network flow against a set of attack signatures. This approach is fragile and limited in expressiveness: signatures can be often evaded by small tweaks in the attack strategy, and fail to capture various classes of attacks altogether.

In my talk I will describe the design of a flexible IPS platform which supports complex threat detection strategies, while satisfying the performance requirement through parallelization. In particular, my work proposes a domain-specific concurrency model, in which a work scheduler partitions network traffic into subsets that can be analyzed independently for threat detection purposes. This scheduler drives a multi-threaded IPS in which concurrent threads always process independent slices of network traffic, making synchronization and inter-thread communication unnecessary. The system uses a novel program analysis technique to automatically generate a suitable work scheduler given any user-defined threat detection algorithm. This makes parallelization general and fully transparent to the operator.

In the second part of my talk I will provide an overview of another relevant contribution of my Ph.D. work: a programmable dataflow-based hardware accelerator for inspection and forwarding of network traffic.


Lorenzo De Carli is a Ph.D. candidate in Computer Science at the University of Wisconsin-Madison, advised by Somesh Jha. His research interests focus on networking and security, including intrusion prevention and packet processing. His contributions include parallelization strategies for intrusion prevention, hardware accelerator for packet inspection and forwarding, and analysis of malware communications. He has also worked on optimized signature matching and instruction scheduling for novel processor architectures. Lorenzo received a B.Sc. (2004) and a M.Sc. (2007) in Computer Engineering from Politecnico di Torino, Italy, and a M.Sc. in Computer Science (2010) from the University of Wisconsin-Madison.

DATE:    Tuesday, April 26, 2016
TIME:    3:30 p.m. talk, refreshments following talk
PLACE:    220 Deschutes Hall (Colloquium Room), University of Oregon

For all CIS public talks, go to:

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://engr.oregonstate.edu/mailman/archives/public/eecs-news-links/attachments/20160422/cb4e425d/attachment.html>

More information about the Eecs-news-links mailing list