Toronto
Networking Seminar
Application Communities: A Collaborative Approach To Software
Security
Angelos Keromytis
Department of Computer Science
Columbia University
Date:
Friday, September 29, 3pm
Location: BA1170 (Bahen Center)
Abstract:
Software monocultures are usually considered dangerous because their
size and uniformity represent the potential for costly and widespread
damage. The emerging concept of collaborative security provides the
opportunity to re-examine the utility of software monoculture by
exploiting the homogeneity and scale that typically define large
software monocultures. Monoculture can be leveraged to improve an
application's overall security and reliability. We introduce and explore
the concept of Application Communities: collections of large numbers of
independent instances of the same application. Members of an application
community share the burden of monitoring for flaws and attacks, and
notify the rest of the community when such are detected. Appropriate
mitigation mechanisms are then deployed against the newly discovered fault.
In this talk, I will describe the concept of Application Communities,
some of their basic operational parameters, and our preliminary work in
demonstrating their feasibility.
Bio:
Angelos Keromytis is an Associate Professor with the Department of
Computer Science at Columbia University, and director of the Network
Security Laboratory. He received his B.Sc. in Computer Science from the
University of Crete, Greece, and his M.Sc. and Ph.D. from the Computer
and Information Science (CIS) Department, University of Pennsylvania. He
is the author and co-author of more than 100 papers on refereed
conferences and journals. He recently co-authored a book on using
graphics cards for security, and is a founder of Revive Systems Inc. His
current research interests revolve around systems and network security,
and cryptography.
His recent work has been on self-healing software. Previous research
interests include active networks, trust management systems, and systems
issues involving hardware cryptographic acceleration. For a full CV, see
http://www.cs.columbia.edu/~angelos/cv.html
|