Marc Dacier - IBM Global Security Laboratory
Students: Fall 2024, unless noted otherwise, sessions will be virtual on Zoom.
A Survey of intrusion detection research at the IBM Zurich Research Laboratory
Jan 22, 1999
Abstract
The Global Security Analysis Lab (GSAL) is the IBM Research center of competence in applied network security. It develops methodologies and tools for detection, prevention, analysis and repair of hacker attacks. It provides support for IBM Consulting practices and IBM Emergency Response Services (ERS). To achieve these goals, the GSAL in Zurich maintains a vulnerability database (VulDa) and carries out various projects in the intrusion detection domain. This talk concentrates on the latter.After a very short presentation of the Zurich lab itself, the notions of intrusion detection will be presented. Relations between intrusion detection and the more generic notion of 'dependability' will be highlighted, leading to the conclusion that intrusion detection could benefit from the work that has been done in the fault-tolerance domain. Indeed, intrusion detection can be seen as a technique to implement fault tolerance. From a pragmatic point of view, this idea has been implemented in various projects that will briefly be presented during the talk.
About the Speaker
Marc Dacier holds an M. Sc. in Computer Sciences from the University of Louvain, Belgium, where he has been working from 1989 until 1991 as a research assistant. In 1994, he obtained a Ph. D in computer security from the INPT in Toulouse, France. In 1995, he has worked as a security consultant at Firstel, Paris (France). He has joined the IBM Zurich Research Laboratory in 1996 where he now is the manager of the Global Security Analysis Lab (GSAL).