Title: Unity is strength and so is collaborative security
Abstract:
Cyberattacks have grown in number, sophistication, and stealthiness over the past decades, fueled by a thriving underground economy. Intrusion detection systems (IDSs) are the tool of choice to counter cyberattacks. However, the scope of an IDS is limited to the network traffic and the host activities of the enterprise or campus network it is monitoring. The lack of an Internet-wide view of ongoing threats makes IDSs ineffective in detecting new, distributed, and fast spreading attacks. In this talk, I will argue that the future of intrusion detection is collaborative. I will first present intrusion detection networks, a framework where IDSs communicate with each other and exchange intrusion information to benefit from collective expertise and improve attack detection performance. I will then highlight our data sharing partnership with institutions across Canada to facilitate cross-institution threat hunting and cyber threat intelligence sharing. Machine learning (ML) can play a quintessential role in threat detection and mitigation. I will share some of our experiences with the application of ML to network security. As data privacy remains a major concern, I will conclude with a privacy preserving framework for ML, i.e., federated learning, and how it can alleviate the barrier to data sharing and promote collaborative security.
Short bio:
Raouf Boutaba is currently a University Chair Professor and the Director of the David R. Cheriton School of Computer Science at the University of Waterloo. He held an INRIA International Chair in France. He is the founding Editor-in-Chief of IEEE Transactions on Network and Service Management (2007–2010) and former Editor-in-Chief of the IEEE Journal on Selected Areas in Communications (2018-2021). He is a Fellow of the IEEE, the Engineering Institute of Canada, the Institute of Electrical and Electronics Engineers, the Canadian Academy of Engineering, and the Royal Society of Canada.