Colloquium Details
Revere--Disseminating Security Updates at Internet Scale
| Author: | Jun Li Laboratory for Advanced Systems Research, Computer Science Department, University of California, Los Angeles |
|---|---|
| Date: | April 11, 2002 |
| Time: | 15:30 |
| Location: | 220 Deschutes |
Abstract
Rapid and widespread dissemination of security updates throughout the Internet would be invaluable for many purposes, including sending early-warning signals, distributing new virus signatures, updating certificate revocation lists, dispatching event information for intrusion detection systems, etc. However, notifying a large number of machines securely, quickly and with high assurance is very challenging. Such a system must compete with the propagation of threats, handle complexities in large-scale environments, address interruption attacks toward dissemination, and also secure itself.
Revere addresses these problems by building a large-scale, self-organizing resilient overlay network on top of the Internet. During my talk, I will discuss how to secure the dissemination procedure and the overlay network, considering possible attacks and countermeasures. I will also present experimental measurements of a prototype implementation of Revere gathered using a large-scale-oriented approach. These measurements suggest that Revere can deliver security updates at the required scale, speed and resiliency for a reasonable cost.
Biography
Jun Li is a Ph.D. candidate at UCLA, Los Angeles. He received his M.S. in Computer Science from UCLA, Los Angeles, his M.E. in Computer Software from the Institute of Software, Chinese Academy of Sciences, and his B.S in Computer Science from Peking University in Beijing, China. His research interests include network security, distributed systems, Internet protocols and applications, Network simulation and performance analysis.