Sandro Etalle

Prof. dr., TU Eindhoven, University of Twente and SecurityMatters BV

Biography

Sandro Etalle joined the Technical University of Eindhoven in October 2007, where he leads the chair of security of embedded systems. The chair is financed by CeDICT, one of the centres of excellence of the 3TU Federation of Technical Universities of the Netherlands. From 2001 till 2007, he worked for the University of Twente, where he first started researching the verification of security protocols. This research lead to the construction of CoProVe, which at the time was the fastest protocol verifier available, and which lead to the first formally verified protocols for ad hoc sensor networks. In 2002 he started working on the protection of confidential data, first in the context of digital right management, and then for the protection of private data. This line of study lead in 2004 to the definition of the first logic for accountability, and to further research in the field of Trust Management. Nowadays, he focuses particularly on signature-less Intrusion Detection. Etalle is scientific director of EiPSI, the Eindhoven Institute for the Protection of Systems and Information, and is a co-founder of the Twente spin-off SecurityMatters.

Presentation: Experiences in Network Analysis: from the research table to the production environments

Signature-less network intrusion detection systems are often regarded as strange machines yielding unpredictable results. But this is no longer true. After years of research at the University of Twente we have started to bring protocol-based, signature-less NIDS to the production environment. With very good results. This presentation will discuss the successes (and - why not - the failures) we have run into in the path from the research room to the production rack, and discuss some of the experiences in mono- and bidirectional network analysis