By the close of 2016, annual global IP traffic will pass the zettabyte ([ZB]; 1000 exabytes [EB]) threshold and will reach 2.3 ZBs per year by 2020, according to Cisco's Visual Networking Index. While capturing and evaluating network traffic enables defenders of large-scale organizational networks to generate security alerts and identify intrusions, operators of networks with even comparatively modest size struggle with building a full, comprehensive view of network activity. To make wise security decisions, operators need to understand the mission activity on their network and the threats to that activity (referred to as network situational awareness). In this podcast, Timothy Shimeall discusses approaches for analyzing network security using and going beyond network flow data to gain situational awareness to improve security.
Dr. Timothy J. Shimeall is a senior member of the technical staff with the SEI’s CERT Division where he oversees and participates in the development of analysis methods in the area of networked systems security and survivability. His work includes development of methods to identify trends in security incidents and in the development of software used by computer and network intruders. Of particular interest are incidents affecting defended systems and malicious software that are effective despite common defenses.
Before joining the SEI, Shimeall was an associate professor at the Naval Postgraduate School in Monterey, Calif. He was an active instructor on a variety of topics in software engineering, information warfare, and security, and supervised in excess of 30 MS theses and three Ph.D. theses. Tim has taught courses for a variety of educational institutions and private corporations, in both local and distance learning formats.