- L. Vespa and N. Weng. SWM: Simplified Wu-Manber for GPU-based Deep Packet Inspection, the International Conference on Security and Management, 2012. Abstract. Graphics processing units (GPU) have potential to speed up deep packet inspection (DPI) by processing many packets in parallel. However, popular methods of DPI such as deterministic finite automata are limited because they are single stride. Alternatively, the complexity of multiple stride methods is not appropriate for the SIMD operation of a GPU. In this work we present SWM, a simplified, multiple stride, Wu-Manber like algorithm for GPU-based deep packet inspection. SWM uses a novel method to group patterns such that the shift tables are simplified and therefore appropriate for SIMD operation. This novel grouping of patterns has many benefits including eliminating the need for hashing, allowing processing on nonfixed pattern lengths, eliminating sequential pattern comparison and allowing shift tables to fit into the small on-chip memories of GPU stream cores. We show that SWM achieves 2 Gb/s deep packet inspection even on a single GPU with only 32 stream cores. We expect that this will increase proportionally with additional stream cores which number in the hundreds to thousands on higher end GPUs
- Matthew Dean and Lucas Vespa, Simplified Network Traffic Visualization for Real-Time Security Analysis, The 2013 International Conference on Security and Management, 2013. Abstract: Although traditional methods of network security analysis used in investigating network traffic and log files are essential to mitigating malicious network activity, these methods alone cannot keep up with constant increases in malevolent network traffic. Many visualization tools have been created as a supplement to traditional analysis and intrusion detection systems. Even though these tools are useful, each tool tends to have a niche use. Also, many network administrators fill dual roles as administrators and security analysts and have little time to learn different complex visualization tools. We therefore observe a need for a simple out-of-the-box solution for general network security visualization. We hope to fill this need with our tool called VNR, which in addition to its simplicity embeds transport layer data within visualizations allowing for better intra-host analysis. VNR can also be used for real-time or auditing purposes by configuring the amount of data visualized within specific time frames.
Books and Book Chapters
Lucas Vespa, Mini Mathew, Ning Weng. Predictive Pattern Matching for Scalable Network Intrusion Detection, Information and Communications Security, ICICS 2009, Springer, Lecture Notes in Computer Science, vol. 5927, pp. 254–267, 2009.
- R. Loui, Things to Know About The NSA, FISA, and Section 215 that The Guardian (UK) Won't Tell You, FBI INFRAGARD Presentation, 2014.
- R. Loui, Practical Computer Security and A Plea From a Cyberwar Perspective. ASPA technology and Cyber Security Meeting, 2014.
- R. Loui. Mobile Platforms and Cyberwarfare: Diversity is Good Fragility is Bad Misplacement is Ugly. FBI INFRAGARD Presentation, 2013.
- Sviatoslav Braynov. Current Trends in Cyber Crime. Invited talk, the Council on Foreign Relations, St. Louis Committee, 2013.
- L. Vespa, Intrusion Security Automation. Academy of Lifelong Learning, 2014.
- Janis Rose, Protecting Personal Information in CyberSpace. Presented at the 2012 Annual Cisco Networking Academy National Conference, San Jose, CA June 2012.
- Janis Rose, Sharing CyberSpace with Three Friends and Three Million Others. Presented at the Southern Illinois University Summer Academy of Illinois Educators, July 2012.
- Janis Rose, Stop Think Connect Cyber Citizen Forum. Presented at the Cyber Citizen Forum, UIS in conjunction with the Department of Homeland Security, Springfield IL, September 2011.
- Janis Rose, Protecting Personal Information in CyberSpace: Classroom Activities You Can Use. Illinois Technology Education Conference, Normal, IL, Oct 28 2011.
- Janis Rose, Online Privacy: Sharing CyberSpace with Three Friends and Three Million Others. Presented at Carl Sandburg College, Galesburg Illinois, March 2012.
- Janis Rose, Protecting Personal Information in CyberSpace 2: Classroom Activities You Can Use. Illinois State University Connections Conference, Pheasant Run, St. Charles Illinois, March 14 2012.
- Janis Rose, Don’t Walk the Web Without Watson. Presented at the Regional Office of Education, Springfield IL, April 2013.
- Janis Rose, Who’s Following You Online, How and Why. Presented at the Illinois State University Connections Conference, St. Charles IL, March 2012.
- Janis Rose, Smart Learning with Smart Devices. Presented at the 2013 Annual Cisco Networking Academy National Conference, San Jose CA, July 2013.
- Janis Rose, The Flipped Classroom. Presented at the 2013 Annual Cisco Networking Academy National Conference, San Jose CA, July 2013.
- Janis Rose, Your Digital Footprint: Who’s Watching You, How and Why. Presented at Illinois Association of Career & Technical Education, Bloomington IL, February 2014.
- Janis Rose, Smart Learning with Smart Devices. Presented at Illinois Association of Career & Technical Education, Bloomington IL, February 2014.
- Janis Rose, Smart Learning with Smart Devices. Presented at Summer Academy for Illinois Educators, Springfield Il, June 2014.
- Janis Rose, Your Digital Footprint. Presented at the 2014 Illinois Association of Administrative Professionals National Conference, Springfield IL, June 2014.
- Janis Rose, Your Digital Footprint. Presented at the Central Region Meeting of the Illinois Association of Administrative Professionals National Conference, Normal, IL, October 2014.
- Janis Rose, Smart Learning with Smart Devices. Presented at the Annual Conference of the Illinois Business Educators Association, Normal IL, November 2014.
- Janis Rose, Your Digital Footprint. Presented at the Annual Conference of the Illinois Business Educators Association, Normal IL. November 2014.
- Lucas Vespa, Ritam Chakrovort, and Ning Weng, Lightweight Testbed for Evaluating Worm Containing Systems, International Journal of Security and Networks (IJSN), vol. 7, no. 1, pages 6-16, August 2012.
- Ning Weng, Lucas Vespa, and Benfano Soewito, Deep Packet Pre-filtering and Finite State Encoding for Adaptive Intrusion Detection System, Computer Networks vol. 55, no. 8, pages 1648-1661, June 2012. Abstract. An intrusion detection system (IDS) is a promising technique for detecting and thwarting attacks on computer systems and networks. In the context of ever-changing threats, new attacks are constantly created, and new rules for identifying them are dramatically increasing. To adapt to these new rules, IDSs must be easily reconfigurable, they must keep up with line rates of network traffic, and they must have high detection accuracy. In this paper, we propose a high-performance memory-based IDS that can be easily reconfigured for new rules. Our IDS achieves high performance and memory efficiency by utilizing deep packet pre-filtering and novel finite state encoding. We present simulation and experimental results that show the novelty and feasibility of our system.
- R. Loui and T. Loui. How to survive a cyber Pearl Harbor, IEEE Computer, accepted, to appear, 2015.