stowe_portrait

Bio:

Geoffrey Stowe is an engineer at Palantir Technologies focusing on cyber security analysis.  He specializes in problems like attribution, merging virtual activity with real world events, and triaging large data sets.  Prior to Palantir, Geoff spent 5 years in the Intelligence Community working on network exploitation and developing operational software.  He holds a degree in computer science from Dartmouth College.

Abstract:

Network security is rarely a problem of collecting data but rather one of sifting through the massive scale of information generated on a network.  One recent study estimates the average American consumes 34 gigabytes of data every day.  As more services move online, protocols grow increasingly complicated, and a user’s baseline usage pattern includes ever more activity.  At the same time, malware authors are becoming savvier at writing programs that blend in with legitimate traffic.  In the coming years, network security tools must make a quantum leap in processing power in order to search for these subtle patterns across a wider set of data.  This talk will survey the recent history of network security data analysis, the broader developments of processing at scale, and practical examples of ways to approach the problem.