Select a timekeeper.
What are my plans this summer (2:00) Chris, Julie, Steven and Brant outline their plans this summer. Topics for next agenda (0:05)
17-June-97 Meeting Notes, 1:10pm - 3:30pm
Attendees: Steven Templeton, Chris, Julie, Brant, Scott Miller, Karl Levitt, Matt Bishop
Notetaker: Chris WeeKarl's plans this summer Brainstorm new proposal to Susan. Karl, Matt and Chris will call Susan on the phone and give her an update and solicit additional funding for next year. Chris's plans this summer Chris has been working on polymorphic viruses (with Julie and Maria Lau), audit countermeasures and reading about electronic patient records. Chris also distributed his brain fart about how to formulate a security policy. He plans on completing the virus and audit countermeasures work, work on an NT audit tutorial and writing 2 papers. Julie's plans this summer Julie has been working on polymorphic viruses and macro viruses. She will continue to focus on macro viruses and specifically on Wordbasic viruses. Matt suggested that she compare standard viruses to data-driven malicious code and note simliarities and differences. Chris suggested that an effective management approach to data-driven viruses is needed, such as tools and advice on how to reduce infection, vulnerability to data-driven attacks. Julie will write her MS thesis this summer. Steven's plans this summer Write many whitepapers on misuse. Steven wants to focus on inferring intent from user actions. It is the differentiation in intent that sets misuse apart from legitimate use. Chris suggested he look at project SLAMMER to gain insight into hacker mentality and objectives. Steven may want to use a GUI (aka language) to extract a policy from the user. Brant's plans this summer Brant has been working on audit countermeasures. Chris suggested that he look at the NT policy editor and tease out its policy language. Next he will try to extend that policy language, possibily using the access control matrix model or an object-oriented language model (e.g., C++) to capture user policies. Chris is concerned that users would be unable to fathom how to write a security policy using an object oriented policy language. He suggests something much simpler like a predicate logic. Steven pointed out that a translator could be built to transform a policy P in some language L into another english-like language L'. Complete audit countermeasures work. Brant will write a report on policy language and session characterization to discharge his responsibility on the misuse project. Then Brant will leave to join the Ariel project. Scott Miller Scott is thinking of joining the misuse project. Scott is still undecided. Kathy Lam Chris received a resume from Kathy. She is a sophomore undergraduate interested in a summer internship. Karl gives her a very high recommendation, Kathy scored a 99 (2nd highest score) on his ECS150 operating systems final. [Of course, Kathy has never taken ECS150, but she has taken ECS100 from Karl). Chris will interview her and if appropriate, offer her a summer internship with the misuse project. She will likely be asked to perform some NT system administration, some programming and some WWW page maintenance. Topics for next agenda (0:05) Scott Miller present Hochberg, Jackson, et. al. paper "Addressing the insider threat" Brant present his findings on the NT policy editor Chris present more thoughts on formulating medical security policies Schedule visit to ORD this summer.