Biography
Recent Press About My Work
From NEW YORK TIMES, 06 December 2008   
News Articles About My Work:  The Guardian/UK (February 2012),  The Atlantic (June 2010), Krebsonsecurity (February 2010), Technology Review (February 2010),  The Register (UK) (December 2009),  Ars Technia (December 2009),  PC World (October 2009, and CIO Magazine and MSN),  CNN.com (July 2009), Wired Magazine (July 2009), New Scientist Journal (June 2009), U.S. Whitehouse Cyber Policy Review (June 2009),  Scientific America (June 2009), PC World (4/25/2009), Network World (4/24/2009), Computer World (4/16/2009), Information Week (4/13/2009), Financial Times (4/10/2009), Information Week (4/2/2009), Network World (4/1/2009), OS News (3/31/2009), PC World (3/31/2009), Investors Business Daily (3/31/2009),  San Francisco Chronicle (3/31/2009), Computer World (3/30/2009), The Guardian (3/20/2009), InfoWorld (3/27/2009), Security Focus (3/27/2009), Wall Street Journal (3/26/2009), The Register [UK] (3/26/2009)  ABC News (3/25/2009), Information Week (3/25/2009), USA Today (3/24/3009), PC Magazine (Article 1, Article 2) (3/23/2009), Red Orbit (2/22/2009), Slashdot (3/21/2009), Bits.NYTimes.Com (3/19/2009),  NY Times (3/18/2009), The Tech Herald (3/13/2009),  Security Focus (3/09/2009), PC Magazine (2/23/2009),  NY Time (2/23/2009),  PC World (2/20/2009), The Tech Herald (2/20/2009), PC World (2/19/2009),  Security Focus (2/13/2009),  Washington Post (2/13/2009),  PC World/Network World (1/23/2009), New York Times (1/23/2009),  MIT Technology Review (1/23/2009),  ZDNet Asia (12/30/2008),  USA Today Tech (12/09/2008), SearchSecurity.com (12/22/2008), New York Times (12/06/2008), The Tech Harold (12/05/2008), Federal News Radio [Segment1.mp3, Segment2.mp3] (12/04/2006),  Information Week (11/26/2008), IEEE Computer Magazine (11/2008), SecurityFocus (11/25/2008),  SC Magazine (11/25/2008),  Heise Security [in English] (11/05/2008),  Windows Online Magazine DE (11/05/2008), Wiener Zeitung AT (11/06/2008), San Francisco Chronicle (10/08/2007), Microsoft Certified Professional Magazine (09/2007), ComputerWorld (09/28/2007), ZDNet (07/23/2008), SecurityFocus (07/2008), Silicon.com (07/2008), Arc Technica (07/2008), TechTarget (07/2008),  Security Focus [quoted] (04/2008)., MSNBC (04/10/2008), Information Security Magazine (3/2002), KTVU Channel 2 News [Video - WMV] (10/08/2007), KGO Radio Interview [Audio - MP3] (10/10/2007).
Top 10 Wicked Cool Algorithms!  November 2008 - This article includes a round-up of interesting algorithms and looks at how they impact the community. Number nine on the list is "Highly Predictive Blacklisting,"  which I jointly developed with Prof. Jian Zhang:

See  Network World  November 2008, and PC World   and TechWorld.com
Research Interests:
Intrusion detection, high assurance computing, security evaluation, network management and alarm correlation, privacy-preserving collaborative systems, formal malware analysis, network security, openflow and software defined networks, malware defense, and mobile security.
Recent Reseach Results:
Publications, Patents, and Major reports

Intrusion Detection

High Assurance Computing

Network Management and Alarm Correlation

Privacy-Preserving Collaborative Systems

Formal Analyses

Network Security

Malware Defense

Mobile and Wireless Security


Other Published Reports

Patents

News regarding my patents: Read Media Reports Here

Mark Bowden is a brilliant storyteller and just published a highly entertaining book, which tells the story of work that my friends and I did to combat the Conficker Worm.    I'm Chapter 1.
September 2011
Most Recent Publications:
    I am a Program Director and leader of SRI's Internet Security Group in the Computer Science Laboratory at SRI International.  We are established leaders in live Internet malware binary harvesting, malware binary static and dynamic analyses, and network-based malware infection analysis. My group has strong alliances with the whitehat community, and maintains ongoing collaborations with the top INFOSEC researchers in academia and the private sector. I have been a Principal Investigator for many research projects sponsored by DARPA, DoD, DHS, NSF, NSA, commercial customers, and others.  I have led multi-organizational large-scale projects with mixed academic and commercial collaborators, led many advanced research projects, and have been highly productive in acquiring goverment, military, and commercial projects involving Cyber Security R&D.  I am an active researcher, publishing and conducting technology development in intrusion detection, alarm correlation, malware analysis, active networks, and wireless security. Previously, I was a manager in the Trusted Computer Systems Department of the Aerospace Corporation, where I was also an experienced trusted product evaluator for NSA (which includes security testing, risk assessment, and penetration testing of systems and networks). I've participated on numerous program committees, and editorial boards, and on multiple commercial company technical advisory boards.  I hold 12 (a dozen) U.S. patents, and have been awarded Best Paper honors in 1995, 1999, and 2008.
Recent Coverage of My Work:
Infected America Videos:
BotHunter Videos:
Giving a talk at the White House on Botnet Threats and Detection


March 2012:  SDNCentra Seminar - Insecurity in OpenFlow
The evening event with Phil Porras had an outstanding turnout, filling the Vitrine meeting room at the St. Regis Hotel, and giving Phil an attentive and appreciative audience for his unveiling of SRI International's FortNOX and FRESCO projects. Phil demonstrated how SDN and OpenFlow, if not properly secured, open up new forms of insidious attacks and vulnerabilities within the network layer. With a recorded screen-capture that showed a concrete example of one such attack, along with how FortNOX could put a stop to it, Phil's impressive demonstration had the audience applauding loudly as he wrapped up.
Describing FortNOX and Fresco at the SDN Seminar on Security, San Francisco, 2012
Oh No!   I just heard Scholastic is going to stop publishing Weekly Reader Magazine (remember grade school?).  Well, at least I made a contribution:  Worm Infestation