Collaborative Center for Internet Epidemiology and Defenses, or
CCIED (pronounced "seaside") and assistant professor of computer
science and engineering, University of California San Diego.
Funded by a
$6.2 million grant from the National Science Foundation, the
Collaborative Center for Internet Epidemiology and Defenses was
founded in October to develop new ways to detect, analyze and defend
computer networks against large-scale Internet attacks. With their
focus on viruses, worms and other fast-moving computer-borne
plagues, researchers intend to develop methods of network security
based on a new approach derived from new thinking about Internet
Savage founded the center with colleagues from UCSD and the
International Computer Science Institute in Berkeley. About 20 staff
members, including students, are participating in the five-year
Their effort is part of a broader "cyber trust" initiative
undertaken by the National Science Foundation to prevent what some
experts describe as "an electronic Pearl Harbor."
As I understand it, Stephanie Forrest of the University of New
Mexico published the seminal paper on computer immunology. Why did
this concept take root and how has the field changed?
Stephanie pointed out that the homogeneity of our software base
is a key vulnerability – that a single bug in a popular application
can allow an attacker to compromise millions of computers. She
proposed the idea of creating a kind of Internet immunity via
"artificial heterogeneity" with each piece of software being subtly
changed from the others so an attacker could find no common point of
entry. Ten years ago people thought she was crazy, but the threat
has become real and her proposed solution is now considered a very
sexy research area.
Why does the center exist?
The center is focused on large-scale Internet outbreaks, such as
worms, viruses, and botnets. We are producing technologies for early
warning, threat analysis, forensics and fully automated defenses.
Much of our work has direct commercial relevance. In fact, a
precursor effort to automatically defend against new worms and
viruses has already led to the creation of a San Diego-based startup
company – Netsift.
How did you get your funding?
Our project was originally pitched to DARPA, a Pentagon agency
officially known as the Defense Advanced Research Projects Agency.
When their program was classified we submitted our proposal to the
National Science Foundation's CyberTrust initiative.
Describe your job.
The job of a professor is a combination of storytelling, cat
herding and panhandling. I need to raise money, make sure that
everyone is making progress and ultimately convince people to see
the world a particular way. It's this last element – which is at the
core of teaching and research – that is both the hardest and the
What are the biggest challenges you have faced?
What are your major accomplishments?
I'm currently most proud of our automated worm fingerprinting
technology, which was the basis for Netsift. I've also done work on
network measurement technology, denial-of-service attacks and
detecting concurrency errors – all now in use by industry. I've had
great students and they deserve most of the credit.
Describe your previous experience:
UCSD is my first academic job after I got my Ph.D. from the
University of Washington. I was a founder and chief scientist of
Asta Networks, a defunct startup that built security products to
help with denial-of-service attacks. I also served on the technical
advisory board of Rendition Networks, which was acquired by Opsware
Inc. I'm currently on the technical advisory board of Narus, I
consult for Netsift, and I do a variety of legal work as well.
Tell us something interesting about yourself:
I was born in Paris, France, but I grew up in Manhattan. I was
rejected by UCSD as a graduate student. I can pick locks. My
undergraduate degree is in history. I used to play bass guitar and
run, but with two small kids most of my spare time these days seems
to revolve around toy trains and Winnie-the-Pooh.
– BRUCE V. BIGELOW