Program Director and Internet Security Group Leader, Computer Science Laboratory
Phillip Porras is a program director and leader of the Internet Security Group in SRI International’s Computer Science Laboratory. The group, which includes established leaders in live Internet malware binary harvesting, malware binary static and dynamic analyses, and network-based malware infection analysis, has strong alliances with the whitehat community, and maintains ongoing collaborations with the top information security researchers in academia and the private sector.
Porras has been a principal investigator for several research projects sponsored by the Department of Defense (DoD), Defense Advanced Research Projects Agency (DARPA), Department of Homeland Security (DHS), the National Science Foundation (NSF), the National Security Agency (NSA), commercial clients, and others. He has led large-scale, multi-organizational projects with mixed academic and commercial collaborators, and has been highly productive in acquiring government, military, and commercial projects involving cyber security R&D.
Porras is an active researcher, publishing and conducting technology development in intrusion detection, alarm correlation, malware analysis, active networks, and wireless security. Previously, he was a manager in the Trusted Computer Systems Department of the Aerospace Corporation, where he was also an experienced trusted product evaluator for NSA. Work included security testing, risk assessment, and penetration testing of systems and networks.
Porras has participated on numerous program committees, editorial boards, and on multiple commercial company technical advisory boards. He holds a dozen U.S. patents, and was awarded Best Paper honors by academic symposia in 1995, 1999, and 2008.
He was named an SRI Fellow in 2013.
We demonstrate how simple and common failures in a network application may lead to loss of the control layer, and in effect, loss of network control. To address these concerns…
We present Avant-Guard, an implementation of our two data plane extensions, evaluate the performance impact, and examine its use for developing more scalable and resilient SDN security services.
In this paper, we present measurement results from a unique dataset containing more than 26 billion DNS query-response pairs collected from more than 600 globally distributed recursive DNS resolvers.