Pioneering Women of Information Security: Dorothy Denning and Rebecca Bace
As we celebrate International Women’s Day, we have chosen to honour two women who were vital to the design and development of Intrusion Detection Systems (IDS). Dorothy E. Denning and Rebecca Base are information security experts and pioneers who both played significant roles in the development of IDS. As we move in to 2019, organisations like Telesoft are adapting intrusion detection systems beyond their traditional definition of simply analysing basic network behaviour (passing traffic), and matching that traffic against a library of known attack vectors. This methodology alone only provides a part of the picture.
Dorothy E. Denning and Rebecca "Becky" Gurley Bace (1955-2017)
In order to attain the full picture and provide important context around an incident and qualified threat indicator information, Telesoft have developed new techniques such as alert driven record and configurable automation. Further integration with Anomaly Detection Tools provides defenders with a clearer picture of known, potential and unknown threats. Configurable automation is important because different things are important to different cyber security teams. IDS must continue to evolve to ensure they remain fit for purpose in today’s world of rapidly expanding data rates, hyper connectivity and a highly evolved cyber threat landscape.
The continued importance and relevance of IDS in today’s network security infrastructure is only possible because of people like Dorothy Denning and Rebecca Bace. While working at SRI International in the 80’s, Dorothy along with Peter Neumann created an IDS model that used statistics for anomaly threat detection which is still in use today. The SRI Intrusion Detection Expert System (IDES) ran on Sun workstations and tracked both user and network level data. It combined a rule-based Expert System to detect known types of intrusions with a statistical anomaly detection component based on profiles of users, host systems, and target systems.
In 1989 Rebecca Bace who had been working at the NSA for a number of years, began an assignment with the National Computer Security Centre (NCSC). Rebecca served as Program Manager for intrusion detection research, specifically on transferring research into the relatively new commercial cyber security products market. In 2000 Rebecca published a seminal text on intrusion detection, outlining its definition, history, importance, what types of IDS’s have been developed over the years, ways to do it, how to make it work in the real world and legal issues associated with it.
Both women played a huge part in shaping the cyber security industry that we know today. Dorothy continues her work in information security and cryptography in academe and government, research in to ‘hacktivism’ and her writings, which included accurate predictions about the internet, privacy and anonymity online. Rebecca finished up her time working with the NSA, NCSC and Department of Defence where she played a pivotal role in catching of Kevin Mitnick and set up her own cyber security consulting company. Then entering the world of venture capitalism, she provided expert advice to a generation of security start-ups such as Qualys, Sygate, and Neohapsis, and secured seed funding for computer security labs at Purdue University and others, paving the way for the next generation of cyber security professionals.