William Timothy (Tim) Strayer
BBN Technologies
10 Moulton Street
Cambridge, Massachusetts 02138
Office: (617) 873-2295
Fax: (617) 873-6091
Email: strayer(at)bbn.com
Summary
Principal Scientist in BBN Technologies Advanced Networking Business Unit;
proposed, led, and conducted research on a wide variety of Government and
Industry sponsored projects in the areas of active networking, satellite
packet switching, mobile IP, virtual private networks, routing systems,
and network-based attack mitigation. Joined BBN in 1997 from Sandia National
Laboratories (California); conducted research on advanced network protocols.
Experience
- BBN Technologies, Cambridge, Massachusetts, currently from July 1997.
Senior Scientist, 1997-2002
Division Scientist, 2002-2009
Principal Scientist, 2009-present
- Network Security
- Principal Investigator for DARPA-funded Scalable Monitoring in the
Extreme (SMITE) project constructing a 100 Gbps traffic monitor and
scalable attack detection algorithms (2008-2010)
- Principal Investigator for DHS-funded BearClaw project
predicting emerging botnet threats and command and control
infrastructures (2007-2009)
- Principal Investigator for the DHS-funded ZombieStones
project constructing botnet detection algorithms using only
network-based methods on command and control communications
(2005-2006)
- Principal Investigator for the ARDA/DTO-funded FlyTrap
project constructing attack tracing algorithms through sparsely
instrumented networks (2005-2007)
- Principal Investigator for the Stepping Stones/STARLITE
project developing novel stepping stone attack correlation
algorithms and adding them to our single-packet traceback
algorithm (2003-2005)
- Project Lead for the NSA-funded Gigabit Ethernet Encryptor
(GigEE) project designing a HAIPE Type I in-line IP encryptor
device; BBN was subcontractor to ViaSat (2003-2005)
- Proposal lead and listed as Key Personnel for the ARDA-funded
Stingray project for isolating insiders by enabling
long-term trend analysis of network traffic data
- Participant in NSA's Laboratory for Telecommunications Sciences (LTS)
"Summer Workshop" on advanced topics (2003-2004)
- Principal Investigator for the DARPA-funded Source Path Isolation
Engine (SPIE) project providing single packet IP traceback;
developed first effective single-packet traceback algorithm (2000-2003)
- Project lead for FASTJam, a DARPA-funded project applying
novel signal processing algorithms to the analysis of wireless
traffic (2001-2003)
- Project lead for the NSA-funded Very High Speed Encryptor,
a design project for a 10 Gbps IPsec security gateway (2000-2001)
- Routing Protocols
- Project leadership, protocol design, and system architecture
for the DARPA-funded FIRE project (Flexible Internet Routing
Environment) providing a highly customized environment for running
many routing algorithms at once (1998-2000)
- Virtual Private Networks
- Led a team that designed and built the network monitoring
subsystem to the GTE-Internetwork VPN Advantage service offering
(1998)
- Protocols
- Evaluated and designed web-caching for proprietary commercial
Internet-in-airplane offering (1999-2000)
- Co-designed the Remote Link Interface Protocol (RLIP) for the
DARPA-funded On-Board Switch project, allowing a router's
line cards to be physically separate from the switching engine
but joined by a arbitrary network (1998)
- Active Networks
System design and prototyping for the DARPA-funded Smart
Packets project seeking to enhance network management by
sending full programs within special packets to enhanced network
nodes, and having the results sent back (1998-2000)
- Satellite Communications
- Designed the switch functionality for the TRW Milstar/GenStar GEO
Satellite (1997-2000)
- Sandia National Laboratories, Livermore, California,
August 1993 - July 1997.
Senior Member of the Technical Staff, Infrastructure and Networking
Research Department
- Protocol Research
- Conducted research on the effectiveness of various transport
protocols for use in distributed computing environments
- Produced two implementations of the net Xpress Transport
Protocol (XTP), one in the user space (SandiaXTP) and one
in the BSD kernel (kXTP)
- Designed and implemented novel reliable multicast algorithms within XTP
- Developed novel protocol implementation techiques, specifically the
Meta-Transport Library (MTL) package of C++ base classes for rapidly
prototyping transport protocols in the user space; used MTL to produce
a reference implementation of XTP (SandiaXTP)
- Collaborative Environments
- Won DOE2000 funding for designing a software architecture for
integrating collaborative tools into distributed computing
practices, in particular extending CORBA with appropriate
functionality to support collaborations
- University of Virginia, Charlottesville, Virginia,
Fall 1992 - Fall 1993
Senior Scientist, Department of Computer Science
- Member of the Mentat Research Group (Dr. Andrew Grimshaw, Principal
Investigator) studying portable parallel processing using object-oriented
principles for language design. We used the Mentat system, developed in-house,
to study the problem of easy-to-use parallelism that is portable over various
MIMD architectures. My research included enhancing protocols for loosely
coupled parallel systems and investigating issues in heterogeneous distributed
computing (meta-systems), especially scheduling, load balancing, and problem
partitioning and placement.
- University of Virginia, Charlottesville, Virginia,
Fall 1986 - Spring 1992
Research Assistant, Department of Computer Science
- Member of the Computer Networks Laboratory (Dr. Alfred Weaver, Director)
where I was primarily responsible for over eight funded projects. My research
interests included scheduling theory using functions to describe scheduling
policies; classification, analysis, and evaluation of message discrimination
policies within communication services; scheduling of communication subsystem
within distributed real-time systems; transport layer protocol design;
reliable multicast services. I have also studied and published in the area
of manufacturing automation and protocol performance and analysis.
- National Bureau of Standards, Gaithersburg, Maryland, Summer 1987
Computer Scientist
- Developed performance evaluation suite for ISO OSI based protocols,
including the Manufacturing Automation Protocol.
- National Bureau of Standards, Gaithersburg, Maryland, Summer 1986
Computer Scientist
- Developed verifiers and automatic NC Code generators for the vertical
milling machine at the Automated Manufacturing Research Facility.
Education
University of Virginia, Charlottesville, Virginia
- Doctor of Philosophy in Computer Science, May 1992
Dissertation: "Function-Driven Scheduling: A General Framework for
Expression and Analysis of Scheduling."
- Master of Science in Computer Science, January 1988
Thesis: "Performance Analysis of the Manufacturing Automation
Protocol."
Emory University, Atlanta, Georgia
- Bachelor of Science in Math/Computer Science, May 1985.
Academic Honors and Societies
- Sigma Xi Scientific Research Society, University of Virginia.
- Tau Beta Pi National Engineering Honor Society, University of Virginia.
- Omicron Delta Kappa National Leadership Honor Society, Emory University.
- Stipe Society of Scholars, Emory University.
Selected Publications
Books
- Ruixi Yuan and W. Timothy Strayer, Virtual Private Networks:
Technologies and Solutions Addison-Wesley, Boston, Massachusetts,
April 2001. (Also translated to Japanese.)
- Strayer, W. Timothy, Bert J. Dempsey, Alfred C. Weaver, XTP: The
Xpress Transfer Protocol, Addison-Wesley, Reading, Massachusetts, 1992.
(Also translated to Japanese.)
Book Chapters
- Strayer, W. Timothy, David Lapsely, Robert Walsh, and Carl Livadas,
"Botnet Detection Based on Network Behavior,"
Chapter in Botnet Detection: Countering the Largest Security Threat,
Wenke Lee, Cliff Wang, David Dagon, eds., Springer, 2008.
- Strayer, W. Timothy, C.M. Pancerella, "Evolution of Factory Communication,"
Chapter in The Industrial Electronics Handbook, David Irwin ed.,
CRC Press, 1996.
- Strayer, W. Timothy, editor-in-chief, Xpress Transfer Protocol Specification,
XTP Revision 4.0, XTP Forum, Santa Barbara, California, 1995. (Also translated
to Japanese and Chinese.)
Journal and Magazine Articles
- Tim Strayer, Mark Allman, Grenville Armitage, Steve Bellovin,
Shudong Jin, and Andrew W. Moore, "IMRG Workshop on Application
Classification and Identification Report," Editorial contribution
to ACM SIGCOMM Computer Communication Review, Volume 38, Issue 3
(July 2008).
- Snoeren, A.C., C. Partridge, L. A. Sanchez, C. E. Jones,
F. Tchakountio, B. Schwartz, S. T. Kent, and W. Timothy Strayer,
"Single-Packet IP Traceback,"
IEEE/ACM Transactions on Networking (ToN),
Volume 10, Number 6, December 2002. Pages 721-734.
- Partridge, C., A. C. Snoeren, W. Timothy Strayer, B. Schwartz,
M. Condell, and I. Castineyra, "FIRE: Flexible Intra-AS Routing
Environment," Journal of Selected Areas in Communications,
Vol. 19, No. 3, March 2001, pp. 410-425.
- Schwartz, B., A. W. Jackson, W. T. Strayer, W. Zhou, R. D. Rockwell,
and C. Partridge, "Smart Packets: Applying Active Networks to Network
Management," ACM Transactions on Computer Systems, Vol. 18,
No. 1, 2000, pp. 67-88.
- Partridge, C., T. Strayer, B. Schwartz, and A. W. Jackson,
"Commentaries on `Active Networking and End-to-End Arguments',"
IEEE Network, Vol. 12, No. 3, May/June 1998.
- Grimshaw, A. S., J. B. Weissman, W. Timothy Strayer, "Portable
Run-Time Support for Dynamic Object-Oriented Parallel Processing,"
ACM Transactions on Computer Systems, Vol. 14, No. 2, May 1996,
pp. 139-170.
- Grimshaw, A. S., W. Timothy Strayer, P. Narayan, "The Good News About
Dynamic Object-Oriented Parallel Processing," IEEE Parallel and
Distributed Technology: Systems and Applications, May 1993.
Refereed Conference Articles
Basil AsSadhan, José M. F. Moura, David Lapsley, Christine Jones
and W. Timothy Strayer, "Detecting Botnets Using Command and
Control Traffic," Proceedings of the 8th IEEE International
Symposium on Network Computing and Applications (NCA'09),
Cambridge, MA, July 9-11, 2009.
- W. Timothy Strayer, Walter Milliken, Ronald Watro, Walt Heimerdinger,
Steve Harp, Robert Goldman, Dustin Spicuzza, Beverly Schwartz,
David Mankins, Derrick Kong, Pieter Mudge Zatko, "An Architecture
for Scalable Network Defense," IEEE Local Computer Networks
(LCN'09), Zurich, Switzerland, October 20-22, 2009.
- Robert Walsh, David Lapsley, and W. Timothy Strayer,
"Efficient Flow Filtering for Botnet Search Space Reduction,"
Proceedings of Cybersecurity Applications and Technologies Conference for
Homeland Security (CATCH), March 3-4, 2009, Washington, DC.
- Alden Jackson, David Lapsley, Christine Jones, Mudge Zatko,
Chaos Golubitsky, and W. Timothy Strayer,
"SLINGBot: A System for Live Investigation of Next Generation
Botnets,"
Proceedings of Cybersecurity Applications and Technologies Conference for
Homeland Security (CATCH), March 3-4, 2009, Washington, DC.
- W. Timothy Strayer, C. E. Jones, B. Schwartz, S. Edwards, W. Milliken,
and A. W. Jackson, "Efficient Multi-Dimensional Flow Correlation,"
Proceedings of the 32nd IEEE Conference on Local Computer
Networks (LCN 2007), Dublin, Ireland, October 15-18, 2007.
- A. W. Jackson, W. Milliken, C. Santivanez, M. Condell, and
W. Timothy Strayer, "A Topological Analysis of Monitor Placement,"
Proceedings of the 6th IEEE International Symposium on
Network Computing and Applications (IEEE NCA08),
Cambridge, MA, July 12-14, 2007.
- W. Timothy Strayer, R. Walsh, C. Livadas, and D. Lapsley,
"Detecting Botnets with Tight Command and Control,"
Proceedings of the 31st IEEE Conference on Local Computer Networks
(LCN), November 15-16, 2006, Tampa, Florida.
- C. Livadas, R. Walsh, D. Lapsley, and W. Timothy Strayer,
"Using Machine Learning Techniques to Identify Botnet Traffic,"
Proceedings of the Second IEEE LCN Workshop on Network Security
(WNS), November 14, 2006, Tampa, Florida.
- W. Timothy Strayer, C. E. Jones, B. Schwartz, J. Mikkelson, and
C. Livadas, "Architecture for Multi-Stage Network Attack Traceback,"
Proceedings of the First Workshop on Network Security, Local Computer Network
s Conference, Sydney, Australia, November 15, 2005.
- Partridge, C., D. B. Cousins, A. W. Jackson, R. Krishnan, T. Saxena,
and W. Timothy Strayer, "Using Signal Processing to Analyze Wireless
Data Traffic," ACM Workshop on Wireless Security (WiSe),
Atlanta, GA, USA, September 28, 2002.
- Snoeren, A. C., C. Partridge, L. A. Sanchez, C. E. Jones,
F. Tchakountio, S. T. Kent, and W. T. Strayer,
"Hash-Based IP Traceback,"
Proceedings of ACM SIGCOMM 2001, San Diego, California,
August 27-31, 2001.
- Sanchez, L. A., W. C. Milliken, A. C. Snoeren, F. Tchakountio,
C. E. Jones, S. T. Kent, C. Partridge, and W. T. Strayer,
"Hardware Support for a Hash-Based IP Traceback,"
Proceedings of the DARPA Information Survivability Conference
and Exposition (DISCEX) II, 12-14 June 2001, Anaheim, California,
pp. 146-152, vol II.
- Partridge, C., A. C. Snoeren, W. Timothy Strayer, B. Schwartz,
M. Condell, and I. Castineyra, "FIRE: Flexible Intra-AS Routing
Environment," Proceedings of ACM SIGCOMM 2000, Stockholm,
Sweden, August 28-September 1, 2000.
- Schwartz, B, W. Zhou, A. W. Jackson, W. Timothy Strayer, D. Rockwell,
and C. Partridge, "Smart Packets for Active Networks"
Proceedings of InfoComm, New York, 1999.
Patents
- "Method and System for Connectionless Communication in a Cell Relay
Satellite Network," R. Yuan, B. Akyol, and W. T. Strayer,
U.S. Patent # 6,310,893, issued on October 30, 2001.
- "Cell Discard Scheme for IP Traffic over a Cell Relay
Infrastructure," R. Yuan, B. Akyol, W. T. Strayer,
U.S. Patent # 6,567,378, issued on May 20, 2003.
- "Method and Apparatus for Tracing Packets,"
Luis Sanchez, William Timothy Strayer, Craig Partridge,
U.S. Patent # 6,981,158, issued on December 27, 2005.
- "Method and System for Passively Analyzing Communication Data Based
on Frequency Analysis of Encrypted Data Traffic, and Method and System
for Deterring Passive Analysis of Communication Data,"
Craig Partridge, William Timothy Strayer, David Bruce Cousins
U.S. Patent # 7,170,860, issued on January 30, 2007.
- "Methods and Systems for Passive Information Discovery Using Lomb
Periodogram Processing,"
Tushar Saxena, David B. Cousins, Craig Partridge, William Timothy Strayer,
U.S. Patent # 7,359,966, issued on April 15, 2008.
- "Creating Signals to Characterize Network Traffic,"
David Cousins, Craig Partridge, Tim Strayer, Rajesh Krishnan, Tushar Saxena,
U.S. Patent # 7,574,597, issued on August 12, 2009.
- "Method and System for Integrated Computer Networking Attack
Attribution," W. Timothy Strayer, Christine E. Jones,
Isidro M. Castineyra, Regina Rosales Hain,
U.S. Patent # 7,814,546, issued on October 12, 2010.
- "Method and System for Aggregating Algorithms For Detecting Linked
Interactive Network Connections," W. Timothy Strayer, Christine E. Jones,
Isidro M. Castineyra, Regina Rosales Hain,
U.S. Patent # 7,854,003 on December 14, 2010.
Keynotes, Invited Lectures, and Tutorials
- "Privacy Issues in an Insecure World"
Keynote at the Second IEEE International Symposium on Network
Computing and Applications,
Cambridge, Massachusetts, April 17, 2003.
- "Privacy Issues in Virtual Private Networks"
Keynote at Networks 2002 (Joint International Conference on Wireless
LANs and Home Networks (ICWLHN 2002) and Networking (ICN 2002),
Atlanta, Georgia, August 29, 2002.
- "Privacy Issues in Virtual Private Networks"
Keynote at Internet Performance and Control of Network Systems III,
Boston, Massachusetts, July 30, 2002 (workshop of SPIE ITCom).
- "Virtual Private Networks," with Ruixi Yuan, half-day tutorial
given at the 25th Local Computer Networks Conference, Tampa, Florida,
November 8, 2000.
- "Virtual Private Networks," with Ruixi Yuan, half-day tutorial
given at the 24th Local Computer Networks Conference, Lowell, Massachusetts,
October 18, 1999.
- "Protocol Issues in Satellite Communications," invited talk
at Satellites and the Internet '99, Washington, DC, July 1999.
- "Critical Issues for Networking in a Naval Environment,"
lecture at the Naval Postgraduate School, Monterey, Ca, July 1996.
- "XTP and Other Light-Weight Transport Protocols," half-day
tutorial given at the Second International Symposium on High Performance
Distributed Computing, Spokane, Washington, July 20, 1993.
- "The Xpress Transfer Protocol," with Alfred C. Weaver and Bert J.
Dempsey, full-day tutorial given at the XTP Tutorial and Demonstration,
University of Virginia, Charlottesville, Virginia, December 7-8, 1992.
- "The Xpress Transfer Protocol," with Alfred C. Weaver and Bert J.
Dempsey, half-day tutorial given at the 17th Local Computer Networks Conference,
Minneapolis, Minnesota, September 12, 1992.
- "The Xpress Transfer Protocol," with Alfred C. Weaver and Bert J.
Dempsey, full-day tutorial given at the International Workshop on Advanced
Communications and Applications for High Speed Networks, Munich, March
16, 1992.
- "Local Computer Networks," lecture to the Math Society at
Hampden-Sydney College, Virginia, March 1989.
Professional Service, Achievements, and Activities
- Review Panels
- External panel for the Institute of Security Technology Studies
(ISTS) at Dartmouth College, 2007
- National Science Foundation (NSF) Review Panel, 2007, 2011
- National Academies' National Research Council Board on Laboratory
Assessments, Panel on Information Technology, to visit the Information
Technology Laboratory of the National Institute of Standards and
Technology (NIST), 2009, 2011
- Editorial Boards
- International Journal of Network Management, Editorial Advisory
Board since 2007
- Guest Editor, "Recent Developments in Network Intrusion
Detection," Special Issue of IEEE Networks,
January/February 2009
- Board of Review International Journal on Network Computing,
Kluwer Academic Publishers, 2003
- Telecommunication Systems Journal since 2009
- Conference Committees and Chairs
- IEEE Local Computer Networks (LCN) Conference: Program Co-Chair,
1997 and 1998; Panel Chair and Local Arrangements
Co-Chair, 1999; Panel Co-Chair, 2000; Ad-Hoc Chair,
2001; General Chair, 2002 and 2003; Program Committee
since 1997; Standing Committee since 2004
- Workshop on Network Security (part of LCN): Program Co-Chair,
2005 and 2006, Program Committee 2005-2008
- Workshop on Security in Communications Networks (SICK, part of LCN):
Program Committee since 2010
- IEEE International Symposium on Network Computing and Applications
(NCA): Program Co-Chair, 2004; Program Committee,
since 2002
- IEEE Symposium on Computers and Communications (ISCC): Program
Committee since 2004
- IEEE International Conference on Broadband Communications, Networks,
and Systems (Broadnets): Program Committee 2007-2009
- Computer and Network Security Symposium (CNSS): Program
Committee 2007-2009
- International Workshop on Mobile and Networking Technologies for
social applications (MONET): Program Committee since 2006
- IEEE Ad-Hoc and Sensor Networking Symposium (AHSNET, part of
Globecom): Program Committee since 2008
- International Conference on Advances in Future Internet (AFIN):
Program Committee since 2008
- Australasian Conference on Information Security and Privacy
(ACISP): Program Committee, 2006-2007
- International Conference on Information and Communications Security
(ICICS): Program Committee, 2006
- ITCOM Performance, QoS and Control of Next Generation Communication
Networks, Program Committee, 2002-2004
- Industrial Information Technology (IIT) track at
IECON'03, IEEE Industrial Electronics Society (IECON):
Program Committee, 2003
- SPIE Performance and Control of Network Systems III & IV:
Program Committee, 1999-2002
- IMRG Workshop on Application Classification and Identification (WACI):
Organizing Committee and Host, October 2007
- IEEE WCNC (Wireless Communications & Networking Conference):
Program Committee, 2010
- IEEE ICC-AHSM (ICC--Ad-Hoc, Sensor and Mesh Networking
Symposium): Program Committee since 2010
- IEEE ICC-WNS (ICC--Wireless Networking Symposium):
Symposium): Program Committee since 2010
- Second Workshop on Intelligent Security (Security and Artificial
Intelligence) SecArt, Program Committee since 2010
- International Workshop on Identity: Security, Management and
Applications (ID), Program Committee, 2011
- International Conference on Security in Computer Networks and
Distributed Systems (SNDS), Program Committee, 2012
- IEEE International Symposium on Personal, Indoor and
Mobile Radio Communications, Track 3: Mobile and Wireless Networks,
Program Committee, 2012
- Reviewer
- IEEE Computer
- IEEE Transactions on Industrial Electronics
- Addison-Wesley
- World Wide Web Journal
- Computer Communications Journal
- IEEE Industrial Electronics Journal
- Journal of Computer Communications
- Computer Networks Journal: The International Journal of Computer and
Telecommunications Networking
- International Journal of Security and Networks
- IEEE/ACM Transactions on Networking
- Transactions on Computers
- World Wide Web Journal
- IEEE Communications Letters
- KSII Transactions on Internet and Information Systems
- Professional Societies
- IEEE Senior Member
- ACM Senior Member
- Member of the XTP Forum from 1987 to 2000; editor-in-chief of the
XTP 4.0 Specification
- Thesis committee for Worcester Polytechnical Institute PhD student,
2008-2009.
- Thesis supervisor for two Naval Postgraduate School Master's Degree
students exploring naval applications of reliable multicast, 1996