Nina Taft
Intel Research Berkeley
2150 Shattuck Ave, Suite 1300
Berkeley, CA 94704-1347 USA
T +1-510-495-3082
F +1-510-495-3049
nina.taft@intel.com

Biography

Nina Taft is a senior research scientist at Intel Research Berkeley. Nina is interested in making the Internet a safer place, and thus works on security solutions both at the networking level and for end-hosts, such as laptops and desktops. She is interested in improving security through the smart use of measurement and inference technologies. In addition, she has worked in the areas of end-host profiling for reliability purposes, the application of diversity paradigms to security solutions, protection against data poisoning, overlay networks, and energy-aware proxies to reduce laptop energy consumption. Prior to joining Intel, Nina worked at Sprint Labs for 5 years. There, she worked on ISP traffic engineering problems such as traffic matrix estimation, routing, backbone traffic characterization and capacity planning. Prior to Sprint, she worked at SRI International in Menlo Park, CA, and conducted research on congestion control and QoS routing. Nina received her PhD from UC Berkeley.

Research

I work on the PROTEUS project that aims to provide protection from botnets by tackling the problem from two vantage points: the end user and the centralized enterprise network control center. Some of the solutions we are developing are intended to live on laptops and desktops; while other solutions are targeted to help IT departments manage network security more effectively within their enterprise. PROTEUS' general approach to botnet mitigation is based upon collecting lots of data about the user and the network, and building underlying models of normal behavior from this data. Our approach often relies on the application of data mining techniques to detect anomalous activities.

There are various barriers to adoption for the use of data mining techniques in the field of security. I work with many colleagues to tackle some of these problems. For example, our research addresses questions such as:

Service

Executive Committees, Editorial

Program Committees

Publications

2009

Exploiting Temporal Persistence to Detect Covert Botnet Channels

F. Giroire, J. Chandrashekar, N. Taft, E. Schooler and K. Papagiannaki. Recent Advances in Intrusion Detection (RAID). September 2009.

Impact of IT Monoculture on Behavioral End Host Intrusion Detection

D. Barman, J. Chandrashekar, N. Taft, M. Faloutsos, L. Huang and F. Giroire. ACM SIGCOMM Workshop on Research on Enterprise Networks (WREN). August 2009. [PDF]

Stealthy Poisoning Attacks on PCA-based Anomaly Detectors

B. Rubinstein, B. Nelson, L. Huang, A. Joseph, S. Lau, S. Rao, N. Taft and D. Tyger. ACM Sigmetrics. Extended Abstract. June 2009.[PDF]

Skilled in the Art of Being Idle: Reducing Energy Wasted in Networked Systems

S. Nedevschi, J. Chandrashekar, J. Liu, B. Nordman, S. Ratnasamy, and N. Taft. Networked Systems Design and Implementation (NSDI). April 2009. [PDF]

2008

Spectral Clustering with Perturbed Data

L. Huang, D. Yan, M. Jordan, and N. Taft. Neural Information Processing Systems (NIPS). December, 2008. [PDF]

How Healthy are Today's Enterprise Networks?

S. Guha, J. Chandrashekar, N. Taft and D. Papagiannaki. Internet Measurement Conference (IMC), Greece. October, 2008. [PDF]

Evading Anomaly Detection Through Variance Injection Attacks on PCA

B. Rubinstein, B. Nelson, L. Huang, A. Joseph, S. Lau, N. Taft and D. Tyger. Recent Advances in Intrusion Detection (RAID). (Extended Abstract). Best Poster Award. September, 2008. [PDF]

The Cubicle Vs. The Coffee Shop: Behavioral Modes in Enterprise End-Users

F. Giroire, J. Chandrashekar, G. Iannaccone, K. Papagiannaki, E. Schooler and N. Taft. Passive and Active Measurement Workshop (PAM). April, 2008. [PDF]

Race Conditions in Coexisting Overlay Networks

R. Keralapura, C.-N. Chuah, N. Taft and G. Iannaccone. IEEE/ACM Transactions on Networking. February, 2008. [PDF]

2007

Approximate Decision Making in Large-Scale Distributed Systems

L. Huang, A. Joseph, M. Garofalakis and N. Taft. NIPS Workshop: Statistical Learning Techniques for Solving Systems Problems (MLSys). (Extended Abstract). December, 2007. [PDF]

IGP Link Weight Assignment for Operational Tier-1 Backbones

A. Nucci, S. Bhattacharyya, N. Taft and C. Diot. IEEE/ACM Transactions on Networking. August, 2007. [PDF]

Estimating Dynamic Traffic Matrices by using Viable Routing Changes

A. Soule, A. Nucci, R. Cruz, E. Leonardi and N. Taft. IEEE/ACM Transactions on Networking. June, 2007 [PDF]

Communication-Efficient Tracking of Distributed Cumulative Triggers

L. Huang, M. Garofalakis, A. Joseph and N. Taft. International Conference on Distributed Computing Systems (ICDCS). Toronto, Canada. June, 2007.

Communication-Efficient Online Detection of Network-Wide Anomalies.

L. Huang, X. Nguyen, M. Garofalakis, J. Hellerstein, M. Jordan, M. Joseph, and N. Taft. IEEE Infocom . Alaska. May, 2007. [PDF]

Profiling the End Host

T. Karagiannis, K. Papagiannaki, N. Taft and M. Faloutsos. Passive and Active Measurement Workshop (PAM) . Belgium. April, 2007. [PDF]

Public Health for the Internet: Towards A New Grand Challenge for Information Management

J. Hellerstein, T. Condie, M. Garofalakis, B.T. Loo, P. Maniatis, T. Roscoe, and N. Taft. Conference on Innovative Data Systems Research (CIDR). January, 2007.[PDF]

2006

In-Network PCA and Anomaly Detection

L Huang, X. Nguyen, M. Garofalakis, M. Jordon, A. Joseph and N. Taft. Neural Information Processing Systems (NIPS). December, 2006. [PDF]

An Independent Connection Model for Traffic Matrices.

V, Erramilli, M. Crovella and N. Taft. In ACM Internet Measurement Conference (IMC). Rio de Janeiro, Brazil. October, 2006. [PDF]

Toward Sophisticated Detection With Distributed Triggers

L. Huang, M. Garofalakis, J. Hellerstein, A. Joseph, and N. Taft. Workshop on Mining Network Data (MineNet), co-located at ACM SIGCOMM. September, 2006. [PDF]

A Fast Lightweight Approach to Origin-Destination IP Traffic Estimation Using Partial Measurements

G. Liang, N. Taft and B. Yu. Special joint issue of IEEE Transaction on Networking and IEEE Transactions on Information Theory. June, 2006. [PDF]

Sleeping Coordination for Comprehensive Sensing Using Isotonic Regression and Domatic Partitions

F. Koushanfar, N. Taft and M. Potkonjak. IEEE Infocom. Barcelona, Spain. March, 2006. [PDF]

2005

Traffic Matrix Tracking Using Kalman Filters

A. Soule, K. Salamatian, A. Nucci and N. Taft.ACM SIGMETRICS Performance Evaluation Review (PER) Vol. 33, Issue 3. Special issue on the First ACM Sigmetrics Workshop on Large Scale Networks Inference (LSNI). December, 2005. [PDF]

Can Coexisting Overlays Inadvertently Step on Each Other?

R. Keralapura, C.N. Chuah, N. Taft and G. Iannaconne. IEEE Proceedings of International Conference of Network Protocols (ICNP). November 2005. [PDF]

Combining Filtering and Statistical Methods for Anomaly Detection

A. Soule, K. Salamatian and N. Taft. In ACM/Sigcomm Internet Measurement Conference (IMC). Berkeley, CA. October, 2005. [PDF]

Long-Term Forecasting of Internet Backbone Traffic

K. Papagiannaki, N. Taft, Z.-L. Zhang and C. Diot. IEEE Transactions on Neural Networks, Vol. 15. No. 5. September, 2005.[PDF] An earlier conference version of this paper appeared in Proceedings of IEEE Infocom. San Francisco. April, 2003.[PDF] [PS]

The Problem of Synthetically Generating IP Traffic Matrices: Initial Recommendations

A. Nucci, A. Sridharan and N. Taft. ACM Computer Communications Review (CCR). July, 2005.[PDF]

Traffic Matrices: Balancing Measurements, Inference and Modeling

A. Soule, A. Lakhina, N. Taft, K. Papagiannaki, K. Salamatian, A. Nucci, M. Crovella and C. Diot. ACM Sigmetrics. June, 2005. [PDF]

Increasing Link Utilization in IP over WDM Networks Using Availability as QoS

A. Nucci, N. Taft, P. Thiran, H. Zhang and C. Diot. Photonic Network Communications Journal (special issue on Mesh Restoration). Kluwer Academic Publishers. Vol 9.1, pp 55-75. January, 2005. [PDF] [PS]

2004

Controlled Use of Excess Backbone Bandwidth for Providing New Services in IP-over-WDM Networks

A. Nucci, N. Taft, C. Barakat, and P. Thiran. IEEE Journal on Selected Areas in Communications (JSAC). November 2004 [PDF]

Can ISP's Take the Heat from Overlay Networks?

R. Keralapura, N. Taft, C.N. Chuah, and G. Iannaconne. ACM HotNets Workshop. November, 2004. San Diego. [PDF]

Can ISPs and Overlay Networks form a Synergistic Co-existance?

R. Keralapura, N. Taft, G. Iannaconne, and C.-N. Chuah. IFIP/IEEE Distributed Systems: Operations and Management (DSOM). (extended abstract) November 2004 [PDF]

A Distributed Approach to Measure IP Traffic Matrices

K. Papagiannaki, N. Taft and A. Lakhina. ACM Internet Measurement Conference (IMC). October 2004. [PDF]

Maximum Entropy Models: Convergence Rates and Applications in Dynamic System Monitoring

G. Liang, B. Yu and N. Taft. IEEE International Symposium on Information Theory (ISIT). June 2004. Extended abstract version [PDF], Short paper version [PDF].

How to Identify and Estimate the Largest Traffic Matrix Elements in a Dynamic Environment

A. Soule, A. Nucci, E. Leonardi, R. Cruz, and N. Taft. ACM Sigmetrics. June 2004. [PDF]

Structural Analysis of Network Traffic Flows.

A. Lakhina, K. Papagiannaki, M. Crovella, C. Diot, E. Kolacyzk, and N. Taft. ; ACM Sigmetrics. June 2004. [PDF]

Flow Classification Using Histograms or How To Go on Safari on the Internet

A. Soule, K. Salamatian, N. Taft, R. Emilion and K. Papagiannaki. ACM Sigmetrics. June 2004. [PDF]

Design of IGP Link Weights for Estimation of Traffic Matrices

A. Nucci, R. Cruz, N. Taft and C. Diot. Proceedings of IEEE Infocom. Hong Kong. March, 2004. [PDF]

Impact of Flow Dynamics on Traffic Engineering Principles

K. Papagiannaki, N. Taft and C. Diot. Proceedings of IEEE Infocom. Hong Kong. March, 2004. [PDF]

2003

IGP Link Weight Assignment for Transient Link Failures

A. Nucci, B. Schroeder, S. Bhattacharyya, N. Taft and C. Diot. International Teletraffic Congress (ITC). September 2003.[PDF] [PS]

Network Availability Based Service Differentiations

M. Durvy, C. Diot, N. Taft and P. Thiran. Proceedings of International Workshop on Quality-of-Service (IWQoS). June 2003. [PDF]

An Approach to Alleviate Link Overload as Observed on an IP Backbone

S. Iyer, S. Bhattacharyya, N. Taft and C. Diot. Proceedings of IEEE Infocom. April, 2003. [PDF]

Increasing the Robustness of IP Backbones in the Absence of Optical Level Protection

F. Giroire, A. Nucci, N. Taft and C. Diot. Proceedings of IEEE Infocom. April, 2003. [PDF]

2002

Traffic Matrix Estimation: Existing Techniques and New Directions

A. Medina, N. Taft, K. Salamatian, S. Bhattacharyya, C. Diot. ACM SIGCOMM. August 2002. [PS]

A Taxonomy of IP Traffic Matrices

A. Medina, C. Fraleigh, N. Taft, S. Bhattacharyya and C. Diot. SPIE ITCOM: Scalability and Traffic Control in IP Networks II. August 2002. [PS]

Increasing Link Utilization without Penalty in IP over WDM Networks

A. Nucci, N. Taft, P. Thiran, H. Zhang, C. Diot. SPIE Opticomm. August 2002. [PDF]

A Pragmatic Definition of Elephants in Internet Backbone Traffic

K. Papagiannaki, N. Taft, S. Bhattacharyya, P. Thiran, K. Salamatian and C. Diot. ACM Sigcomm Internet Measurement Workshop (IMW) (extended abstract). May 2002. [PDF]

Geographical and Temporal Characteristics of Inter-POP Flows: View from a Single POP

S. Bhattacharyya, C. Diot, J. Jetcheva and N. Taft. European Transactions on Telecommunications. February 2002. [PS]

Tutorial

The Basics of BGP Routing and It's Performance in Today's Internet

Nina Taft. Presented at RHDM (Reseaux Haut Debit et Multimedia) High Speed Multimedia Networks. French National Summer School. Corsica, France. May 2001. [PPT]

Book Chapter

Neural Network Methods for Call Admission Control

Richard Ogier and Nina Taft-Plotkin. Computational Intelligence in Telecommunications Networks. Chapter 2. Editor: Witold Pedrycz. CRC Press. 2001. [PS]
© 2009 Intel Corporation | Terms of Use | Trademarks | Privacy