报告题目：Data-driven Cyber Security Intelligence
主讲人：Euijin Alley Choo
Dr. Euijin Alley Choo is a postdoctoral researcher at Qatar Computing Research Institute. Prior to joining QCRI, she worked as a research professor at Korea University and a visiting assistant professor at University of Missouri, Rolla. She received her Ph.D from North Carolina State University in 2015. She also received her dual BS in Computer Science and Mathematics, and MS in Computer Science, at Korea University. Her research interest sits at the intersection of security and data analysis involving data mining, machine learning, and deep learning. More specifically, it includes security and information assurance in e-commerce, and anomaly detection in network traffic and enterprise logs. During her research, she received Provost Fellowship from NC state University and Brain Korea 21 Scholarship from Korea Research Foundation. she was also an awardee of a few travel grants to attend major security conferences including CCS 2010 and IEEE S&P 2014. She is truly honored to be a recipient of the best paper award at DBSEC 2015.
In this talk, I will introduce two of my current research efforts related to data-driven cyber security intelligence. First, I will present DeviceWatch: Identifying Compromised Mobile Devices through Network Traffic Analysis and Graph Inference. In this research, we analyze 2-days of mobile network traffic provided by Chinese cellular provider, and try to identify compromised mobile device which might have malicious applications, resulting that the device generates anomalous traffic. To classify mobile devices into compromised or benign, we apply a graph-inference algorithm on the bipartite graph between mobile devices and apps they installed. This research will be the main focus of this talk.