Enterprises routinely collect billions of security events from their networks for real time security monitoring, regulatory compliance, and forensic investigation. The volume of data has surpassed human ability to detect and respond to threats in a timely manner. Most of my recent work has focussed on designing algorithms and building systems to analyze the data in order to (a) identify threats in a scalable, reliable, and timely manner, and (b) respond to the threats in an automated manner.
Publications
- Data Exfiltration Detection and Prevention: Virtually Distributed POMDPs for Practically Safer Networks, GameSec 2016
- The Operational Role of Security Information and Event Management Systems, S&P Magazine, 2014
- Detecting Malicious Domains via Graph Inference, AISec 2014
- Detecting Malicious Domains via Graph Inference, ESORICS 2014
- Big Data Analytics for Security Intelligence, S&P Magazine 2013
- Text Classification for Data Loss Prevention, PETS 2013
Selected Invited Talks
- Machine Learning for Enterprise Security (Keynote), AISec 2015
- Operational Security Games (Panelist), GameSec 2016
- Enterprise Data Exfiltration Detection and Prevention, NFW 2016
- Security Event Management: Challenges and Opportunities, Penn State CSE Colloquium 2014
Patents
- 9 granted and 18 pending