=====================================================================================
College of Computing and Mathematics
Computer Engineering Department
=====================================================================================
Presents Public Seminar
"Automated Extraction, Characterization, and Mitigation of Cyber Threats based on Analyzing Unstructured CTI Reports"
Date: Monday, 31st October 2022,
Time: 02:30 PM – 03:30 PM
Location: Bldg. 22, Room 119
Speaker:
Prof. Ehab Al-Shaer
Distinguished Chair Professor, COE Department
Abstract:
Cyber Threat Intelligence (CTI) reports are widely used for sharing cyber threat incendent and information. However, CTI reports are unfortunately are shared as unstructured text using advanced technical terms, which makes analyzing and actuating threats information highly challenging. Considering the semantic complexity and large number of CTI reports generated every day, the current practice of manual analysis of CTI reports for threat mitigation yields not only slow and expensive but also inaccurate threat analysis and mitigation.
In this talk, I will present our research for developing sense-making and decision-making techniques to automate the analysis of unstructured CTI reports, and create course-of-action for predictive threat analytics and proactive mitigation. In our sensing-making analysis, we developed a text mining framework for understanding the semantic of CTI and CVEs reports in order to (1) automatically extract the "actionable" cyber threat information, (2) characterize the attack techniques, and (3) identify the attack pattern based on the killchain and the attack Tactics, Techniques, and Procedures. In our decision-making analysis, we developed an evidential reasoning framework that allows for automated investigation and proactive threat hunting with minimum time and cost overhead. In the last part of the talk, I will shed some light on providing trustworthy and verifiable course of actions for enabling safe and effective actuation in cyber defense.
Overall, the goal of this research is to develop techniques for automated cyber threat analytics and response to obtain safe, effective, fast, and economical cybersecurity.
Speaker Bio:
Dr. Ehab Al-Shaer is currently a Distinguished Chair Professor at the Computer Engineering Department in KFUPM. Dr. Al-Shaer has been Distinguished Career Professor and Distinguished Research Fellow at the College of Engineering and College of Computer Science, and Faculty Member of CyLab Security and Privacy Institute in Carnegie Mellon University. Prior to joining CMU, Dr. Al-Shaer was the Professor and Director of National Science Foundation Center on Security Analytics and Automation (CCAA) at College of Computing and Informatics in University of North Carolina Charlotte. Dr. Al-Shaer is actively contributing to cybersecurity research and education for more than 25 years during which he has published 5 books in highly advanced emerging areas in cybersecurity, and more than 250 publications. Dr. Al-Shaer's team has unique contributions and fingerprints in establishing new research directions and offering novel solutions in the area of Firewall Security Analytics, Smart Grids Resilience, Moving Target Defense, Cyber Deception, Analytics for Autonomous Cyber Defense. Dr. Al-Shaer was designated by the Department of Defense (DoD) as a Subject Matter Expert (SME) on Security Analytics and Automation in 2011, and was awarded the IBM Faculty Award in 2012, and the UNC Charlotte Faculty Research Award in 2013, and Distinguished Career Professor at CMU in 2019.
Throughout his career, Dr. Al-Shaer has received more than $30M of research funding from both government agencies and industry, in the area of data-driven and formal-driven cybersecurity. He has several accepted and submitted patents.
All faculty, researchers and graduate students are invited to attend.
=====================================================================================
Computer Engineering Department, College of Computing and Mathematics
Telephone: +966 (13) 860 2110, Email: c-coe@kfupm.edu.sa, Website: www.kfupm.edu.sa/departments/coe/
Copyright © 2014 King Fahd University of Petroleum & Minerals
=====================================================================================
