A Multifaceted Strategy to Fight Cybercrime

Duke Computer Science Colloquium
Speaker Name
Birhanu Eshete
Date and Time
-
Location
LSRC D106
Notes
Lunch served at 11:45 am
Abstract

The increasingly interconnected cyber-ecosystem invites cybercriminals to advance their ill-intentioned missions by launching cyber-attacks. From high-profile data breaches with impact on billions of users to hacks into political organizations that undermine the pillars of modern democracies, from infiltration of mission-critical infrastructures to banking trojans and ransomware campaigns, cybercrime continues to find its way to our sensitive data, finances, and digital identity. With cybercriminals constantly adjusting their adversarial tactics, cyber-attacks are only getting more prevalent and sophisticated to be thwarted by off-the-shelf defense.

In this talk, I argue that the multifaceted and evolving threat landscape needs to be countered with an equally multi-dimensional and evolution-aware defense that pragmatically combines reactive, proactive, and offensive strategies. To this end, I will present three approaches aimed at (a) leveraging attack-centric and self-defense behavior of for-crime toolkits to detect malice on the web (b) systematic infiltration of for-crime toolkits to turn the table against cybercriminals, and (c) on-the-wire malware detection using insights from offline analytics of malware infection episodes.

Short Biography

Birhanu Eshete is a Postdoctoral Researcher in the Department of Computer Science at the University of Illinois at Chicago. He earned his Ph.D. in Computer Science from the International ICT Doctoral School of the University of Trento (Italy) in 2013. His research interests include systems security, cybercrime analysis, big-data security analytics, and adversarial machine learning. His past work has contributed techniques and tools to the analysis and defense of web-borne malware, exploit kits, and advanced and persistent threats. His research has been published in the proceedings of top-tier cybersecurity conferences (USENIX Security, CCS, and NDSS) as well as other major venues such as the WWW conference.

Host
Bruce Maggs