CSIS Seminar

Building Trustworthy Systems for Fighting Modern Threats

Abstract

The increased opaqueness in computing systems makes them vulnerable to sophisticated cyber attacks (e.g., Advanced Persistent Threats). Consequently, many businesses have been plagued with huge losses (e.g., Equifax, Target, Yahoo). In addition, the success of emerging technologies such as online social networks and blockchain has come at the cost of new threats to security. How can we gain visibility into currently opaque computing systems and defend them from sophisticated attacks? How can we re-architect our computing for fighting new threats? In this talk, I will cover multiple systems I have built for addressing these pressing issues. I will primarily discuss the advanced threat protection (ATP) stack, which brings transparency into computing systems (via ubiquitous system auditing) and connects the dots across system activities in various ways (forensically vs. real-time, manually vs. semi-automatically vs. automatically) to fight advanced threats. The ATP stack is multi-disciplinary, using techniques from system security, operating system, database, compiler, and machine learning. It includes multiple research efforts and has had real-world impact. I will also cover other systems on using AI for automated threat intelligence gathering and management and using network science and program analysis for securing online social networks and blockchain. I will conclude the talk by describing my future research agenda and long-term vision towards a secure and trustworthy cyberspace. Join Zoom Meeting https://gmu.zoom.us/j/99947869960?pwd=TW9UOXFMdUZ5SngzckpuUVp4Sk1SUT09 Meeting ID: 999 4786 9960 Passcode: 407646

Speaker Bio

Peng Gao is a Postdoctoral Researcher in Computer Science at UC Berkeley. He received his Ph.D. in Electrical Engineering from Princeton University in 2019. His research interest lies in security and privacy issues in systems and networks. His work centers on creating scalable, secure, and trustworthy systems to solve real-world problems, with publications at premier academic venues (e.g., ACM CCS, USENIX Security, USENIX ATC, ICSE). His work on advanced threat protection has been successfully deployed in the real-world enterprise and commercialized, and has been selected as the Top-10 Finalist in the 2018 CSAW Best Applied Research Paper Competition. His proposal on threat intelligence has been selected as the winner of the 2020 Microsoft Security AI Research Award. He also has rich industry experience through multiple internships at leading companies and research labs (e.g., Microsoft Research, Facebook, etc.).