Job Talk: Human Information Interaction (HII) in Cyber Threat Intelligence (CTI): How We Enable AI Interoperability for Cybersecurity Practitioners
This talk is free and open to all
Abstract:
Recent years have witnessed a wide industrial adoption of Artificial Intelligence (AI) data-driven solutions for cybersecurity challenges, covering both safety-critical and consumer-grade assets from energy plants, cyber-physical systems, endpoint hardware, Internet-of-Thing device networks, and cloud computing infrastructures. These AI data-driven solutions are effective due to the continuously widening attack vectors and the exponentially growing amount of security-related data that has grown beyond the cybercrime investigators' capability to analyze and validate. However, these data-driven solutions are typically black-box methods with a single output that provides little to zero actionable information except the logged alert. This issue limits the cybersecurity practitioner's ability to understand, analyze, trace down, and correlate cyber-attacks to provide better security protection over the assets against the constantly evolving adversaries.
In this talk, I will present our recent research progress on how we enable AI solution interoperability for cybersecurity practitioners and avoid potential biases collected from the data and the learning process in cybersecurity challenges such as vulnerability detection, malware authorship forensics, intrusion detection, and crisis incident response. The objective is to develop data-driven solutions that provide interpretable connections between input indicators and model output to enable informed user judgements and further action planning. Future research direction will also be highlighted in this talk.
听