I am an Associate Professor at Northeastern University in the Khoury College of Computer Sciences. I joined Northeastern University in Fall 2016. Before that, I was a Consultant Research Scientist at RSA Laboratories, performing research in security analytics, cloud security, applied cryptography, and foundations of cybersecurity. I am the receipient of the Technology Review TR35 award for research in cloud security in 2011 and the recipient of the Google Security and Privacy Award 2019.

Machine learning in cyber security

I am interested in the emerging field of "security analytics", defined as the applications of machine learning and data mining in cyber security and privacy. A particular topic of interest in my recent research is to understand, model, and predict the behavior of advanced attacks. I am currently working on designing machine learning models for protecting new computing platforms such as public clouds and IoT environments.

At RSA I designed systems that analyze terabytes of security logs (generated by web proxies, VPN servers, firewalls, domain controllers, etc.) and use a variety of machine learning algorithms (e.g., classification, graph mining, outlier detection, clustering) to add another layer of defense at enterprise perimeter and prevent breaches. Our work resulted in an award at the Los Alamos National Lab (LANL) challenge competition entitled "APT Infection Discovery Using DNS Data" organized at the C3E workshop in 2014 and was used in operational settings at EMC.

Adversarial machine learning

The wide adoption of machine learning and deep learning in many critical applications introduces stronger incentives for motivated adversaries to manipulate the results and models generated by machine learning. For instance, attackers can deliberately influence the training data to manipulate the results of a predictive model (in poisoning attacks), cause data mis-classification in the testing phase (in evasion attacks) or infer private information on training data (in privacy attacks). More research is needed to understand in depth the vulnerabilities of a variety of machine learning models, including deep learning, against adversaries. I am also interested in the challenging problem of designing machine learning methods resilient against attacks.

Intrusion-resilient enterprise networks

The recent prevalence of advanced cyber attacks has caused enterprise breaches with severe consequences in critical sectors, such as national defense, manufacturing and the financial industry. This project seeks to harden enterprise security against advanced threats by systematically designing a new multi-layer intrusion-resilient framework that addresses individual enterprise defenses, as well as global, community-based protections. We leverage techniques from cryptography and game theory to protect both individual assets and enterprises as a whole and promote new coordinated defenses across enterprises while protecting the privacy of shared data.

Funding : NSF