[talks] Fwd: EE Seminar - April 28, 2016, 11:00 am, E-Quad B205 - Dr. Zhichun Li

Jennifer Rexford jrex at CS.Princeton.EDU
Mon Apr 25 14:59:15 EDT 2016 

> 
> From: Sania Sadhvani <sadhvani at Princeton.EDU>
> Subject: EE Seminar - April 28, 2016, 11:00 am, E-Quad B205 - Dr. Zhichun Li
> Date: April 25, 2016 at 2:54:21 PM EDT
> To: ee-seminar at Princeton.EDU
> Reply-To: Sania Sadhvani <sadhvani at Princeton.EDU>
> 
>  
> DEPARTMENT OF
> ELECTRICAL ENGINEERING SEMINAR SERIES
>  
>  
>  
>  
> Speaker:   Zhichun Li
>                      NEC Research Labs
> Title:           Counter Advanced Persistent Threat through Big-Data Enabled Security
>                      Intelligence
> Date:          April 28, 2016
> Time:          11:00 a.m.
> Room:        B205 Engineering Quadrangle
> Host:          Prof. Prateek Mittal
>  
> Abstract:  Today serious security incidents keep appearing in mainstream media. Cyber-attack is no longer just for fun but has grown up and become a large dark industry. Data breaches from Target, Home Depot, JP Morgan Chase, Sony, eBay, OPM.gov etc., not only cause severe impact to the business or government agency, but also affect millions of people. The attacks behind the scene are so call Advanced Persistent Threats (APTs). In this talk, I will introduce what is an APT, and what characteristics those attacks have by going through a case study on how Target got hacked. Then, I will examine why APT is hard to detect by existing industry security solutions, and potentially how we can do better. To fight against APT, we started the Automated Security Intelligence (ASI) project in 2012, and later found DARPA Transparent Computing (TC) program BAA in 2014 shared the same vision, which is “connecting the dots” across multiple activities that are individually not suspicious enough, but collectively indicate malice or abnormal behavior.  The ASI project achieves ubiquitous monitoring inside enterprises with Windows, Linux and Mac agents, includes a big-data middleware to handle the massive events collected, and provides a platform that supports various security applications. In particular, in this talk, I will highlight research progress from two early efforts on “connecting the dots”:  temporal behavior query language, which enables a search tool for security analysts to quickly explore the potential linkage among events, and activity backtracking, which is a semi-automatic tool on answering “how this happens”.
>  
> Biography:  Zhichun (ZL) Li is a senior researcher at NEC Research Labs in Princeton, NJ. At NEC Labs, he manages the newly formed Computer Security Department. He has initiated and led the large-scale interdisciplinary research project called Automated Security Intelligence involving 15 researchers from Princeton and Tokyo. He has broad research interests in the areas of security and systems with an emphasis on enterprise security with big-data, smartphone security, network security etc. Before joining NEC Labs, he received his Ph.D. on Dec 2009 from Northwestern University.  He earned both M.S. and B.S. degrees from Tsinghua University in China.  Previously, he has conducted research at Microsoft Research Redmond and International Computer Science Institute (ICSI) in UC Berkeley.
>  
>  
>  
>  
>  
>  
>  
>  
>  
> 
>  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cs.princeton.edu/pipermail/talks/attachments/20160425/1a66f6c8/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 5190 bytes
Desc: not available
URL: <http://lists.cs.princeton.edu/pipermail/talks/attachments/20160425/1a66f6c8/attachment.jpg>

More information about the talks mailing list