Ehab Al-Shaer

Ehab Al-Shaer

Automation of Cyber Threat Intelligence Analytics and Hunting
Professor and Dir - CYBER DEFENSE AND NETWORK ASSURABILITY CENTER, CCI

Abstract: Cyber threat intelligence (CYI) information provides great capabilities for enterprises to develop advanced threat notification and initiate proactive defense. However, the amount of threat information that often shared as unstructured text and the unknown relevance to local security controls make it hard to use a timely and large scale fashion. In this talk, we will present our research in the NSF Center for Cybersecurity Anslytics and Automation to develop novel techniques and tools to automate the TTP extraction and mitigation from unstructured CTI report.

Ehab Al-Shaer is a Professor and the Director of the Cyber Defense and Network Assurability (CyberDNA) Center in the School of Computing and Informatics atUniversity of North Carolina Charlotte. His primary research areas are network security, security management, fault diagnosis, and network assurability. Prof. Al-Shaer edited/co-edited more than 10 books and book chapters, and published about 100 refereed journals and conferences papers in his area. Prof. Al-Shaer is the General Chair of ACM Computer and Communication 2009-2010 and NSF Workshop in Assurable and Usable Security Configuration, August 2008. Prof. Al-Shaer also served as a Workshop Chair and Program Co-chair for number of well-established conferences/workshops in his area including POLICY 2008, IM 2007, ANM-INFOCOM 2008, CCS-SafeConfig 09, MMNS 2001, and E2EMON 04-05. He also served as a member in the technical program and organization committees for many IEEE and ACM conferences. He was awarded many Best Paper Awards. Prof. Al-Shaer received his MSc and Ph.D. in Computer Science from the Northeastern University (Boston, MA) and Old Dominion University (Norfolk, VA) in 1998 and 1994 respectively.