CCF Young Computer Scientists & Engineers Forum
特邀讲者：Danfeng Yao 博士，美国佛吉尼亚理工学院
The proliferation and sophistication of malware (malicious software) activities -- as well as their growing capacity to do serious harm -- require constant vigilance and upgrading. We aim to develop host-based anomaly detection solutions that can be applied to identify suspicious network and file system activities. Specifically, we focus on identifying characteristic human-user behaviors (namely application-level user inputs via keyboard and mouse), developing protocols for analyzing inputs and system calls, and preventing forgeries and attacks by malware. We present several projects based on this human-behavior driven malware detection approach, including drive-by-download detection, HTTP-based input-traffic analysis, and cryptographic-based traffic provenance verification.
二、特邀讲者 Danfeng Yao博士
Danfeng (Daphne) Yao is an assistant professor in the Department of Computer Science at Virginia Tech, Blacksburg. She received her Computer Science Ph.D. degree from Brown University in 2007. Before joining VT in 2010, she was a tenure-track assistant professor at Rutgers University Computer Science Department for two years. Her research interests are in network and system security. She received the NSF CAREER Award in 2010 for her work on human-behavior driven malware detection. She received the Outstanding New Assistant Professor Award from Virginia Tech College of Engineering in 2012. She won the Best Student Paper Award in ICICS 2006 and the Award for Technological Innovation from Brown University in 2006, both for her privacy-preserving identity management work, and the Best Paper Award in CollaborateCom 2010 for keystroke security. Danfeng has a PCT patent filed for her recent bot detection techniques.
Yao has published dozens of distinguished paper in top-ranked journals and conferences, journals include IEEE Transactions of Dependable and Secure Computing, ACM Transactions on Information and System Security, IEEE Transactions on Parallel and Distributed Systems, IEEE Transactions on Systems, Man, and Cybernetics, Journal of Computer Security , Computers & Security, and so on, conferences include IEEE Symposium on Security and Privacy, ACM Conference on Data and Application Security and Privacy (CODASPY), International Conference on Network and System Security (NSS), International Conference on Applied Cryptography and Network Security (ACNS), and so on.