Invited Talks and Panels

Teaching
Research
Publications
Contributions
​Projects & Tools
Invited Talks & Panels
Professional Services
Students & Supervision
Keynote, Invited Talks and Government Briefing 
  • “Analytics of Cyber Threat Intelligence”, FS-ISAC, Oct 2017.
  • “Building a Cyber Risk Appetite Framework”, SINET CISO Workshop for major companies, Jan 2017
  • “Cybersecurity Innovation”SINET Invited talk in Silicon Valley, CA, November 2016.
  • “Towards Science of Cyber Agility”, Invited talk, Clemson University. December 2016. 
  • “Cyber Mutation for Moving Target Defense: Metrics, Techniques and Future Directions”, Keynote Talk in ACM Moving Target Defense Workshop, ACM CCS Workshop, October 2016.
  • “A Tutorial on Moving Target Defense Research”, IIT, India, July 2016.
  • “A Tutorial on Smart Grid Security and Resiliency Research”, IIT, India, July 2016.
  • “Active Cyber Deception”, invited talk in ARO workshop on Cyber Deception, July 2015.
  •  “Measuring the Effectiveness of Moving Target Defense- Metrics, Methodologies and Experiences “, Invited talk in the AR Workshop on Measurement of MTD, September 2016.
  •  “10 Reasons for Asymmetry in Cyber Warfare”, UNC Charlotte Cybersecurity Symposium, October 2016
  •  “Cybersecurity Automation: The Path from Sense Making to Decision Making”, Invited talk in the seminar of NSA National Centers of Academic Excellence on Cyber Defense, December 2015.
  • “Resiliency-in-Depth for Cyber and Cyber-Physical System”, Pacific Northwest National Lab (PNNL), 2015.
  •  “Active Cyber Deception”, invited talk in ARO workshop on Cyber Deception, July 2015.
  • “Cyber Resiliency: Current and Future Research Direction”, Office of Science and Technology Policy (OSTP), White House, December 2014 (briefing).
  • “Science of Security Design Synthesis”, NSA Science of Security Lablet, NCSU, May 2013.
  • “Automated Security Configuration Hardening and Obfuscation”, NSF US/Egypt Workshop on Cyber Security, Cairo, Egypt, June 2013.
  • “Moving target Defense: Metrics and Approaches”, NSF Middle East Workshop on Distributed Systems, Istanbul, Turkey, June 2012.
  • “Science of Security Configuration Automation”, IBM Watson, April 2012. 
  • “Science of Security Configuration Analytics”, Applied Communication Sciences, May 2012
  • “Security Configuration Analytics Using Formal Methods”, Bell labs, May 2012
  • “The Dilemma of Security Analytics”, IBM Research Triangle Park, September 2012
  • “Non-invasive Smart Grid Threat Analyzer using Formal Methods”, NSF/IFIP Smart Planet Workshop and 59th Meeting of the IFIP 10.4 Working Group on Dependable Computing and Fault Tolerance, Jan 2011.
  • “CyberDNA— Commotional Analytics for Security Configuration Verification”, North Carolina State University, February 2011
  • “Non-invasive Threat/Vulnerability Analysis for Smart Grid Networks”, DIMACS Workshop on Algorithmic Decision Theory for the Smart Grid, Rutgers University, Oct 2010.
  • “Mutable Networks for Moving Target Defense”, ARO Workshop for Moving Target Defense, Oct 2010.
  • “Automated Management of Security Access Control from Design to Enforcement”, ACM Symposium on Access Control Models and Technologies (SACMAT), Keynote Speaker, June 2010
  • “Theory and Applications of Binary Decision Diagrams on Network Configuration Verification”, Princeton University, April 2009
  • “Distributed Event Correlation for Infrastructure Monitoring”, USA-India NSF Workshop on Infrastructure Security, January 2010.
  • “GENI Security Configuration In a Box”, NSF GENI Workshop, University of California Davis, January 2009
  • “Community-based Overlay Fault Diagnosis”, Georgia Institute of Technology, Oct 2009
  • “Network Security Auto-configurations: Top-down and Bottom-up Approaches”, BBN, July 2008
  • “Assurable and Usable Security Configuration – Looking  Forward“, NSF SafeConfig Workshop, August 2008
  • “Toward Assurable and Robust Network Security Configurations”, Boston University, July 2008
  • “Toward On-line Network Configuration  Debugging”, Yale University, July 2008
  • “A Commotional and Verifiable Modeling for Network Security Configurations”, USENIX Configuration Workshop, LISA, November 2007
  • “Toward Assurable and Robust Network Security Configurations “, University of Iowa, November 2007
  • “Future Direction in Security & Forensic Management Research”, NSF Cyber Trust Future Direction Workshop, (invited as Lead Researcher in this area), October 2006
  • “The 5 Challenges  Towards Automated Security Management”,  NSF Safe Computing Workshop, Sandia National Labs, December 2006
  • “Toward Autonomic Security Policy Management”, Purdue University, Aug 2006
  • “Toward Next-Generation Security Policy”, Intel Research, March 2006
  • “On Statistical Filtering  for Firewall Policy Optimization”, Northwestern University, March 2006
  • “Network Security Policy Verification and Optimization ”, Georgia Institute of Technology, Oct 2005
  • “Management of Network Security Policies Between Crises and Fantasies ”, University of Illinois at Urbana-Champaign (UIUC),  September 2005
  • “Policy-based Enterprise Security Solutions”, Cisco Security Team, San Jose, Oct. 2004
  • “Next-generation Firewall”, Cisco Workshop on Network Security, San Jose, Nov. 2003
  • “Tightening Your Firewall Security”, CTI Security Seminar, DePaul University, Oct. 2003
  • “The Role of Multicasting in Supporting Event Correlation”, Networking 2000, Paris, May 2000
  • “Emerging Technologies for A Networked Society”, IT Puerto Rico Government Summit, March 2000
 
Invited Panelist  
  • “Active Cyber Defense for Resilient Infrastructure: Current Challenges and Future Directions” (with Arlette Hart, FBI, and Phil Quade, NSA), ACM CCS Workshop on Automated Decision Making for Active Cyber Defense, Oct 2015.
  • SINET Panel on “The Role of Automation in Cybersecurity” (With  Philip Quade,  Chief of the NSA Cyber Task Force, National Security Agency, Hitesh Sheth, President and Chief Executive Officer of Vectra Networks,  and Thomas Bakewell, Chief Information Officer of Infoblox), November 2015.
  • SINET panel on “Data-Driven Security Analytics & Automation for Advancing Cybersecurity Innovation” (with Rich Baich, Chief Information Security Officer of Wells Fargo Corp. Mark Clancy, Managing Director of DTCC, and  Douglas Maughan, Division Director of Cyber Security in DHS), July 2014.
  • “Cybersecurity: Protecting and Preparing Our Critical Infrastructure Sectors”, Duke Energy Summit Charlotte, June 2015, with panelists: Brad Merlie (Vice President of Piedmont Natural Gas), Carl Cahill (IT Manager Security Architecture & Planning at Duke Energy) and Gayle S. Lanier (Senior Vice President at Duke Energy).
  • “Cyber Security Innovation from Research to Practice”, 10th Annual Cyber & Information Security Research (CISR) Conference 2015, Moderator: Renee Tarun (NSA), Panelists: Phil Quade, NSA; Dr. Steve King (OSD-DOD), ViceADM (Ret) Parker (USCG), and Kevin Kerr (CISO, ORNL), April 2015.
  • “Security Automation: Future Research Direction”, LAS/NSA, NCSU 2015.
  • Director CyberDNA & NSF IUCRC, UNCC
  • “Measuring the Effectiveness of Moving Target Defense”, ACSAC 2014
  • “Data-Driven Security Analytics & Automation for Advancing Cybersecurity Innovation”, SINET Security Innovative Networks 2014, with panelist: Rich Baich (Wells Fargo), Mark Clancy (DTCC), and Doug Maughan (DHS).
  • “Security Analytics and Automation”, IEEE SafeConfig 2013.
  • “Security Content Automation Protocol: Real Application and Future Opportunity”, with Tony Sager (NSA), Scott Armstrong (Symantec), Kent Landfield (McAfee), Security 2010.
  • “Security Automation: Past, Present and Future”, ACM CCS SafeConfig 2009
  • “Can Management Systems be Trusted?” IEEE Symposium of Integrated Network Management 2007 May 2007.
  • “Toward Next-generation Monitoring System for Security”, IEEE E2EMON (with Keith Ross Polytechnic University, James Hong POSTEC, and Masum Hasan Cisco systems), October 2004
  • “Overlay Networks and Management: A Real Solution or New Hype?”, IEEE Integrated Network Management (IM’03), Colorado, March 2003
  • “Is the Internet Ready for Multimedia”, IEEE MMNS, California, October 2002
 
Tutorial Presentations
These tutorials were either invited or selected based on IEEE peer-review process:
07/2016   “A Tutorial on Moving Target Defense Research”, IIT-Bhubaneswar, India
07/2016   “A Tutorial on Smart Grid Security and Resiliency Research”,  IIT-Bhubaneswar, India.
10/12/11    “Configuration Analytics & Automation”, UNC Charlotte Cybersecurity Symposium
04/2008   “Security Policy Testing and Evaluation”, NOMS 2008 (accepted for presentation)
12/2007   “Intrusion Detection and Prevention Systems:  Configuration, Tuning and Evaluation”, KFUPM
04/2006   “Security Policy Verification, Optimization”, IEEE NOMS 2006
12/2006   “Firewall and Security Policy Management”, KFUPM
05/2005   “Managing Network Security Policies: Firewall and IPSec/VPN”, IEEE IM 2005
04/2004   “Managing Firewall and Network-Edge Security Policies”, IEEE NOMS 2004.
 
Technology Transfer
  • Cisco INSPEC System: My group developed an automated tool for testing automatically the firewall implementation of policy enforcement using a novel testing technique called policy segmentation that minimizes the number of probe packets, while maintaining high accuracy. Our prototype was further developed as a tool that CISCO used locally for firewall automated testing that improves quality assurance.
  • Intel Security Policy Advisor: My group developed an automated tool for analyzing the firewall and IPSec polices for detecting configuration conflicts or inconsistencies, and recommending policy modification to fix the problem.
  • IP Mutation in Air Force SBIR Phase II: In collaboration with our DoD contractor partner, our team won the SBIR II award for developing our IP Mutation on Software Defined Networking. IP Mutation is a moving target defense technique that randomizes IP address in a network to disguise network assets identity.
  • NSA/APL ActiveSDN for Automated Response: We developed a novel reactive policy engine for automated proactive and reactive response to attacks or potential threats. The system, called CLIPS/ActiveSDN, can plan, deploy and orchestrate responses for thousands of active threats actions simultaneously, while guaranteeing the integrity of the network operations. The system was developed jointly with APL engineers (DoD contractors), and deployed in the DoD testbed used of the Integrated Active Cyber Defense (IACD) community.
  • Active Deception for ONR SBIR Phase I: In collaboration with our industry partner, our group won SBIR I award by the US Navy to develop active cyber defense that creates honey-games on demand.
  • CyberARM for Transition to Practice: In collaboration with Bank of America and Cyber Risk Research, we submitted a transition to practice proposal to NSF for developing a robust CyberARM tool, which is a tool developed by our group for cyber risk mitigation planning.  
  • CCAA-UNCC will demonstrate their tools in RSA Exhibition 2018: Our team have developed three novel and mature tools that address critical challenges in Cybersecurity: (1) CyberARM for cyber risk planning mitigation, (2) TTPDrill for analyzing cyber threat intelligence report, and (3) HIDE for high anonymity in cyber deception. These tools have been selected for demonstration in RSA 2018.