When malware changed its mind: an empirical study of variable program behaviours in the real world
Erin AvllazagajUniversity of Maryland, College Park
Erin is a third-year Ph.D. student in the Department of Electrical and Computer Engineering at the University of Maryland in College Park, advised by Prof. Tudor Dumitraș. He received his B.S. in computer science from Bilkent University (Ankara, Turkey) in 2018. Erin's broad research interests cover data-driven malware analysis and automatic exploit generation. Specifically, in his recent Ph.D. work he has analysed executions of malware traces in the real world to derive guidelines for creating effective behaviour-based detection systems. Erin is currently interested in automatic exploit generation for heap-based exploits. His participation in various CTF competitions and his internship work have been major influences in this new research direction.
Ziyun Zhu is a Research scientist at Facebook in Greater New York Area.
Leyla BilgeNortonLifeLock Research
Leyla Bilge is technical director and leads the branch of the research team that resides in Europe.
Davide Balzarotti is a Professor (Professeur des université) at the EURECOM Graduate School and Research Center, located in Sophia Antipolis on the French riviera. His research interests include most aspects of system security and in particular the areas of binary and malware analysis, reverse engineering, computer forensics, and web security. Davide is a recipient of an ERC Consolidator Grant which focuses on the analysis of compromised systems. Davide is a member of the Order of the Overflow – the team which organizes the DefCon Capture the Flag competition. Before that, he was one of the founding members of the Shellphish hacking group, with whom he participated in ten DEFCON CTF finals in Vegas (winning in 2005). When he was a post-doc in the security group at UCSB, he also helped to organize several early editions of the iCTF competition. When not in front of his computer, Davide likes to climb rocks, surf waves, hike trails, and take pictures along the way.
Tudor DumitrasUniversity of Maryland, College Park
Tudor works on data-driven security. His research objective is to provide an evidence-based foundation for security, by building defences grounded in a rigorous understanding of real-world adversaries. Tudor conducts empirical studies of adversary behaviour, builds machine learning systems for detecting malware and attacks, and studies the security of machine learning in adversarial environments. He also has a good knowledge of the security industry, having worked for 2.5 years at Symantec Research Labs. There,he built WINE, one of the first platforms for sharing field data collected by the security industry with academic researchers. In his most cited paper he measured how long zero-day attacks go undiscovered in the wild; this measurement was made possible, for the first time, by the WINE platform. Tudor's research has been featured in the Research Highlights of the Communications of the ACM and has been widely cited in the media, for example in The Economist, the MIT Technology Review, Forbes, and The Register. He also enjoys giving TED-style talks, to explain his work to broad audiences. Tudor has a Ph.D. from Carnegie Mellon University and undergraduate degrees from the Ecole Polytechnique and the “Politehnica” University, Bucharest.