I am a Research Assistant at Academia Sinica—one of the best academic institutions in Taiwan, where I attend the laboratory led by Yen-Nun Huang, the director of the Research Center for Information Technology Innovation.My research focuses on Network and System Security, and Deep Learning.
Research Experience
Research Assistant
Academia Sinica• 09.2021 - Present
Graph-based Neural Attack Behavior Detection and Alignment with Kernel Audit Logs for Advanced Persistent Threats
Simulated APT attack on Linux and Windows
Developed a theory for efficiently reducing kernel audit logs to ensure the high quality of behavior detection
Developed models leveraging graph embedding to correlate and mine suspicious behavior in audit logs
Modeling Threat Representation through Building Cyber Threat Knowledge Base for Advanced Persistent Threats
Developed models to extract semantic context from cyber threat intelligence platforms for generating provenance graphs
Using Honeypot Logs and Packets for Identifying Network Attack Patterns and their Signature
Utilizing BERT-based models to analyze packets and logs from honeypots provided by Soft Bank
P.-Y. Tseng, P.-C. Lin, Edy Kristianto, Vehicle Theft Detection by Generative Adversarial Networks on Driving Behavior. Engineering Applications of Artificial Intelligence (published) [Paper]
H-W Li, P.-Y. Tseng, Yennun Huang IPMES: An Incremental Behavioral Pattern Matching over System Audit Event Stream and Its Feasible Application in APT Detection. IEEE/IFIP International Conference on Dependable Systems and Networks(submitted)
Project
APT Discovery using OSINT and Network & System Logs
Integrated Open-source intelligence, Cyber threat intelligence, and MITRE ATT&CK framework into a cyber threat knowledge base, and developed neural network architectures to analyze and detect APT attacks in a multi-host environment.
Aligned the observed evidence to adversary lifecycle and correlated the relation between the detected