Abstract: Blockchain-based cryptocurrencies have seen rapid adoption, facilitating both legitimate and malicious transactions due to their pseudo-anonymous nature. Given that all transactions are publicly recorded on distributed ledgers (e.g., Bitcoin), an important research question arises: Can we analyze these transaction graphs to detect malicious activity? In this talk, by capitalizing on the recent advances in topological data analysis, we discuss an efficient and tractable data analytics framework to automatically detect new malicious addresses in a ransomware family, given only a limited records of previous ransomware transactions. Furthermore, we show that our proposed methodology provides significant improvements in precision and recall for ransomware transaction detection, compared to existing heuristic based approaches, and can be utilized to automate ransomware detection. Additionally, while deep learning approaches promise automated, insight-free learning and detection, we discuss that incorporating human insights can enhance the effectiveness and usability of detection mechanisms for blockchain transaction graphs.
Bio: Dr. Murat Kantarcioglu is a Professor and CCI Faculty Fellow in the Department of Computer Science at Virginia Tech. He received his PhD in Computer Science from Purdue University in 2005, where he was recognized with the CERIAS Diamond Award for Academic Excellence. He has also held affiliations as a Faculty Associate at Harvard’s Data Privacy Lab and as a Visiting Scholar at UC Berkeley’s RISE Labs. His research focuses on the integration of cybersecurity, data science, and blockchain technologies to develop secure, privacy-preserving, and efficient data analysis and sharing methods. His work has been featured in prominent media outlets such as the Boston Globe, ABC News, PBS/KERA, and DFW Television, and has received multiple best paper awards. Dr. Kantarcioglu is a recipient of the NSF CAREER Award, the AMIA 2014 Homer R. Warner Award, and the IEEE ISI 2017 Technical Achievement Award for his contributions to data security and privacy. He is a Fellow of both the AAAS and IEEE.
Abstract: Frontier AI models are rapidly evolving the cybersecurity capabilities of attackers and defenders. While researchers have already brought into focus the increased scale and sophistication that AI lends to phishing, malware, and misinformation, the landscape of beneficial applications of AI for consumers and enterprises is less clear. This talk will reflect on real-world results and challenges from integrating frontier AI models into the workflows of security experts at Google for a wide range of applications including incident response, phishing detection and explainability, threat analysis, fuzzing, content moderation, and automated security advice. We will also dive into how Google is improving the security reasoning capabilities of models via Sec-Gemini to support the next generation of cybersecurity defenses.
Bio: Kurt Thomas is a research scientist in Google’s Privacy, Safety, and Security Research Group working to protect the digital safety of everyone online. His interests span security, fraud, harassment, misinformation, and practical applications of artificial intelligence. His research has been covered by CNN, WIRED, the Wall Street Journal, the New York Times, and more. He has won multiple best paper awards from USENIX Security, IEEE Security & Privacy, and CHI. Before joining Google, Kurt earned his PhD from the University of California, Berkeley in 2013.