Birhanu Eshete

By |

I study cybercrime using data-driven methods to analyze, characterize, and measure the infrastructure and modus operandi used by criminal activities on the Internet. In particular, I focus on collection, analysis, and semantic characterization of cyber threat intelligence that comes in many shapes and forms (e.g., natural language, network traffic, system audit logs). The ultimate goal is to learn insights that will inform decisions on building robust defense against online criminal activities that involve threats such as ransomware, exploit kits, and botnets. To achieve these goals, I find graph theory and analytics, machine learning (deep learning), longitudinal analysis, and causality inference to be the natural methods. I also study the training and deployment of cyber threat classification/prediction systems in adversarial settings.

From behavioral fingerprinting and detection of cybercrime toolkits to analytics and detection of online cyber threats; from semantic characterization of cyber threat intelligence to detection and forensics of advanced cyber attacks, machine learning, graph theory and analytics, graph isomorphism, and causal inference serve as the core ingredients to build robust defense against cyber threats.