Dr. George Webster

Alumni

E-Mail:	George Webster

Research Interests

My primary research focus aims to address the cognitive bias in cyber defense, specifically in developing scalable methods to perform cyber analytics. My academic and work background is centered in Virtual Machine Introspection, static analysis techniques, distributed systems, and the psychology of cyber criminals.

Teaching

• Winter Semester 2016/2017
  • Practical Course: Anomaly Detection Challenges

• Summer Semester 2016
  • Seminar: Large-Scale Malware Analysis

• Winter Semester 2015/2016
  • Practical Course: Anomaly Detection Challenges

Supervised Work

Completed

• GSoC (Google Summer of Code): Holmes Framework to Automate Advanced Analytics
• GSoC (Google Summer of Code): Holmes Example Services
• GSoC (Google Summer of Code): Holmes Automated Malware Relationships (Rendering)
• GSoC (Google Summer of Code): Holmes Automated Malware Relationships (Processing)
• BA: Sauron -  Advanced Monitoring of Distributed Components
• BA: Detecting and Rating Malware Relationships using Machine Learning
• BA: Large Scale Anomaly Detection Using Spark
• GSoC (Google Summer of Code): Foundations for DRAKVUF on ARM
• GSoC (Google Summer of Code): Centralized Service Configuration for Holmes
• GSoC (Google Summer of Code): Web Interface and Generic API Development for Holmes Processing
• TUMKolleg: Secure Communication Within Networks
• MA: Key Management for Distributed Storage Systems
• BA: Distributed Services for Large Scale Dynamic Malware Analysis
• MA: Revealing Previously Unknown Malicious Domains leveraging DNS and WHOIS Data

Publications

2017		Finding the Needle: A Study of the PE32 Rich Header and Respective Malware Triage 14th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)
		Empowering Convolutional Networks for Malware Classification and Analysis 30th International Joint Conference on Neural Networks (IJCNN)
		Size Matters: Open-Source Framework for Large Scale Analysis Microsoft DCC
		From Mole Hills to Mountains: Revealing Rich Header and Malware Triage RSA USA
2016		Deep Learning for Classification of Malware System Call Sequences 29th Australasian Joint Conference on Artificial Intelligence (AI)
		A Study of the Rich Header and Respective Malware Triage Hacktivity
		SKALD: A Scalable Architecture for Feature Extraction, Multi-User Analysis, and Real-Time Information Sharing 19th International Conference on Information Security (ISC)
		Adaptive Semantics-Aware Malware Classification 13th Conference on Detection of Intrusions and Malware \& Vulnerability Assessment (DIMVA)
2015		Internet-Scale File Analysis Black Hat - USA
2014		Pitfalls of virtual machine introspection on modern hardware 1st Workshop on Malware Memory Forensics (MMF)
		Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System Proceedings of the 30th Annual Computer Security Applications Conference