2019 NortonLifeLock Research Group Fellowship Winners
We are thrilled to announce our winners for the 2019 NortonLifeLock Research Group (formerly SRL) Fellowship: Wajih Ul Hassan, Johannes Krupp, and Yixin Zou! We were fortunate to have so many talented students apply this year and would like to thank everyone who applied for giving us the opportunity to learn about their research.
Much of his research focuses on empowering threat responders and generally falls into the space of security for large enterprises. Most recently, his 2019 NDSS paper showed that providing contextual provenance information for threat alerts is key to help security analysts combat threat alert fatigue. Previously, his work on designing a system for provenance-based auditing of large-scale clusters was published at NDSS 2018. His research in Internet of Things security and location privacy culminated in 2018 publications at NDSS and Usenix Security, respectively. Further research in the value of provenance data was published in the 2017 International World Wide Web Conference. Wajih also received an ACM SIGSOFT distinguished paper award for his work on studying the effectiveness of bug-finding tools at Automated Software Engineering (ASE) conference in 2016. His research on the provenance of security threats is particularly relevant to Symantec’s Endpoint Detection and Response capabilities, which provides fine-grained system data that is used both to detect security incidents and provide much needed context for them.
His 2018 Usenix Security publication presaged efforts by many other researchers to examine the security implications of Ethereum Smart Contracts. His research interests fall in the broad category of threat detection and defenses, specifically detection through automated program analysis and defense through attack attribution. His broad interests have culminated in publications at a variety of top venues across a variety of different areas. Research in DDoS attacks and defenses has culminated in publications at the 2017 ACM Internet Measurement Conference (IMC), the 2016 ACM Conference on Computer and Communications Security (CCS), and in the 2017 International Symposium on Research in Attacks, Intrusions, and Defenses (RAID). Among other things, Symantec Research Labs is excited to collaborate with Johannes to further investigate security issues involving Smart Contracts.
Her research in security and privacy focuses on understanding human perceptions and behaviors, and on the design of effective notifications. Her study of consumer reactions to the 2017 Equifax data breach won her a distinguished paper award from the 2018 Symposium On Usable Privacy and Security. Further investigations into the actionability and usability of breach notifications culminated in a publication that will appear at the 2019 ACM CHI Conference on Human Factors in Computing Systems, where she also co-authored another paper on devising effective phishing warnings. Her research is especially relevant to Symantec’s LifeLock identity protection service, which routinely notifies customers of third-party breaches and provides credit monitoring and alerting services.