LLM-Based Threat Modeling

This preliminary work developed a novel LLM-based threat modeling system by leveraging NLP techniques and an open-source LLM to decrease the required human effort above in the threat modeling process. Two major questions of threat modeling are considered in the proposed task workflows, where the NLP techniques assist in parsing and understanding design documents and threats, and the LLM analyzes and synthesizes volumes of documentation to generate responses to related threat modeling questions. 

Paper:

Facilitating Threat Modeling by Leveraging Large Language Models, The Network and Distributed System Security Symposium workshop on AI System with Confidential Computing 2024. 

ILLATION: Learning Vulnerability Risk from Network

Enable network-specific vulnerability risk prioritization to support efficient vulnerability patching by utilizing the AI techniques of neural network and logical programming to learn and infer adversaries' motivation and ability in a network while learning the constraints that restrict interactions between vulnerabilities and network elements.

Paper:

ILLATION: Improving Vulnerability Risk Prioritization By Learning From Network. IEEE Transactions on Dependable and Secure Computing, 2023.

LICALITY: Learning Vulnerability RIsk From Attacker

Addressing the limitation of the Common Vulnerability Scoring System (CVSS) on network-agnostic vulnerability risk prioritization by capturing the attacker's preference for exploiting vulnerabilities through the proposed threat modeling method, and learning the associated threat attributes by utilizing neuro-symbolic computing in a developed neural network - probabilistic logic programming (NN-PLP) model. LICALITY reduces the vulnerability remediation work of the future threat required by the CVSS by a factor of 2.89 for the top routinely exploited vulnerabilities, and by a factor of 1.85 for the APT attack chained vulnerabilities reported in the Cybersecurity and Infrastructure Security Agency (CISA) alerts.

Paper:

LICALITY—Likelihood and Criticality: Vulnerability Risk Prioritization Through Logical Reasoning and Deep Learning. IEEE Transactions on Network and Service Management, 2021, 19(2), pp.1746-1760.

Cloud-based Virtual Hands-on Lab Platform for CS Edu

The developed virtual hands-on lab platform is designed for computer science education to support personalized learning by utilizing the techniques of cloud computing. Student learning styles can be identified from student activities. With the awareness of student learning styles, instructors are able to use techniques more suitable for students, and hence, improve student overall learning experiences.

Paper:

Personalized learning in a virtual hands-on lab platform for computer science education. In 2018 IEEE frontiers in education conference (FIE) (pp. 1-8). IEEE.

Improving student learning performance in a virtual hands-on lab system in cybersecurity education. In 2018 IEEE Frontiers in Education Conference (FIE) (pp. 1-5). IEEE.

Conceptualizing Student Engagement in Virtual Hands-on Lab: Preliminary Findings from a Computer Network Security Course. In the 49th ACM Technical Symposium on Computer Science Education (pp. 1073-1073), 2018.

Knowledge Graph-powered Cybersecurity learning 

By developing the lab context-based knowledge graph, a personalized learning plan is provided to support student learning on the online virtual hands-on lab platform.  It utilizes natural language processing (NLP) techniques to construct the knowledge graph from lab contents associated with cybersecurity topics, which guides learners to work on cybersecurity lab projects independently.  

Paper:

NeoCyberKG: Enhancing Cybersecurity Laboratories with a Machine Learning-enabled Knowledge Graph, the 26th Annual Conference on Innovation and Technology in Computer Science Education (ITiCSE), 2021

Problem-Based Cybersecurity Lab with Knowledge Graph as Guidance. Journal of Artificial Intelligence and Technology, 2021