Xin Hu photoJiyong Jang photo
Reiner Sailer photo Douglas L. Schales photo
Marc Ph. Stoecklin photo Ting Wang photo

More Information


Research Areas

Cornerstones of Defense

Three Cornerstones of Defense

Group Name

Security Services Team (GSAL)


The Security Services Team (formerly Global Security Analysis Lab, GSAL) at IBM Research explores challenging problems in the areas of cyber security and advanced threat detection, virtualization-based security services, computer forensics, security and penetration testing, and malware and security analysis. Current focus areas include:

  • design and development of novel cyber security analytics and methods based on network and device level data,
  • creation of high-speed and scalable data collection and management platforms supporting real-time and big data analytics, and
  • malware analysis and penetration testing.

Cyber Security Analytics

We explore and develop novel security analytic methods that deliver sustainable cyber security defenses against emerging advanced and persistent threats (e.g., deploying data mining and machine learning techniques to detect benign, suspicious, and malicious behaviors across several heterogeneous data channels).

Big Data Feature Collection and Correlation Engine

Design, architecture, and implementation of a novel analysis engine, called FCCE, which finds correlations across a diverse set of data types spanning over large time periods with very small latency and with minimal access to raw data. Our engine scales well to collecting, extracting, and querying features from geographically distributed large data sets at close-to-real-time or from historical data sets.

Malware Analysis and Penetration Testing

Security Threat and Vulnerability Analysis, Ethical Hacking, Network Forensics, etc.