Cyber Security Intelligence (CSI) team     


Cyber Security Intelligence (CSI) team - overview

The Cyber Security Intelligence (CSI) team (formerly GSAL and CCSI) investigates methodologies and technologies to help organizations detect, understand, and deflect advanced cybersecurity threats and attacks on their infrastructure and in the cloud. It explores challenging research problems posed by building and combining AI and cognitive methods (e.g., contextual and behavioral analysis, machine learning, reasoning), scalable big data security analytics (e.g., graph mining, deep correlation and provenance analysis), and next-generation defense mechanisms (e.g., transparent malware analysis, active defense and cyber deception layers) to gain deep intelligence and insights about cybersecurity threats and attacks as well as threat actors; and protecting AI models against model theft, poisoning and evasion attacks by adaptive adversaries.


Focus areas and projects

  • Cyber threat hunting and threat intelligence consolidation
  • Program behavior analytics and next-generation malware analysis
  • Application security and vulnerability discovery
  • Security and robustness of AI models and adversarial machine learning
  • Cross-stack cyber deception and active defense techniques
  • Scalable data collection platforms for real-time and historical security analytics
  • Ethical hacking and penetration testing
  • Security data visualization




Jiyong Jang

Team Members

Jiyong Jang FREDERICO ARAUJO Kevin Eykholt Dhilung Kirat Taesung Lee Shachee Mishra  Douglas L Schales Xiaokui Shu Teryl Taylor

IBM Works with Cisco to Exorcise Ghosts from Webex Meetings

Streamlining and Automating Threat Hunting With Kestrel

DeepLocker: How AI Can Power a Stealthy New Breed of Malware