The University of Oslo is closed. The PhD defence and trial lecture will therefore be fully digital and streamed directly using Zoom. The host of the session will moderate the technicalities while the chair of the defence will moderate the disputation.
Ex auditorio questions: the chair of the defence will invite the audience to ask ex auditorio questions either written or oral. This can be requested by clicking 'Participants -> Raise hand'.
Trial lecture
Title: "On the role of fuzz testing and input validation in software engineering"
Main research findings
To attain their goals, attackers have developed highly automated intelligence-driven attack capabilities. In contrast, defenders are still challenged by prolonged detection and response times due to their insufficient threat situational awareness and the fact that they heavily rely on manually executed defense operations.
This thesis introduced and enhanced foundational technology in support of accomplishing automated threat-informed cyberspace defense. The research direction was influenced by the Integrated Adaptive Cyber Defense (IACD) framework that defines three fundamental capability requirements to realize autonomous defense environments that can detect, respond to, or outmaneuver cyber attacks in cyber-relevant time.
In particular, the main contributions of this Ph.D. work are:
- To enhance defenders' knowledge about adversaries, we introduced an ontological approach for representing and modeling their personas based on their defining characteristics.
- We introduced a playbook standard for creating, documenting, and sharing security processes and procedures. Defenders can exchange such playbooks and utilize them to automate segments of their defense operations.
- We supported the development of a machine-readable language that standardizes the way we command and control cyber defense systems.
Adjudication committee:
- Professor Geir Myrdahl Køien, University of South-East Norway (USN), Norway
- Professor Kathryn Laskey, George Mason University, USA
- Professor Ketil Stølen, University of Oslo, Sintef, Norway
Supervisors
- Professor Audun Jøsang, Department of Informatics, University of Oslo Norway
- Dr. Martin Eian, mnemonic, Norway
Contact information to Department: Mozhdeh Sheibani Harat