September 30, 2019: Invited Speaker Seminar: Applied Signal Processing and Machine Learning in CyberSecurity
Dr. Mohammadreza Faghani
Monday, September 30, 2019 at 3:00 pm
In this talk, Mohammad will discuss a simulated breach scenario that was executed on a financial institution to perform a fraudulent SWIFT transaction. Simulated breaches are goal-based penetration tests in which the security consultants (called red teamers) are given an objective and thus have to plan to act on the given target – something that, in the real world, cybercriminals would do. At first, Mohammad will provide a technical overview of the steps taken to infiltrate the financial institution, laterally move to the SWIFT servers, perform the transaction, and exfiltrate assets. He will then discuss how blue teamers (the security operation teams that protect the financial institution's assets) can leverage machine learning and artificial intelligence to detect the majority of steps an attacker would take in the scenario. Several of the ideas he will discuss are already operationalized with his team to support day-to-day security operations.
Dr. Faghani is a Senior Manager in the Cybersecurity & Privacy practice of PwC Canada, leading Cyber Operation Automation and DevOps Security. He has more than 12 years of experience delivering Information Security projects in a variety of areas, including security orchestration and automation, advanced simulated attacks, and threat hunting. He has first-hand experience in responding to several high-profile incidents, including Carbanak, in financial institutions. Outside PwC, Mo is an adjunct professor at multiple Ontario colleges and universities, teaching advanced topics on cybersecurity. As part of his PhD, Mohammad created a new mechanism to detect malware in its early stages of propagation. His research results are reflected in news venues such as BBC, CNN, The Guardian, and RT, alongside several security vendors’ blog posts such as Palo Alto, McAfee and Trend Micro. Dr. Faghani has served as a technical program committee member and reviewer for various prestigious IEEE/ACM conferences and journals on cybersecurity.