Dr. Saed Alrabaee

Associate Professor
Department of Information Systems and Security at United Arab Emirates University (UAEU),
Al Ain, United Arab Emirates

Education

  • Ph.D., Information System Engineering from Concordia University, Montreal, QC, Canada

Biography

Dr. Saed Alrabaee received a Ph.D. in information system engineering from Concordia University, Montreal, QC, Canada. He is currently an Associate Professor with the Department of Information Systems and Security at United Arab Emirates University (UAEU), Al Ain, United Arab Emirates. He is also the director of the Center for Excellence in Teaching and Learning. He is a permanent research scientist at Canada’s National Cyber Forensic and Training Alliance (NCFTA). His research and development activities and interests focus on reverse engineering, including binary authorship attribution, characterization, and malware investigation. In this domain, he has published more than 50 papers in top-tier journals and prestigious conferences.

Title :

From Fingerprinting Malicious Code to Identifying Cyber Threat Actors: Challenges and Solutions

Individuals, industry, and government are embracing cyberspace’s many advantages. Nevertheless, their increasing reliance on cyber technologies makes them more vulnerable to those who attack digital infrastructure to undermine national security, economic prosperity, and way of life. It is a common scenario that the only piece of evidence of a targeted attack is the malicious executable code itself. Analyzing malicious code (malware) requires reverse engineering, as malware source code is often unavailable. It is important to mention that this task is manually intensive and time-consuming. This opens the following questions: Why was this executable written? Which compiler was used? Which free software packages did the developer use? Which sections of the code were borrowed? Who wrote the executable? These questions are of paramount importance to security analysts and reverse engineers, and binary fingerprinting approaches may provide valuable insights that can help answer them. This talk will present a set of innovative solutions that boost the state of the art. It will address some of the most fundamental problems, notably authorship attribution, reusable code discovery, fingerprinting free open-source software packages, and compiler identification.