Threat Modeling Research and Machine Learning

This talk will focus on recent threat modeling research as it relates to machine learning.  After briefly revisiting our prior SEI threat modeling research, new results from a 2018 CMU student project on machine learning will be discussed.  In this project, students assessed the robustness of machine learning models against adversarial examples.  Recently, we have been considering the use of machine learning to identify attacker types in specific domains.  So, on the one hand, we examined whether machine learning models are vulnerable to attack, and on the other hand, whether machine learning can help to identify attacker types.  Since we have not done prior research on the use of machine learning to identify attacker types, feedback from the audience will be especially helpful!

Dr. Nancy R. Mead is a Fellow of the Software Engineering Institute (SEI), and an Adjunct Professor of Software Engineering at Carnegie Mellon University.  Her research areas are security requirements engineering and software assurance curricula. The Nancy Mead Award for Excellence in Software Engineering Education is named for her.

Prior to joining the SEI, Mead was a senior technical staff member at IBM Federal Systems, where she spent most of her career in the development and management of large real-time systems.  She also worked in IBM's software engineering technology area and managed IBM Federal Systems' software engineering education department.  She has developed and taught numerous courses on software engineering topics, both at universities and in professional education courses.

Mead has more than 150 publications and invited presentations. She is a Life Fellow of the IEEE, a Distinguished Member of the ACM, and was named the 2015 Distinguished Educator by IEEE TCSE.  Dr. Mead received her PhD in mathematics from the Polytechnic Institute of New York.

