I am a Lecturer (Assistant Professor) in the Departments of Computer Science and Security and Crime Science at University College London (UCL). I am affiliated with the Information Security Group and the International Secure Systems Lab.
I received a PhD in Computer Science from University of California, Santa Barbara in 2014. During my PhD I worked in the Computer Security Lab, advised by Professors Christopher Kruegel and Giovanni Vigna.
I was awarded a UCL BEAMS Future Leaders in Engineering and Physical Sciences Award in 2016, a Google Research Award in 2015, the Outstanding Dissertation Award from the Department of Computer Science at UCSB in 2014, and a Symantec Research Labs Graduate Fellowship in 2012.
In my research I apply a data-driven approach to better understanding cybercriminal operations. Through the collection and analysis of large-scale datasets, I develop novel and robust mitigation techniques to protect Internet users.
As examples, recently I have been investigating advanced scams such as spearphishing finalized at hijacking corporate accounts, online dating scams, and money laundering schemes linked to cybercrime, malware delivery networks, and online social network compromises.
In 2011, I wrote a document that summarizes the existing research on botnet and spam mitigation. I believe it is a useful reference for those who want to start doing research in these fields.
If you are already a UCL student, here are some examples of past successful final projects that I supervised. If you are interested in working with me, please write me an email.
Shuang Hao, Kevin Borgolte, Nick Nikiforakis, Gianluca Stringhini, Manuel Egele, Michael Eubanks, Brian Krebs, and Giovanni Vigna. ACM CCS, 2015.EvilCohort: Detecting Communities of Malicious Accounts on Online Services
Gianluca Stringhini, Pierre Mourlanne, Gregoire Jacob, Manuel Egele, Christopher Kruegel, and Giovanni Vigna. USENIX Security Symposium, 2015.Quit Playing Games With My Heart: Understanding Online Dating Scams
JingMin Huang, Gianluca Stringhini, Peng Yong. DIMVA, 2015.
I teach a course on cybercrime, which is one of the few courses of its kind in the world. In the course we look at cybercriminal operations from an interdisciplinary angle, but focusing on the engineering elements that make them successful. The goal is to get a better understanding of cybercrime and develop better countermeasures to fight it.
I also organize the UCL Computer Science Hacking Seminar, in which UCL students can play with security challenges and gain a better understanding of computer vulnerabilities and how to prevent them.
In the past, I served in the program committees of conferences such as USENIX Security, NDSS, DIMVA, ICDCS, and EuroSec. I have also reviewed for prestigious journals such as the IEEE Transactions on Dependable and Secure Systems (TDSC) and ACM Computing Surveys. You can find a complete list of my service here.