Ali Dehghantanha

Education and Employment Background

Dr. Ali Dehghantanha is an academic-entrepreneur in cybersecurity and a Canada Research Chair in Cybersecurity and Threat Intelligence. He is the director of the Cyber Science Lab – a research lab dedicated to advancing research and training in cybersecurity – and the founder and director of the Master of Cybersecurity and Threat Intelligence program at the University of Guelph, ON, Canada.

Research Themes

Dehghantanha’s interdisciplinary research focuses on topics in digital forensics and artificial intelligence. He is interested in building multi-view and multi-kernel deep and fuzzy agents to detect advanced persistent threat (APT) actors’ tools, techniques and procedures. He has shown how Deep Learning techniques can be used to hunt for new, unseen malicious programs ranging from Ransomware to Banking Trojans. Moreover, he has built AI-based engines for detecting Ransomware in IoT networks, and detection of unseen malware in Internet of Battlefield of Things using deep learning agents. Dehghantanha’s research focuses on the following major themes:

1. Building AI agents for active threat hunting. Cyber threat hunting is about detecting remnants of attackers’ activities that bypassed all passive network and data protection mechanisms before they meet their objectives (from Exploitation to Actions on Objectives stage of the Cyber Kill Chain model). Active AI agents can be used to support threat hunters and forensics investigators in finding remnants of residual adversaries in an enterprise in a timely manner.
2. Using multi-view and multi-kernel learning systems to achieve a global view of emerging cyber threats. An increasing number of AI agents are deployed to assist security analysts and forensics investigators in detection and prevention of cyber-attacks. Each of these AI agents may use its own machine learning algorithm and monitor a specific aspect of an attack. Multi-view and multi-kernel learning techniques can be used to merge different views of different machine learning algorithms and achieve a more accurate and global view of an enterprise cyber security posture.
3. Adversarial machine learning for building anti-forensics and anti-anti forensics systems. In adversarial machine learning we try to first identify potential vulnerabilities of machine learning algorithms during learning and classification and build attacks that correspond to detected vulnerabilities (anti-forensics). Afterwards, we build countermeasures to improve security of machine learning algorithms (anti-anti-forensics).
4. Technical research. Dehghantanha is also pursuing research in the following technical areas: cyber forensics (malware analysing, big-data investigation, cloud forensics, IoT investigation), cybercrime (criminology and policy research), anti (online) money laundering and counter terrorism financing, and privacy issues in digital forensics. 

Highlights

• Canada Research Chair in Cybersecurity and Threat Intelligence (Tier2) 
• Senior Member of the Institute of Electrical and Electronics Engineers, 2016-2017.
• Member of the board of referees for the Elsevier journal Digital Investigation, since 2016.
• Fellow of the UK Higher Education Academy, 2016-2017.
• Received EU Marie Curie International Incoming Research Fellowship in “Privacy Respecting Digital Forensics,” 2015.

Media Coverage

Cybersecurity threats

• U of G News: Your Data’s Vulnerable. U of G Computer Scientists Have a Solution
• Yahoo: Cyber Security Expert Talks to Yahoo News About Online Safety
• U of G News: Hackers Depend on Trust. Don't Give It to Them: U of G Cybersecurity Researcher
• CTV: How to protect your information from ransomware attacks
• CBC: Apple, Google not doing enough to fight app-store malware, say security experts
• CTV: Black Friday: How to avoid scams when shopping online
• The Conversation: How to stop your phone from being hacked
• Global News: Cybersecurity of medical devices under scrutiny after FDA recalls insulin pumps
• Toronto Star: The U.S. fears Huawei is a cybersecurity threat. Canada is still unsure

Cybercrime

• Farmtario: Threat of agriculture-related cybercrime is rising
• Financial Post: Financial Post Consults Cybersecurity Researcher on Ransomware
• Financial Post: Financial Post Consults U of G Faculty on Cybersecurity, Agriculture
• The Conversation: Government must invest in skills and police resources to tackle cybercrime

Forensic Data

• Inside Unmanned Systems: Extracting Forensic Data From Drones

New Master’s program in Cybersecurity and Canada Cyber Foundry at U of G

• U of G News: New Master of Cybersecurity and Threat Intelligence Cyber Space Opened
• Guelph Mercury: New U of Guelph master's program to tackle threats to cybersecurity
• Guelph Today: University of Guelph launches one-of-a-kind cyber security program