Ali Dehghantanha

Headshot of Ali Dehghantanha
Professor, Canada Research Chair in Cybersecurity and Threat Intelligence (Tier 2), and MCTI Director
School of Computer Science
Email: 
adehghan@uoguelph.ca
Phone number: 
(519) 824-4120 x52999
Office: 
Suite 120, 150 Research Lane, Guelph
Seeking academic or industry partnerships in the area(s) of: 
Cyber Science Lab is always looking for collaboration with groups and individuals in cyber security, AI, and digital forensics.
Available positions for grads/undergrads/postdoctoral fellows: 
Cyber Science Lab is almost always recruiting new research students – see Positions Available on the Cyber Science Lab site.

Education and Employment Background

Dr. Ali Dehghantanha is an academic-entrepreneur in cybersecurity and a Canada Research Chair in Cybersecurity and Threat Intelligence. He is the director of the Cyber Science Lab – a research lab dedicated to advancing research and training in cybersecurity – and the founder and director of the Master of Cybersecurity and Threat Intelligence program at the University of Guelph, ON, Canada.


Research Themes

Dehghantanha’s interdisciplinary research focuses on topics in digital forensics and artificial intelligence. He is interested in building multi-view and multi-kernel deep and fuzzy agents to detect advanced persistent threat (APT) actors’ tools, techniques and procedures. He has shown how Deep Learning techniques can be used to hunt for new, unseen malicious programs ranging from Ransomware to Banking Trojans. Moreover, he has built AI-based engines for detecting Ransomware in IoT networks, and detection of unseen malware in Internet of Battlefield of Things using deep learning agents. Dehghantanha’s research focuses on the following major themes:

  1. Building AI agents for active threat hunting. Cyber threat hunting is about detecting remnants of attackers’ activities that bypassed all passive network and data protection mechanisms before they meet their objectives (from Exploitation to Actions on Objectives stage of the Cyber Kill Chain model). Active AI agents can be used to support threat hunters and forensics investigators in finding remnants of residual adversaries in an enterprise in a timely manner.
  2. Using multi-view and multi-kernel learning systems to achieve a global view of emerging cyber threats. An increasing number of AI agents are deployed to assist security analysts and forensics investigators in detection and prevention of cyber-attacks. Each of these AI agents may use its own machine learning algorithm and monitor a specific aspect of an attack. Multi-view and multi-kernel learning techniques can be used to merge different views of different machine learning algorithms and achieve a more accurate and global view of an enterprise cyber security posture.
  3. Adversarial machine learning for building anti-forensics and anti-anti forensics systems. In adversarial machine learning we try to first identify potential vulnerabilities of machine learning algorithms during learning and classification and build attacks that correspond to detected vulnerabilities (anti-forensics). Afterwards, we build countermeasures to improve security of machine learning algorithms (anti-anti-forensics).
  4. Technical research. Dehghantanha is also pursuing research in the following technical areas: cyber forensics (malware analysing, big-data investigation, cloud forensics, IoT investigation), cybercrime (criminology and policy research), anti (online) money laundering and counter terrorism financing, and privacy issues in digital forensics. 

Highlights

  • Canada Research Chair in Cybersecurity and Threat Intelligence (Tier2) 
  • Senior Member of the Institute of Electrical and Electronics Engineers, 2016-2017.
  • Member of the board of referees for the Elsevier journal Digital Investigation, since 2016.
  • Fellow of the UK Higher Education Academy, 2016-2017.
  • Received EU Marie Curie International Incoming Research Fellowship in “Privacy Respecting Digital Forensics,” 2015.

Media Coverage

Cybersecurity threats

Cybercrime

Forensic Data

New Master’s program in Cybersecurity and Canada Cyber Foundry at U of G