Luis Muñoz-González is a Research Associate at the Department of Computing at Imperial College London. He is part of the Resilient Information Systems Security Group led by Prof Emil Lupu. He obtained the PhD degree from University Carlos III of Madrid (Spain) in 2014 where he proposed novel Gaussian process models for non-stationary and heteroscedastic regression. His current research interests include machine learning and cyber-security (see below).
Adversarial Machine Learning
Many modern services and applications rely on machine learning to extract valuable information from the huge amount of information available from many different sources, allowing the automation of many processes.But machine learning algorithms are vulnerable to attackers, who may gain a significant advantage by injecting malicious data or exploiting the weaknesses and blind spots of the learning algorithms.
Luis' interests in this area includes:
- Understanding the vulnerabilities that allows an attacker to compromise a machine learning system.
- Proposing new mechanisms to increase the resilience of learning algorithms under the presence of sophisticated attackers.
- Developing new design and testing methodologies for more resilient and secure machine learning systems.
- Investigating mechanisms for assurance of machine learning systems.
Security Risk Assessment with Bayesian Attack Graphs
Despite significant efforts to protect networks against cyber-attacks system administrators cannot cope with the sophistication and complexity of modern attacks, especially on IoT environments. Patching all the vulnerabilities or eliminating all possible threats is not possible in many cases. Thus, identifying, modelling, and assessing the security risks and prioritizing the most critical threats is of essence to optimise the resources for network protection. Attack graphs have been proven as a powerful tool for this tasks. They provide a compact representation of the attacks paths that an attacker can follow to compromise network resources.
Bayesian networks offer a suitable framework to perform static and dynamic security risk assessment, since their capable to model the uncertainty on the attacker behaviour. However, computing the probabilities in Bayesian networks is an NP Hard problem. Luis' interest in this area include the development and application of exact and approximate inference techniques for scalable analysis of Bayesian attack graphs, to help system administrators to harden the network when considering the security posture at rest and to prioritise countermeasures when the system is under attack.
A detailed list of his publications can be found at Google Scholar.
et al., Exact Inference Techniques for the Analysis of Bayesian Attack Graphs, Ieee Transactions on Dependable and Secure Computing, ISSN:1941-0018
et al., Efficient Attack Graph Analysis through Approximate Inference, Acm Transactions on Privacy and Security
et al., Automated Dynamic Analysis of Ransomware: Benefits, Limitations and use for Detection
Illiano VP, Munoz-Gonzalez L, Lupu EC, 2017, Don't fool Me!: Detection, Characterisation and Diagnosis of Spoofed and Masked Events in Wireless Sensor Networks, Ieee Transactions on Dependable and Secure Computing, Vol:14, ISSN:1545-5971, Pages:279-293
Munoz-Gonzalez L, Lazaro-Gredilla M, Figueiras-Vidal AR, 2016, Laplace Approximation for Divisive Gaussian Processes for Nonstationary Regression, Ieee Transactions on Pattern Analysis and Machine Intelligence, Vol:38, ISSN:0162-8828, Pages:618-624