I am a senior security data scientist in the protections team at Elastic. I develop machine learning tools for the cybersecurity domain and do research on how to build trustworthy ML-based systems. I did my PhD in COmputer SECurity (COSEC) lab at University Carlos III of Madrid (UC3M), Spain. During my PhD, I was working on android application triage, malware detection and characterization. As an undergraduate student, I have worked in a wide range of areas, from software engineering (BSc) to artificial intelligence (MSc).
My research interests include computer security, mobile security, malware analysis and applied machine learning in security. My research has won multiple prestigious awards. In my spare time, I write blog posts about my projects and related research areas.
Before joining Elastic, I was a postdoctoral research associate in the Systems Security Lab (SecLab) and a Part-Time lecturer at Northeastern University, Boston, MA. During this period, I was investigating on detecting code reuse in advanced malware that were being used by different campaigns in targeted attacks. I also taught a couple of cybersecurity courses at both undergraduate and graduate levels.
|Sep 15, 2021||I will be serving in the program committee for “Security, Privacy, and Trust” track of TheWebConf (WWW).|
|May 25, 2021||I will join the protections team at Elastic as a Senior Security Data Scientist.|
|May 12, 2021||Our paper, “SCRUTINIZER: Detecting Code Reuse in Malware via Decompilation and Machine Learning”, has been accepted to DIMVA’21.|
|Dec 1, 2020||Our paper, “Preventing Server-Side Request Forgery Attacks”, has been accepted to SAC’21.|
|Jun 6, 2020||My PhD thesis has been selected as the best 2019 cybersecurity thesis in Spain by the Spanish Network of Excellence on Cybersecurity Research.|
|DIMVA'21||SCRUTINIZER: Detecting Code Reuse in Malware via Decompilation and Machine Learning. [PDF]|
|ASIACCS'19||AndrEnsemble: Leveraging API Ensembles to Characterize Android Malware Families. [PDF]|
|FGCS||AndrODet: An Adaptive Android Obfuscation Detector. [PDF]|
|ASIACCS'17||TriFlow: Triaging Android Applications using Speculative Information Flows. [PDF]|
|NODY||A New Image Encryption Method: Parallel Sub-Image Encryption with Hyper Chaos. [PDF]|