Malek Ben Salem

Malek Ben Salem, PMP®, CISSP®

	Short Intro:
	I am a third-year PhD student in Computer Science at Columbia University in the City of New York. I'm working at the Intrusion Detection Systems Lab led by Prof. Salvatore Stolfo. I am interested in developing novel data mining techniques and applying them to computer security in general, and to host intrusion detection in particular..
	Address
	500W 120th St. 450 Computer Science P.O. Box # 7 New York, NY 10027
	E-Mail
	malek AT cs.columbia.edu
	Phone
	646 - 775 - 6049

Research

I am developing novel and scalable anomaly detection algorithms and applying them in host-based intrusion detection. The project that I am currently working on is the "RUU" (pronounced Are You You?) project, an insider threat detection project. The goal of the project is to create technologies aimed at monitoring and detecting malicious insider activity in the context of host based systems using real-time user profiles.
If you would like to help with this research, please see our user study.

Publications

Malek Ben Salem, Salvatore J. Stolfo. "Masquerade Attack Detection Using a Search-Behavior Modeling Approach". Columbia University Computer Science Department, Technical Report # cucs-027-09, 2009 [PDF]
Brian M. Bowen, Malek Ben Salem, Shlomo Hershkop, Angelos D. Keromytis, and Salvatore J. Stolfo.. "Designing host and network sensors to mitigate the insider threat". IEEE Security and Privacy, September 2009 [PDF]
Malek Ben Salem, Shlomo Hershkop, Salvatore J. Stolfo. "A Survey of Insider Attack Detection Research" in Insider Attack and Cyber Security: Beyond the Hacker, Springer, 2008 [PDF]
Malek Ben Salem, Salvatore J. Stolfo. "Masquerade Detection Using a Taxonomy-Based Multinomial Modeling Approach in Unix Systems". Columbia University Computer Science Department, Technical Report # cucs-021-08, 2008 [PDF]

	Patents (filed)
	Systems and methods for detectin masquerader intrusions on a computer system by monitoring computer user search behavior Method, system and media for baiting inside attackers Method for using real-time APC information for smart lot sampling decisions Method for performing Cpk-based measurement sampling

	Conferences
	Program Commitee: IBM Academy of Technology's first conference on "maturing and Leveraging Biometrics"

TA'ing

COMS E6772	Advanced Machine Learning
COMS E6998	Search Engine Technology
COMS W4187	Security Architecture and Engineering

Return to the top page