Scarecrow: Deactivating Evasive Malware via Its Own Evasive Logic
- Jialong Zhang
- Zhongshu Gu
- et al.
- 2020
- DSN 2020
Marc Ph. Stoecklin is a Principal RSM and head of Security Research Department at IBM Research Europe in Zurich, Switzerland. He co-leads the global research strategy on Quantum safe Cryptography and Migration at IBM, focussing on identifying cryptographic artifacts, assessing and prioritizing migration, and implementing mitigation and remediation. Before that, he was responsible for execution of the Threat Management research activities at IBM, with a particular focus on applying artificial intelligence (AI) and automation technologies to threat management (detection, investigation, response). Fields of current and past activities and interests include threat detection, identity (passkeys, mobile badges), cyber reasoning, cyber deception, big data analytics, and security visualization. Marc holds a PhD degree in Computer, Communication and Information sciences from École Polytechnique Fédérale de Lausanne (EPFL), Switzerland.
More concretely, Marc co-leads the research efforts to innovate new technologies for IBM Quantum Safe and IBM Consulting](https://www.ibm.com/consulting), and IBM Security Guardium. Previously, he contributed to the AI-powered security operations offerings (incl. Watson for Cyber Security and QRadar Advisor with Watson, as well as applications on IBM Cloud Pak for Security) and is one of the creators of the concepts and algorithms leveraged in the products. Moreover, he has contributed to several security technologies that IBM has open sourced.
From 2020 to 2022, Marc was the tech lead of IBM's COVID-19 technology task force activity related to Contact Tracing and Health Certificates. As part of this effort, IBM Digital Health Pass (IDHP) was developed and designed with key contributions from several researchers from the Zurich Security Research department. IDHP is actively used, for example, in the State of New York (Excelsior Pass) with over 1M passes issued in the first two months.
Moreover, Marc continuously analyzes the impact of emerging technologies on the cyber security posture of organizations (incl. the misuse and weaponization of AI and quantum computing technologies), and served on scientific board such as the CEPS taskforce on AI and Cybersecurity.
In 2006, Marc joined IBM Research as a research intern and subsequently research scientist on the AURORA project. In this project, he contributed to the design and development of a flow-based network traffic monitoring and anomaly detection system, which has been productized by IBM Tivoli in 2009. He developed several behavior-based anomaly detection components for AURORA traffic monitoring system. In 2011, Marc joined the Global Security Analysis Lab (GSAL) at the IBM T.J. Watson Research Center in Hawthorne, NY where he participated in the development of the IBM Cyber Security Analytics and Intelligence research platform. In 2012, Marc became a Research Staff Member in the Cloud and Security Group in the Industry & Cloud Solutions department at IBM Research – Zurich, where he continued to deepen his focus on Cyber Security Analytics on the network level, both in traditional IT and industrial control systems (ICS) networks. From 2014 to 2019, Marc lead the Cognitive Cyber Security Intelligence (CCSI) group at the IBM T.J. Watson Research Center in Yorktown Heights, NY. In 2019, Marc became the head of the Security Department at IBM Research Europe in Zurich.
Related links: