Yuval Elovici
Yuval Elovici is a computer scientist. He is a professor in the Department of Software and Information Systems Engineering[1] at Ben-Gurion University of the Negev (BGU), where he is the incumbent of the Davide and Irene Sala Chair in Homeland Security Research. He is the director of the Cyber Security Research Center at BGU[2][3] and the founder and director of the Telekom Innovation Laboratories at Ben-Gurion University.[4] In addition to his roles at BGU, he also serves as the lab director[5] of Singapore University of Technology and Design’s (SUTD) ST Electronics-SUTD Cyber Security Laboratory, as well as the research director of iTrust.[6] In 2014 he co-founded Morphisec,[7] a start-up company, that develops cyber security mechanisms related to moving target defense.
Yuval Elovici | |
---|---|
Born | 1966 |
Nationality | Israeli |
Scientific career | |
Fields | computer security, network security, cyber security |
Institutions | Ben-Gurion University of the Negev |
Website | tlabs |
Biography
Yuval Elovici was born in Beer-Sheva, Israel in 1966. He received his B.Sc. and M.Sc. degrees in computer and electrical engineering from Ben-Gurion University of the Negev in 1989 and 1991, respectively (thesis title: Multi-Target Tracking Implementation onto a Parallel Multiprocessor System based on Transputers). He received his Ph.D. from Tel Aviv University’s Faculty of Management's information systems program (dissertation title: Information Technology Evaluation, Investment Decisions and Benefits to the Organization over Time).
Career
Elovici began his academic career at BGU in 1998, where he served as a Senior Teaching Assistant/Instructor in the Department of Industrial Engineering and Management while pursuing his Ph.D. at Tel Aviv University. In 2000 he became a Lecturer in BGU's Department of Information Systems Engineering. In 2006 he advanced to Senior Lecturer, and he received academic tenure in 2007. From 2010 through 2012 Elovici was an Associate Professor in the Department of Information Systems Engineering, and in 2012 he became a full Professor in this department which was recently renamed the Department of Software and Information Systems Engineering. He has held a variety of positions in academic administration at BGU as well. Since 2014 Elovici has served as the Director of BGU's Cyber Security Research Center, and since 2005 he has been the Director of Telekom Innovation Laboratories at BGU.[8] In the past, he has served as Head of the Software Engineering Program at BGU.
Research
Elovici's research interests include Privacy and Anonymity in the Electronic Society, Malware Detection, Mobile Phone Security, and Web Intelligence and Social Network Security. Elovici has published over 75 academic papers, and he has been awarded 20 patents.[9] He is a co-author of the book, A Survey of Data Leakage Detection and Prevention Solutions[10] and co-editor of another book, Security and Privacy in Social Network.[11]
Privacy and Anonymity in the Electronic Society
Although surfing the World Wide Web (hereafter: the Web) feels as if it is a bilateral private interaction, this impression is far from being accurate, as users leave identifiable digital tracks at every website they visit, and Elovici's research aims to address this. Elovici has demonstrated how a collaborative attack on the anonymity of Web users can be performed by analyzing only a small number of Internet routers.[12] The computer security community has concentrated on improving users’ privacy by concealing their identities on the Web. However, users may want or need to identify themselves on the Web in order to receive certain services, while retaining the privacy of their interests, needs, and intentions. PRAW, the privacy model developed by Elovici,[13] is aimed at hiding users’ navigation tracks, in an attempt to prevent eavesdroppers from inferring their profiles, while still allowing them to be identified. Securing data at rest stored in a database is a very challenging privacy-related task, and Elovici has developed a new database encryption scheme, SPDE,[14] which preserves the structure of the database and encrypts its content, such that even the DBA cannot view or modify the database cells’ content.
Bridging the Air-Gap
Air-gapped networks in which the computer network is separated physically from other networks, specifically those that are less secure, are widely used to protect the networks of military defense systems and critical infrastructure. The air-gap isolation was once thought to be a means of successfully preventing sensitive data from leaking from critical networks; however, some of Elovici's recent research[15][16][17][18][19][20][21][22][23][24][25][26] has challenged this, exposing techniques that enable attackers to leak data from these networks via covert channels, including electromagnetic, ultrasonic, thermal, optical channels. In each case, new types of attacks that can bridge the air-gap have been demonstrated.
Malware Detection
Malware detection is a central component of cyber security and the focus of the Telekom Innovation Laboratories at Ben-Gurion University's flagship project: Net Centric Security, which is aimed at purifying NSP networks of malware.[27] As Director of the laboratories, Elovici developed methods based on machine learning techniques for detecting whether a suspected file is malicious or benign. The methods were based on static code analysis[28] and dynamic code analysis, where the suspected file activity was monitored in a sandbox.[29] One of the challenges associated with this research was the synthesis of powerful malware signatures yielding a low false positive detection rate.[30] The issues of detection scalability and performance were addressed in[31] by employing the complex network theory to pinpoint the most influential set of routers for employing monitoring and filtering devices. This research was extended (including a simulator), to find the optimal places for deploying a scribing center for mitigating the denial of service attack launched via botnets.[32]
Mobile Phone Security
Before Android-based mobile devices were introduced into the market for the first time by T-Mobile USA, Elovici was asked to study Android vulnerabilities, threats, and security mechanisms. The findings were summarized in several publications.[33] Following this analysis, he developed several security mechanisms for the Android platform, demonstrating how to secure Android mobile devices using SELinux[34] and developing several prototypes of an intrusion detection system (IDS) for strengthening Android-based devices based on various techniques, such as temporal reasoning and anomaly detection.[35][36] In addition, an efficient, collaborative application-monitoring scheme was developed for mobile devices that allow the devices to detect malicious applications without relying on a central authority.
Web Intelligence and Social Network Security
Terrorist groups use the Web as their infrastructure for various purposes. Elovici designed the advanced terrorist detection system (ATDS) which analyzes the content of information accessed by Web users in order to track down online access to abnormal content, including terrorist-generated sites; ATDS was developed and evaluated using real users and terror-related data.[37][38] In other research, he hypothesized that a new type of information security threat may involve a class of malware that does not have the goal of corrupting and taking control of the machines it infects or stealing specific information stored on them. This research focused on malware aimed at stealing social network and behavioral information through data collection and network science inference techniques. Elovici referred to this type of attack as the stealing-reality attack, and he demonstrated how such an attack can propagate in real social networks.[39] Link prediction in social networks is one of the key tools in Web intelligence, and Elovici developed a very accurate link prediction algorithm to detect fake profiles in social networks which was evaluated on several large social networks.[40] Fake profiles which proliferate on social networks may be used for good as well as malicious purposes, and the link prediction algorithm may allow identifying a connection between terrorists that does not exist in a social graph. Elovici also developed the Social Network Protector, software based on advanced detection mechanisms that can help teenagers identify suspicious members in their social network. The Social Network Protector Facebook app was installed by more than 3000 users.[41][42]
References
- "Software and Information Systems Engineering". in.bgu.ac.il. Retrieved 2017-07-18.
- "Cyber Security Research Center @ Ben-Gurion University | Making the cyber world a safer place". cyber.bgu.ac.il. Retrieved 2017-07-18.
- "BGU and the National Cyber Bureau sign $8.5 Million Agreement to create a National Cyber Security Research Center". in.bgu.ac.il. Retrieved 2017-07-18.
- "Telekom Innovation Laboratories at Ben-Gurion University". tlabs.bgu.ac.il. Retrieved 2017-07-18.
- "Resilient IoT". Information Systems Technology and Design (ISTD). Retrieved 2017-07-18.
- "Faculty - iTrust". iTrust. Retrieved 2017-07-18.
- "Endpoint Security, Threat Prevention, Moving Target Defense | Morphisec". Morphisec. Retrieved 2017-07-18.
- "Telekom Innovation Laboratories at Ben-Gurion University". tlabs.bgu.ac.il. Retrieved 2017-07-18.
- "Yuval Elovici - Google Scholar Citations". scholar.google.co.il. Retrieved 2017-07-18.
- Shabtai, Asaf; Elovici, Yuval; Rokach, Lior (2012-03-15). A Survey of Data Leakage Detection and Prevention Solutions. Springer Science & Business Media. ISBN 9781461420538.
- Security and Privacy in Social Networks | Yaniv Altshuler | Springer. Springer. 2013. ISBN 9781461441380.
- Rami Puzis; Dana Yagil; Yuval Elovici; Dan Braha (2009-01-30). "Collaborative attack on Internet users' anonymity". Internet Research. 19 (1): 60–77. CiteSeerX 10.1.1.219.3949. doi:10.1108/10662240910927821. ISSN 1066-2243.
- Shapira, Bracha; Elovici, Yuval; Meshiach, Adlay; Kuflik, Tsvi (2005-01-15). "PRAW—A PRivAcy model for the Web". Journal of the American Society for Information Science and Technology. 56 (2): 159–172. doi:10.1002/asi.20107. ISSN 1532-2890. S2CID 26433649.
- Shmueli, Erez; Vaisenberg, Ronen; Elovici, Yuval; Glezer, Chanan (December 2010). "Database Encryption: An Overview of Contemporary Challenges and Design Considerations". SIGMOD Rec. 38 (3): 29–34. doi:10.1145/1815933.1815940. ISSN 0163-5808. S2CID 8349138.
- Guri, Mordechai; Zadov, Boris; Atias, Eran; Elovici, Yuval (2017-02-22). "LED-it-GO: Leaking (a lot of) Data from Air-Gapped Computers via the (small) Hard Drive LED". arXiv:1702.06715 [cs.CR].
- Mirsky, Yisroel; Guri, Mordechai; Elovici, Yuval (2017-03-30). "HVACKer: Bridging the Air-Gap by Attacking the Air Conditioning System". arXiv:1703.10454 [cs.CR].
- Guri, Mordechai; Zadov, Boris; Daidakulov, Andrey; Elovici, Yuval (2017-06-04). "xLED: Covert Data Exfiltration from Air-Gapped Networks via Router LEDs". arXiv:1706.01140 [cs.CR].
- Guri, M.; Monitz, M.; Elovici, Y. (December 2016). "USBee: Air-gap covert-channel via electromagnetic emission from USB". 2016 14th Annual Conference on Privacy, Security and Trust (PST). pp. 264–268. arXiv:1608.08397. doi:10.1109/PST.2016.7906972. ISBN 978-1-5090-4379-8. S2CID 11381592.
- Guri, M.; Hasson, O.; Kedma, G.; Elovici, Y. (December 2016). "An optical covert-channel to leak data through an air-gap". 2016 14th Annual Conference on Privacy, Security and Trust (PST). pp. 642–649. doi:10.1109/PST.2016.7906933. ISBN 978-1-5090-4379-8. S2CID 6758847.
- Guri, Mordechai; Solewicz, Yosef; Daidakulov, Andrey; Elovici, Yuval (2016-06-19). "Fansmitter: Acoustic Data Exfiltration from (Speakerless) Air-Gapped Computers". arXiv:1606.05915 [cs.CR].
- Guri, Mordechai; Hasson, Ofer; Kedma, Gabi; Elovici, Yuval (2016-07-13). "VisiSploit: An Optical Covert-Channel to Leak Data through an Air-Gap". arXiv:1607.03946 [cs.CR].
- Guri, Mordechai; Solewicz, Yosef; Daidakulov, Andrey; Elovici, Yuval (2016-08-11). "DiskFiltration: Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard Drive Noise". arXiv:1608.03431 [cs.CR].
- Guri, M.; Monitz, M.; Mirski, Y.; Elovici, Y. (July 2015). "BitWhisper: Covert Signaling Channel between Air-Gapped Computers Using Thermal Manipulations". 2015 IEEE 28th Computer Security Foundations Symposium. pp. 276–289. arXiv:1503.07919. doi:10.1109/CSF.2015.26. ISBN 978-1-4673-7538-2. S2CID 9623596.
- Guri, Mordechai; Kachlon, Assaf; Hasson, Ofer; Kedma, Gabi; Mirsky, Yisroel; Elovici, Yuval (2015). GSMem: Data Exfiltration from Air-gapped Computers over GSM Frequencies. pp. 849–864. ISBN 9781931971232.
{{cite book}}
:|journal=
ignored (help) - Sepetnitsky, V.; Guri, M.; Elovici, Y. (September 2014). "Exfiltration of Information from Air-Gapped Machines Using Monitor's LED Indicator". 2014 IEEE Joint Intelligence and Security Informatics Conference. pp. 264–267. doi:10.1109/JISIC.2014.51. ISBN 978-1-4799-6364-5. S2CID 17117594.
- Guri, M.; Kedma, G.; Kachlon, A.; Elovici, Y. (October 2014). "AirHopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies". 2014 9th International Conference on Malicious and Unwanted Software: The Americas (MALWARE). pp. 58–67. arXiv:1411.0237. doi:10.1109/MALWARE.2014.6999418. ISBN 978-1-4799-7329-3. S2CID 12342852.
- Shabtai, Asaf; Potashnik, Dennis; Fledel, Yuval; Moskovitch, Robert; Elovici, Yuval (2011-08-01). "Monitoring, analysis, and filtering system for purifying network traffic of known and unknown malicious content". Security and Communication Networks. 4 (8): 947–965. doi:10.1002/sec.229. ISSN 1939-0122.
- Shabtai, Asaf; Moskovitch, Robert; Elovici, Yuval; Glezer, Chanan (2009-02-01). "Detection of malicious code by applying machine learning classifiers on static features: A state-of-the-art survey". Information Security Technical Report. Malware. 14 (1): 16–29. doi:10.1016/j.istr.2009.03.003.
- Moskovitch, Robert; Elovici, Yuval; Rokach, Lior (2008-05-15). "Detection of unknown computer worms based on behavioral classification of the host". Computational Statistics & Data Analysis. 52 (9): 4544–4566. doi:10.1016/j.csda.2008.01.028. S2CID 1097834.
- Shabtai, A.; Menahem, E.; Elovici, Y. (July 2011). "F-Sign: Automatic, Function-Based Signature Generation for Malware". IEEE Transactions on Systems, Man, and Cybernetics - Part C: Applications and Reviews. 41 (4): 494–508. doi:10.1109/TSMCC.2010.2068544. ISSN 1094-6977. S2CID 1509115.
- Rami, Puzis; Yuval, Elovici; Shlomi, Dolev (2007-01-01). "Finding the most prominent group in complex networks". AI Communications. 20 (4). ISSN 0921-7126.
- Zilberman, P.; Puzis, R.; Elovici, Y. (2017). "On network footprint of traffic inspection and filtering at global scrubbing centers". IEEE Transactions on Dependable and Secure Computing. PP (99): 521–534. doi:10.1109/TDSC.2015.2494039. ISSN 1545-5971. S2CID 36608732.
- Shabtai, A.; Fledel, Y.; Kanonov, U.; Elovici, Y.; Dolev, S.; Glezer, C. (March 2010). "Google Android: A Comprehensive Security Assessment". IEEE Security Privacy. 8 (2): 35–44. doi:10.1109/MSP.2010.2. ISSN 1540-7993. S2CID 16491459.
- Shabtai, A.; Fledel, Y.; Elovici, Y. (May 2010). "Securing Android-Powered Mobile Devices Using SELinux". IEEE Security Privacy. 8 (3): 36–44. doi:10.1109/MSP.2009.144. ISSN 1540-7993. S2CID 18080586.
- Shabtai, Asaf; Kanonov, Uri; Elovici, Yuval; Glezer, Chanan; Weiss, Yael (2012-02-01). ""Andromaly": a behavioral malware detection framework for android devices". Journal of Intelligent Information Systems. 38 (1): 161–190. doi:10.1007/s10844-010-0148-x. ISSN 0925-9902. S2CID 6993130.
- Shabtai, Asaf; Kanonov, Uri; Elovici, Yuval (2010-08-01). "Intrusion detection for mobile devices using the knowledge-based, temporal abstraction method". Journal of Systems and Software. Performance Evaluation and Optimization of Ubiquitous Computing and Networked Systems. 83 (8): 1524–1537. doi:10.1016/j.jss.2010.03.046.
- Elovici, Y.; Last, M.; Shapira, B.; Zaafrany, O. (2004). "Using Data Mining Techniques for Detecting Terror-Related Activities on the Web". Journal of Information Warfare. 3: 17–29. CiteSeerX 10.1.1.101.3509.
- Elovici, Yuval; Shapira, Bracha; Last, Mark; Zaafrany, Omer; Friedman, Menahem; Schneider, Moti; Kandel, Abraham (2010-02-01). "Detection of access to terror-related Web sites using an Advanced Terror Detection System (ATDS)". Journal of the American Society for Information Science and Technology. 61 (2): 405–418. CiteSeerX 10.1.1.423.372. doi:10.1002/asi.21249. ISSN 1532-2890.
- Altshuler, Yaniv; Aharony, Nadav; Elovici, Yuval; Pentland, Alex; Cebrian, Manuel (2013). "Stealing Reality: When Criminals Become Data Scientists (Or Vice Versa)". Security and Privacy in Social Networks. Springer, New York, NY. pp. 133–151. CiteSeerX 10.1.1.297.114. doi:10.1007/978-1-4614-4139-7_7. ISBN 978-1-4614-4138-0.
- Altshuler, Yaniv; Fire, Michael; Shmueli, Erez; Elovici, Yuval; Bruckstein, Alfred; Pentland, Alex (Sandy); Lazer, David (2013-08-01). "The Social Amplifier—Reaction of Human Communities to Emergencies". Journal of Statistical Physics. 152 (3): 399–418. Bibcode:2013JSP...152..399A. doi:10.1007/s10955-013-0759-z. ISSN 0022-4715.
- Fire, Michael; Kagan, Dima; Elyashar, Aviad; Elovici, Yuval (2014-12-01). "Friend or foe? Fake profile identification in online social networks". Social Network Analysis and Mining. 4 (1): 194. arXiv:1303.3751. doi:10.1007/s13278-014-0194-4. ISSN 1869-5450. S2CID 14764966.
- Fire, M.; Goldschmidt, R.; Elovici, Y. (Fourth Quarter 2014). "Online Social Networks: Threats and Solutions". IEEE Communications Surveys and Tutorials. 16 (4): 2019–2036. arXiv:1303.3764. doi:10.1109/COMST.2014.2321628. ISSN 1553-877X. S2CID 12715489.