BEGIN:VCALENDAR
PRODID:-//planitpurple.northwestern.edu//iCalendar Event//EN
VERSION:2.0
CALSCALE:GREGORIAN
METHOD:PUBLISH
CLASS:PUBLIC
BEGIN:VTIMEZONE
TZID:America/Chicago
TZURL:http://tzurl.org/zoneinfo-outlook/America/Chicago
X-LIC-LOCATION:America/Chicago
BEGIN:DAYLIGHT
TZOFFSETFROM:-0600
TZOFFSETTO:-0500
TZNAME:CDT
DTSTART:19700308T020000
RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=2SU
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0500
TZOFFSETTO:-0600
TZNAME:CST
DTSTART:19701101T020000
RRULE:FREQ=YEARLY;BYMONTH=11;BYDAY=1SU
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
SEQUENCE:0
DTSTART;TZID=America/Chicago:20260522T110000
DTEND;TZID=America/Chicago:20260522T130000
DTSTAMP:20260516T232141Z
SUMMARY:Lingzhi Wang CS PhD Final Defense: Bridging Gaps in Operational Cyber Defense: Adaptive Intrusion Detection\, Automated Red Teaming\, and Realistic Evaluation
UID:642537@northwestern.edu
TZID:America/Chicago
DESCRIPTION:Advanced Persistent Threats (APTs) have emerged as one of the most consequential categories of cyberattacks\, causing widespread damage to enterprise infrastructure\, critical systems\, and national security. In response\, the research community has made substantial progress in APT detection and defense\, especially through the development of provenance-based intrusion detection systems (PIDS). Despite these advances\, significant gaps persist between academic research and operational practice. First\, complex graph-learning-based detectors incur high computational overhead\, excessive detection latency\, and degraded performance under the bursty\, irregular workloads common in production environments. Second\, the absence of systematic\, scalable methods for generating realistic APT attack scenarios limits the thoroughness with which defense systems can be stress-tested. Lastly\, the field continues to be constrained by the scarcity of comprehensive\, realistic\, and up-to-date benchmark datasets for APT intrusion detection research. This dissertation addresses these three operational gaps through ML and AI\, particularly generative AI. It defines\, analyzes\, and proposes solutions for: (1) efficiency challenges in provenance-based intrusion detection; (2) the absence of systematic\, scalable methods for generating realistic\, causality-preserving APT attack scenarios for rigorous red-team evaluation; and (3) the scarcity of comprehensive\, realistic\, and up-to-date benchmark datasets for APT intrusion detection. \n\nWebcast Link: https://northwestern.zoom.us/j/7980631772
LOCATION:Mudd Hall ( formerly Seeley G. Mudd Library)\, Mudd 3514\, 2233 Tech Drive\, Evanston\, IL 60208
TRANSP:OPAQUE
URL:https://planitpurple.northwestern.edu/event/642537
CREATED:20260515T050000Z
STATUS:CONFIRMED
LAST-MODIFIED:20260515T050000Z
PRIORITY:0
BEGIN:VALARM
TRIGGER:-PT10M
ACTION:DISPLAY
DESCRIPTION:Reminder
END:VALARM
END:VEVENT
END:VCALENDAR