UWindsor Together: Student Mental Health and Remote Learning Services

Colloquium Presentation by Dr. Rasheed Hussain: "Machine Learning and API Security: What We Have and What We Need "

Friday, November 27, 2020 - 11:00 to 12:30

SCHOOL OF COMPUTER SCIENCE – Colloquium Series 

 

The School of Computer Science at the University of Windsor is pleased to present… 

Photo of Dr. Rasheed Hussain, Innopolis Univeristy, Russia
Presenter: 
Dr. Rasheed Hussain: Associate Professor and the Director of Institute of Information Security and Cyber-Physical Systems at Innopolis University, Innopolis, Russia 
 
Date: Friday November 27, 2020 
Time: 11:00am-12:30pm (EST) 
Passcode: If you are interested in attending this colloquium presentation, send an email request to the Graduate Secretary at csgradinfo@uwindsor.ca
Reminder: All participants must sign with their full name and status in to the excel spreadsheet attendance form (link provided in the zoom chat)
 

Abstract 

Over the last couple of decades, business models have changed enormously due to, at least in part, the digital transformation and the astronomical demand and supply of new applications and services. To catch up with the increasing pressure from the businesses, the newly envisioned services must be realized rapidly. Application Programming Interface (API) is a mechanism that has enabled the rapid realization, scalability, and sharing of services and value among different entities. In other words, APIs are the new business trend among the enterprises. APIs provide a direct access to the business-logic of the applications and data which is of paramount importance for the enterprise to deliver their services without any delay and share the data with partners. However, despite the exciting features of APIs and their undisputed important role in the enterprises, APIs lure cyber attackers and suffer from a number of attacks. This phenomenon makes them a double-edge sword where in addition to scaling the business of an enterprise, they introduce new attack vectors and new points of vulnerabilities. Recent researches have shown that cyber attackers are targeting APIs to attack enterprises because APIs are (possibly) the easy targets to launch attacks. Furthermore, the availability of computation and communication resources render other intelligent techniques (such as Artificial Intelligence) feasible for security in the cyber domain. The rationale for using Artificial Intelligence (AI)-based techniques and different breeds of AI in security, is their applicability and effectiveness in detecting and mitigating cyber-attacks. In the same spirit, AI, Machine Learning (ML), and Deep Learning (DL) have been used to protect APIs against misuse and different kinds of attacks.  
 
In this talk, the security requirements and the current state of API security will be discussed. From the security solutions standpoint, this talk will cover the current solutions for API security and their shortcomings that will lead us to discuss the role of AI, ML, and DL in API security. Furthermore, this talk will also touch upon the General Data Protection Regulation (GDPR) compliance of API security. Towards the end of the talk, we will identify the current trends and pressing issues in the API security that need immediate attention with respect to ML and DL.  

 

Biography 

 
Rasheed Hussain received his B.S. Engineering degree in Computer Software Engineering from University of Engineering and Technology, Peshawar, Pakistan in 2007, MS and PhD degrees in Computer Science and Engineering from Hanyang University, South Korea in 2010 and 2015, respectively. He worked as a Postdoctoral Fellow at Hanyang University, South Korea from March 2015 to August 2015. He also worked as a guest researcher and consultant at University of Amsterdam (UvA), The Netherlands from September 2015 till May 2016 and as Assistant Professor at Innopolis University, Innopolis, Russia from June 2016 till December 2018. Currently he is an Associate Professor and the Director of Institute of Information Security and Cyber-Physical Systems at Innopolis University, Innopolis, Russia. He is also the head of Networks and Blockchain Lab at Innopolis University and serves as an ACM Distinguished Speaker. 
 
He is a senior member of IEEE, member ACM, and serves as editorial board member for various journals and symposium chair for IEEE ICC 2021 CISS symposium. He is a certified trainer for Instructional Skills Workshop (ISW), Canada, and a recipient of Netherland’s University Teaching Qualification (Basis Kwalificatie Onderwijs, BKO). His research interests include Information Security and Privacy and particularly security and privacy issues in Vehicular Ad Hoc NETworks (VANETs), vehicular clouds, and vehicular social networking, applied cryptography, Internet of Things, Content-Centric Networking (CCN), cloud computing, API security, and blockchain
 
Vector Institute artifical intelligence approved logo
 
5113 Lambton Tower 401 Sunset Ave. Windsor ON, N9B 3P4 (519) 253-3000 Ext. 3716 csgradinfo@uwindsor.ca