Dr Vrizlynn Thing
Head, Cyber Security and Intelligence
Institute for Infocomm Research, A*STAR
Dr Vrizlynn Thing leads the Cyber Security & Intelligence (CSI) R&D Department at the Institute for Infocomm Research, A*STAR, Singapore. The department focuses on cyber security, digital forensics and crime analytics research and technology innovation. She is also an Adjunct Associate Professor at the National University of Singapore (School of Computing), and the Singapore Management University (School of Information Systems). She also holds the appointment of Honorary Assistant Superintendent of Police (Specialist V) at the Singapore Police Force, Ministry of Home Affairs. Dr Thing has over 15 years of security and forensics R&D experience with in-depth expertise in cyber attack & crime evolvement detection and mitigation, cyber security, digital forensics, and security intelligence & analytics. Her research draws on her multidisciplinary background in computer science (Ph.D. from Imperial College London, United Kingdom), and electrical, electronics, computer and communications engineering (Diploma from Singapore Polytechnic, B.Eng. (Hons) and M.Eng by Research from Nanyang Technological University, Singapore). During her career, she has taken on various roles with the key focus to lead and conduct world-class industry-relevant R&D that brings a positive impact to our economy and society. She also participates actively as the Principal Investigator and Lead Scientist of several collaborative projects with industry partners such as MNCs and the government agencies, and is the Co-Director of the ST-InfoSec - A*STAR Cyber Security Joint Lab, the Sopra Steria - A*STAR Cyber Security Joint Lab, and the Custodio - A*STAR Cyber Security Joint Lab.
Vulnerability Discovery Prediction
A vulnerability discovery model (VDM) describes the number of security vulnerabilities for a software across time. Different models have been proposed to capture characteristics of the vulnerabilities discovery trend during different stages in the life cycle of various software. Such models can help in assessing the risk of a software by helping to predict the trend of vulnerabilities discovery. However, existing works examine software independently when investigating the use of such VDMs. In this talk, we share our work on a proposed algorithm to utilise vulnerability discovery data from past versions of a current software to help in building its vulnerability discovery model. Experimental results indicate merit in the algorithm in cases where there is limited data for the current software.