Chung-Kuan Chen is currently a senior researcher in CyCraft, and responsible for organizing the research team, and Adjunct Assistant Professor in Soochow Uiniversity, Taiwan. He earned his PHD degree of Computer Science and Engineering from National Chiao-Tung University (NCTU). His research focuses on cyber attack and defense, machine learning, software vulnerability, malware and program analysis. He also dedicates to security education. As founder of NCTU hacker research clubs, he trained students to participate in world-class security contests, and has experience of participating DEFCON CTF (2016 in HITCON Team and 2018 as coach in BFS team). Besides, he has presented technical presentations in technique conferences, such as BlackHat, HITCON, CHITB, RootCon, CodeBlue, FIRST and VXCON. As an active member in Taiwan security community, he is the chairman of HITCON review committee as well as director of Association of Hacker In Taiwan, and member of CHROOT - the top private hacker group in Taiwan.
In a zero trust architecture, despite mature practices in identity and device authentication, the methods for trust inference at Policy Decision Points (PDP) remain unclear. To address this, we propose a Trust Inference Maturity Model, providing enterprises with a flexible and effective strategy for trust inference. To rapidly adapt to evolving cyber threats, we integrate large language model technology to quickly generate and adjust risk rules, responding to the rapidly changing cyber threats and enhancing the adaptability and interpretability of the overall security architecture.
With the Taiwan presidential election underway, cyber attacks by Chinese hacker groups against Taiwan have become more frequent. Recently, we investigated a supply chain attack targeting Taiwan, which focused on a widely used document tool in Taiwan that is not only prevalent in government agencies but also heavily utilized in government, legal and academic institutions, potentially affecting over 500,000 victims. In this attack, we also discovered traces of malware from many Chinese threat group. The attackers compromised update servers to deliver malware to victim endpoints and remained undetected for several years.
From this attack, we also reviewed the past decade, from Operation GG to recent supply chain attacks targeting financial institutions. We conducted in-depth analysis on various supply chain attack techniques from both software development processes and supply chain service processes, including supply chain software vulnerabilities, implanting malware into normal programs, island hopping attacks, and out-sourcer leakage. We analyzed the causes of supply chain incidents and defense mechanisms. Additionally, we will introduce how we have utilized AI in the past few years to assist analysts in conducting incident investigations.
CYBERSEC 2024 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy 。