2 Posts

Marc Ph. Stoecklin

Principal Research Staff Member and Manager, Cognitive Cybersecurity Intelligence (CCSI)

Marc Ph. Stoecklin is a Principal Research Scientist and Manager of the Cognitive Cybersecurity Intelligence (CCSI) group at the IBM T.J. Watson Research Center in Yorktown Heights, NY. He leads IBM's worldwide security research activities on applying artificial intelligence (AI) to cyber security, with a particular focus on advanced threat detection, security/threat intelligence consolidation, AI-supported security advisors, active cyber deception, big data cybersecurity analytics, as well as malware and security analysis (ethical hacking). Marc is the research lead behind IBM Security's recent cognitive security offerings Watson for Cyber Security and QRadar Advisor with Watson. He holds a PhD degree in Computer, Communication and Information sciences from École Polytechnique Fédérale de Lausanne (EPFL), Switzerland.

Written By Marc Ph. Stoecklin

Hidden in Plain Sight: File System Protection With Cyber Deception

Decoy File Systems (DcyFS), a new file system approach recently unveiled in Paris, complement access control schemes and can help overcome many of the fundamental limitations of traditional ACLs.

DeepLocker: How AI Can Power a Stealthy New Breed of Malware

DeepLocker has changed the game of malware evasion by taking a fundamentally different approach from any other current evasive and targeted malware. Here's what you need to know.

Co-Written By Marc Ph. Stoecklin

How to Use DNS Analytics to Find the Compromised Domain in a Billion DNS Queries

Using unique methods of analyzing DNS data, advanced DNS analytics enables security teams to quickly and proactively find and eliminate potential threats.

Following the Clues With DcyFS: A File System for Forensics

Decoy File System's overlay layer is a forensic tool that helps security teams piece together what happens during a cyberattack and collect key evidence in the aftermath of a breach.

Reconciling Trust With Security: A Closer Look at Cyber Deception With DcyFS

Central to DcyFS's cyber deception capabilities is its ability to modulate subject trust through a hierarchical file system organization.