Pei-Yu Tseng

Graduate Student

+1 8148265789

[email protected]

State College, PA

Currently, as a Ph.D. student in Informatics at Penn State, I am conducting research under the guidance of Professor Peng Liu, who directs both the Penn State Cyber Security Lab and the Lion Center. Prior to this, I was involved in three significant projects at Academia Sinica in Taiwan, focusing on threat intelligence and threat hunting. My current research interest lies in leveraging Large Language Models to enhance the capabilities of Security Operations Centers in threat intelligence and threat hunting. I am committed to advancing this field by developing innovative technology solutions that improve organizational responses to cyber threats and safeguard information security.

Research Experience

Research Assistant

Pennsylvania State University - State College, PA08.2023 - Present

  • Using LLM for Threat Intelligence
    • Led the conceptualization of the operational workflow for an AI agent utilizing Large Language Models to advance threat intelligence applications.
    • Pioneered a method to significantly reduce false positives and false negatives in LLM outputs, directly enhancing the precision of the model's responses without the need for fine-tuning.
    • Developed an automated system for generating regular expressions, enabling more efficient extraction and pinpointing of threat indicators from extensive, unstructured data sets.
  • Reinforcement Learning for Advanced Persistent Threat
    • Designed and executed simulations that accurately represented how attackers perform lateral movements within a network, enhancing the understanding of intruder behavior in real-world environments.
    • Created a specialized dataset from these simulations, which was instrumental in training and refining the reinforcement learning model, leading to more accurate predictions and effective defense strategies.

Academia Sinica - Taipei, Taiwan • 09.2021 - 06.2023

  • Attack Behavior Detection and Alignment with Kernel Audit Logs for Advanced Persistent Threats
    • Simulated APT attack on Linux and Windows
    • Developed a theory for efficiently reducing kernel audit logs to ensure the high quality of behavior detection 
    • Developed models leveraging embedding and Generative Adversarial Networks to correlate and mine suspicious behavior in audit logs
  • Modeling Threat Representation through Building Cyber Threat Knowledge Base for Advanced Persistent Threats 
    • Developed models to extract semantic context from cyber threat intelligence platforms for generating provenance graphs
  • Using Honeypot Logs and Packets for Identifying Network Attack Patterns and their Signature
    • Utilizing BERT-based models to analyze packets and logs from honeypots provided by Soft Bank

M.S.

National Chung Cheng University - Chiayi, Taiwan • 09.2019- 07.2021

  • Driving Behavior Recognition Based on Generative Adversarial Networks   
    • Developed a redesigned model for identifying whether drivers are the owners of cars
    • Developed a mechanism for ensuring the reliability of the detection system
    • Evaluating the accuracy of several types of GAN in different situations

Work Experience

Penetration tester 

The Chiayi County Government, Taiwan • 05. 2020 - 12. 2020

  • Identified security vulnerabilities and weaknesses in websites or IoT devices for  the Chiayi County government  

Network administrator

College of Engineering at CCU, Taiwan •  09. 2019 - 09. 2020

  • Maintained and administered the college's firewalls and network infrastructures
  • Managed the college's services, such as websites, VPN, and DNS

Education

Ph.D. in Informatics

The Pennsylvania State University•  08. 2023–present

M. S. In Computer Science and Information Engineering

National Chung Cheng University •  09. 2019–07.2021

B. S. In Computer Science

National Taichung University of Education  •  09. 2015–07.2019

Publication

  • PeiYu Tseng; ZihDwo Yeh; Xushu Dai; Peng Liu, Using LLMs to Automate Threat Intelligence Analysis Workflows in Security Operation Centers (In progress)[arxiv]
  • Siyuan Xu; Lan Zhang; PeiYu Tseng; Fan Zhang; Minghui Zhu; Peng Liu, Proactive Defense Against Lateral Movement Attacks: A Reinforcement Learning Approach (submitted)
  • PeiYu Tseng; Po-Ching Lin;  Edy Kristianto, Vehicle Theft Detection by Generative Adversarial Networks on Driving Behavior. Engineering Applications of Artificial Intelligence (published) [Paper]

Project

  • Using LLMs to Automate Threat Intelligence Analysis Workflows in Security Operation Centers
    • Developed an AI agent to replace the labor-intensive repetitive tasks involved in analyzing CTI reports and doing correlation search
  • Reinforcement Learning for Advanced Persistent Threat
    •  A novel approach to defend against APT attacks, specifically targeting lateral movement.
    • To formulate APT attack into Observable Markov Decision Process (POMDP) problems
  • APT Discovery using OSINT and Network & System Logs
    • Integrated Open-source intelligence, Cyber threat intelligence, and MITRE ATT&CK framework into a cyber threat knowledge base, and developed neural network architectures to analyze and detect APT attacks in a multi-host environment.
    • Aligned the observed evidence to adversary lifecycle and correlated the relation between the detected 

      attacks and known attackers.

Skills

  • Python
  • TensorFlow
  • Cyber Threat Intelligence


  • Bash scripting
  • Linux Shell
  • Mitre att&ck framework


  • Correlation search
  • PyTorch
  • Large Language Models
Powered By
Cake