Nedim Šrndić

Machine Learning Research Engineer

My research concerns applications of machine learning in the domain of cybersecurity.

I have developed several prototypes for malware detection and malware family classification, both static and dynamic, using tree-based algorithms and neural networks. A highlight of this work was a novel method for interpreting the neural network model, with intuitive visual explanations of the model bias, individual classification decisions and comparisons between malware families.

I contributed to projects in network traffic analysis, making innovations in the detection of cryptocurrency mining and covert HTTP tunnels.

Most recently my interests expanded into knowledge extraction from unstructured sources. Together with a small team we are working on an NLP-based approach for comprehension of cybersecurity threat reports. Our aim is to extract not only operational information (indicators of compromise), but also tactical and strategic information, and relations between them.