Bikash Saha- PhD
- PhD Student at Indian Institute of Technology Kanpur
Bikash Saha
- PhD
- PhD Student at Indian Institute of Technology Kanpur
PhD Scholar
About
13
Publications
2,293
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
38
Citations
Introduction
Bikash Saha is a Ph.D. candidate in the Department of Computer Science & Engineering at the Indian Institute of Technology (IIT) Kanpur, under the supervision of Prof. Sandeep Kumar Shukla. His research focuses on cybersecurity, particularly in malware analysis, Advanced Persistent Threat (APT) detection and attribution, and the application of Natural Language Processing (NLP) and Large Language Models (LLMs) in threat intelligence.
Current institution
Publications
Publications (13)
The dual use nature of Large Language Models (LLMs) presents a growing challenge in cybersecurity. While LLM enhances automation and reasoning for defenders, they also introduce new risks, particularly their potential to be misused for generating evasive, AI crafted malware. Despite this emerging threat, the research community currently lacks contr...
Generative Artificial Intelligence (GenAI) is rapidly reshaping the global financial landscape, offering unprecedented opportunities to enhance customer engagement, automate complex workflows, and extract actionable insights from vast financial data. This survey provides an overview of GenAI adoption across the financial ecosystem, examining how ba...
Current malware (malicious software) analysis tools focus on detection and family classification but fail to provide clear and actionable narrative insights into the malignant activity of the malware. Therefore, there is a need for a tool that translates raw malware data into human-readable descriptions. Developing such a tool accelerates incident...
The rise in cybercrime and the complexity of multilingual and code-mixed complaints present significant challenges for law enforcement and cybersecurity agencies. These organizations need automated, scalable methods to identify crime types, enabling efficient processing and prioritization of large complaint volumes. Manual triaging is inefficient,...
Advanced Persistent Threat (APT) attribution is a critical task and essential for defensive measure, guiding policy decision, and improving cyber resilience. This research aims to establish a credible connection between APT attack-related malware and the threat groups most likely to be their originators. These malware are usually developed by threa...
The current state of Advanced Persistent Threats (APT) attribution primarily relies on time-consuming manual processes. These include mapping incident artifacts onto threat attribution frameworks and employing expert reasoning to uncover the most likely responsible APT groups. This research aims to assist the threat analyst in the attribution proce...
Understanding the modus operandi of adversaries aids organizations to employ efficient defensive strategies and share intelligence in the community. This knowledge is often present in unstructured natural language text within threat analysis reports. A translation tool is needed to interpret the modus operandi explained in the sentences of the thre...
Advanced Persistent Threat (APT) attribution is a critical challenge in cybersecurity and implies the process of accurately identifying the perpetrators behind sophisticated cyber attacks. It can significantly enhance defense mechanisms and inform strategic responses. With the growing prominence of artificial intelligence (AI) and machine learning...
In the present cyber landscape, the sophistication level of malware attacks is rising steadily. Advanced Persistent Threats (APT) and other sophisticated attacks employ complex and intelligent malware. Such malware integrates numerous malignant capabilities into a single complex form of malware, known as multipurpose malware. As attacks get more co...
With the proliferation of attacks from various Advanced Persistent Threats (APT) groups, it is essential to comprehend the threat actor’s attack patterns to accelerate threat detection and response. The MITRE ATT&CK framework’s Tactics, Techniques, and Procedures (TTPs) help to decipher attack patterns. The APT reports, published by security firms,...
Questions
Question (1)
This question examines the transformative impact of large language models (LLMs) on cybersecurity, looking at both the potential benefits—such as automating threat detection and refining incident response—and the emerging risks tied to AI-driven attacks. It prompts an exploration of how LLM capabilities, like natural language processing and real-time analytics, can bolster defense strategies, while also highlighting the novel threats these same technologies may introduce, including more convincing social engineering attempts and rapid development of malicious code.
