Publications (2025)

•  AUTLP:CLEAR

  Fortifying AI: Hands-On Training in Adversarial Attacks and Defense of AI Systems (Full Day)

  Vishal ThakurVishal Thakur (TTUSDS, AU)

  Vishal Thakur is a seasoned expert in the information security industry, with extensive experience in hands-on technical roles specializing in Incident Response, Emerging Threats, Malware Analysis, and Research. Over the years, Vishal has developed a strong reputation for his deep technical expertise and ability to address complex security challenges. He has shared his research and insights at prominent international conferences, including BlackHat, DEFCON, FIRST, and the SANS DFIR Summit, where his sessions have been highly regarded for their depth and practical relevance. Additionally, Vishal has delivered training and workshops at BlackHat and the FIRST Conference, equipping participants with cutting-edge skills and techniques. Currently, Vishal leads as Head of Security Operations AU, Cyber Fusion Center at TikTok USDS, where he oversees advanced security operations and incident response strategies. Previously, he worked as a Senior Researcher at Salesforce, where he contributed to

  As AI becomes integral to critical systems, its vulnerabilities to adversarial attacks and data-related weaknesses pose serious risks. This interactive, one-day training is designed for researchers, and security professionals to understand and mitigate these challenges and get ready for the future of AI Security. Participants will gain a comprehensive foundation in AI security, exploring adversarial attack techniques, defense mechanisms, and best practices for building robust datasets.

  The training combines engaging lectures, live demonstrations, and four hands-on labs focused on real-world adversarial attack scenarios, including CIFAR-10, IMDB, Fashion-MNIST, and SVHN datasets. Participants will learn to craft adversarial examples, test model vulnerabilities, and implement practical defenses like adversarial training, input transformations, and feature squeezing. All code required for the labs will be provided during the sessions, and attendees will receive pre-configured Google Colab notebooks after the training to continue their learning independently.

  A group exercise will simulate securing a facial recognition system, challenging attendees to collaboratively identify threats and apply defenses in a realistic context. By the end of the session, participants will leave with actionable skills, ready-to-use tools, and strategies to enhance the security and resilience of their AI models. This training is ideal for professionals looking to stay ahead in the rapidly evolving field of AI security and robustness.

  Learning Outcomes By the end of the training, participants will:

  • Understand key concepts like adversarial attacks, perturbations, and dataset vulnerabilities.
  • Learn practical methods for generating adversarial examples using real-world datasets.
  • Gain knowledge of defense mechanisms, including adversarial training, feature squeezing, and input preprocessing.
  • Apply their knowledge in a collaborative group exercise to secure an AI system in a simulated scenario.
  • Leave with actionable skills and pre-configured tools to continue learning and apply defenses in their own projects.

  Training @ FIRSTCON25

  June 22, 2025 08:30-10:00, June 22, 2025 10:15-12:30, June 22, 2025 13:30-15:30, June 22, 2025 15:30-17:30

•  PHTLP:AMBER

  On-Site Incident Response: Collaboration of teams for Complex Cyber Incidents

  Alwell Mulsid (Philippine National Computer Emergency Response Team (CERT-PH), DICT, PH)

  Led the CERT-PH incident response section and managed a dynamic team of 15 DFIR professionals and analysts with diverse skill sets, providing critical incident response and support to government agencies across the Philippines. Successfully handled 34 high-priority incidents to date, spanning categories such as ransomware attacks, compromised infrastructures, and advanced persistent threats (APTs). Demonstrated expertise in coordinating complex investigations, ensuring rapid containment, and delivering actionable recommendations to organizations assets.

  • In 2024, conducted 25 hands-on training in incident response operations (artifact gathering, cyber range, table top exercises)
  • Holder of SANS's Lethal Forensicator Coins during the 508 Advanced Incident Response, Threat Hunting, and Digital Forensics training.
  • On-going exam preparations for SANS 508 and ISACA CISA.
  • SEC+, ECIH, CC

  When face with complex cyber incident, an effective incident response requires collaboration beyond internal teams. The integration of internal IT, security teams, and external units such as third-party vendors, and CERTs is crucial for addressing complex cyber incidents. This training session will focus on strategies for fostering communication and collaboration during onsite response to mitigate risks, restore operations, and preserve evidence. Attendees will gain hands-on knowledge of some common tools, techniques, and best practices for managing cybersecurity incidents with a collective approach, ensuring a thorough and coordinated response.

  Training Objectives

  • To equip participants with practical knowledge and actionable steps for conducting onsite incident response, ensuring effective measures are taken to minimize the impact of cyber incidents on the organization.
  • To simulate the basic process of acquiring and analyzing traces of cyberattacks from compromised machines, enabling participants to practice evidence collection and forensic techniques.

  Training Session Applicability This is highly applicable for National CERTs and organizational CSIRTs tasked with providing assistance not only within their own organizational environments but also to sub-units located across diverse locations and operating in varying environments. CERT operations insights will be also explained how IR team collaborate with SOC, VAPT and Threat Intelligence monitoring teams.

  Training @ FIRSTCON25

  June 22, 2025 08:30-10:00, June 22, 2025 10:15-12:30