He has been a DPI/IDS/IPS engineer since 2001.
He led the anti-botnet project of MoECC in NTHU (2009-2013) and held “Botnet of Taiwan” (BoT) workshops (2009-2014).
He spoke at HitCon2014 CMT,HitCon2015 CMT and HitCon 2019.
His primary research interests are in network security, intrusion detection systems, reversing engineering, malware detection, and embedded systems.
Deep packet inspection (DPI) technology is widely used in network-side defense or detection equipment such as IPS/IDS/UTM. The signature/virus patterns (i.e., DPI Rules) used to detect threats can be treated as the DPI system's soul. In the past, the generation of DPI rules relied on rich experience and consumed a lot of time. In recent years, with AI's help, we can have some automation in the rule generation process. Through this automation, we can lower the technical threshold of rule making and shorten rule generation time. This talk will share related technologies and provide a PoC demo.