Rachel Greenstadt

Rachel Greenstadt

Associate Professor
New York University

Determining malware authorship from code, or even binary files

Many hackers like to contribute code, binaries, and exploits under pseudonyms, but how anonymous are these contributions really? In this talk, I will discuss our work on programmer de-anonymization from the standpoint of machine learning. I will show how abstract syntax trees contain stylistic fingerprints and how these can be used to potentially identify programmers from code and binaries. We perform programmer de-anonymization using binaries, small commit-sized segments of code fromGitHub repositories, and the leaked Nulled.IO hacker forum.

In collaboration with:

Rachel Greenstadt is an Associate Professor at New York University (NYU). Prior to joining NYU, Greenstadt was an Associate Professor of Computer Science at Drexel University, where she ran the highly regarded Privacy, Security, and Automation Laboratory (PSAL) and served as an advisor to the Drexel Women in Computing Society. Before that, she was a Postdoctoral Fellow at Harvard’s School of Engineering and Applied Sciences, a Visiting Scholar with the University of Southern California TEAMCORE group, and a Research Intern at Lawrence Livermore National Laboratory.

Greenstadt's research has focused on designing more trustworthy intelligent systems — systems that act not only autonomously, but also with integrity, so that they can be trusted with important data and decisions. She holds a bachelor’s degree in Computer Science and master’s degrees in Electrical Engineering and Computer Science from MIT, as well as a Ph.D. in Computer Science from Harvard.