Colin C. N. Ife
Ph.D., MRes, MEng, BA (Hons.)
About
I am a Security Data Scientist with passion for and expertise in data-driven cybersecurity and AI applications to the field.
I am currently living this passion at Glasswall where I lead a dynamic Data Intelligence Team that builds AI-powered, threat intelligence solutions for detecting and preventing file-based threats.
I attained my Ph.D. in Cybersecurity from University College London (UCL), where I was supervised by Gianluca Stringhini and Steven J. Murdoch.
In general, my doctoral research centred around applying data-driven analyses to cybersecurity and cybercrime problems. Specifically, I employed cross-disciplinary techniques and frameworks to measure malware distribution networks and elucidate ways to disrupt them more effectively.
I am an alumnus of the Information Security Group within the UCL Computer Science Department, and also the Jill Dando Institute of Security and Crime Science.
Before joining UCL, I obtained BA (Hons.) and MEng degrees in Information and Computer Engineering from the University of Cambridge Department of Engineering. I then obtained a MRes degree in Security Science at UCL, and a conferred MA from Jesus College, University of Cambridge.
They say seeing
is believing.I say believing
is seeing.
Recent Publications
2021
Colin C. Ife. Measuring and Disrupting Malware Distribution Networks: An Interdisciplinary Approach. UCL (University College London).
a four-year journey into the complexities of malware delivery networks and how we can disrupt them. 2021. [thesis]
Colin C. Ife, Yun Shen, Steven J. Murdoch, and Gianluca Stringhini. Marked for Disruption: Tracing the Evolution of Malware Delivery Operations Targeted for Takedown. In 24th International Symposium on Research in Attacks, Intrusions and Defenses (RAID ‘21).
San Sebastian, Spain, october 6-8 2021. [paper] [slides]
2019
Colin C. Ife, Toby Davies, Steven J. Murdoch, and Gianluca Stringhini. Bridging Information Security and Environmental Criminology Research to Better Mitigate Cybercrime.
Cybercrime, Place, the internet, and a new perspective. October 2019. [PRE-print]
Colin C. Ife, Yun Shen, Steven J. Murdoch, and Gianluca Stringhini. Waves of Malice: A Longitudinal Measurement of the Malicious File Delivery Ecosystem on the Web. In Proceedings of ACM Asia Conference on Computer and Communications Security (AsiaCCS ’19).
Auckland, New Zealand, July 9-12 2019. [Paper] [SLIDES]
Blog Posts
2024
How Glasswall’s experts are tackling ‘concept drift’ in machine learning for malware detection.
Glasswall, September 2024.
2020
Thoughts on the Future Implications of Microsoft’s Legal Approach towards the TrickBot Takedown.
Bentham’s Gaze, October 2020.
2019
We’re fighting the good fight, but are we making full use of the armoury?
Bentham’s Gaze, November 2019.
A Reflection on the Waves Of Malice: Malicious File Distribution on the Web (Part 2).
Bentham’s Gaze, September 2019.
A Reflection on the Waves Of Malice: Malicious File Distribution on the Web (Part 1).
Bentham’s Gaze, September 2019.
Thesis
Measuring and Disrupting Malware Distribution Networks: An Interdisciplinary Approach
Malware Delivery Networks (MDNs) are networks of webpages, servers, devices, and computer files that are used by cybercriminals to proliferate malicious software (or malware) onto victim machines.
The business of malware delivery is a complex and multifaceted one that has become increasingly profitable over the last few years. Due to the ongoing arms race between cybercriminals and the security community, cybercriminals are constantly evolving and streamlining their techniques to beat security countermeasures and avoid disruption to their operations, such as by security researchers infiltrating their botnet operations, or law enforcement taking down their infrastructures and arresting those involved. So far, the research community has conducted insightful but isolated studies into the different facets of malicious file distribution. Hence, only a limited picture of the malicious file delivery ecosystem has been provided thus far, leaving many questions unanswered.
Using a data-driven and interdisciplinary approach, the purpose of this research is twofold. One, to study and measure the malicious file delivery ecosystem, bringing prior research into context, and to understand precisely how these malware operations respond to security and law enforcement intervention. And two, taking into account the overlapping research efforts of the information security and crime science communities towards preventing cybercrime, this research aims to identify mitigation strategies and intervention points to disrupt this criminal economy more effectively.