Min Du

Min Du

Min Du

University of California, Berkeley

Postdoctoral Researcher

Min Du is a postdoctoral researcher in the Department of Electrical Engineering and Computer Sciences at UC Berkeley, advised by Professor Dawn Song. She obtained her Ph.D. degree in Computer Science from the University of Utah, advised by Professor Feifei Li. She received her bachelor and master degrees from Beihang University in Beijing, China. Her current research interests involve various security and privacy aspects in the areas of machine learning, blockchain, and systems, with a special focus on anomaly detection, including improving existing anomaly detection techniques, as well as applying appropriate anomaly detection methods to different domains.

Research Abstract:

Data-driven analytics has proved its superiority in untangling complex dependencies and uncovering hidden patterns in many ways with the ever-increasing large amounts of data. In the meantime, computer systems generate humongous amounts of system and user data, which are extremely valuable for exploration.

My research focuses on unleashing the power of data-driven analytics, to leverage rich system-generated data, with the goal of making computer systems more intelligent and trustworthy, and to ensure cybersecurity. We seek to achieve online and real-time anomaly detection based on data-driven machine learning techniques that most existing literature have various limitations for. More importantly, our methods aim to tackle the major challenge in system data analysis, where the data are not labeled or contain highly imbalanced labels. Previously, we have achieved state-of-the-art results in unstructured system log data analysis, and further extended the system anomaly detection techniques both to improve existing methods and to apply them into more applications. The proposed improvements include: 1) a decentralized and privacy-preserving machine learning platform to enable collaborative anomaly detection among multiple untrusted parties; 2) a lifelong learning mechanism for anomaly detection model update; and 3) a robust anomaly detection scheme improved by differential privacy. These techniques have been successfully applied to various domains including system log anomaly detection, infected virtual machine detection, and Android malware detection.