I was assigned to a department specialising in information security, an unknown field for me

Although I read Informatics at university, I had learnt very little about Information Security. After joining the company, I was assigned to a department that provides service driven support for customers' CSIRT operations on the cloud. I struggled a lot, because I had to cram to learn the knowledge I need for each task. It was my second year at the company when my boss asked me if I would like to study at IISEC as part of the company's education programme. I immediately answered "Yes, if it is a graduate school specialising in Information Security." Also, a senior colleague who had already enrolled at IISEC told me that I can learn a lot about network-related security, such as Tor for anonymous communication and IoT. I entered IISEC with the expectation that "I would be able to learn exactly what I needed."

The knowledge I learn becomes the foundation of trust for my customers

A year has passed since I enrolled and I was able to learn a wide range of basics such as cryptography and law, as well as network security directly related to my work. Now I feel that I have a good foundation as an information security professional. I was particularly impressed by enPiT/SecCap, where we had a practical training session on CTF with students from other universities. Even though it was a training, the actual experience of attacking servers and other devices helps to make the case studies of companies feel real. I have been transferred to the security consulting department in April this year. When I report the latest security incidents to my customers, I am able to explain in a clear and convincing manner. I think that this has led the customers to increase their trust in me.

Machine learning to improve IDS accuracy, work-based research

Since I enrolled here through the company's education programme, I would like to give back to the workplace with research that is closely related to my work. For this reason, I have chosen IDS (Intrusion Detection and Prevention System) as my research theme. I am investigating anomaly detection IDSs, which have the potential to deal with unknown attacks, and how machine learning can improve accuracy and reduce false positives. Currently, I am comparing how the accuracy of detection varies between different types of machine learning, such as deep learning and ELM. I am very grateful for my supervisor, Professor Sato who gives me the appropriate pinpoint advice, such as "Why don't you research more about this topic?"