Publications
Papers
2024
garak: a Framework for Security Probing Large Language Models Leon Derczynski, Erick Galinkin, Jeffrey Martin, Subho Majumdar, Nanna Inie. [arxiv]
AEGIS: Online Adaptive AI Content Safety Moderation with Ensemble of LLM Experts Shaona Ghosh, Prasoon Varshney, Erick Galinkin, Christopher Parisien. [arviv]
The Price of Pessimism for Automated Defense Erick Galinkin, Emmanouil Pountourakis, Spiros Mancoridis. Conference on Decision and Game Theory in Security 2024
2023
Behavioral Malware Detection using a Language Model Classifier Trained on sys2vec Embeddings John Carter, Pavlos Protopapas, Spiros Mancoridis, Erick Galinkin. 56th Hawaii International Conference on System Sciences [PDF]
IoT Malware Data Augmentation using a Generative Adversarial Network John Carter, Pavlos Protopapas, Spiros Mancoridis, Erick Galinkin. 56th Hawaii International Conference on System Sciences [PDF]
2022
Simulation of Attacker Defender Interaction in a Noisy Security Game Erick Galinkin, Emmanouil Pountourakis, John Carter, Spiros Mancoridis. AAAI-23 Workshop on Artificial Intelligence and Cybersecurity (AICS) [arxiv]
Pain Points: Ransomware Data Disclosure Trends Paul Prudhomme, Erick Galinkin. Rapid7 [Rapid7 Website]
Fast, Lightweight IoT Anomaly Detection Using Feature Pruning and PCA John Carter, Spiros Mancoridis, Erick Galinkin. ACM/SIGAPP Symposium On Applied Computing [PDF]
2021
Winning the Ransomware Lottery Erick Galinkin. Conference on Decision and Game Theory in Security 2021 [arxiv]
Evaluating Attacker Risk Behavior in an Internet of Things Ecosystem Erick Galinkin, John Carter, Spiros Mancoridis. Conference on Decision and Game Theory in Security 2021 [arXiv]
Information Security Games: A Survey Erick Galinkin. Drexel University Candidacy Exam [arXiv]
2020
Green Lighting ML: Confidentiality, Integrity, and Availability of Machine Learning Systems in Deployment Abhishek Gupta, Erick Galinkin. 37th International Conference on Machine Learning, Workshop on Challenges in Deploying and Monitoring Machine Learning Systems [PDF]
Malicious Network Traffic Detection Via Deep Learning: An Information Theoretic View Erick Galinkin. Johns Hopkins University Masters Thesis [PDF]
2019
The Future of Cyber Attacks and Defense is in the Cloud Erick Galinkin, Jenko Hwong, Abhinav Singh, Colin Estep, Ashwin Vamshi, Ray Canzanese. IEEE 14th International Conference on Malicious and Unwanted Software [PDF]
Talks
2024
garak Leon Derczynski, Erick Galinkin. DEF CON 32 Demo Labs
garak : A Framework for Large Language Model Red Teaming Leon Derczynski, Erick Galinkin. DEF CON 32 AI Village
2023
Security Data Science Teams: A Guide to Prestige Classes Erick Galinkin. BSides Las Vegas 2023 Ground Truth
AI Caramba! A DC Interface on Machine Learning Austin Carson, Erick Galinkin, Rumman Chowdhury, Kellee Wicker, Tim Ryan. DEF CON 31 Policy Village
2022
The Evolving Threat of Ransomware Erick Galinkin. Rapid7 Research Lounge at RSA Conference.
Understanding the Cyber Threat Landscape Erick Galinkin. Gehring Group Invited Speaker.
Information Geometry: A Crash Course Erick Galinkin. Mini Course on Computation, Harvard University [Youtube]
2021
Winning the Ransomware Lottery Erick Galinkin. Princeton Empirical Studies of Conflict Seminar
Who’s Afraid of Thomas Bayes? Erick Galinkin. DEF CON 29 AI Village
Challenges in Network Security, Privacy, and the Law Erick Galinkin. RENCI Workshop on Data for AI in Network Systems [PDF]
Machine Learning Vulnerabilities and Fabric Choices Erick Galinkin. PancakesCon2 [Youtube]
What is… Information Geometry? Erick Galinkin. What is… a seminar?
2020
Baby’s First 100 MLSec Words Erick Galinkin. DEF CON AI Village[Youtube]
Vulnerabilities? In My Machine Learning? It’s More Likely Than You Think. Erick Galinkin. Penn State University [Youtube]
2019
What is the Shape of an Executable? Erick Galinkin. Conference on Applied Machine Learning in Information Security [Youtube]
Your Blocklist is Dead. Airgap Everything. Erick Galinkin. DEF CON Cloud Village [Youtube]
Articles and Blog Posts
2023
Nearly 19,000 ESXi Servers Still Vulnerable to CVE-2021-21974 Erick Galinkin. [Rapid7 Blog]
2022
Leaked Android Platform Certificates Create Risks for Users Erick Galinkin. [Rapid7 Blog]
CVE-2022-42889: Keep Calm and Stop Saying “Text4Shell” Erick Galinkin. [Rapid7 Blog]
Architecting for Extortion: Acting on the IST’s Blueprint for Ransomware Defense Erick Galinkin. [Rapid7 Blog]
Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict Erick Galinkin [Rapid7 Blog]
8 Tips for Securing Networks When Time is Scarce Erick Galinkin. [Rapid7 Blog]
Being Naughty To See Who Was Nice: Machine Learning Attacks on Santa’s List Erick Galinkin. [Rapid7 Blog]
2021
The Ransomware Killchain: How It Works, and How to Protect Your Systems Erick Galinkin. [Rapid7 Blog]
Slot Machines and Cybercrime: Why Ransomware Won’t Quite Pulling Our Lever Erick Galinkin. [Rapid7 Blog]
Why the Robot Hackers Aren’t Here (Yet) Erick Galinkin. [Rapid7 Blog]
SolarWinds Serv-U FTP and Managed File Transfer CVE-2021-35211: What you Need to Know Erick Galinkin. [Rapid7 Blog]
CVE-2021-34527 (PrintNightmare): What you Need to Know Erick Galinkin. [Rapid7 Blog]
AI in Cybersecurity: Six Considerations for 2021 Erick Galinkin. [Inside Big Data]
2020
CORS Exploitation in the Cloud Erick Galinkin. [Netskope Blog]
2019
Why the Future of Command and Control is the Cloud Erick Galinkin. [Netskope Blog]
2017
Attack on Critical Infrastructure Leverages Template Injection Sean Baird, Earl Carter, Erick Galinkin, Christopher Marczewski, Joe Marshall. [Talos Intelligence Blog]
2016
Angler Catches Victims Using Spam as Bait Nick Biasini, Erick Galinkin, Alex McDonnell. [Talos Intelligence Blog]
Threat Spotlight: Exploit Kit Goes International Hits 150+ Countries Nick Biasini, Erick Galinkin, Alex McDonnell. [Talos Intelligence Blog]
Angler Attempts to Slip the Hook Nick Biasini, Joel Esler, Erick Galinkin, Melissa Taylor. [Talos Intelligence Blog]