Sheng-Shan Chen

陳勝舢 (Sheng-Shan Chen)

國立臺北科技大學 資訊工程所 生醫資訊實驗室 / 資訊安全實驗室

About Me

陳勝舢是國立臺北科技大學(NTUT)資訊工程系博士生,也是奧義智慧科技 CyCraft 的實習資安研究員。他的研究主要集中在應用機器學習技術分析網路威脅情報(CTI)。目前他參與國家資安研究院(NICS)多項學術研究項目,專注於使用大型語言模型(LLM)分析CTI,也曾參與日本國家通信情報研究院(NICT)網路安全實驗室進行跨國資安威脅情資研究。過去擁有國家實驗研究院、國家衛生研究院、長庚醫院、萬芳醫院擔任核心計畫團隊成員之經驗,帶領超過十位以上碩士生參與研究。他發表了多篇重要的論文和會議,包括《Computers & Security》期刊、IEEE 全球通信會議(GLOBECOM)、國際醫療與健康資訊會議(ICMHI)、工業、工程與智慧系統應用國際研討會會議(IEA/AIE)、台灣駭客年會(HITCON)、Python 技術研討會(PyCon)。此外,他在2020 年獲得第 50 屆勞動部全國技能競賽網路安全職類第二名,他也指導學弟妹在 2022 年第 52 屆比賽中獲得第三名,並在 2023 年和 2024 年擔任第 53 屆和第 54 屆網路安全技術顧問。教學經歷包括擔任全台灣最具知名的教育部人才培育計畫推動辦公室的 AIS3 新型態資安暑期課程講師及臺灣師範大學資訊工程系高等資安攻防課程講師,持續以AI 結合資安的前瞻技術貢獻所學、回饋社會。

Sheng-Shan Chen is a Ph.D. student in Computer Science and Information Engineering at the National Taipei University of Technology (NTUT) and a cybersecurity researcher at CyCraft (the unique company selected by Gartner as a representation AI security company in Asia-pacific area). His research primarily focuses on applying machine learning techniques to analyze cyber threat intelligence (CTI). He is currently involved in an academic research project under Taiwan National Institute of Cyber Security (NICS), focusing on using a Large Language Model (LLM) to analyze CTI. He has published several notable publications and conferences, including the Computers & Security Journal, IEEE Global Communications Conference (GLOBECOM), International Conference on Medical and Health Informatics (ICMHI), International Conference on Industrial, Engineering & Other Applications of Applied Intelligent Systems (IEA/AIE), and the Hacks In Taiwan Conference (HITCON). He has earned the second place from the 50th National Skills Competition in the Cybersecurity category in Taiwan (2020). Besides, he has coached junior students to obtain the third rank in the 52nd competition event (2022) and served as one of the Technical Consultant Members for the 53rd and 54th competitions (2023/2024).

Contact Information

Security Experiences

臺灣好厲駭 2021 – Present

  • 2023 高階導師培訓學員 – 表現優異獎
  • 2022 高階導師培訓學員 – 表現優異獎
  • 2021 高階導師培訓學員

AIS3 2021-2024

  • 2024 講師兼助教 – 威脅情資與防禦組
  • 2023 助教 – 跨領域資安組
  • 2022 學員 – 跨域金融資安組最佳專題
  • 2021 學員 – 雲端安全組最佳專題

資通安全研究院 2022- Present

  • 2024 網路威脅情資組 (NICS)
  • 2023 網路威脅情資組 (NICS)
  • 2022 網路威脅防禦實驗室 (CCoE)

日本通信情報研究 2023

  • 網路威脅情資研究 (NICT and Cycraft collaboration)

勞動部技能競賽網路安全 2020 – Present

  • 2024 第五十四屆全國技能競賽擔任職類解說技術顧問
  • 2023 第五十三屆全國技能競賽擔任職類解說技術顧問
  • 2022 第五十二屆全國技能競賽指導選手榮獲銅牌
  • 2020 第五十屆全國技能競賽暨國手選拔賽 銀牌

Published

Journal papers

  • Sheng-Shan Chen, Ren-Hung Hwang*, Asad Ali, Ying-Dar Lin, Yu-Chih Wei, Tun-Wen Pai*, Improving quality of indicators of compromise using STIX graphs, Computers & Security, 2024, 103972, ISSN 0167-4048, https://doi.org/10.1016/j.cose.2024.103972.
  • Sheng-Shan Chen, Yi-Hsien Chen, Tun-Wen Pai, Chung-Kuan Chen, Keisuke Furumoto, Takeshi Takahashi, and Chin-Yu Sun*, “A Structured Threat Information Expression-Based Knowledge Graph Construction for Cyber Threat Intelligence Analysts.” Submitted to Computers & Security, April 2024.

Conference papers

  • Sheng-Shan Chen, Ren-Hung Hwang, Ying-Dar Lin, Tun-Wen Pai, and Chin-Yu Sun*, “SE-BERT: Integrating Sentence Embeddings in BERT for Advanced TTP Extraction and Mitigation Report Generation.” Submitted to IEEE Global Communications Conference (Globecom) 2024, April 2024.
  • Sheng-Shan Chen, Ren-Hung Hwang, Chin-Yu Sun, Ying-Dar Lin, Tun-Wen Pai*, “Enhancing Cyber Threat Intelligence with Named Entity Recognition Using BERT-CRF,” GLOBECOM 2023 IEEE Global Communications Conference (pp. 7532-7537). IEEE.
  • Sheng-Shan Chen, Chin-Yu Sun, and Tun-Wen Pai*. “Using Machine Learning for Efficient Smishing Detection.“ 2023 International Conference on Consumer Electronics-Taiwan (ICCE-Taiwan). IEEE, 2023.
  • Sheng-Shan Chen, Tun-Wen Pai, and Chin-Yu Sun*. “Applying the Diamond Model of Intrusion Analysis with Generative Pre-trained Transformer 3.“ 2023 International Conference on Consumer Electronics-Taiwan (ICCE-Taiwan). IEEE, 2023.
  • Sheng-Shan Chen, Hou-Tsan Lee, Tun-Wen Pai*, Chao-Hung Wang, “Intelligent Medical Interactive Educational System for Cardiovascular Disease.“ International Conference on Industrial, Engineering and Other Applications of Applied Intelligent Systems. Cham: Springer International Publishing, 2022.

Technical presentations

  • Sheng-Shan Chen, Shing-Li Hung. “Using Language Models and Knowledge Graph Techniques to Construct High-Credibility Intelligence Chains: A Case Study on Analyzing Data Leakage Incidents”, Hack In Taiwan Conference (HITCON 2024), Taipei, Taiwan, Aug 23-24, 2024.
  • Sheng-Shan Chen, Shing-Li Hung. “Applying Retrieval-Augmented Generation Techniques in Cybersecurity Incident Investigation: A Case Study on Data Breach Incidents. “ PyCon 2024, Kaoshiung, Taiwan. September 21-22, 2024.
  • Sheng-Shan Chen, Shing-Li Hung. “Elk on Sesame Street – Cybersecurity Analysis in Action with ELK and BERT” Hack In Taiwan Conference (HITCON 2023), Taipei, Taiwan, Aug 18, 2023.
  • Sheng-Shan Chen, Chin-Yu Sun, Hou-Tsan Lee, Yu-Chih Wei, Tun-Wen Pai*. “Using Cyber Threat Intelligence to Defend Healthcare Security Threats.” 2023 7th International Conference on Medical and Health Informatics (ICMHI 2023), Kyoto, Japan. May 12-14, 2023.
  • Sheng-Shan Chen, Yu-Chih Wei, Hou-Tsan Lee, Tun-Wen Pai.* “Attack Pattern Classification Of Medical Institution Based On Open Source Intelligence”. In: 2022 5th International Conference on Healthcare Service Management (ICHSM 2022). Taipei, Taiwan, May 2022.

Internship Program

Security Researcher Intern @ Cycraft Technology

Mar 2023 – Present

Utilized Large Language Models (LLM) or other Natural Language Processes (NLP) techniques to enhance predictive models for identifying and mitigating cyber threats.

Security Researcher Intern @ Deloitte

Feb 2022 – Feb 2022

Develop cyber threat intelligence tools of open-source threat intelligence platforms.

Others

我在 iThome 鐵人賽 Security 撰寫的「威脅情資分析與挑戰」 (雖然沒有完賽)

https://ithelp.ithome.com.tw/users/20151201/ironman/5132

我在恆逸寫的「大學開始就從恆逸踏上資安之路」

https://ucom.uuu.com.tw/web/Testimony/Article/3426

Back To Top
error: 內容被保護 !!