Lëtzebuerger Gemengen

EMPLOI ET FORMATION

We help FinTech businesses to predict the future by learning from the past!

Jacques Klein, Senior Research Scientist, SerVal research group
 
 
What is your role at SnT?
 
I am a member of SnT’s Serval Team headed by Prof. Yves Le Traon. I joined SnT in 2010 as research scientist, and since July 2015, I am pursuing my career as Senior Research Scientist. My role is to acquire new projects, including partnerships, and supervise PhD students, who are the real living source of SnT.
 
 
Why SnT?
 
It is a very dynamic environment. SnT is the place to be if you want to create research impact as a scientist. We apply what we are doing in our lab in the real world, together with industrial partners. From a broader perspective, on one side, the National Research Fund (FNR) in Luxembourg supports SnT’s research efforts to sustain our fundamental projects and on the other side, the Ministry of the Economy supports companies launching R&D activities. These two ingredients make Luxembourg a great place for researchers by offering fantastic opportunities to work on excited partnerships.
 
 
What are you primary research interests and how can this know-how be applied to solve problems?
 
Our team focuses on data analytics and mobile security.
 
Data Analytics
 
Everyone knows that data is key. The next multi-billion dollar market will emerge out of the data of today’s application domains such as IoT, cyber-physical systems, health care, etc. And this is also true for the financial sector. However, analysing these data, which are heterogeneous, big and non-structured, and turning them into valuable insights is a huge challenge. The complexity is not only due to the fact that the data are “big”, but also because the domains are highly complex. This makes it necessary to combine various extrapolation and prediction methods to understand the collected data. In this context, we have developed the concept of Model-Driven Analytics (MDA). MDA is a refinement process of raw data into a model reflecting deep domain understanding, using statistical metrics, extrapolation methods, and machine learning. In the fintech area for example, we are now exploring a project where we use historical data in order to predict from what segments the next Unicorn will emerge.
 
Mobile Security
 
We have a standing experience and expertise on Android security, including both static analysis techniques for tracking privacy leaks and machine learning for identifying malware. In this context, we received a Google Research Award (Grant), and we should soon collaborate with Samsung and/or Huawei (yet to be confirmed). The problem is that the mobile apps on your smartphone can communicate together and one application can steal data from another application. One example: a malicious app can request information or action from a benign app and then use this data or action for unauthorised transactions; like sending premium SMSs without the owner of the smartphone being aware of this. Another example deals with the statistical analysis of apps to verify that there are no issues like data leaks, privileged escalation and detection of premium SMS (i.e. payable SMSs). We also work on detecting piggybacking. This is one of the most common techniques to spread malware. People think that the original app is being used but it has been modified to resemble the original one.
 
 
What type of commercial company or public institutions can collaborate with you and your team in the FinTech area?
 
For data analytics, typical partners for us would be insurance businesses, auditors, funds, investors or banks seeking to develop their fintech competencies. A joint project, developed together with SnT, could potentially generate commercially exploitable intellectual property. In the mobile domain, we co-operate with mobile hardware companies, mobile operators and fintech service providers having a mobile interface. We can for instance propose a service detecting whether your app has been piggybacked. In other words, we can detect if malicious authors have transformed your app into a malicious version by attaching destructive payloads to your app, and are now advertising this malicious version in various app markets in order to infect other users.
 
 
What is in the R&D pipeline for your team?
 
Bugs and vulnerabilities. We are currently developing a new research axis relevant for any software, including all types of fintech businesses where software is an integral part. Even if you think that your system is secure, even if you have been using the best encryption algorithms, a single little vulnerability can compromise your system. We are now working on automatically discovering and repairing vulnerabilities – more details will follow in the coming months.
 
 
FinTech Gazette / January 2016