Sathya Chandran

   [I have transferred. Please view my homepage here]
   Grad Student (PhD)
   Computing & Information Sciences
   Kansas State University
   Nichols 127
   sathya AT ksu DOT edu


I am a fourth year PhD student in Computing and Information Sciences at Kansas State University. I am privileged to be working with Dr.Xinming Ou in Argus cyber security research group.


I enjoy solving problems in computer, information and network security that lie in the intersection of theory and systems. My current research efforts are focussed towards studying Security Operation Centers (SOCs) through Anthropological methods. The goal of this research is to understand security operations from a holistic perspective through long-term participant observation. Insights obtained from this study will be used to develop better training methods for analysts, develop better operational tools, and provide future security researchers a comprehensive overview of security operations culture.

I also work on modeling forensic analysis using sound theoretical methods. In the past I have worked on evaluation of intrusion analysis systems built using Artificial Intelligence (AI) techniques.

Please visit the following pages for more information on my research:

Anthropology and Security

Analytical Forensics

Teaching Assistance


  1. Bruce Schneier blogs about our anthropological study of SOC's [July'14].
  2. My work at HP Labs, Princeton during Summer 2012 covered by dark READING.


  1. Experimental Study of Fuzzy Hashing in Malware Clustering Analysis. Yuping Li, Sathya Chandran, Alexandru G. Bardas, Xinming Ou, Doina Caragea, Xin Hu, and Jiyong Jang. To apear in 8th Workshop on Cyber Security Experimentation and Test, Washington, D.C., U.S.A., August 2015.
  2. A Human Capital Model for Mitigating Security Analyst Burnout. Sathya Chandran, Alexandru G. Bardas, Jacob Case, Xinming Ou, Michael Wesh, John McHugh, and S. Raj Rajagopalan. In the Eleventh Symposium on Usable Privacy and Security (SOUPS), Ottawa, Canada, July 2015. (Distinguished Paper Award).
  3. A Tale of Three Security Operation Centers. Sathya Chandran, Jacob Case, Tony Truong, Loai Zomlot, and Marcel Hoffmann. In CCS Workshop on Security Information Workers, Scottsdale, AZ, U.S.A., October 2014.
  4. An anthropological approach to studying CSIRTs. Sathya Chandran, John McHugh, Xinming Ou, S. Raj Rajagopalan, and Michael Wesch. IEEE Security & Privacy Special Issue on CSIRTs, Sept/Oct, 2014. Pre-Print.
  5. Aiding Intrusion Analysis Using Machine Learning. Loai Zomlot, Sathya Chandran, Doina Caragea and Xinming Ou. In the 12th International Conference on Machine Learning Applications, Miami, FL, U.S.A., Dec 2013.
  6. Designing Forensic Analysis Techniques through Anthropology. Sathya Chandran. In 2013 New Security Paradigms Workshop (NSPHD track), Banff, Canada, September 2013.
  7. Investigative Response Modeling and Predictive Data Collection. Dan Moor, S. Raj Rajagopalan, Sathya Chandran and Xinming Ou. In the seventh IEEE eCrime Researchers Summit 2012, Las Croabas, Puerto Rico, October 2012.
  8. Examining Intrusion Prevention System Events from Worldwide Networks. Sathya Chandran, Sandeep Bhatt and Marc R. Eisenbarth. In 2012 Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS'12) (Co-located with ACM CCS 2012), Raleigh, NC, U.S.A., October 2012.
  9. Classification of UDP Traffic for DDoS Detection. Alexandru G. Bardas, Loai Zomlot, Sathya Chandran, Xinming Ou, Raj Rajagopalan and Marc R. Eisenbarth. In 5th USENIX Workshop on Large-Scale Exploits and Emerging Threats (LEET), San Jose, CA, U.S.A., April 2012.
  10. Prioritizing Intrusion Analysis Using Dempster-Shafer Theory. Loai Zomlot, Sathya Chandran, Kui Luo, Xinming Ou and S. Raj Rajagopalan. In proceedings of 4th Workshop on Artificial Intelligence and Security (Co-located with ACM CCS 2011), Chicago, IL, U.S.A., October 2011.
  11. Practical IDS Alert Correlation in the Face of Dynamic Threats. Sathya Chandran, Loai Zomlot and Xinming Ou. Proceedings of the 2011 International Conference on Security and Management (SAM 11), Las Vegas, NV, U.S.A., July 2011.


  1. Prioritizing Intrusion Analysis Using Dempster-Shafer Theory. Loai Zomlot, Sathya Chandran, Xinming Ou and S. Raj Rajagopalan. Presented at the 2011 IEEE Symposium on Security and Privacy (Oakland), Oakland, CA, U.S.A., May 2011.


  1. SAM'11 slides


Valid HTML 4.01 Transitional Viewable With Any Browser

Last modified: Jun 22 2015