Title: AI-Assisted Signal Extraction and Misuse Detection in Internet Systems
Speaker: Julien Piet
Advisors: Vern Paxson and David Wagner
Date: Friday, April 24, 2026
Time: 11:30 AM – 12:30 PM PT
Location (in-person): Soda 465H
Abstract: Effective security depends on understanding behavior: how systems communicate, how users interact, and how malicious actors deviate from expected patterns. That understanding rests on two pillars: observability, which surfaces useful signals, and detection, which uses those signals to identify activity. Yet translating these pillars into practical defenses poses significant hurdles, from extracting meaningful structure from raw activity to building detectors that remain reliable amid noise, change, and adversarial pressure. In this talk, I describe AI-assisted methods I developed that make security analysis more practical, robust, and deployable across various modern internet systems. First, I introduce Matryoshka, a system that enhances observability by automatically generating deterministic, semantically-aware parsers for heterogeneous security logs. Next, I will present my work on identifying SSH impostors from encrypted interactive-session metadata, enhancing detection. Finally, I flip the narrative, and show how we can prevent prompt injection by applying traditional security principles to AI systems. Together, these contributions show how AI can help defenders turn raw activity into evidence and build systems that are harder to misuse.