Build a system. Help build someone. Build yourself.
Build
Build a system. Help build someone. Build yourself.
Build
Dr. Dinil Mon Divakaran (Senior Member '14, IEEE) is a Senior Principal Scientist at A*STAR Institute for Infocomm Research (I2R), with more than 20 years of research experience in security of network, web, software, and AI systems. Over the years, he has been leading the research and development of AI models addressing challenges in the area of cybersecurity and privacy. He is also an Adjunct Assistant Professor of the School of Computing in NUS. He collaborates with numerous researchers, experts and students around the globe.
Dinil's research experience spans both industry and academia. In the past decade, he headed research teams at two cybersecurity firms, Acronis and Trustwave. He previously held faculty position at the Indian Institute of Technology (IIT) Mandi. He carried out his doctoral studies at the INRIA lab in ENS Lyon in France, in collaboration with Bell Labs. He holds a Master degree in Computer Science and Engineering from IIT Madras, India.
Dinil often gives talks on AI and Cybersecurity (recent talks are listed here).
Google Scholar profile . Full list of publications . DBLP
Program Committee Member (2026): ACM CCS, ACM AsiaCCS, AAAI
Open research positions at all levels:
Research staff: Undergraduates, recent PhD graduates and experienced researchers, in the domain of AI for Security as well as Security of AI systems.
Internship / Research attachments: Current PhD students looking for internships or long-term research attachment.
If interested, mail in your CV and statement of interest.
AI security:
AI models (e.g., LLMs) for solving security problems (for an overview, read this article published at IEEE S&P Mag.)
Security of AI systems and applications
Red teaming of AI systems (offensive security)
Network, web and system security:
Phishing: detection, evasion and counter-evasion
Attack and counter-attack strategies in networks of different scale and size - enterprises, home consumers, IoTs, ISPs, etc.
[New] Paper (PDF) on Challenges in Traffic Modeling for Network Security and Privacy (accepted at 2026 AAAI Workshop on AI for Cyber Security)
Large-scale security log analysis of endpoints (EDR) and network perimeter monitoring systems (SIEM)
.. and ..
Programmable data planes: P4 switches, SmartNICs
QoS/QoE: Queueing, scheduling, bandwidth allocation of packets, flows, sessions (in previous life)
How can LLMs help in addressing cyber security problems?
[New] Dinil Mon Divakaran and Sai Teja Peddinti, “Large Language Models for Cybersecurity: New Opportunities,” IEEE Security & Privacy, 2024. Also selected for oral presentation at AI4X 2025 [preprint PDF] [arXiv].
Research works on phishing, based on ML/DL/LLMs (GenAI) models for defensive and offensive strategies:
One Phish to Thwart Them All: Bypassing ML, DL, and LLM phishing defenses with simple adversarial attacks
[New] Aditya Kulkarni, Vivek Balachandran, Dinil Mon Divakaran, and Tamal Das, “From ML to LLM: Evaluating the Robustness of Phishing Webpage Detection Models against Adversarial Attacks,” ACM DTRAP (Digital Threats: Research and Practice), 2025 [PDF].
Our first attempt at utilizing an LLM pipeline for phishing detection and interpretation:
Adversarial attack against AI-based phishing detection; an offensive strategy:
Jehyun Lee, Zhe Xin, Melanie Ng Pei See, Kanav Sabharwal, Giovanni Apruzzesel and Dinil Mon Divakaran, “Attacking logo-based phishing website detectors with adversarial perturbations,” ESORICS 2023 [GitHub][PDF].
Dinil Mon Divakaran and Adam Oest, “Phishing detection leveraging machine learning and deep learning: A review,” IEEE Security and Privacy, 2022 [PDF].
The following two works leverage CV models to detect and identify logos on a webpage, for phishing target identification:
Ruofan Liu, Yun Lin, X. Yang, S. H. Ng, Dinil Mon Divakaran, and Jin Song Dong, “Inferring Phishing Intention via Webpage Appearance and Dynamics: A Deep Vision Based Approach,” in USENIX Security Symposium, 2022 [Dataset] [PDF].
Yun Lin, Ruofan Liu, Dinil Mon Divakaran, Jun Yang Ng, Qing Zhou Chan, Yiwen Lu, Yuxuan Si, Fan Zhang, and Jin Song Dong, “Phishpedia: A Hybrid Deep Learning Based Approach to Visually Identify Phishing Webpages,” in USENIX Security Symposium, 2021 [Dataset] [PDF].
.. and to the best of our knowledge, the first work to leverage BERT (LLM) for phishing email detection:
Jehyun Lee, Farren Tang, Pingxiao Ye, Fahim Abbasi, Phil Hay, and Dinil Mon Divakaran, “D-Fence: A Flexible, Efficient, and Comprehensive Phishing Email Detection System,” in IEEE European Symposium on Security and Privacy (IEEE EuroS&P), 2021 [PDF].
Evaluating phishing detectors' resilience to adversarial attack:
Jehyun Lee, Pingxiao Ye, Ruofan Liu, Dinil Mon Divakaran, and Chan Mun Choon, “Building robust phishing detection system: an empirical analysis,” in NDSS MADWeb, Feb. 2020 [Dataset] [PDF].
Machine Unlearning:
Quoc Phong Nguyen, Ryutaro Oikawa, Dinil Mon Divakaran, Kian Hsiang Low, and Mun Choon Chan, “Markov Chain Monte Carlo-Based Machine Unlearning: Unlearning What Needs to be Forgotten,” in 17th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS), 2022 [PDF]. [Demonstrates unlearning of noises on phishing dataset]
Network traffic modeling for Security & Privacy
Challenges:
[New] Dinil Mon Divakaran, “Traffic Modeling for Network Security and Privacy: Challenges Ahead," AAAI Workshop on AI for Cyber Security, 2026 [PDF].
Multi-granular modeling of network traffic.
Correlation attack on Tor:
[New] Binghui Wu, Dinil Mon Divakaran, Levente Csikor, Mohan Gurusamy, “RECTor: Robust and Efficient Correlation Attack on Tor," IEEE Commn. Magazine, 2025 [PDF].
IoT security and privacy: fingerprinting and counter-fingerprinting, attack detection, etc.
An early work on leveraging Transformer model for learning network traffic characteristics:
Offense for defense: adversarial ML for countering fingerprinting attacks:
Other works on IoT network fingerprinting:
Biswadeep Chakraborty, Dinil Mon Divakaran, Ido Nevat, Gareth W. Peters, and Mohan Gurusamy, “Cost-aware Feature Selection for IoT Device Classification,” IEEE Internet of Things Journal, 2021 [Dataset] [PDF].
Kushan S. K. Liyanage, Dinil Mon Divakaran, Rhishi Pratap Singh, and Mohan Gurusamy, “ADEPT: Detection and Identification of Correlated Attack-Stages in IoT Networks,” IEEE Internet of Things Journal, 2021 [Dataset] [PDF].
Vijayanand Thangavelu, Dinil Mon Divakaran, Rishi Sairam, Suman Sankar Bhunia, and Mohan Gurusamy, “DEFT: A Distributed IoT Fingerprinting Technique,” IEEE Internet of Things Journal, vol. 6, no. 1, pp. 940–952, Feb 2019 [Dataset] [PDF].
One of the earliest works to explore unsupervised deep learning for detecting anomalies in network traffic:
Quoc Phong Nguyen, Kar Wai Lim, Dinil Mon Divakaran, Kian Hsiang Low, and Mun Choon Chan, “GEE: a gradient-based explainable variational autoencoder for network anomaly detection,” in IEEE CNS, June 2019 [PDF].
Related works using semi-supervised approaches:
Ido Nevat, Dinil Mon Divakaran, Sai Ganesh Nagarajan, Pengfei Zhang, Su Le, Ko Li Ling, and Vrizlynn Thing, “Anomaly Detection and Attribution in Networks with Temporally Correlated Traffic,” IEEE/ACM Transactions on Networking, 2018 [PDF].
Dinil Mon Divakaran, Fok Kar Wai, Ido Nevat, and Vrizlynn Thing, “Evidence Gathering for Network Security and Forensics,” in Digital Investigation, vol. 20, Supplement, pp. S56 – S65, 2017, DOI: 10.1016/j.diin.2017.02.001 (open access). Note: also presented at DFRWS 2017.
Website fingerprinting:
Are regular users safe from WFP attacks when using the latest QUIC protocol for both DNS and web browsing?
[New] Levente Csikor, Ziyue Lian, Haoran Zhang, Nitya Lakshmanan and Dinil Mon Divakaran, “DNS-over-QUIC and HTTP/3 in the Era of Transformers: The New Internet Privacy Battle,” IEEE Communications Magazine, 2025.
DoH and Web traffic use HTTPS protocol for communications. Does that make DoH hard to be differentiated and thereby identified?