Douglas Schales

Title

STSM - Security Analytics

Douglas Schales

Bio

Doug Schales is a Senior Technical Staff Member at the Thomas J. Watson Research Center which he joined in 1996. His main area of interest is Security. He presently is focused on two areas.

Using LLM's to analyze software for security vulnerabilities.
Secure Supply Chain - Developing tools for ensuring that the software development pipeline is secure.

In the past, I worked on:

Development of DNS security analytics that operate at large scale that feature low resource usage and low false positive rates. Sketch/streaming algorithms are heavily utilized.
Development of a geographically distributed platform for large scale, near real time, CyberSecurity analytics across multiple data types.
Use of the platform to develop analytics to accurately identify misuse, or other unusual activity, in DNS traffic.
Automated over the network vulnerability discovery at scale.

In the past he has worked on security for the System S (Streams) project, introspection based security for virtual machines and automated enterprise scale, network-based, security auditing.

Publications

Trust but Verify: Uncovering the Hidden Risks of Inaccurate SBOMs with JBomAudit
- - Yue Xiao
  - Jiyong Jang
  - et al.
- 2025
- OSSNA 2025
JBomAudit: Assessing the Landscape, Compliance, and Security Implications of Java SBOMs
- - Yue Xiao
  - Dhilung Kirat
  - et al.
- 2025
- NDSS 2025
Uncovering Supply Chain Attack with Code Genome Framework
- - Dhilung Kirat
  - Jiyong Jang
  - et al.
- 2024
- Black Hat USA 2024
SyzGen++: Dependency Inference for Augmenting Kernel Driver Fuzzing
- - Weiteng Chen
  - Yu Hao
  - et al.
- 2024
- S&P 2024

Patents

- 25 Mar 2024
- US
- 11941054
Iterative Constraint Solving In Abstract Graph Matching For Cyber Incident Reasoning
- 19 Dec 2022
- US
- 11533325
Automatic Categorization Of Idps Signatures From Multiple Different Idps Systems
- 20 Jun 2022
- US
- 11368470
Real-time Alert Reasoning And Priority-based Campaign Discovery
- 01 Nov 2021
- US
- 11163878
Integrity, Theft Protection And Cyber Deception Using A Deception-based Filesystem
- 18 Oct 2021
- US
- 11153337
Methods And Systems For Improving Beaconing Detection Algorithms
- 31 May 2021
- US
- 11025656
Automatic Categorization Of Idps Signatures From Multiple Different Idps Systems
- 12 Apr 2021
- US
- 10979453
Cyber-deception Using Network Port Projection
- 22 Mar 2021
- US
- 10956566
Multi-point Causality Tracking In Cyber Incident Reasoning
- 04 Jan 2021
- US
- 10887323
Detecting Malicious Beaconing Communities Using Lockstep Detection And Co-occurrence Graph
- 04 Jan 2021
- US
- 10887346
Application-level Sandboxing

Projects

Kestrel
Building reusable, composable, and shareable huntflows across different data sources and threat intel.

Top collaborators

JJ

Jiyong Jang

Jiyong Jang

Principal Research Scientist & Manager, AI Supply Chain Security

DK

Dhilung Kirat

Dhilung Kirat

Senior Research Scientist, Security Research

IM

Ian Molloy

Ian Molloy

Department Head, Security Research