Hello, My name is Ly Vu, I am from Binh Phuoc, Vietnam. Currently, I am a university lecturer at Eastern International University in Binh Duong, Vietnam, and visiting researcher at Chainguard Inc.. Before that, I was a lecturer and researcher at FPT University from 06/2022 to 08/2023. I was a visiting researcher at Chainguard Inc, doing research in software supply chain security from June 2022 to October 2022. Before that, I was with Forescout Technologies B.V in Eindhoven, NL as a security researcher. I obtained my Ph.D. in Information and Communication Technology (ICT) from the University of Trento, Italy in March 2022, supervised by Prof. Fabio Massacci. I have been working on software supply chain security for open-source software and automated program repair. From Oct 2017 to Jan 2022, I was a member of the Security and Cryptography at the University of Trento. Since 01/04/2021, I have been a contributing member of the Python Software Foundation (PSF) in which I am working to translate PyPI to Vietnamese. I was an Early Stage Researcher (ESR7) of the NECS project from 2017 to 2020 and a researcher of the AssureMoss project (2020-2022).

I had a chance to do an internship at SAP Security Research (France) under the supervision of Henrik Plate and Antonino Sabetta, on the topic of software supply chain attacks. During the internship, we developed an approach and tool called LastPyMile to detect code injections in software supply chain attacks, and please check it out if you are interested in link. This work was mentioned on HackerNews and Reproducible-builds I have been maintaining a repository containing a list of papers and reports related to software supply chain security, check it out Here

I had been studying and developing malware detection tools for computer systems from Windows malware classifiers to malicious packages in package repositories. With my colleagues, we developed an approach called HIT4MAL to classify malware using image transformations. Or a simple approach leveraging Levenshtein distance to flag potential combosquatting or typosquatting packages Link.

From 2015 to 2017, I studied computer security at Hongik University (Sejong Campus), South Korea. During that time, I developed DeepMal a deep learning approach based on assembly files at the character level, and another approach that combines static and dynamic features to classify malware Link

I like teaching, and I have taught a few courses on Python programming and machine learning to both university students and engineers.

I love writing and sharing techniques about Python. I like learning new stuff, especially those in programming, security, and history. With a basic understanding of the Python programming language, I like to help others to automate the boring stuff and make some profit. In my free time, I like reading books (especially self-help books) and playing guitar (I am learning the keyboard now). I also write some medium posts @vuducly151092. You can contact me by Email.

I wrote my experience in doing my Ph.D. in Vietnamese, please check it out Here

I was awarded the Marie Skłodowska-Curie Actions (MSCA) scholarship from 2017 to 2020. In 2021, I won an ACM silver medal at ASE SRC with the proposal py2src.

My LinkedIn

My Google Scholar

My ResearchGate

My HackerRank profile