Intelligent Security Systems and Networking (ISS-Net) Lab
Research Field
Dr. Didik Sudyana is an Assistant Professor at the Computer and Network Center of National Cheng Kung University (NCKU), Taiwan. He received his PhD in Electrical Engineering and Computer Science from National Yang Ming Chiao Tung University, Taiwan. His dissertation focused on ML-based Intrusion Detection and Model Generalization, achieving an impressive GPA of 4.22/4.30. Didik also engaged in a research exchange at Ghent University, exploring the impact of data distribution on intrusion detection. He holds a Master’s degree in Computer Science Digital Forensics from Universitas Islam Indonesia, where he graduated as the top student with a perfect GPA. His industry-research experience includes significant projects with the Industrial Technology Research Institute, Telecom Technology Center, and the Ministry of Science and Technology, contributing to multiple research papers and a patent. His research interests include machine learning for cybersecurity and network design and optimization.
The Intelligent Security Systems and Networking (ISS-NET) Lab is a cybersecurity research group within the Computer and Network Center at National Cheng Kung University (NCKU), established and led by Dr. Didik Sudyana. The lab’s mission is to advance practical security technologies for modern networks and cyber-physical environments, with an emphasis on solutions that can be deployed and maintained in real operational settings.
ISS-NET Lab develops AI-enabled security systems that improve threat detection, robustness, and operational decision-making under evolving attacks and changing network conditions. We emphasize rigorous experimentation, reproducible research, and the translation of research outcomes into usable tools and methodologies.
ISS-NET Lab investigates AI-enabled cybersecurity and resilient networking with a focus on methods that remain effective under evolving threats, heterogeneous telemetry, and changing operational environments. Our current research topics include:
- Machine-Learning-Based Intrusion Detection (ML-IDS)
Designing lightweight and effective IDS models for real networks, covering both anomaly detection and attack classification. - Robust Generalization and Domain Shift in Security Models
Improving IDS reliability across different networks, traffic patterns, and deployments, including domain adaptation and source-free adaptation settings. - Continual and Online Learning for Evolving Threats
Enabling safe model updates over time to handle concept drift and newly emerging attacks without extensive retraining or retaining sensitive historical data. - Multi-Source Security Analytics and Alert Correlation
Integrating network traffic with security telemetry (e.g., logs and alerts) to enhance detection confidence, reduce false positives, and support faster investigation. - ICS/CPS Security and OT-Aware Detection
Developing security analytics tailored to industrial and cyber-physical environments, where protocols, safety constraints, and system dynamics differ from IT networks. - Deception Technologies and Adaptive Honeypots
Building honeypots and deception mechanisms to study attacker behavior, increase engagement depth, and support realistic security evaluation. - Security Data Engineering and Evaluation Platforms
Generating and curating datasets, replaying attack behaviors, and building experimental testbeds to enable reproducible benchmarking and rigorous validation.
- Top 6% (Rank 16/297 teams), ASIS CTF Competition (2024)
- Ph.D. in Electrical Engineering and Computer Science (EECS), National Yang Ming Chiao Tung University (NYCU), Taiwan (2020–2024)
Dissertation: ML-based Intrusion Detection: Service Architecture Optimization and Model Generalization - Research Exchange Student, Ghent University (with IDLab–imec), Belgium (15 Feb–15 May 2024)
Research: Quality Analysis in IDS Dataset: Impact on Model Generalization - Bridging Program (Pre-Doctoral Study), National Taiwan University of Science and Technology (NTUST), Taiwan (1 Nov–26 Dec 2019)
- M.Sc. in Computer Science (Digital Forensics), Universitas Islam Indonesia, Yogyakarta, Indonesia (2015–2016)
The best graduate students with a GPA of 4.00/4.00 and completed the degree in just 1.5 years.
Job Description
Typical tasks may include: (1) data preprocessing and feature engineering for network traffic or security logs; (2) training and evaluating IDS models with some advanced technologies (e.g., domain adaptation, continual learning, LLM-based system); (3) implementing experiments in Python and PyTorch; (4) maintaining code, experiment logs, and results; and (5) preparing figures/tables and short technical summaries for research papers or reports.
Preferred Intern Educational Level
Undergraduate, Master’s student, or Ph.D. student in Computer Science, Electrical Engineering, Information Security, or a related field.
Skill sets or Qualities
- Solid programming skills in Python; experience with PyTorch (or similar ML frameworks) preferred
- Basic knowledge of computer networks and cybersecurity fundamentals (e.g., TCP/IP, common attack types)
- Familiarity with data analysis tools (NumPy, pandas) and experiment tracking/version control (Git)
- Strong attention to detail, ability to follow research protocols, and commitment to reproducible work
- Self-motivated, proactive communicative, and willing to learn in a research environment
- Good academic writing skills in English are a plus
Job Description
Typical tasks may include: (1) preparing and analyzing ICS datasets (network traffic, host logs, sensor/process signals); (2) implementing and evaluating OT-aware detection models (e.g., anomaly detection, multi-source fusion, behavior-based detection); (3) mapping behaviors to ICS threat frameworks (e.g., MITRE ATT&CK for ICS) when applicable; (4) assisting with testbed-based experiments, attack replay, or dataset generation; (5) building reproducible pipelines (code, configs, experiment logs); and (6) preparing technical summaries, figures, and results for papers or project reports.
Preferred Intern Educational Level
Undergraduate, Master’s student, or Ph.D. student in Computer Science, Electrical Engineering, Information Security, or a related field.
Skill sets or Qualities
- Proficiency in Python; experience with PyTorch or ML toolchains preferred
- Basic understanding of networks and cybersecurity, plus interest in OT/ICS environments
- Familiarity with one or more: network traffic analysis (PCAP/NetFlow), log analysis, time-series/sensor data processing
- Awareness of ICS context (e.g., PLCs, SCADA concepts, industrial protocols such as Modbus/DNP3/OPC UA) is a strong plus
- Strong research discipline: careful experimentation, reproducibility, and clear documentation
- Independent problem-solving, proactive communication, and readiness to learn new tools quickly
- English technical writing ability is a plus