Danfeng “Daphne” Yao, computer science professor and Elizabeth and James E. Turner Jr. '56 Faculty and CACI Fellow, has received the Association for Computing Machinery (ACM) Lasting Research Award for two decades of pioneering research contributions in enterprise data exposure detection, high-precision vulnerability screening, and anomaly detection.

Yao delivered the keynote address at the recent 2021 ACM Conference on Data and Application Security and Privacy (CODASPY), where she was formally recognized with the award. 

“The most distinguished facet of Daphne’s work is that her innovations have made substantial impacts on the cybersecurity industry,” said Bhavani Thuraisingham, chair of the award committee and the Louis Beecherl Jr. Distinguished Professor of Computer Science at The University of Texas at Dallas.

“For example, over the span of more than one decade, she pioneered multiple software anomaly detection methods focusing on minimizing false positives (i.e., false alarms) and handling extremely challenging types of threats,” said Thuraisingham.

Yao’s malware detection patents were cited by more than 200 industrial patents from leading international security and technology companies, including FireEye, Qualcomm, Cisco, Boeing, SAP, and Palo Alto Networks.

With a team of Virginia Tech graduate students, Yao oversees the Yao Research Group, dedicated to studying research thrusts such as software vulnerability, enterprise data loss prevention, high-precision anomaly detection, and machine learning technologies in healthcare. 

 “Daphne’s graduate training in theoretical computer science and her passion for making a lasting impact have always been evident in the way she identifies research problems and proposes solutions,” said Cal Ribbens, head of the Department of Computer Science at Virginia Tech.

In addition, CryptoGuard, a collaborative project of Virginia Tech and University of Wisconsin-Madison computer science researchers, is a tool that Yao developed to help large software companies and Apache projects harden their cryptographic code. It is used by Oracle Labs for detecting misuses in millions of lines of production code. 

As a top expert on enterprise data breach prevention, Yao has given keynote addresses and talks at leadership venues, including Federal Trade Commission PrivacyCon and World Bank Group meetings.

Outside of Virginia Tech, Yao founded multiple inclusive excellence initiatives in the cybersecurity research community, including the Women in Cybersecurity Research Workshop and the National Science Foundation-sponsored Individualized Cybersecurity Research Mentoring Workshop. 

“Her vision of creating deployable security solutions is also reflected in her professional leadership activities,” said Thuraisingham. “Through steering research conferences, she is extremely active in promoting research that aims at closing the gap between cybersecurity theory and practice and encouraging academia to embrace such efforts.”