Get in Touch

With Weihan GOH

Name and email
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Associate Professor

Weihan GOH

Associate Professor
PhD (Computer Engineering), Nanyang Technological University, Singapore
Cluster:
Infocomm Technology
Email
LinkedIn
Google Scholar

Biography

Dr Weihan Goh is an Associate Professor at the Singapore Institute of Technology (SIT). His research interests include security testing and digital forensics, as well as technologies for cybersecurity education such as cyber ranges, CTF / CDX / bug bounties, and anti-fraud / anti-cheat systems. Some of his team's works have been showcased at venues such as Black Hat USA and DEF CON.

In 2022, he designed and launched Singapore's first competency-based, stackable undergraduate degree pathway in computing, with the goal of enabling broader participation in public higher education. Prior to that, he designed and launched Singapore's first competency-based workplace-learning degree pathways in information security for adult learners, and the curriculum pathways for Singapore's first Cyber Specialist Work-Learn Programme.

In addition to his university roles, Dr Goh serves in national advisory capacities in cybersecurity education and talent development. As a vulnerability researcher, Dr Goh has been involved in vulnerability research leading to disclosures of vulnerabilities to both government and private stakeholders, including findings related to the TraceTogether contact tracing system. He also participates in capture-the-flag exercises where he has won some, and have mentored teams participating in cybersecurity competitions to successes both locally and internationally. Dr Goh received his PhD and BEng, both in Computer Engineering, from the Nanyang Technological University, Singapore, in 2013 and 2008 respectively. He goes by the CTF handler 'icebear'.

SIT Appointments

  • Associate Professor
    Present
  • Programme Leader, ICT Programmes on the Competency-Based Stackable Micro-Credential (CSM) Pathway
  • Head of Verbosecurity Pte Ltd
  • Assistant Professor
  • Lecturer

Education

  • PhD (Computer Engineering)
    Nanyang Technological University , Singapore
  • BEng (Computer Engineering)
    Nanyang Technological University , Singapore

Achievements

  • Top 5, Dragos Industrial Security Conference (DISC) 2024 Capture the Flag, Dragos, Inc.
  • Winner, Dare to Do Award, Festival of Innovation Awards 2024, GovInsider
  • 1st Runner-Up, Dragos Industrial Security Conference (DISC) 2022 Capture the Flag, Dragos, Inc.
  • Winner (Professional Track), 5th Belkasoft Capture the Flag Challenge, Belkasoft and ExtremeRoot
  • 2nd Runner-Up (Team), SANS ICS Security Summit 2022 Capture the Flag, SANS and Dragos, Inc.
  • Winner, Teaching Excellence Award 2020/21, Singapore Institute of Technology
  • Finalist, Global CyberPeace Challenge 3.0 IT Capture the Flag, Cyber Peace Foundation
  • 2nd Runner-Up, Dragos Industrial Security Conference (DISC) 2021 Capture the Flag, Dragos, Inc.
  • Winner (Professional Track), 3rd Belkasoft Capture the Flag Challenge, Belkasoft and SPbCTF
  • Winner (Professional Track), 2nd Belkasoft Capture the Flag Challenge, Belkasoft and SPbCTF
  • 2nd Runner-Up, ICSJWG Capture the Flag (2021 Spring), CISA Industrial Control Systems Joint Working Group (ICSJWG) and Idaho National Laboratory
  • 1st Runner-Up, Global CyberPeace Challenge 2.0 IT Capture the Flag, Cyber Peace Foundation
  • Mentor to the Challenge Coin Winner, Hacksmith 4.0 Hackathon, Div0 [Project Title: Project Enigma - Detecting Indicators of Compromise Through RAM Analysis, Event Logs, and Malware Machine Learning]
  • Mentor to the Challenge Coin Winner, Hacksmith 4.0 Hackathon, Div0 [Project Title: Drone Monitoring and Takedown System (DMTS)]
  • Mentor to the 1st Runner-Up, Kaspersky Secur'IT Cup 2020 Grand Finals, Kaspersky Academy [Project Title: Drone Monitoring and Takedown System (DMTS)]
  • 2nd Runner-Up (Team), Cellebrite Capture the Flag Challenge, Cellebrite
  • Mentor to the 2nd Runner-Up, Develop for Social Good Track, JunctionX Asia 2020, JunctionX Singapore and Microsoft [Project Title: Drone Monitoring and Takedown System (DMTS)]
  • Mentor to the Winner, Cyber Security Track, JunctionX Asia 2020, JunctionX Singapore and Kaspersky Academy [Project Title: Drone Monitoring and Takedown System (DMTS)]
  • Top 5, Div0 x SINCON CMD+CTRL Cyber Range Capture the Flag, Div0
  • Winner, Cybersecurity Challenge: Countering Digital Terrorism, UN Counter-Terrorism Centre, UN Office of Information and Communications Technology, and the UN Technology Innovation Labs
  • Mentor to the 1st Runner-Up, Kaspersky Secur'IT Cup 2019 Grand Finals, Kaspersky Academy [Project Title: Automated Android Mobile Application Obfuscator (AAMAO)]
  • 1st Runner-Up, DEF CON China 1.0 Scavenger Hunt, Defcon Scavenger Hunt
  • Winner, BountyCon 2019 Capture the Flag Competition, Google and Facebook, Inc.
  • Black Hat Asia 2019 Educator Scholarship, Black Hat Asia 2019
  • 1st Runner-Up, Kaizen Singapore Challenge Contest, Booz Allen Hamilton, Inc.
  • Project Finalist, 5th Asia Pacific Eldercare Innovation Awards, Ageing Asia
  • Nanyang President's Graduate Scholarship, Nanyang Technological University
  • ASEAN Undergraduate Scholarship, Nanyang Technological University

Professional Certification

  • Certified Blockchain Practitioner (CBP)
    The SecOps Group
  • Certified AppSec Practitioner (CAP)
    The SecOps Group
  • Kaspersky Academy Certified Instructor on Malware Reverse Engineering and Analysis
    Kaspersky
  • CREST Registered Penetration Tester (CRT)
    Council of Registered Security Testers
  • CREST Practitioner Security Analyst (CPSA)
    Council of Registered Security Testers

Professional Memberships

  • Senior Member, Institute of Electrical and Electronics Engineers (IEEE)
    Present
  • Member, Association for Computing Machinery (ACM)

Corporate Experience

  • Technical Expert (Reviewer), CSA Cybersecurity Industry Call for Innovation (CyberCall) 2023
  • Technical Expert (Reviewer), CSA Cybersecurity Industry Call for Innovation (CyberCall) 2022
  • Judge, Kaspersky Secur'IT Cup 2021 Global Finals
  • Judge, Kaspersky APAC Secur'IT Cup 2021
  • Head of Triage, Punggol Digital District: Connecting Smartness - Bug Bounty 1.0
  • Judge, Singapore Science and Engineering Fair (SSEF) 2021
  • Visiting Lecturer (BRICS Educational Internship Program), Far Eastern Federal University, Vladivostok, Russia
  • Mentor and Judge, JunctionX Singapore Hackathon
  • Judge, Kaspersky Secur'IT Cup Singapore Conference
  • Judge, Kaspersky Secur'IT Cup Singapore Ideas Hackathon
  • Visiting Lecturer, Ostbayerische Technische Hochschule Regensburg, Regensburg, Germany
chevron--up

Research Interests

  • Cyber ranges, cyber defense exercises, and capture-the-flag
  • Anti-fraud / Anti-cheat for education
  • Digital forensics and anti-forensics
  • Automation for cybersecurity / digital forensics
  • Security testing
  • Blockchain and applied cryptography

Current Projects

  • Realistic Cyber Environment for Education and Experimentation
    Present

    Principal Investigator, Realistic Cyber Environment for Education and Experimentation, Apr 2021 - Apr 2023. Grant Amount: S$249,980 / SIT Ignition Grant.

Past Projects

  • GoSecure for ICT SMEs

    Project Lead, GoSecure for ICT SMEs, May 2018 - Dec 2021. Funding Agency: Infocomm Media Development Authority of Singapore.

  • Heel Raise Measurement Device for Plantarflexion Physiotherapy

    Co-Principal Investigator, Heel Raise Measurement Device for Plantarflexion Physiotherapy, Nov 2015 - Aug 2017. Grant Amount: S$179,800 / SIT Ignition Grant.

chevron--up

Journal Papers

  • W. Goh and C. K. Yeo, "Teaching an Old TPM New Tricks: Repurposing for Identity-Based Signatures," IEEE Security & Privacy Magazine, vol. 11, no. 5, pp. 28-35, Sep. 2013.

  • W. Goh, P. C. Leong, and C. K. Yeo, "A Plausibly-Deniable, Practical Trusted Platform Module Based Anti-Forensics Client-Server System," IEEE Journal on Selected Areas in Communications, vol. 29, no. 7, pp. 1377-1391, Aug. 2011.

Conferences

  • D. Y. Zheng, K. K. Tong, M. T. Lim, W. J. Chan, and W. Goh, "Afterimage: Evading Traditional Indicator of Compromise (IOC) Blocking," in 2023 IEEE International Conference on Service Operations and Logistics, and Informatics (SOLI), Singapore, Singapore, Dec. 2023. doi:10.1109/soli60636.2023.10425081 

  • J. H. Ho, D. Z. Tan, J. Y. Yap, K. P. Tse, M. B. A. Fauzi, A. W. Y. Loo, and W. Goh, "IoT-Enhanced Remote Proctoring: A New Paradigm for Remote Assessment Integrity," in 2023 IEEE 35th International Conference on Software Engineering Education and Training (CSEE&T), Tokyo, Japan, Aug. 2023. doi:10.1109/cseet58097.2023.00045 

  • Z. X. Lim, X. Q. Ho, D. Z. Tan, and W. Goh, "IoT-Enhanced Remote Proctoring: A New Paradigm for Remote Assessment Integrity," in 2022 IEEE World AI IoT Congress (AIIoT), Seattle, WA, Jun. 2022, pp. 494-500, doi: 10.1109/AIIoT54504.2022.9817199.

  • S. R. Toh, W. Goh, and C. K. Yeo, "Data Exchange via Multiplexed Color QR Codes on Mobile Devices," in 2016 Wireless Telecommunications Symposium (WTS), London, United Kingdom, Apr. 2016, pp. 1-6.

  • A. Q. Chen and W. Goh, "Two Factor Authentication Made Easy," in 2015 International Conference on Web Engineering (ICWE 2015), Rotterdam, The Netherlands, Jun. 2015, pp. 449-458.

  • C. Lee, L. Yi, L.-H. Tan, W. Goh, B. S. Lee, and C. K. Yeo, "A Wavelet Entropy-Based Change Point Detection on Network Traffic: A Case Study of Heartbleed Vulnerability," in 2014 IEEE 6th International Conference on Cloud Computing Technology and Science (CloudCom 2014), Singapore, Dec. 2014, pp. 995-1000.

  • W. Goh and C. K. Yeo, "Cryptanalyzing the Efficient Identity-Based RSA and GQ Multisignature Schemes," in 2014 International Wireless Communications and Mobile Computing Conference (IWCMC 2014), Nicosia, Cyprus, Aug. 2014, pp. 875-880.

  • W. Goh and C. K. Yeo, "Anonymity-Preserving Identity-Based Multisignature Scheme with Provision for Origin Self-Revelation," in 2013 IEEE Global Telecommunications Conference (GLOBECOM 2013), Atlanta, GA, Dec. 2013, pp. 855-860.

  • W. Goh and C. K. Yeo, "Threat Mitigation in Tactical-Level Disruption Tolerant Networks," in 2012 IEEE Global Telecommunications Conference (GLOBECOM 2012), Anaheim, CA, Dec. 2012, pp. 997-1003.

  • F. C. Lee, W. Goh, and C. K. Yeo, "A Queuing Mechanism to Alleviate Flooding Attacks in Probabilistic Delay Tolerant Networks," in 2010 Sixth Advanced International Conference on Telecommunications (AICT 2010), Barcelona, Spain, May 2010, pp. 329-334.

  • W. Goh, P. C. Leong, and C. K. Yeo, "A Trusted Platform Module Based Anti-Forensics System," in IFIP International Conference on Network and Service Security, 2009 (N2S '09), Paris, France, Jun. 2009, pp. 1-5.

chevron--up

Past

  • ICT2205 Applied Cryptography
  • ICT2207 Mobile Security
  • ICT1003 Computer Organisation and Architecture [Tutorials / Practical Sessions]
  • ICT3203 Secure Software Development
  • ICT2202 Digital Forensics
  • ICT2206 Web Security
chevron--up