Cartoon Katie My Avatar

Katie Paxton-Fear

PhD Student, Occassional Bug Bounty Hunter and Educational YouTuber
Actual Katie An Actual Photo of Me

About Me

Hi everyone! My name is Katie and I'm a lecturer of Cyber Security at Manchester Metropolitan University and an Early Career Researcher in the domain of Security Research. I have a PhD from Cranfield University, studying natural language processing and insider threat. My research roughly revolves around the intersection of AI/ML and Infosec, both in how AI/ML can improve security applications and processes, supporting practitioners rather than supplanting them and the security of AI/ML systems. I'm very interested in pedagogy and teach on MMU's Cyber Security degree program at Degree ApprenticeshipUndergraduate and Postgraduate level. I'm interested in new teaching methods and incorporating gamification and interactivity into lectures . I speak at conferences and events fairly often and have had the pleasure to speak at CISA's (Cyber Security and Infrastructure Agency) Cybersummit, BlackHat, British Computing Society, OWASP (Open Web Application Security Project) as well as speaking at events with industry partners.

In my free time I am an occasional bug bounty hunter, and make educational cyber security YouTube videos for an audience of over 30,000 people! I used to work at Bugcrowd where I helped provide support to the community team in all things infosec and bug hunting. Although I am a data scientist/engineer at heart security is really growing on me and it's been great to leverage my data brain to help make the internet more secure. I've now found myself knee deep in cyber security, having reported security vulnerabilities to large organisations such as Verizon Media and the US Department of Defense.

Katie in the News

My Research

I'm interested in applying Machine Learning and Natural Language Processing in Cyber Security. Leveraging my domain knowledge to create tools which supports the complex decision making often needed in Cyber Security. I'm also interested in applying ML/NLP in pentesting and Bug Bounty hunting and I'm working on some new projects in that domain!

My PhD involved the use of NLP techniques to understand an insider threat incident. Using a large amount of reports to explore, visualise and finally understand an attack, without needing to read each report individually. Answering questions like: What was the insiders motivation? What technical approach did they use? What was the outcome of the attack? Providing valuable insights allowing organisational changes which will prevent the next.

Before my PhD my UG dissertation involved the decipherment of an ancient language, automatically using computational techniques. You can watch that here.

Speaking

Want me to speak at something? I'd love to! Contact me on Twitter or LinkedIn

  • OWASP Santa Barbara - Live Hacking and API with Katie Paxton-Fear Watch on YouTube
  • We Hack Purple podcast 9 with Katie Paxton-Fear Watch Online
  • Security@ 2020: Hack the Globe – Meet the Hackers, Panellist Watch on HackerOne
  • @InsiderPhD Talks About Bug Bounties, HackerOne's Live Hacking Events & Creating Content for Hackers! Watch on YouTube
  • National Cybersecurity Awareness Month (NCSAM) at Auth0 - Turning Developers into Hackers Blog Post
  • O'Reilly Infrastructure & Ops Superstream Series, Introduction to Bug Bounties Watch on O'Reilly(Paid)
  • BugCrowd LevelUp0x07 - Panellist, Women in Security and Privacy Panel Watch on YouTube
  • BugCrowd LevelUp0x07 - Introduction to AI and Machine Learning (for bug bounty hunters) Watch on YouTube
  • Hackclub - CTF opening, keynote speaker
  • HackerOne H@cktivityCon - Panellist, Women in Security PanelWatch on YouTube
  • Bugcrowd - Panellist, Insider the mind of a Hacker Watch on BugCrowd
  • HackerOne - Panellist, Beyond the Bounty – The Real Value for Hackers and OrganizationsWatch on HackerOne
  • WoSEC San Francisco: Women of Security - Bug Bounty 101: How to Choose Your First Bug Bounty Target and Stay Motivated Watch on YouTube
  • WomenHackerzCon - Bug Bounty 101 Workshop
  • BugCrowd LevelUp0x06 – Sticking With It: How to Choose a Target and Stay Motivated Watch on YouTube
  • OWASP DevSlop – API Hacking for the Actually Pretty Inexperienced Hacker Watch on YouTube
  • WomenHackerz – How to Find Your First IDOR Vulnerability
  • HackerOne Community Day – Panellist, Hacker Panel
  • DefendCon – Panellist, HackerOne Presents: Bug Bounty Panel
  • HackerOne - Hacker Interviews: Katie (InsiderPhD) Watch on YouTube

Publications

Journal Articles
  • Paxton-Fear, K., Hodges, D. and Buckley, O. (2019) ‘Using Topic Distribution to Classify Fuzzy Topics’, Human-centric Computing and Information Science, In Review.
  • Hodges, D. and Paxton-Fear, K. (2019) ‘An analysis of the writing of cult members’, In Review Journal of Quantitative Linguistics, In Review
Conference Papers
  • Paxton-Fear, K., Hodges, D. and Buckley, O. (2020) ‘Understanding Insider Threat Attacks using Natural Language Processing: Automatically mapping organic narrative reports to existing insider threat frameworks’, In A. Moallem, editor HCI-CPT: 2nd International Conference on HCI For Cybersecurity, Privacy And Trust Held as Part of HCI International 2020.
  • Paxton-Fear, K., (2019): Increasing the accessibility of NLP techniques for Defence and Security using a web-based tool. Defence and Security Doctoral Symposium 2019 Available at: Cranfield Online Research Data (CORD). Poster. https://doi.org/10.17862/cranfield.rd.10066229.v1 (Poster)
  • Paxton-Fear, K., Hodges, D. and Buckley, O. (2018) ‘Connected events and malicious insiders: Investigating patterns of insider threat using natural language processing’, Behavioural and Social Sciences in Security. (Poster)
  • Paxton-Fear, K. (2018) ‘A Computational Decipherment of Linear B.’, Computer Applications and Quantitative Methods in Archaeology.