Ping Fan KE

About

Ping Fan (Zetta) is an Assistant Professor in the School of Computing Information Systems (SCIS) at the Singapore Management University (SMU). He received his Ph.D. degree in Information Systems from the Department of ISOM, School of Business and Management, HKUST in 2018.

His research focuses on the area of cybersecurity, in both managerial and technical aspects. On the managerial side, his research examines the economic incentive and mechanism design in various contexts in cybersecurity, including cybersecurity policy, managed security service, bug bounty program, artificial intelligence and Blockchain. On the technical side, he conducts researches in Web application security and ransomware analysis.

His research has been published in prestigious academic journals, including Information Systems Research (ISR) and Production and Operations Management. His research has also been presented at leading academic conferences, such as International Conference on Information Systems (ICIS), Pacific Asia Conference on Information Systems (PACIS), the Workshop on Information Systems and Economics (WISE) and Workshop on e-Business (WeB). He also serves as an associate editor for top conferences in Information Systems, specializing in the Security and Privacy track as well as the Blockchain and Fintech track.

In addition to his academic involvement, he work has also been presented at top security conferences and workshops, such as DEF CON, Black Hat Asia, Infosec In the City (SINCON), and Hacks in Taiwan Conference (HITCON).

Research Interests

Economics of Information Systems
Cybersecurity
Blockchain, Cryptocurrency and Fintech
Machine Learning and AI Application

Publications and Presentations

Journal Publications

Ng, K. C., Ke, P. F., So, M. K., & Tam, K. Y. (2023). Augmenting fake content detection in online platforms: A domain adaptive transfer learning via adversarial training approach. Production and Operations Management, 32(7), 2101-2122. https://doi.org/10.1111/poms.13959
Lai, A. C. T., Ke, P. F., Chan, K., Yiu, S. M., Kim, D., Wong, W. K., Muppala, J., & Ho, A. (2022). RansomSOC: A More Effective Security Operations Center to Detect and Respond to Ransomware Attacks. Journal of Internet Services and Information Security (JISIS), 13. [URL]
Hui, K. L., Ke, P. F., Yao, Y., & Yue, W. T. (2019). Bilateral liability-based contracts in information security outsourcing. Information Systems Research, 30(2), 411-429. https://doi.org/10.1287/isre.2018.0806

Conference Presentations

Ke, P. F., Lau, Y. M., & Hanley, D. V. (2023, July). Is Web3 Better Than Web2 for Investors? Evidence from Domain Name Auctions. Pacific Asia Conference on Information Systems (PACIS), Nanchang, China. [URL]
Ke, P. F. (2023, July). Strategic Manipulation in Blockchain-Based Platforms. POMS-China International Conference, Hangzhou, China.
Ke, P. F. (2023, May). Technological Threat in Blockchain-Based Platforms. POMS Annual Conference, Orlando, FI.
Ke, P. F., & Ng, K. C. (2022, December). Bank Error in Whose Favor? A Case Study of Decentralized Finance Misgovernance. International Conference on Information System (ICIS), Copenhagen, Denmark. [Best Short Paper Nomination] [URL]
Ke, P. F., Chen, J., & Guo, Z. (2021, December). Strategic Behavior and Market Inefficiency in Blockchain-Based Auctions. Workshop on Information Systems and Economics (WISE), Austin, TX. [Best Paper Nomination] [Presentation]]
Ke, P. F., Hui, K. L., & Yue, W. T. (2020, December). The Effect of Content Filtering on the Internet: An Empirical Investigation. Workshop on Information Technologies and Systems (WITS), Virtual. [Best Paper Nomination]
Ng, K. C., Ke, P. F., & Tam, K. Y. (2020, November). Distillation of News Deception into Textual Analysis Using Domain Adaptation Learning. INFORMS Annual Meeting, Virtual.
Ng, K. C., Ke, P. F., So, M. K. P., & Tam, K. Y. (2020, August). Inferring Deceptive Cues in Financial News: An Application of Domain Adaptation Learning. Pre-AMCIS SIGBPS Workshop on Blockchain and Financial Analytics (BPS’20), Virtual.
Ke, P. F. (2020, January). The Role of Threat Actors in Token-Weighted Crowdsourcing with Blockchain. POMS-HK International Conference, Hong Kong.
Ke, P. F. (2019, December). The Information Disclosure Trilemma: Privacy, Attribution and Dependency. Workshop on Information Security and Privacy, Munich, Germany. [URL]
Ng, K. C., Ke, P. F., So, M. K. P., & Tam, K. Y. (2019, December). Financial News Credibility Measurement and Analysis. 11th International Association for Statistical Computing (IASC-ARS) 2019 Conference, Hong Kong.
Ke, P. F. (2018, December). Influence of Transaction Cost on Smart Contract: An Economic Analysis on Token-Curated Registry. Pre-ICIS SIGBPS 2018 Workshop on Blockchain and Smart Contract, San Francisco, CA.
Hui, K. L., Ke, P. F., & Yue, W. T. (2017, December). An Empirical Study of the Effect of Government-initiated Filter Schemes on Cybersecurity. Workshop on e-Business (WeB), Seoul, South Korea.
Ke, P. F., Hui, K. L., & Yue, W. T. (2015, December). Cybersecurity Regulations and Cyberattacks: A case Study in China. Workshop on Information Systems and Economics (WISE), Dallas, TX.
Hui, K. L., Ke, P. F., & Yue, W. T. (2014, December). Regulating Information Asymmetry in Information Security Outsourcing Market. Workshop on Information Systems and Economics (WISE), Auckland, New Zealand.
Ke, P. F., Hui, K. L., & Yue, W. T. (2013, April). Information Security as a Credence Good. The 2013 Workshop on Usable Security (USEC’ 13), Okinawa, Japan. [URL]

Case Publications

Lau, Y. M., Ke, P. F., & Lim, T. (2023). Riding on the cryptocurrency and NFT wave: Twitter needs to “Show Me the Money”, Center for Management Practice, Singapore Management University. [URL]
Hui, K. L., Huang, M., Ke, P. F., & Lai, A. C. T. (2016). PopVote: Assessing the Risks of DDoS. Thompson Center for Business Case Studies, HKUST Business School. [URL]

Security Advisories

CVE-2021-41146: Remote Code Execution Vulnerability in qutebrowser
CVE-2019-11751: Remote Code Execution Vulnerability in Firefox
CVE-2019-14422: Remote Code Execution Vulnerability in TortoiseSVN
CVE-2019-13475: Remote Code Execution Vulnerability in MobaXterm
CVE-2018-8311: Remote Code Execution Vulnerability in Skype For Business and Lync

Security Talks and Workshops

Ransomware Incident Investigation. SINCON Reloaded, Singapore, January 6, 2023.
Ransomware Incident Investigation and Cryptocurrency Tracing with OSINT. DFRWS APAC 2022, Virtual, September 29, 2022
Backdoor Investigation and Incident Response: From Zero to Profit. Black Hat Asia 2022, Singapore, May 12, 2022
Chip-off Forensics. VX Village, DEFCON 26, Las Vegas, NV, August 11, 2018
XML and JS Hacking. OWASP Hong Kong Chapter, Hong Kong, March 11, 2017
How to Leverage Hackers for Your Business. HKUST, Hong Kong, May 28, 2016
Search for Vulnerable IoT Devices. 3rd International Conference on CyberCrime and Computer Forensics (ICCCF), Macau, June 23, 2015
Capture The Flag (CTF) Game: Fun and Profit. Information Security Summit 2014, Hong Kong, October 15, 2014.
Investigation and Intelligence Framework. HITCON 2014, Taipei, Taiwan, August 22, 2014.
Side Channel Attacks in Web Applications. Hong Kong Polytechnic University, Hong Kong, February 25, 2014.
Message Authentication and Length Extension Attack, OWASP Hong Kong Chapter, Hong Kong, July 27, 2013.

Teaching Experience

Undergraduate Programmes

Strategic Cybersecurity Management, SMU
Business Process Analysis and Solutioning, SMU
Information and Cyber Security Management, HKUST
Developing AI Application, HKUST
Blockchain Entrepreneurship for Social Impact, HKUST

Postgraduate Professional Programmes

Computer and Internet Security Management, HKUST

Honors and Awards

Best Associate Editor, PACIS 2023, Nanchang, China, July 8-12, 2023
ICIS 2016 Doctoral Consortium participant, Dublin, Ireland, December 7-9, 2016
PACIS 2015 Doctoral Consortium participant, Singapore, July 5-6, 2015
Hong Kong PhD Fellowship, Research Grant Council, Hong Kong, 2014 – 2017
Beta Gamma Sigma, 2010