Multi-dimensional Data Analytics for Detecting Malicious Activities

SCRUB (Secure Computing Research for Users' Benefit) @ UCD
A collaborative project with the Intel Science and Technology Center for Secure Computing (ISTC-SC) at UC Berkeley

multi-dimensional data analytics

As more social interaction shifts to the Internet via mobile phones and online social networks (OSNs), new opportunities as well as challenges/problems emerge. For instance, malicious activities involving Android applications are rising rapidly. Spurious user accounts on OSNs can be leveraged to launch a variety of malicious activities (e.g., spam, social engineering). Numerous studies have applied data mining techniques to data collected from network or end-host to extract spatial-temporal patterns or other footprints that can then be used detect malicious behavior or identify the attacker. However, most of the existing solutions analyze a single genre of data source, e.g, traffic traces collected from network, or process running on a host. Our team recognizes that this is no longer adequate, and instead, propose to integrate multi-dimensional data coming from different genre of networks or contexts to profile user and/or application behavior in order to detect malware or suspicious activities. We will leverage data mining, learning & prediction, anomaly detection, and static/code analysis that our team has previously applied successfully to detect network/traffic anomalies and plagiarized mobile applications to uncover new, potentially malicious activities.

People

Principal Investigators

Collaborators

  • Prasant Mohapatra, UC Davis
  • Hui Zang, Huawei (previously Guavus)

Postdoc & Students

  • Parth Pathak, CS (postdoc)
  • Arun Raghumura, CS (PhD)
  • Aveek Das, CS (PhD)

Publications

  • A. Raghuramu, H. Zang, P. Pathak, J. Han, C. Liu, and C-N. Chuah, "Uncovering Footprints of Malicious Traffic in Wireless/Mobile Networks," Elsevier Computer Communications Journal. [pdf]
  • A. Das, P. Pathak, C-N. Chuah, and P. Mohapatra, "Uncovering Privacy Leakage in BLE Network Traffic of Wearable Fitness Trackers," ACM HotMobile (the 17th International Workshop on Mobile Computing Systems and applications), February 2016.
  • C. Buckley, P. H. Pathak, A. Das, C-N. Chuah, and P. Mohapatra, "AnonAD: Privacy-aware Micro-targeted Mobile Advertisement without Proxies," IEEE International Conference on Computer Communications and Networks (ICCCN), August 2015 (Invited Paper). [pdf]
  • A. Das, P. Pathak, C-N. Chuah, and P. Mohapatra, "Characterization of Wireless Multi-Device Users," IEEE SECON 2015, June 2015.
  • A. Raghuramu, H. Zang, C-N. Chuah, "Uncovering the Footprints of Malicious Traffic in Cellular Data Netwoks," Passive & Active Measurement Conference, March 2015. [pdf]
  • A. K. Das, P. H. Pathak, C-N. Chuah, and P. Mohapatra, "Contextual Localization Through Network Traffic Analysis," IEEE INFOCOM, April/May 2014.

Funding

This project is supported by Intel Science and Technology Center for Secure Computing (ISTC-SC) and Guavus. We would also like to acknowledge VirusTotal and McAfee for granting access to their APIs for research use.