Ph.D., Computer Science
M.S., Computer Science
B.S., Computer Science
Computer systems evolve to be more complex and vulnerable. Cyber attacks have also grown to be more sophisticated and harder to detect. Intrusion detection is the process of monitoring and identifying unauthorized system access or manipulation. It becomes increasingly difficult for a single intrusion detection system (IDS) to detect all attacks due to limited knowledge about attacks. Collaboration among intrusion detection devices can be used to gain higher detection accuracy and cost efficiency as compared to its traditional single host-based counterpart. Through cooperation, a local IDS can detect new attacks that may be known to other IDSs, which may be from different vendors. However, how to utilize the diagnosis from different IDSs to perform intrusion detection is the key challenge. This paper proposes a system architecture of a collaborative intrusion detection network (CIDN), in which trustworthy and efficient feedback aggregation is a key component. To achieve a reliable and trustworthy CIDN, we present a framework called FACID, which leverages data analytical models and hypothesis testing methods for efficient, distributed and sequential feedback aggregations. FACID provides an inherent trust evaluation mechanism and reduces communication overhead needed for IDSs as well as the computational resources and memory needed to achieve satisfactory feedback aggregation results when the number of collaborators of an IDS is large. Our simulation results corroborate our theoretical results and demonstrate the properties of cost efficiency and accuracy compared to other heuristic methods. The analytical result on the lower-bound of the average number of acquaintances for consultation is essential for the design and configuration of IDSs in a collaborative environment.
In multi-domain backbone networks, the Path Computation Element (PCE) architecture provides effective traffic engineering while limiting the exposure of intra-domain information. However, returned path computations may still reveal confidential intra-domain information, if artfully correlated by a malicious PCE. In such cases, the cooperation among PCEs should consider not only the capability of providing feasible paths but also the likelihood of security breaches (e.g., confidentiality risk exposure). In fact, a PCE might have the interest to block a request if it is arriving from a malicious or a competitor provider. In this scenario, the PCEs cooperation could benefit from a trust management model that accounts for the quality of the past interactions in terms of security violations while avoiding abuse of path computation services.
This work introduces the concepts of Trust Ranking and Quality of Interaction in PCE-based multi-domain backbone networks and elaborates a Bayes trust model to regulate the cooperation among PCEs. Specifically, the proposed trust management model aims at creating a common interest for the PCEs in contributing to effective traffic engineering while avoiding misuse of path computation services. Accordingly, we further propose a trust-aware PCE architecture and an incentive-compatible decision model that stimulate the behaviors of PCEs towards an effective cooperation.
Simulation results show that the proposed trust model provides effective incentive-compatible service differentiation to collaborating domains and is effective in detecting malicious PCE behaviors thereby tuning the amount of information returned in the path computation replies.
In current Android architecture design, users have to decide whether an app is safe to use or not. Expert users can make savvy decisions to prevent unnecessary privacy breach. However, inexperienced users may not be able to decide correctly. To assist inexperienced users to make a right permission granting decisions, we propose RecDroid. RecDroid is a crowdsourcing recommendation framework that facilitates a user-help-user environment regarding smartphone permission control. In this framework, the responses from expert users are aggregated and recommended to other users. We implement our prototype on Android platform and evaluated the system through simulation and real user study.
With billions of people using smartphones and the exponential growth of smartphone apps, it is prohibitive for app marketplaces, such as Google App Store, to thoroughly verify if an app is legitimate or malicious. As a result, mobile users are left to decide for themselves whether an app is safe to use. Even worse, recent studies have shown that over 70% of apps in markets request to collect data irrelevant to the main functions of the apps, which could cause leaking of private information or inefficient use of mobile resources. It is worth mentioning that since resource management mechanism of mobile devices is different from PC machines, existing security solutions in PC malware area are not quite compatible with mobile devices. Therefore, academic researchers and commercial anti-malware companies have proposed many security mechanisms to address the security issues of the Android devices. Considering the mechanisms and techniques which are different in nature and used in proposed works, they can be classified into different categories. In this survey, we discuss the existing Android security threats and existing security enforcements solutions between 2010 − 2015 and try to classify works and review their functionalities. We review a few works of each class. The survey also reviews the strength and weak points of the solutions.
RecDroid is an Android smartphone permission control framework which provides fine-grained permission control regarding smartphone resources and recommends the permission control decisions from savvy users to inexperienced (novice) users. However, malicious users, such as dummy users created by malicious app owners, may attempt to provide untruthful responses in order to mislead the recommendation system. Although a sybil detection function can be used to detect and remove some dummy users, undetected dummy users may still be able to mislead RecDroid framework. Therefore, it is not sufficient to depend on sybil detection techniques. In this work, we investigate this problem from a game-theoretical perspective to analyze the interaction between users and RecDroid system using a static Bayesian game-theoretical formulation. In the game, both players choose the best response strategy to minimize their loss in the interactions. We analyze the game model and find both pure strategy Nash equilibrium and mixed strategy Nash equilibrium under different scenarios. Finally, we discuss the impact from several parameters of the designed game on the outcomes, and analyzed the strategy on how to disincentivize attackers through corresponding game design.