Multi-dimensional Data Analytics for Detecting Malicious Activities

SCRUB (Secure Computing Research for Users' Benefit) @ UCD
A collaborative project with the Intel Science and Technology Center for Secure Computing (ISTC-SC) at UC Berkeley

multi-dimensional data analytics

As more social interaction shifts to the Internet via mobile phones and online social networks (OSNs), new opportunities as well as challenges/problems emerge. For instance, malicious activities involving Android applications are rising rapidly. Spurious user accounts on OSNs can be leveraged to launch a variety of malicious activities (e.g., spam, social engineering). Numerous studies have applied data mining techniques to data collected from network or end-host to extract spatial-temporal patterns or other footprints that can then be used detect malicious behavior or identify the attacker. However, most of the existing solutions analyze a single genre of data source, e.g, traffic traces collected from network, or process running on a host. Our team recognizes that this is no longer adequate, and instead, propose to integrate multi-dimensional data coming from different genre of networks or contexts to profile user and/or application behavior in order to detect malware or suspicious activities. We will leverage data mining, learning & prediction, anomaly detection, and static/code analysis that our team has previously applied successfully to detect network/traffic anomalies and plagiarized mobile applications to uncover new, potentially malicious activities.

People

Principal Investigators

Collaborators

  • Prasant Mohapatra, UC Davis
  • Hui Zang, Guavus
  • Ling Huang, Intel

Postdoc & Students

  • Parth Pathak, CS (postdoc)
  • Arun Raghumura, CS (PhD)
  • Aveek Das, CS (PhD)
  • Theo Pan, CS (MS)
  • Shu Ming Peng, ECE (MS)
  • Joshua Vaughen, ECE (undergrad)

Funding

This project is supported by Intel Science and Technology Center for Secure Computing (ISTC-SC) and Guavus.