Browsing by Author "Gao, Tianchong"

Now showing 1 - 10 of 12
  • Thumbnail Image
    Item
    ACTS: Extracting Android App Topological Signature through Graphlet Sampling
    (IEEE, 2016-10) Peng, Wei; Gao, Tianchong; Sisodia, Devkishen; Saha, Tanay Kumar; Li, Feng; Al Hasan, Mohammad; Computer Information and Graphics Technology, School of Engineering and Technology
    Android systems are widely used in mobile & wireless distributed systems. In the near future, Android is believed to dominate the mobile distributed environment. However, with the popularity of Android-based smartphones/tablets comes the rampancy of Android-based malware. In this paper, we propose a novel topological signature of Android apps based on the function call graphs (FCGs) extracted from their Android App Packages (APKs). Specifically, by leveraging recent advances in graphlet sampling, the proposed method fully captures the invocator-invocatee relationship at local neighborhoods in an FCG without exponentially inflating the state space. Using real benign app and malware samples, we demonstrate that our method, ACTS (App topologiCal signature through graphleT Sampling), can detect malware and identify malware families robustly and efficiently. More importantly, we demonstrate that, without augmenting the FCG with any semantic features such as bytecode-based vertex typing, local topological information captured by ACTS alone can achieve a high malware detection accuracy. Since ACTS only uses structural features, which are orthogonal to semantic features, it is expected that combining them would give a greater improvement in malware detection accuracy than combining non-orthogonal semantic features.
  • Thumbnail Image
    Item
    Android Malware Detection via Graphlet Sampling
    (IEEE, 2018-11) Gao, Tianchong; Peng, Wei; Sisodia, Devkishen; Saha, Tanay Kumar; Li, Feng; Al Hasan, Mohammad; Computer Information and Graphics Technology, School of Engineering and Technology
    Android systems are widely used in mobile & wireless distributed systems. In the near future, Android is believed to dominate the mobile distributed environment. However, with the popularity of Android-based smartphones/tablets comes the rampancy of Android-based malware. In this paper, we propose a novel topological signature of Android apps based on the function call graphs (FCGs) extracted from their Android App PacKages (APKs). Specifically, by leveraging recent advances on graphlet mining, the proposed method fully captures the invocator-invocatee relationship at local neighborhoods in an FCG without exponentially inflating the state space. Using real benign app and malware samples, we demonstrate that our method, ACTS (App topologiCal signature through graphleT Sampling), can detect malware and identify malware families robustly and efficiently. More importantly, we demonstrate that, without augmenting the FCG with any semantic features such as bytecode-based vertex typing, local topological information captured by ACTS alone can achieve a high malware detection accuracy. Since ACTS only uses structural features, which are orthogonal to semantic features, it is expected that combining them would give a greater improvement in malware detection accuracy than combining non-orthogonal semantic features.
  • Thumbnail Image
    Item
    De-Anonymization of Dynamic Online Social Networks via Persistent Structures
    (IEEE, 2019-05) Gao, Tianchong; Li, Feng; Computer Information and Graphics Technology, School of Engineering and Technology
    Service providers of Online Social Networks (OSNs) periodically publish anonymized OSN data, which creates an opportunity for adversaries to de-anonymize the data and identify target users. Most commonly, these adversaries use de-anonymization mechanisms that focus on static graphs. Some mechanisms separate dynamic OSN data into slices of static graphs, in order to apply a traditional de-anonymization attack. However, these mechanisms do not account for the evolution of OSNs, which limits their attack performance. In this paper, we provide a novel angle, persistent homology, to capture the evolution of OSNs. Persistent homology barcodes show the birth time and death time of holes, i.e., polygons, in OSN graphs. After extracting the evolution of holes, we apply a two-phase de-anonymization attack. First, holes are mapped together according to the similarity of birth/death time. Second, already mapped holes are converted into super nodes and we view them as seed nodes. We then grow the mapping based on these seed nodes. Our de-anonymization mechanism is extremely compatible to the adversaries who suffer latency in relationship collection, which is very similar to real-world cases.
  • Thumbnail Image
    Item
    Efficient Content Delivery via Interest Queueing
    (IEEE, 2019-05) Gao, Tianchong; Li, Feng; Computer and Information Science, School of Science
    Content sharing is an approach to relieve the congestion of cellular networks with alternative communication technologies such as the Wi-Fi and bluetooth. Through a Content Delivery Network (CDN), only a small portion of users need to download the data directly. Other users obtain packets from these users through short-range communications. However, the uncertainty of movement of mobile users challenges the effectiveness of CDNs. Unlike previous CDN solutions, in this paper, we present a novel scheme that studies the probabilistic meeting of users. When the accessibility to the cellular network is limited, we apply the queueing theory to guide the downloading or waiting strategies of users. In this system, the users who hold the content become seeds in the CDN and benefit their neighbors. Therefore we also consider the seed growing performance in the strategy. The purpose of our scheme is to let every user efficiently obtain their target content with restricted cellular data. The evaluation results show that our scheme gains significant satisfaction throughput improvements compared to the performance of basic downloading strategies.
  • Thumbnail Image
    Item
    Multi-Armed-Bandit-based Shilling Attack on Collaborative Filtering Recommender Systems
    (IEEE, 2020-12) Palanisamy Sundar, Agnideven; Li, Feng; Zou, Xukai; Hu, Qin; Gao, Tianchong; Computer and Information Science, School of Science
    Collaborative Filtering (CF) is a popular recommendation system that makes recommendations based on similar users' preferences. Though it is widely used, CF is prone to Shilling/Profile Injection attacks, where fake profiles are injected into the CF system to alter its outcome. Most of the existing shilling attacks do not work on online systems and cannot be efficiently implemented in real-world applications. In this paper, we introduce an efficient Multi-Armed-Bandit-based reinforcement learning method to practically execute online shilling attacks. Our method works by reducing the uncertainty associated with the item selection process and finds the most optimal items to enhance attack reach. Such practical online attacks open new avenues for research in building more robust recommender systems. We treat the recommender system as a black box, making our method effective irrespective of the type of CF used. Finally, we also experimentally test our approach against popular state-of-the-art shilling attacks.
  • Thumbnail Image
    Item
    Obfuscating Function Call Topography to Test Structural Malware Detection against Evasion Attacks
    (IEEE, 2017-01) Choliy, Andrew; Li, Feng; Gao, Tianchong; Computer Information and Graphics Technology, School of Engineering and Technology
    The incredible popularity of the Android mobile operating system has resulted in a massive influx of malicious applications for the platform. This malware can come from a number of sources as Google allows the installation of Android App Packages (APKs) from third parties. Even within its own Google Play storefront, however, malicious software can be found. One type of approach to identify malware focuses on the structural properties of the function call graphs (FCGs) extracted from APKs. The aim of this research work is to test the robustness of one example method in this category, named the ACTS (App topologiCal signature through graphleT Sampling) method. By extracting graphlet statistics from a FCG, the ACTS approach is able to efficiently differentiate between benign app samples and malware with good accuracy. In this work, we obfuscate the FCG of malware in several ways, and test the ACTs method against these evasion attacks. The statistical results of running ACTS against unmodified real malware samples is compared with the results of ACTS running against obfuscated versions of those same apps.
  • Thumbnail Image
    Item
    PHDP: Preserving Persistent Homology in Differentially Private Graph Publications
    (IEEE, 2019-04) Gao, Tianchong; Li, Feng; Computer Information and Graphics Technology, School of Engineering and Technology
    Online social networks (OSNs) routinely share and analyze user data. This requires protection of sensitive user information. Researchers have proposed several techniques to anonymize the data of OSNs. Some differential-privacy techniques claim to preserve graph utility under certain graph metrics, as well as guarantee strict privacy. However, each graph utility metric reveals the whole graph in specific aspects.We employ persistent homology to give a comprehensive description of the graph utility in OSNs. This paper proposes a novel anonymization scheme, called PHDP, which preserves persistent homology and satisfies differential privacy. To strengthen privacy protection, we add exponential noise to the adjacency matrix of the network and find the number of adding/deleting edges. To maintain persistent homology, we collect edges along persistent structures and avoid perturbation on these edges. Our regeneration algorithms balance persistent homology with differential privacy, publishing an anonymized graph with a guarantee of both. Evaluation result show that the PHDP-anonymized graph achieves high graph utility, both in graph metrics and application metrics.
  • Thumbnail Image
    Item
    Preserving Graph Utility in Anonymized Social Networks? A Study on the Persistent Homology
    (IEEE, 2017-10) Gao, Tianchong; Li, Feng; Engineering Technology, School of Engineering and Technology
    Following the trend of privacy preserving online social network publishing, various anonymization mechanisms have been designed and employed. Many differential privacy-based mechanisms claim that they can preserve the utility as well as guarantee the privacy. Their utility analysis are always based on some specifically chosen metrics.This paper aims to find a novel angle that describing the network in multiple scales. Persistent homology is such a high level metric that it reveals the parameterized topological features with various scales and it is applicable for read-world applications. In this paper, four differential privacy mechanisms employing different models are analyzed under the traditional graph metrics and the persistent homology. The evaluation results demonstrate that all algorithms can partially or conditionally preserve certain traditional graph utilities, but none of them are suitable for all metrics. Furthermore, none of the existing mechanisms can fully preserve the persistent homology, especially in high dimensions, which implies that the true graph utility is lost.
  • Thumbnail Image
    Item
    Privacy Preserving in Online Social Network Data Sharing and Publication
    (2019-12) Gao, Tianchong; Lin, Xiaojun; Chien, Stanley; Li, Feng; Hu, Jianghai; Delp, Edward
    Following the trend of online data sharing and publishing, researchers raise their concerns about the privacy problem. Online Social Networks (OSNs), for example, often contain sensitive information about individuals. Therefore, anonymizing network data before releasing it becomes an important issue. This dissertation studies the privacy preservation problem from the perspectives of both attackers and defenders. To defenders, preserving the private information while keeping the utility of the published OSN is essential in data anonymization. At one extreme, the final data equals the original one, which contains all the useful information but has no privacy protection. At the other extreme, the final data is random, which has the best privacy protection but is useless to the third parties. Hence, the defenders aim to explore multiple potential methods to strike a desirable tradeoff between privacy and utility in the published data. This dissertation draws on the very fundamental problem, the definition of utility and privacy. It draws on the design of the privacy criterion, the graph abstraction model, the utility method, and the anonymization method to further address the balance between utility and privacy. To attackers, extracting meaningful information from the collected data is essential in data de-anonymization. De-anonymization mechanisms utilize the similarities between attackers’ prior knowledge and published data to catch the targets. This dissertation focuses on the problems that the published data is periodic, anonymized, and does not cover the target persons. There are two thrusts in studying the de-anonymization attacks: the design of seed mapping method and the innovation of generating-based attack method. To conclude, this dissertation studies the online data privacy problem from both defenders’ and attackers’ point of view and introduces privacy and utility enhancement mechanisms in different novel angles.
  • Thumbnail Image
    Item
    Sharing Social Networks Using a Novel Differentially Private Graph Model
    (IEEE, 2019-01) Gao, Tianchong; Li, Feng; Computer Information and Graphics Technology, School of Engineering and Technology
    Online social networks (OSNs) often contain sensitive information about individuals. Therefore, anonymizing social network data before releasing it becomes an important issue. Recent research introduces several graph abstraction models to extract graph features and add sufficient noise to achieve differential privacy.In this paper, we design and analyze a comprehensive differentially private graph model that combines the dK-1, dK-2, and dK-3 series together. The dK-1 series stores the degree frequency, the dK-2 series adds the joint degree frequency, and the dK-3 series contains the linking information between edges. In our scheme, low dimensional data makes the regeneration process more executable and effective, while high dimensional data preserves additional utility of the graph. As the higher dimensional model is more sensitive to the noise, we carefully design the executing sequence. The final released graph increases the graph utility under differential privacy.