Browsing by Author "Gao, Tianchong"

Now showing 1 - 10 of 15
  • Thumbnail Image
    Item
    ACTS: Extracting Android App Topological Signature through Graphlet Sampling
    (IEEE, 2016-10) Peng, Wei; Gao, Tianchong; Sisodia, Devkishen; Saha, Tanay Kumar; Li, Feng; Al Hasan, Mohammad; Computer Information and Graphics Technology, School of Engineering and Technology
    Android systems are widely used in mobile & wireless distributed systems. In the near future, Android is believed to dominate the mobile distributed environment. However, with the popularity of Android-based smartphones/tablets comes the rampancy of Android-based malware. In this paper, we propose a novel topological signature of Android apps based on the function call graphs (FCGs) extracted from their Android App Packages (APKs). Specifically, by leveraging recent advances in graphlet sampling, the proposed method fully captures the invocator-invocatee relationship at local neighborhoods in an FCG without exponentially inflating the state space. Using real benign app and malware samples, we demonstrate that our method, ACTS (App topologiCal signature through graphleT Sampling), can detect malware and identify malware families robustly and efficiently. More importantly, we demonstrate that, without augmenting the FCG with any semantic features such as bytecode-based vertex typing, local topological information captured by ACTS alone can achieve a high malware detection accuracy. Since ACTS only uses structural features, which are orthogonal to semantic features, it is expected that combining them would give a greater improvement in malware detection accuracy than combining non-orthogonal semantic features.
  • Thumbnail Image
    Item
    Android Malware Detection via Graphlet Sampling
    (IEEE, 2018-11) Gao, Tianchong; Peng, Wei; Sisodia, Devkishen; Saha, Tanay Kumar; Li, Feng; Al Hasan, Mohammad; Computer Information and Graphics Technology, School of Engineering and Technology
    Android systems are widely used in mobile & wireless distributed systems. In the near future, Android is believed to dominate the mobile distributed environment. However, with the popularity of Android-based smartphones/tablets comes the rampancy of Android-based malware. In this paper, we propose a novel topological signature of Android apps based on the function call graphs (FCGs) extracted from their Android App PacKages (APKs). Specifically, by leveraging recent advances on graphlet mining, the proposed method fully captures the invocator-invocatee relationship at local neighborhoods in an FCG without exponentially inflating the state space. Using real benign app and malware samples, we demonstrate that our method, ACTS (App topologiCal signature through graphleT Sampling), can detect malware and identify malware families robustly and efficiently. More importantly, we demonstrate that, without augmenting the FCG with any semantic features such as bytecode-based vertex typing, local topological information captured by ACTS alone can achieve a high malware detection accuracy. Since ACTS only uses structural features, which are orthogonal to semantic features, it is expected that combining them would give a greater improvement in malware detection accuracy than combining non-orthogonal semantic features.
  • Thumbnail Image
    Item
    De-Anonymization of Dynamic Online Social Networks via Persistent Structures
    (IEEE, 2019-05) Gao, Tianchong; Li, Feng; Computer Information and Graphics Technology, School of Engineering and Technology
    Service providers of Online Social Networks (OSNs) periodically publish anonymized OSN data, which creates an opportunity for adversaries to de-anonymize the data and identify target users. Most commonly, these adversaries use de-anonymization mechanisms that focus on static graphs. Some mechanisms separate dynamic OSN data into slices of static graphs, in order to apply a traditional de-anonymization attack. However, these mechanisms do not account for the evolution of OSNs, which limits their attack performance. In this paper, we provide a novel angle, persistent homology, to capture the evolution of OSNs. Persistent homology barcodes show the birth time and death time of holes, i.e., polygons, in OSN graphs. After extracting the evolution of holes, we apply a two-phase de-anonymization attack. First, holes are mapped together according to the similarity of birth/death time. Second, already mapped holes are converted into super nodes and we view them as seed nodes. We then grow the mapping based on these seed nodes. Our de-anonymization mechanism is extremely compatible to the adversaries who suffer latency in relationship collection, which is very similar to real-world cases.
  • Thumbnail Image
    Item
    Efficient Content Delivery via Interest Queueing
    (IEEE, 2019-05) Gao, Tianchong; Li, Feng; Computer and Information Science, School of Science
    Content sharing is an approach to relieve the congestion of cellular networks with alternative communication technologies such as the Wi-Fi and bluetooth. Through a Content Delivery Network (CDN), only a small portion of users need to download the data directly. Other users obtain packets from these users through short-range communications. However, the uncertainty of movement of mobile users challenges the effectiveness of CDNs. Unlike previous CDN solutions, in this paper, we present a novel scheme that studies the probabilistic meeting of users. When the accessibility to the cellular network is limited, we apply the queueing theory to guide the downloading or waiting strategies of users. In this system, the users who hold the content become seeds in the CDN and benefit their neighbors. Therefore we also consider the seed growing performance in the strategy. The purpose of our scheme is to let every user efficiently obtain their target content with restricted cellular data. The evaluation results show that our scheme gains significant satisfaction throughput improvements compared to the performance of basic downloading strategies.
  • Thumbnail Image
    Item
    GAN-inspired Defense Against Backdoor Attack on Federated Learning Systems
    (IEEE, 2023-09) Sundar, Agnideven Palanisamy; Li, Feng; Zou, Xukai; Gao, Tianchong; Hosler, Ryan; Computer Science, Luddy School of Informatics, Computing, and Engineering
    Federated Learning (FL) provides an opportunity for clients with limited data resources to combine and build better Machine Learning models without compromising their privacy. But aggregating contributions from various clients implies that the errors present in some clients’ resources will also get propagated to all the clients through the combined model. Malicious entities leverage this negative factor to disrupt the normal functioning of the FL system for their gain. A backdoor attack is one such attack where the malicious entities act as clients and implant a small trigger into the global model. Once implanted, the model performs the attacker desired task in the presence of the trigger but acts benignly otherwise. In this paper, we build a GAN-inspired defense mechanism that can detect and defend against the presence of such backdoor triggers. The unavailability of labeled benign and backdoored models has prevented researchers from building detection classifiers. We tackle this problem by utilizing the clients as Generators to construct the required dataset. We place the Discriminator on the server-side, which acts as a backdoored model detecting binary classifier. We experimentally prove the proficiency of our approach with the image-based non-IID datasets, CIFAR10 and CelebA. Our prediction probability-based defense mechanism successfully removes all the influence of backdoors from the global model.
  • Thumbnail Image
    Item
    Local Differential Privacy Preservation via the Novel Encoding Method
    (IEEE, 2023-09) Zhang, Niu; Wang, Shunwei; Gao, Tianchong; Li, Feng; Sundar, Agnideven Palanisamy; Zou, Xukai; Computer Science, Luddy School of Informatics, Computing, and Engineering
    In recent years, the application of big data analysis has seen a significant increase across various fields with the aim of extracting useful information from massive data to enhance human life. These data contain a large amount of privacy, and directly using user data for analysis poses a significant risk of privacy leakage. To address this pressing issue, many scholars have incorporated the latest protection methodologies, such as local differential privacy (LDP), into big data analysis. Existing LDP methods typically convert data into binary strings and then add noise, but the weight of each bit unevenly distributes noise, eventually increasing utility loss. Inspired by this, the paper investigates the reduction of error through alternative numeral systems, leading to the proposition of a segmented-based LDP data preservation mechanism (LDPseg), where each bit flip has an equal impact on the outcome. Theoretical analysis reveals that under certain conditions, this mechanism maintains a lower error expectation and variance compared to binary systems. Real-world experimental results indicate that the proposed method exhibits positive performance in machine learning.
  • Thumbnail Image
    Item
    Multi-Armed-Bandit-based Shilling Attack on Collaborative Filtering Recommender Systems
    (IEEE, 2020-12) Palanisamy Sundar, Agnideven; Li, Feng; Zou, Xukai; Hu, Qin; Gao, Tianchong; Computer and Information Science, School of Science
    Collaborative Filtering (CF) is a popular recommendation system that makes recommendations based on similar users' preferences. Though it is widely used, CF is prone to Shilling/Profile Injection attacks, where fake profiles are injected into the CF system to alter its outcome. Most of the existing shilling attacks do not work on online systems and cannot be efficiently implemented in real-world applications. In this paper, we introduce an efficient Multi-Armed-Bandit-based reinforcement learning method to practically execute online shilling attacks. Our method works by reducing the uncertainty associated with the item selection process and finds the most optimal items to enhance attack reach. Such practical online attacks open new avenues for research in building more robust recommender systems. We treat the recommender system as a black box, making our method effective irrespective of the type of CF used. Finally, we also experimentally test our approach against popular state-of-the-art shilling attacks.
  • Thumbnail Image
    Item
    Obfuscating Function Call Topography to Test Structural Malware Detection against Evasion Attacks
    (IEEE, 2017-01) Choliy, Andrew; Li, Feng; Gao, Tianchong; Computer Information and Graphics Technology, School of Engineering and Technology
    The incredible popularity of the Android mobile operating system has resulted in a massive influx of malicious applications for the platform. This malware can come from a number of sources as Google allows the installation of Android App Packages (APKs) from third parties. Even within its own Google Play storefront, however, malicious software can be found. One type of approach to identify malware focuses on the structural properties of the function call graphs (FCGs) extracted from APKs. The aim of this research work is to test the robustness of one example method in this category, named the ACTS (App topologiCal signature through graphleT Sampling) method. By extracting graphlet statistics from a FCG, the ACTS approach is able to efficiently differentiate between benign app samples and malware with good accuracy. In this work, we obfuscate the FCG of malware in several ways, and test the ACTs method against these evasion attacks. The statistical results of running ACTS against unmodified real malware samples is compared with the results of ACTS running against obfuscated versions of those same apps.
  • Thumbnail Image
    Item
    PHDP: Preserving Persistent Homology in Differentially Private Graph Publications
    (IEEE, 2019-04) Gao, Tianchong; Li, Feng; Computer Information and Graphics Technology, School of Engineering and Technology
    Online social networks (OSNs) routinely share and analyze user data. This requires protection of sensitive user information. Researchers have proposed several techniques to anonymize the data of OSNs. Some differential-privacy techniques claim to preserve graph utility under certain graph metrics, as well as guarantee strict privacy. However, each graph utility metric reveals the whole graph in specific aspects.We employ persistent homology to give a comprehensive description of the graph utility in OSNs. This paper proposes a novel anonymization scheme, called PHDP, which preserves persistent homology and satisfies differential privacy. To strengthen privacy protection, we add exponential noise to the adjacency matrix of the network and find the number of adding/deleting edges. To maintain persistent homology, we collect edges along persistent structures and avoid perturbation on these edges. Our regeneration algorithms balance persistent homology with differential privacy, publishing an anonymized graph with a guarantee of both. Evaluation result show that the PHDP-anonymized graph achieves high graph utility, both in graph metrics and application metrics.
  • Thumbnail Image
    Item
    Preserving Graph Utility in Anonymized Social Networks? A Study on the Persistent Homology
    (IEEE, 2017-10) Gao, Tianchong; Li, Feng; Engineering Technology, School of Engineering and Technology
    Following the trend of privacy preserving online social network publishing, various anonymization mechanisms have been designed and employed. Many differential privacy-based mechanisms claim that they can preserve the utility as well as guarantee the privacy. Their utility analysis are always based on some specifically chosen metrics.This paper aims to find a novel angle that describing the network in multiple scales. Persistent homology is such a high level metric that it reveals the parameterized topological features with various scales and it is applicable for read-world applications. In this paper, four differential privacy mechanisms employing different models are analyzed under the traditional graph metrics and the persistent homology. The evaluation results demonstrate that all algorithms can partially or conditionally preserve certain traditional graph utilities, but none of them are suitable for all metrics. Furthermore, none of the existing mechanisms can fully preserve the persistent homology, especially in high dimensions, which implies that the true graph utility is lost.