-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathall_cyber_publications.bib
543 lines (508 loc) · 28.6 KB
/
all_cyber_publications.bib
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
@inproceedings{dodia_exposing_2022,
address = {Los Angeles CA USA},
title = {Exposing the {Rat} in the {Tunnel}: {Using} {Traffic} {Analysis} for {Tor}-based {Malware} {Detection}},
isbn = {9781450394505},
shorttitle = {Exposing the {Rat} in the {Tunnel}},
url = {https://dl.acm.org/doi/10.1145/3548606.3560604},
doi = {10.1145/3548606.3560604},
language = {en},
urldate = {2023-03-22},
booktitle = {Proceedings of the 2022 {ACM} {SIGSAC} {Conference} on {Computer} and {Communications} {Security}},
publisher = {ACM},
author = {Dodia, Priyanka and AlSabah, Mashael and Alrawi, Omar and Wang, Tao},
month = nov,
year = {2022},
pages = {875--889},
}
@inproceedings{yuan_time-window_2021,
address = {Taipei, Taiwan},
title = {Time-{Window} {Based} {Group}-{Behavior} {Supported} {Method} for {Accurate} {Detection} of {Anomalous} {Users}},
isbn = {9781665435727},
url = {https://ieeexplore.ieee.org/document/9505123/},
doi = {10.1109/DSN48987.2021.00038},
urldate = {2023-03-23},
booktitle = {2021 51st {Annual} {IEEE}/{IFIP} {International} {Conference} on {Dependable} {Systems} and {Networks} ({DSN})},
publisher = {IEEE},
author = {Yuan, Lun-Pin and Choo, Euijin and Yu, Ting and Khalil, Issa and Zhu, Sencun},
month = jun,
year = {2021},
pages = {250--262},
}
@inproceedings{nabeel_cadue:_2021,
address = {San Sebastian Spain},
title = {{CADUE}: {Content}-{Agnostic} {Detection} of {Unwanted} {Emails} for {Enterprise} {Security}},
isbn = {9781450390583},
shorttitle = {{CADUE}},
url = {https://dl.acm.org/doi/10.1145/3471621.3471862},
doi = {10.1145/3471621.3471862},
language = {en},
urldate = {2023-03-23},
booktitle = {24th {International} {Symposium} on {Research} in {Attacks}, {Intrusions} and {Defenses}},
publisher = {ACM},
author = {Nabeel, Mohamed and Altinisik, Enes and Sun, Haipei and Khalil, Issa and Wang, Hui (Wendy) and Yu, Ting},
month = oct,
year = {2021},
pages = {205--219},
}
@inproceedings{abdallah_morshed:_2021,
address = {Virtual Event Hong Kong},
title = {Morshed: {Guiding} {Behavioral} {Decision}-{Makers} towards {Better} {Security} {Investment} in {Interdependent} {Systems}},
isbn = {9781450382878},
shorttitle = {Morshed},
url = {https://dl.acm.org/doi/10.1145/3433210.3437534},
doi = {10.1145/3433210.3437534},
language = {en},
urldate = {2023-03-23},
booktitle = {Proceedings of the 2021 {ACM} {Asia} {Conference} on {Computer} and {Communications} {Security}},
publisher = {ACM},
author = {Abdallah, Mustafa and Woods, Daniel and Naghizadeh, Parinaz and Khalil, Issa and Cason, Timothy and Sundaram, Shreyas and Bagchi, Saurabh},
month = may,
year = {2021},
pages = {378--392},
}
@inproceedings{abdallah_tasharok:_2022,
address = {San Francisco, CA, USA},
title = {{TASHAROK}: {Using} {Mechanism} {Design} for {Enhancing} {Security} {Resource} {Allocation} in {Interdependent} {Systems}},
isbn = {9781665413169},
shorttitle = {{TASHAROK}},
url = {https://ieeexplore.ieee.org/document/9833591/},
doi = {10.1109/SP46214.2022.9833591},
urldate = {2023-03-23},
booktitle = {2022 {IEEE} {Symposium} on {Security} and {Privacy} ({SP})},
publisher = {IEEE},
author = {Abdallah, Mustafa and Woods, Daniel and Naghizadeh, Parinaz and Khalil, Issa and Cason, Timothy and Sundaram, Shreyas and Bagchi, Saurabh},
month = may,
year = {2022},
pages = {249--266},
}
@article{choo_devicewatch:_2023,
title = {{DeviceWatch}: {A} {Data}-{Driven} {Network} {Analysis} {Approach} to {Identifying} {Compromised} {Mobile} {Devices} with {Graph}-{Inference}},
volume = {26},
issn = {2471-2566, 2471-2574},
shorttitle = {{DeviceWatch}},
url = {https://dl.acm.org/doi/10.1145/3558767},
doi = {10.1145/3558767},
abstract = {We propose to identify compromised mobile devices from a network administrator’s point of view. Intuitively, inadvertent users (and thus their devices) who download apps through untrustworthy markets are often lured to install malicious apps through in-app advertisements or phishing. We thus hypothesize that devices sharing similar apps would have a similar likelihood of being compromised, resulting in an association between a compromised device and its apps. We propose to leverage such associations to identify unknown compromised devices using the guilt-by-association principle. Admittedly, such associations could be relatively weak as it is hard, if not impossible, for an app to automatically download and install other apps without explicit user initiation. We describe how we can magnify such associations by carefully choosing parameters when applying graph-based inferences. We empirically evaluate the effectiveness of our approach on real datasets provided by a major mobile service provider. Specifically, we show that our approach achieves nearly 98\%
AUC (area under the ROC curve)
and further detects as many as 6 {\textasciitilde} 7 times of new compromised devices not covered by the ground truth by expanding the limited knowledge on known devices. We show that the newly detected devices indeed present undesirable behavior in terms of leaking private information and accessing risky IPs and domains. We further conduct in-depth analysis of the effectiveness of graph inferences to understand the unique structure of the associations between mobile devices and their apps, and its impact on graph inferences, based on which we propose how to choose key parameters.},
language = {en},
number = {1},
urldate = {2023-03-26},
journal = {ACM Transactions on Privacy and Security},
author = {Choo, Euijin and Nabeel, Mohamed and Alsabah, Mashael and Khalil, Issa and Yu, Ting and Wang, Wei},
month = feb,
year = {2023},
pages = {1--32},
}
@inproceedings{thirumuruganathan_siraj:_2022,
address = {San Francisco, CA, USA},
title = {{SIRAJ}: {A} {Unified} {Framework} for {Aggregation} of {Malicious} {Entity} {Detectors}},
isbn = {9781665413169},
shorttitle = {{SIRAJ}},
url = {https://ieeexplore.ieee.org/document/9833725/},
doi = {10.1109/SP46214.2022.9833725},
urldate = {2023-03-26},
booktitle = {2022 {IEEE} {Symposium} on {Security} and {Privacy} ({SP})},
publisher = {IEEE},
author = {Thirumuruganathan, Saravanan and Nabeel, Mohamed and Choo, Euijin and Khalil, Issa and Yu, Ting},
month = may,
year = {2022},
pages = {507--521},
}
@inproceedings{alsabah_content-agnostic_2022,
address = {Limassol Cyprus},
title = {Content-{Agnostic} {Detection} of {Phishing} {Domains} using {Certificate} {Transparency} and {Passive} {DNS}},
isbn = {9781450397049},
url = {https://dl.acm.org/doi/10.1145/3545948.3545958},
doi = {10.1145/3545948.3545958},
language = {en},
urldate = {2023-03-26},
booktitle = {25th {International} {Symposium} on {Research} in {Attacks}, {Intrusions} and {Defenses}},
publisher = {ACM},
author = {AlSabah, Mashael and Nabeel, Mohamed and Boshmaf, Yazan and Choo, Euijin},
month = oct,
year = {2022},
pages = {446--459},
}
@inproceedings{vidyakeerthi_demo:_2022,
address = {Virtual Event, Lyon France},
title = {Demo: {PhishChain}: {A} {Decentralized} and {Transparent} {System} to {Blacklist} {Phishing} {URLs}},
isbn = {9781450391306},
shorttitle = {Demo},
url = {https://dl.acm.org/doi/10.1145/3487553.3524235},
doi = {10.1145/3487553.3524235},
language = {en},
urldate = {2023-03-26},
booktitle = {Companion {Proceedings} of the {Web} {Conference} 2022},
publisher = {ACM},
author = {Vidyakeerthi, Shehan and Nabeel, Mohamed and Elvitigala, Charith and Keppitiyagama, Chamath},
month = apr,
year = {2022},
pages = {286--289},
}
@article{nabeel_following_2020,
title = {Following {Passive} {DNS} {Traces} to {Detect} {Stealthy} {Malicious} {Domains} {Via} {Graph} {Inference}},
volume = {23},
issn = {2471-2566, 2471-2574},
url = {https://dl.acm.org/doi/10.1145/3401897},
doi = {10.1145/3401897},
abstract = {Malicious domains, including phishing websites, spam servers, and command and control servers, are the reason for many of the cyber attacks nowadays. Thus, detecting them in a timely manner is important to not only identify cyber attacks but also take preventive measures. There has been a plethora of techniques proposed to detect malicious domains by analyzing Domain Name System (DNS) traffic data. Traditionally, DNS acts as an Internet miscreant’s best friend, but we observe that the subtle traces in DNS logs left by such miscreants can be used against them to detect malicious domains. Our approach is to build a set of domain graphs by connecting “related” domains together and injecting known malicious and benign domains into these graphs so that we can make inferences about the other domains in the domain graphs. A key challenge in building these graphs is how to accurately identify related domains so that incorrect associations are minimized and the number of domains connected from the dataset is maximized. Based on our observations, we first train two classifiers and then devise a set of association rules that assist in linking domains together. We perform an in-depth empirical analysis of the graphs built using these association rules on passive DNS data and show that our techniques can detect many more malicious domains than the state-of-the-art.},
language = {en},
number = {4},
urldate = {2023-03-26},
journal = {ACM Transactions on Privacy and Security},
author = {Nabeel, Mohamed and Khalil, Issa M. and Guan, Bei and Yu, Ting},
month = nov,
year = {2020},
pages = {1--36},
}
@inproceedings{xia_identifying_2021,
address = {Virtual Event USA},
title = {Identifying and {Characterizing} {COVID}-19 {Themed} {Malicious} {Domain} {Campaigns}},
isbn = {9781450381437},
url = {https://dl.acm.org/doi/10.1145/3422337.3447840},
doi = {10.1145/3422337.3447840},
language = {en},
urldate = {2023-03-26},
booktitle = {Proceedings of the {Eleventh} {ACM} {Conference} on {Data} and {Application} {Security} and {Privacy}},
publisher = {ACM},
author = {Xia, Pengcheng and Nabeel, Mohamed and Khalil, Issa and Wang, Haoyu and Yu, Ting},
month = apr,
year = {2021},
pages = {209--220},
}
@inproceedings{khalil_domain_2018,
address = {Tempe AZ USA},
title = {A {Domain} is only as {Good} as its {Buddies}: {Detecting} {Stealthy} {Malicious} {Domains} via {Graph} {Inference}},
isbn = {9781450356329},
shorttitle = {A {Domain} is only as {Good} as its {Buddies}},
url = {https://dl.acm.org/doi/10.1145/3176258.3176329},
doi = {10.1145/3176258.3176329},
language = {en},
urldate = {2023-03-26},
booktitle = {Proceedings of the {Eighth} {ACM} {Conference} on {Data} and {Application} {Security} and {Privacy}},
publisher = {ACM},
author = {Khalil, Issa M. and Guan, Bei and Nabeel, Mohamed and Yu, Ting},
month = mar,
year = {2018},
pages = {330--341},
}
@article{zhauniarovich_survey_2019,
title = {A {Survey} on {Malicious} {Domains} {Detection} through {DNS} {Data} {Analysis}},
volume = {51},
issn = {0360-0300, 1557-7341},
url = {https://dl.acm.org/doi/10.1145/3191329},
doi = {10.1145/3191329},
abstract = {Malicious domains are one of the major resources required for adversaries to run attacks over the Internet. Due to the important role of the Domain Name System (DNS), extensive research has been conducted to identify malicious domains based on their unique behavior reflected in different phases of the life cycle of DNS queries and responses. Existing approaches differ significantly in terms of intuitions, data analysis methods as well as evaluation methodologies. This warrants a thorough systematization of the approaches and a careful review of the advantages and limitations of every group.
In this article, we perform such an analysis. To achieve this goal, we present the necessary background knowledge on DNS and malicious activities leveraging DNS. We describe a general framework of malicious domain detection techniques using DNS data. Applying this framework, we categorize existing approaches using several orthogonal viewpoints, namely (1) sources of DNS data and their enrichment, (2) data analysis methods, and (3) evaluation strategies and metrics. In each aspect, we discuss the important challenges that the research community should address in order to fully realize the power of DNS data analysis to fight against attacks leveraging malicious domains.},
language = {en},
number = {4},
urldate = {2023-03-26},
journal = {ACM Computing Surveys},
author = {Zhauniarovich, Yury and Khalil, Issa and Yu, Ting and Dacier, Marc},
month = jul,
year = {2019},
pages = {1--36},
}
@inproceedings{khalil_discovering_2016,
address = {Xi'an China},
title = {Discovering {Malicious} {Domains} through {Passive} {DNS} {Data} {Graph} {Analysis}},
isbn = {9781450342339},
url = {https://dl.acm.org/doi/10.1145/2897845.2897877},
doi = {10.1145/2897845.2897877},
language = {en},
urldate = {2023-03-26},
booktitle = {Proceedings of the 11th {ACM} on {Asia} {Conference} on {Computer} and {Communications} {Security}},
publisher = {ACM},
author = {Khalil, Issa and Yu, Ting and Guan, Bei},
month = may,
year = {2016},
pages = {663--674},
}
@inproceedings{he_eosafe:_2021,
title = {\{{EOSAFE}\}: {Security} {Analysis} of \{{EOSIO}\} {Smart} {Contracts}},
isbn = {9781939133243},
shorttitle = {\{{EOSAFE}\}},
url = {https://www.usenix.org/conference/usenixsecurity21/presentation/he-ningyu},
language = {en},
urldate = {2023-03-26},
author = {He, Ningyu and Zhang, Ruiyi and Wang, Haoyu and Wu, Lei and Luo, Xiapu and Guo, Yao and Yu, Ting and Jiang, Xuxian},
year = {2021},
pages = {1271--1288},
}
@inproceedings{boshmaf_investigating_2020,
address = {Taipei Taiwan},
title = {Investigating {MMM} {Ponzi} {Scheme} on {Bitcoin}},
isbn = {9781450367509},
url = {https://dl.acm.org/doi/10.1145/3320269.3384719},
doi = {10.1145/3320269.3384719},
language = {en},
urldate = {2023-03-26},
booktitle = {Proceedings of the 15th {ACM} {Asia} {Conference} on {Computer} and {Communications} {Security}},
publisher = {ACM},
author = {Boshmaf, Yazan and Elvitigala, Charitha and Al Jawaheri, Husam and Wijesekera, Primal and Al Sabah, Mashael},
month = oct,
year = {2020},
pages = {519--530},
}
@article{jawaheri_deanonymizing_2020,
title = {Deanonymizing {Tor} hidden service users through {Bitcoin} transactions analysis},
volume = {89},
issn = {01674048},
url = {https://linkinghub.elsevier.com/retrieve/pii/S0167404818309908},
doi = {10.1016/j.cose.2019.101684},
language = {en},
urldate = {2023-03-26},
journal = {Computers \& Security},
author = {Jawaheri, Husam Al and Sabah, Mashael Al and Boshmaf, Yazan and Erbad, Aiman},
month = feb,
year = {2020},
pages = {101684},
}
@misc{boshmaf_blocktag:_2019,
title = {{BlockTag}: {Design} and applications of a tagging system for blockchain analysis},
shorttitle = {{BlockTag}},
url = {http://arxiv.org/abs/1809.06044},
abstract = {Annotating blockchains with auxiliary data is useful for many applications. For example, e-crime investigations of illegal Tor hidden services, such as Silk Road, often involve linking Bitcoin addresses, from which money is sent or received, to user accounts and related online activities. We present BlockTag, an open-source tagging system for blockchains that facilitates such tasks. We describe BlockTag's design and present three analyses that illustrate its capabilities in the context of privacy research and law enforcement.},
urldate = {2023-03-26},
publisher = {arXiv},
author = {Boshmaf, Yazan and Jawaheri, Husam Al and Sabah, Mashael Al},
month = jul,
year = {2019},
note = {arXiv:1809.06044 [cs]},
keywords = {Computer Science - Cryptography and Security},
}
@article{altinisik_mitigation_2020,
title = {Mitigation of {H}.264 and {H}.265 {Video} {Compression} for {Reliable} {PRNU} {Estimation}},
volume = {15},
issn = {1556-6013, 1556-6021},
url = {https://ieeexplore.ieee.org/document/8854840/},
doi = {10.1109/TIFS.2019.2945190},
urldate = {2023-03-26},
journal = {IEEE Transactions on Information Forensics and Security},
author = {Altinisik, Enes and Tasdemir, Kasim and Sencar, Husrev Taha},
year = {2020},
pages = {1557--1571},
}
@article{altinisik_prnu_2021,
title = {{PRNU} {Estimation} from {Encoded} {Videos} {Using} {Block}-{Based} {Weighting}},
volume = {33},
issn = {2470-1173},
url = {https://library.imaging.org/ei/articles/33/4/art00014},
doi = {10.2352/ISSN.2470-1173.2021.4.MWSF-338},
number = {4},
urldate = {2023-03-26},
journal = {Electronic Imaging},
author = {Altinisik, Enes and Tasdemir, Kasim and Sencar, Hüsrev Taha},
month = jan,
year = {2021},
pages = {338--1--338--7},
}
@article{altinisik_source_2021,
title = {Source {Camera} {Verification} for {Strongly} {Stabilized} {Videos}},
volume = {16},
issn = {1556-6013, 1556-6021},
url = {https://ieeexplore.ieee.org/document/9169924/},
doi = {10.1109/TIFS.2020.3016830},
urldate = {2023-03-26},
journal = {IEEE Transactions on Information Forensics and Security},
author = {Altinisik, Enes and Sencar, Husrev Taha},
year = {2021},
pages = {643--657},
}
@misc{altinisik_video_2022,
title = {Video {Source} {Characterization} {Using} {Encoding} and {Encapsulation} {Characteristics}},
url = {http://arxiv.org/abs/2201.02949},
abstract = {We introduce a new method for camera-model identification. Our approach combines two independent aspects of video file generation corresponding to video coding and media data encapsulation. To this end, a joint representation of the overall file metadata is developed and used in conjunction with a two-level hierarchical classification method. At the first level, our method groups videos into metaclasses considering several abstractions that represent high-level structural properties of file metadata. This is followed by a more nuanced classification of classes that comprise each metaclass. The method is evaluated on more than 20K videos obtained by combining four public video datasets. Tests show that a balanced accuracy of 91\% is achieved in correctly identifying the class of a video among 119 video classes. This corresponds to an improvement of 6.5\% over the conventional approach based on video file encapsulation characteristics. Furthermore, we investigate a setting relevant to forensic file recovery operations where file metadata cannot be located or are missing but video data is partially available. By estimating a partial list of encoding parameters from coded video data, we demonstrate that an identification accuracy of 57\% can be achieved in camera-model identification in the absence of any other file metadata.},
urldate = {2023-03-26},
publisher = {arXiv},
author = {Altinisik, Enes and Sencar, Husrev Taha and Tabaa, Diram},
month = aug,
year = {2022},
note = {arXiv:2201.02949 [cs]},
keywords = {Computer Science - Cryptography and Security, Computer Science - Multimedia},
}
@misc{altinisik_video_2022-1,
title = {Video {Source} {Characterization} {Using} {Encoding} and {Encapsulation} {Characteristics}},
url = {http://arxiv.org/abs/2201.02949},
abstract = {We introduce a new method for camera-model identification. Our approach combines two independent aspects of video file generation corresponding to video coding and media data encapsulation. To this end, a joint representation of the overall file metadata is developed and used in conjunction with a two-level hierarchical classification method. At the first level, our method groups videos into metaclasses considering several abstractions that represent high-level structural properties of file metadata. This is followed by a more nuanced classification of classes that comprise each metaclass. The method is evaluated on more than 20K videos obtained by combining four public video datasets. Tests show that a balanced accuracy of 91\% is achieved in correctly identifying the class of a video among 119 video classes. This corresponds to an improvement of 6.5\% over the conventional approach based on video file encapsulation characteristics. Furthermore, we investigate a setting relevant to forensic file recovery operations where file metadata cannot be located or are missing but video data is partially available. By estimating a partial list of encoding parameters from coded video data, we demonstrate that an identification accuracy of 57\% can be achieved in camera-model identification in the absence of any other file metadata.},
urldate = {2023-03-26},
publisher = {arXiv},
author = {Altinisik, Enes and Sencar, Husrev Taha and Tabaa, Diram},
month = aug,
year = {2022},
note = {arXiv:2201.02949 [cs]},
keywords = {Computer Science - Cryptography and Security, Computer Science - Multimedia},
}
@article{altinisik_automatic_2021,
title = {Automatic {Generation} of {H}.264 {Parameter} {Sets} to {Recover} {Video} {File} {Fragments}},
volume = {16},
issn = {1556-6013, 1556-6021},
url = {https://ieeexplore.ieee.org/document/9568891/},
doi = {10.1109/TIFS.2021.3118876},
urldate = {2023-03-26},
journal = {IEEE Transactions on Information Forensics and Security},
author = {Altinisik, Enes and Sencar, Husrev Taha},
year = {2021},
pages = {4857--4868},
}
@article{uzun_jpg$scraper$_2020,
title = {Jpg\${Scraper}\$ : {An} {Advanced} {Carver} for {JPEG} {Files}},
volume = {15},
issn = {1556-6013, 1556-6021},
shorttitle = {Jpg\${Scraper}\$},
url = {https://ieeexplore.ieee.org/document/8897606/},
doi = {10.1109/TIFS.2019.2953382},
urldate = {2023-03-26},
journal = {IEEE Transactions on Information Forensics and Security},
author = {Uzun, Erkam and Sencar, Husrev Taha},
year = {2020},
pages = {1846--1857},
}
@article{liu_adaptive_2022,
title = {An {Adaptive} {Black}-{Box} {Defense} {Against} {Trojan} {Attacks} ({TrojDef})},
issn = {2162-237X, 2162-2388},
url = {https://ieeexplore.ieee.org/document/9970402/},
doi = {10.1109/TNNLS.2022.3204283},
urldate = {2023-03-26},
journal = {IEEE Transactions on Neural Networks and Learning Systems},
author = {Liu, Guanxiong and Khreishah, Abdallah and Sharadgah, Fatima and Khalil, Issa},
year = {2022},
pages = {1--15},
}
@inproceedings{tran_heterogeneous_2022,
address = {Osaka, Japan},
title = {Heterogeneous {Randomized} {Response} for {Differential} {Privacy} in {Graph} {Neural} {Networks}},
isbn = {9781665480451},
url = {https://ieeexplore.ieee.org/document/10020501/},
doi = {10.1109/BigData55660.2022.10020501},
urldate = {2023-03-26},
booktitle = {2022 {IEEE} {International} {Conference} on {Big} {Data} ({Big} {Data})},
publisher = {IEEE},
author = {Tran, Khang and Lai, Phung and Phan, NhatHai and Khalil, Issa and Ma, Yao and Khreishah, Abdallah and Thai, My T. and Wu, Xintao},
month = dec,
year = {2022},
pages = {1582--1587},
}
@inproceedings{shen_finding_2022,
address = {Los Angeles CA USA},
title = {Finding {MNEMON}: {Reviving} {Memories} of {Node} {Embeddings}},
isbn = {9781450394505},
shorttitle = {Finding {MNEMON}},
url = {https://dl.acm.org/doi/10.1145/3548606.3559358},
doi = {10.1145/3548606.3559358},
language = {en},
urldate = {2023-03-26},
booktitle = {Proceedings of the 2022 {ACM} {SIGSAC} {Conference} on {Computer} and {Communications} {Security}},
publisher = {ACM},
author = {Shen, Yun and Han, Yufei and Zhang, Zhikun and Chen, Min and Yu, Ting and Backes, Michael and Zhang, Yang and Stringhini, Gianluca},
month = nov,
year = {2022},
pages = {2643--2657},
}
@inproceedings{sun_analyzing_2019,
address = {London United Kingdom},
title = {Analyzing {Subgraph} {Statistics} from {Extended} {Local} {Views} with {Decentralized} {Differential} {Privacy}},
isbn = {9781450367479},
url = {https://dl.acm.org/doi/10.1145/3319535.3354253},
doi = {10.1145/3319535.3354253},
language = {en},
urldate = {2023-03-26},
booktitle = {Proceedings of the 2019 {ACM} {SIGSAC} {Conference} on {Computer} and {Communications} {Security}},
publisher = {ACM},
author = {Sun, Haipei and Xiao, Xiaokui and Khalil, Issa and Yang, Yin and Qin, Zhan and Wang, Hui (Wendy) and Yu, Ting},
month = nov,
year = {2019},
pages = {703--717},
}
@inproceedings{liu_zk-gandef:_2019,
address = {Portland, OR, USA},
title = {{ZK}-{GanDef}: {A} {GAN} {Based} {Zero} {Knowledge} {Adversarial} {Training} {Defense} for {Neural} {Networks}},
isbn = {9781728100579},
shorttitle = {{ZK}-{GanDef}},
url = {https://ieeexplore.ieee.org/document/8809515/},
doi = {10.1109/DSN.2019.00021},
urldate = {2023-03-26},
booktitle = {2019 49th {Annual} {IEEE}/{IFIP} {International} {Conference} on {Dependable} {Systems} and {Networks} ({DSN})},
publisher = {IEEE},
author = {Liu, Guanxiong and Khalil, Issa and Khreishah, Abdallah},
month = jun,
year = {2019},
pages = {64--75},
}
@inproceedings{liu_using_2019,
address = {Portland, OR, USA},
title = {Using {Intuition} from {Empirical} {Properties} to {Simplify} {Adversarial} {Training} {Defense}},
isbn = {9781728130309},
url = {https://ieeexplore.ieee.org/document/8806015/},
doi = {10.1109/DSN-W.2019.00020},
urldate = {2023-03-26},
booktitle = {2019 49th {Annual} {IEEE}/{IFIP} {International} {Conference} on {Dependable} {Systems} and {Networks} {Workshops} ({DSN}-{W})},
publisher = {IEEE},
author = {Liu, Guanxiong and Khalil, Issa and Khreishah, Abdallah},
month = jun,
year = {2019},
pages = {58--61},
}
@inproceedings{liu_gandef:_2019,
address = {Cham},
series = {{IFIP} {Advances} in {Information} and {Communication} {Technology}},
title = {{GanDef}: {A} {GAN} {Based} {Adversarial} {Training} {Defense} for {Neural} {Network} {Classifier}},
isbn = {9783030223120},
shorttitle = {{GanDef}},
doi = {10.1007/978-3-030-22312-0_2},
abstract = {Machine learning models, especially neural network (NN) classifiers, are widely used in many applications including natural language processing, computer vision and cybersecurity. They provide high accuracy under the assumption of attack-free scenarios. However, this assumption has been defied by the introduction of adversarial examples – carefully perturbed samples of input that are usually misclassified. Many researchers have tried to develop a defense against adversarial examples; however, we are still far from achieving that goal. In this paper, we design a Generative Adversarial Net (GAN) based adversarial training defense, dubbed GanDef, which utilizes a competition game to regulate the feature selection during the training. We analytically show that GanDef can train a classifier so it can defend against adversarial examples. Through extensive evaluation on different white-box adversarial examples, the classifier trained by GanDef shows the same level of test accuracy as those trained by state-of-the-art adversarial training defenses. More importantly, GanDef-Comb, a variant of GanDef, could utilize the discriminator to achieve a dynamic trade-off between correctly classifying original and adversarial examples. As a result, it achieves the highest overall test accuracy when the ratio of adversarial examples exceeds 41.7\%.},
language = {en},
booktitle = {{ICT} {Systems} {Security} and {Privacy} {Protection}},
publisher = {Springer International Publishing},
author = {Liu, Guanxiong and Khalil, Issa and Khreishah, Abdallah},
editor = {Dhillon, Gurpreet and Karlsson, Fredrik and Hedström, Karin and Zúquete, André},
year = {2019},
keywords = {Neural network classifier, Generative Adversarial Net, Adversarial training defense},
pages = {19--32},
}
@inproceedings{qin_generating_2017,
address = {Dallas Texas USA},
title = {Generating {Synthetic} {Decentralized} {Social} {Graphs} with {Local} {Differential} {Privacy}},
isbn = {9781450349468},
url = {https://dl.acm.org/doi/10.1145/3133956.3134086},
doi = {10.1145/3133956.3134086},
language = {en},
urldate = {2023-03-26},
booktitle = {Proceedings of the 2017 {ACM} {SIGSAC} {Conference} on {Computer} and {Communications} {Security}},
publisher = {ACM},
author = {Qin, Zhan and Yu, Ting and Yang, Yin and Khalil, Issa and Xiao, Xiaokui and Ren, Kui},
month = oct,
year = {2017},
pages = {425--438},
}
@inproceedings{qin_heavy_2016,
address = {Vienna Austria},
title = {Heavy {Hitter} {Estimation} over {Set}-{Valued} {Data} with {Local} {Differential} {Privacy}},
isbn = {9781450341394},
url = {https://dl.acm.org/doi/10.1145/2976749.2978409},
doi = {10.1145/2976749.2978409},
language = {en},
urldate = {2023-03-26},
booktitle = {Proceedings of the 2016 {ACM} {SIGSAC} {Conference} on {Computer} and {Communications} {Security}},
publisher = {ACM},
author = {Qin, Zhan and Yang, Yin and Yu, Ting and Khalil, Issa and Xiao, Xiaokui and Ren, Kui},
month = oct,
year = {2016},
pages = {192--203},
}
@inproceedings{qin_heavy_2016-1,
address = {Vienna Austria},
title = {Heavy {Hitter} {Estimation} over {Set}-{Valued} {Data} with {Local} {Differential} {Privacy}},
isbn = {9781450341394},
url = {https://dl.acm.org/doi/10.1145/2976749.2978409},
doi = {10.1145/2976749.2978409},
language = {en},
urldate = {2023-03-26},
booktitle = {Proceedings of the 2016 {ACM} {SIGSAC} {Conference} on {Computer} and {Communications} {Security}},
publisher = {ACM},
author = {Qin, Zhan and Yang, Yin and Yu, Ting and Khalil, Issa and Xiao, Xiaokui and Ren, Kui},
month = oct,
year = {2016},
pages = {192--203},
}