• Publications
  • Influence
Detecting Automation of Twitter Accounts: Are You a Human, Bot, or Cyborg?
TLDR
This paper conducts a set of large-scale measurements with a collection of over 500,000 accounts and proposes a classification system that uses the combination of features extracted from an unknown user to determine the likelihood of being a human, bot, or cyborg on Twitter.
Detecting SYN flooding attacks
TLDR
A simple and robust mechanism that not only sets alarms upon detection of ongoing SYN flooding attacks, but also reveals the location of the flooding sources without resorting to expensive IP traceback.
Who is tweeting on Twitter: human, bot, or cyborg?
TLDR
This paper proposes a classification system that uses the combination of features extracted from an unknown user to determine the likelihood of being a human, bot or cyborg on Twitter and demonstrates the efficacy of the proposed classification system.
Hop-count filtering: an effective defense against spoofed DDoS traffic
TLDR
Hop-Count Filtering (HCF) can identify close to 90% of spoofed IP packets, and then discard them with little collateral damage, and is implemented and evaluated in the Linux kernel, demonstrating its benefits using experimental measurements.
You Are How You Touch: User Verification on Smartphones via Tapping Behaviors
TLDR
This work proposes a non-intrusive user verification mechanism to substantiate whether an authenticating user is the true owner of the smart phone or an impostor who happens to know the pass code.
An efficient user verification system via mouse movements
TLDR
A user verification system using mouse dynamics, which is both accurate and efficient enough for future usage, and uses much more fine-grained (point-by-point) angle-based metrics of mouse movements for user verification.
Whispers in the Hyper-space: High-speed Covert Channel Attacks in the Cloud
TLDR
This paper presents a novel covert channel attack that is capable of high-bandwidth and reliable data transmission in the cloud, and designs and implements a robust communication protocol, and demonstrates realistic covert channel attacks on various virtualized ×86 systems.
Detecting covert timing channels: an entropy-based approach
TLDR
This paper introduces a new entropy-based approach to detecting various covert timing channels based on the observation that the creation of a covert timing channel has certain effects on the entropy of the original process, and hence, a change in theropy of a process provides a critical clue for covert timingChannel detection.
High Fidelity Data Reduction for Big Data Security Dependency Analyses
TLDR
A new approach is proposed that exploits the dependency among system events to reduce the number of log entries while still supporting high-quality forensic analysis and can significantly reduce the size of system logs and improve the efficiency of forensic analysis without losing accuracy.
Defense Against Spoofed IP Traffic Using Hop-Count Filtering
TLDR
A novel filtering technique, called Hop-Count Filtering (HCF), is presented-which builds an accurate IP-to-hop-count (IP2HC) mapping table-to detect and discard spoofed IP packets.
...
...