Learn More
Today's smartphone operating systems frequently fail to provide users with adequate control over and visibility into how third-party applications use their privacy-sensitive data. We address these shortcomings with TaintDroid, an efficient, systemwide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive(More)
Attackers routinely perform random portscans of IP addresses to find vulnerable servers to compromise. Network intrusion detection systems (NIDS) attempt to detect such behavior and flag these portscanners as malicious. An important need in such systems is prompt response: the sooner a NIDS detects malice, the lower the resulting damage. At the same time, a(More)
This paper presents a detailed analysis of traces of DNS and associated TCP traffic collected on the Internet links of the MIT Laboratory for Computer Science and the Korea Advanced Institute of Science and Technology (KAIST). The first part of the analysis details how clients at these institutions interact with the wide-area DNS system, focusing on(More)
The paper studies two types of events that often overload Web sites to a point when their services are degraded or disrupted entirely - flash events (FEs) and denial of service attacks (DoS). The former are created by legitimate requests and the latter contain malicious requests whose goal is to subvert the normal operation of the site. We study the(More)
Worm detection and response systems must act quickly to identify and quarantine scanning worms, as when left unchecked such worms have been able to infect the majority of vulnerable hosts on the Internet in a matter of minutes [9]. We present a hybrid approach to detecting scanning worms that integrates significant improvements we have made to two existing(More)
We examine two privacy controls for Android smartphones that empower users to run permission-hungry applications while protecting private data from being exfiltrated: (1) covertly substituting shadow data in place of data that the user wants to keep private, and (2) blocking network transmissions that contain data the user made available to the application(More)
We describe the design and implementation of Privacy Oracle, a system that reports on application leaks of user information via the network traffic that they send. Privacy Oracle treats each application as a black box, without access to either its internal structure or communication protocols. This means that it can be used over a broad range of(More)
In recent years, more than 200 viruses have been reported to use a peer-to-peer (P2P) file-sharing network as a propagation vector. Disguised as files that are frequently exchanged over P2P networks, these malicious programs infect the user's host if downloaded and opened, leaving their copies in the user's sharing folder for further propagation. Using a(More)
Increasingly, users access online services such as email, e-commerce, and social networking sites via 802.11-based wireless networks. As they do so, they expose a range of personal information such as their names, email addresses, and ZIP codes to anyone within broadcast range of the network. This paper presents results from an exploratory study that(More)