Publications

Smoke Screener or Straight Shooter: Detecting Elite Sybil Attacks in User-Review Social Networks

September 20, 2017

Haizhong Zheng, Minhui Xue, Hao Lu, Shuang Hao, Haojin Zhu, Xiaohui Liang and Keith Ross.

Popular User-Review Social Networks (URSNs)-such as Dianping, Yelp, and Amazon-are often the targets of reputation attacks in which fake reviews are posted in order to boost or diminish the ratings of listed products and services. These attacks often emanate from a collection of accounts, called Sybils, which are collectively managed by a group of real users. A new advanced scheme, which we term elite Sybil attacks, recruits organically highly-rated accounts to generate seemingly-trustworthy and realistic-looking reviews. These elite Sybil accounts taken together form a large-scale sparsely-knit Sybil network for which existing Sybil fake-review defense systems are unlikely to succeed.

Linking Amplification DDoS Attacks to Booter Services

September 20, 2017

Johannes Krupp, Mohammad Karami, Christian Rossow, Damon McCoy and Michael Backes


We present techniques for attributing amplification DDoS attacks to the booter services that launched the attack. Our k-Nearest Neighbor (k-NN) classification algorithm is based on features that are characteristic for a DDoS service, such as the set of reflectors used by that service. This allows us to attribute DDoS attacks based on observations from honeypot amplifiers, augmented with training data from ground truth attack-to-services mappings we generated by subscribing to DDoS services and attacking ourselves in a controlled environment.

Enabling Extreme Energy Efficiency Via Timing Speculation for Deep Neural Network Accelerators

September 10, 2017

Jeff (Jun) Zhang, Zahra Ghodsi, Kartheek Rangineni and Siddharth Garg

Due to the success of deep neural networks (DNN) in achieving and surpassing state-of-the-art results for a range of machine learning applications, there is growing interest in the design of high-performance hardware accelerators for DNN execution. Further, as DNN hardware accelerators are increasingly being deployed in datacenters, accelerator power and energy efficiency have become key design metrics. In this paper, we seek to enhance the energy efficiency of high-performance systolic array based DNN accelerators, like the recently released Google TPU, using voltage underscaling based timing speculation, a powerful energy reduction technique that enables digital logic to execute below its nominal supply voltage.

Cognitive Connectivity Resilience in Multi-layer Remotely Deployed Mobile Internet of Things

September 2, 2017

Muhammad Junaid Farooq and Quanyan Zhu

Enabling the Internet of things in remote areas without traditional communication infrastructure requires a multi-layer network architecture. The devices in the overlay network are required to provide coverage to the underlay devices as well as to remain connected to other overlay devices. The coordination, planning, and design of such two-layer heterogeneous networks is an important problem to address. Moreover, the mobility of the nodes and their vulnerability to adversaries pose new challenges to the connectivity. For instance, the connectivity of devices can be affected by changes in the network, e.g., the mobility of the underlay devices or the unavailability of overlay devices due to failure or adversarial attacks.

Secure Randomized Checkpointing for Digital Microfluidic Biochips

August 31, 2017

Jack Tang, Mohamed Ibrahim,Krishnendu Chakrabarty and Ramesh Karri

Digital microfluidic biochips (DMFBs) integrated with processors and arrays of sensors form cyberphysical systems and consequently face a variety of unique, recently described security threats. It has been noted that techniques used for error recovery can provide some assurance of integrity when a cyberphysical DMFB is under attack. This work proposes the use of such hardware for security purposes through the randomization of checkpoints in both space and time, and provides design guidelines for designers of such systems. We define security metrics and present techniques for improving performance through static checkpoint maps, and describe performance trade-offs associated with static and random checkpoints.

BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain

August 22, 2017

Tianyu Gu, Brendan Dolan-Gavitt and Siddharth Garg

Deep learning-based techniques have achieved stateof-the-art performance on a wide variety of recognition and classification tasks. However, these networks are typically computationally expensive to train, requiring weeks of computation on many GPUs; as a result, many users outsource the training procedure to the cloud or rely on pre-trained models that are then fine-tuned for a specific task. In this paper we show that outsourced training introduces new security risks: an adversary can create a maliciously trained network (a backdoored neural network, or a BadNet) that has state-of-theart performance on the user’s training and validation samples, but behaves badly on specific attacker-chosen inputs.

A network framework for dynamic models of urban food, energy and water systems (FEWS)

August 22, 2017

Rae Zimmerman, Quanyan Zhu and Carolyn Dimitri

The urban food system addressed here centers on urban food processing, distribution and consumption (including food packaging and waste disposal) and as such addresses how food moves from processing and distribution centers to points of consumption and ultimately waste disposal within cities. The Food-Energy-Water Systems (FEWS) Nexus extends to and through urban boundaries. Energy and water resource use are vital along these routes and are interdependent with one another and with food processing in ways that differ from those in agricultural production systems outside urban boundaries. This paper addresses how the urban food system affects the intensity of energy and water resource use and how these interdependencies can be altered by abrupt changes or extreme events.

HIV-1-infected T-cells dynamics and prognosis: An evolutionary game model

August 21, 2017

Bahareh Khazaei, Javad Salimi Sartakhti, Mohammad Hossein Manshaei, Quanyan Zhu, Mehdi Sadeghi and Seyed Rasoul Mousavi

Understanding the dynamics of human immunodeficiency virus (HIV) is essential for depicting, developing, and investigating effective treatment strategies. HIV infects several types of immune cells, but its main target is to destroy helper T-cells. In the lymph nodes, the infected T-cells interact with each other and their environment to obtain more resources. According to infectivity and replicative capacity of T-cells in the HIV infection process, they can be divided into four phenotypes.

Detecting the Presence of ENF Signal in Digital Videos: A Superpixel-Based Approach

August 17, 2017

Saffet Vatansever, Ahmet Emer Dirik and Nasir Memon

Electrical network frequency (ENF) instantaneously fluctuates around its nominal value (50/60 Hz) due to a continuous disparity between generated power and consumed power. Consequently, luminous intensity of a mains-powered light source varies depending on ENF fluctuations in the grid network. Variations in the luminance over time can be captured from video recordings and ENF can be estimated through content analysis of these recordings. In ENF-based video forensics, it is critical to check whether a given video file is appropriate for this type of analysis. That is, if ENF signal is not present in a given video, it would be useless to apply ENF-based forensic analysis.

Backpage and Bitcoin: Uncovering Human Traffickers

August 17, 2017

Rebecca S. Portnoff, Danny Yuxing Huang, Periwinkle Doerfler, Sadia Afroz and Damon McCoy

Sites for online classified ads selling sex are widely used by human traffickers to support their pernicious business. The sheer quantity of ads makes manual exploration and analysis unscalable. In addition, discerning whether an ad is advertising a trafficked victim or a independent sex worker is a very difficult task. Very little concrete ground truth (i.e., ads definitively known to be posted by a trafficker) exists in this space. In this work, we develop tools and techniques that can be used separately and in conjunction to group sex ads by their true owner (and not the claimed author in the ad). Specifically, we develop a machine learning classifier that uses stylometry to distinguish between ads posted by the same vs. different authors with 96% accuracy.

Security features embedded in computer aided design (CAD) solid models for additive manufacturing

August 15, 2017

Fei Chen, Gary Mac, and Nikhil Gupta

The additive manufacturing (AM) process chain relies heavily on cloud based resources and software programs that are connected to the internet. Cybersecurity has become a major concern for cloud based resources. While network security is important and is the responsibility of the information technology departments of corporations, a second line of defense is necessary if the cybersecurity is breached and the computer aided design (CAD) files are stolen. The stolen CAD files can be used to print components in exactly the same quality as the original component. The present work aims at developing design features in CAD models that can be used for the purpose of security against counterfeiting.

CONGRESS: A Hybrid Reputation System for Coping with Rating Subjectivity

August 11, 2017

Yuan Liu, Jie Zhang, Quanyan Zhu and Xingwei Wang

In electronic commerce, buyers and sellers conduct transactions without physical interactions. In reputation systems, the trustworthiness of sellers is achieved by aggregating the ratings shared by other buyers with whom the sellers have ever conducted transactions. However, the ratings provided by buyers for evaluating the same seller could be diverse due to their different judgment criteria, which is referred as the subjectivity problem of reputation systems. It indicates that the ratings shared by some buyers may mislead other buyers with different personalities, making it challenging to aggregate the ratings properly in reputation systems.

PRNU-Based Camera Attribution from Multiple Seam-Carved Images

August 9, 2017

Samet Taspinar, Manoranjan Mohanty and Nasir Memon

Photo Response Non-Uniformity (PRNU) noisebased source attribution is a well known technique to verify the camera of an image or video. Researchers have proposed various countermeasures to prevent PRNU-based source camera attribution. Forced seam-carving is one such recently proposed counter forensics technique. This technique can disable PRNUbased source camera attribution by forcefully removing seams such that the size of most uncarved image blocks is less than 50 × 50 pixels. In this paper, we show that given multiple seamcarved images from the same camera, source attribution can still be possible even if the size of uncarved blocks in the image is less than the recommended size of 50 × 50 pixels.

A First Legislative Step in the IoT Security Battle

August 4, 2017

Lawfare-CCS

Randal Milch, Distinguished Fellow at the Center on Law and Security at NYU School of Law and the NYU Center for Cybersecurity, comments on the Internet of Things (IoT) Cybersecurity Improvements Act of 2017:

The bill seeks to use the federal government’s purchasing power to drive much-needed cybersecurity improvements in internet-connected devices. In addition, the bill would amend the Computer Fraud and Abuse Act and the Digital Millennium Copyright Act to encourage research on device vulnerabilities. These are important first steps in combating a large and growing menace from billions of poorly secured devices.

Large-Scale 3D Chips: Challenges and Solutions for Design Automation, Testing, and Trustworthy Integration

August 2, 2017

Johann Knechtel, Ozgur Sinanoglu, Ibrahim (Abe) M. Elfadel, Jens Lienig and Cliff C. N. Sze

Three-dimensional (3D) integration of electronic chips has been advocated by both industry and academia for many years. It is acknowledged as one of the most promising approaches to meet ever-increasing demands on performance, functionality, and power consumption. Furthermore, 3D integration has been shown to be most effective and efficient once large-scale integration is targeted for. However, a multitude of challenges has thus far obstructed the mainstream transition from “classical 2D chips” to such large-scale 3D chips.

Adaptive and Resilient Revenue Maximizing Resource Allocation and Pricing in Cloud Computing Environments

July 27, 2017

Muhammad Junaid Farooq, Quanyan Zhu

Cloud computing is becoming an essential component of modern computer and communication systems. The available resources at the cloud such as computing nodes, storage, databases, etc. are often packaged in the form of virtual machines (VMs) to be used by remotely located client applications for computational tasks. However, the cloud has a limited number of VMs available, which have to be efficiently utilized to generate higher productivity and subsequently generate maximum revenue. Client applications generate requests with computational tasks at random times with random complexity to be processed by the cloud.

Optimal Timing in Dynamic and Robust Attacker Engagement During Advanced Persistent Threats

July 25, 2017

Jeffrey Pawlick, Thi Thu Hang Nguyen, Quanyan Zhu

Advanced persistent threats (APTs) are stealthy attacks which make use of social engineering and deception to give adversaries insider access to networked systems. Against APTs, active defense technologies aim to create and exploit information asymmetry for defenders. In this paper, we study a scenario in which a powerful defender uses honeypots for active defense in order to observe an attacker who has penetrated the network. Rather than immediately eject the attacker, the defender may elect to gather information. We introduce a Markov decision process on a continuous state space in order to model the defender’s problem.

Quantitative Models of Imperfect Deception in Network Security using Signaling Games with Evidence

July 25, 2017

Jeffrey Pawlick and Quanyan Zhu

Deception plays a critical role in many interactions in communication and network security. Game-theoretic models called “cheap talk signaling games” capture the dynamic and information asymmetric nature of deceptive interactions. But signaling games inherently model undetectable deception. In this paper, we investigate a model of signaling games in which the receiver can detect deception with some probability. This model nests traditional signaling games and complete information Stack- elberg games as special cases. We present the pure strategy perfect Bayesian Nash equilibria of the game. Then we illustrate these analytical results with an application to active network defense.