Cognitive Cybersecurity Intelligence (CCSI) Group Publications



2017

Android Malware Clustering through Malicious Payload Mining
Yuping Li, Jiyong Jang, Xin Hu, and Xinming Ou
Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2017


2016

Passive security intelligence to analyze the security risks of mobile/BYOD activities
Marc Ph. Stoecklin, Kapil Singh, Larry Koved, Xin Hu, Suresh N. Chari, Josyula R. Rao, Pau-Chen Cheng; Mihai Christodorescu, Reiner Sailer, Douglas L. Schales
IBM Journal of Research and Development 60(4), 2016

Security intelligence for industrial control systems
Andreas Amrein, Valentino Angeletti, Anton Beitler, Marcel Német, Micha Reiser, Simone Riccetti, Marc Ph. Stoecklin, Andreas Wespi
IBM Journal of Research and Development 60(4), 2016

Closing the loop: Network and in-host monitoring tandem for comprehensive cloud security visibility
Stefan Berger, Yangyi Chen, Xin Hu, Dimitrios Pendarakis, Josyula R. Rao, Reiner Sailer, Douglas L. Schales, Marc Ph. Stoecklin
IBM Journal of Research and Development 60(4), 2016

Security 360°: Enterprise security for the cognitive era
Josyula R. Rao, Suresh N. Chari, Dimitrios Pendarakis, Reiner Sailer, Marc Ph. Stoecklin, Wilfried Teiken, Andreas Wespi
IBM Journal of Research and Development 60(4), 2016

Scalable Analytics to Detect DNS Misuse for Establishing Stealthy Communication Channels
Douglas L. Schales, Jiyong Jang, Ting Wang, Xin Hu, Dhilung Kirat, Ben Wuest, Marc Ph. Stoecklin
IBM Journal of Research and Development 60(4), 2016

Scalable Malware Classification with Multifaceted Content Features and Threat Intelligence
Xin Hu, Jiyong Jang, Ting Wang, Zubair Ashraf, Marc Ph. Stoecklin, Dhilung Kirat
IBM Journal of Research and Development 60(4), 2016

BotMeter: Charting DGA-Botnet Landscapes in Large Networks
Ting Wang, Xin Hu, Jiyong Jang, Shouling Ji, Marc Ph. Stoecklin, and Teryl Taylor
Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS), 2016

BAYWATCH: Robust Beaconing Detection to Identify Infected Hosts in Large-Scale Enterprise Networks
Xin Hu, Jiyong Jang, Marc Ph. Stoecklin, Ting Wang, Douglas L. Schales, Dhilung Kirat, and Josyula R. Rao
Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2016

Detecting Malicious Exploit Kits using Tree-based Similarity Searches
Teryl Taylor, Xin Hu, Ting Wang, Jiyong Jang, Marc Ph. Stoecklin, Fabian Monrose, and Reiner Sailer
Proceedings of the ACM Conference on Data and Application Security and Privacy (CODASPY), 2016

Hunting for Invisibility: Characterizing and Detecting Malicious Web Infrastructures through Server Visibility Analysis
Jialong Zhang, Xin Hu, Jiyong Jang, Ting Wang, Guofei Gu, and Marc Ph. Stoecklin
Proceedings of the IEEE International Conference on Computer Communications (INFOCOM), 2016


2015

Indexing Earth Mover's Distance over Network Metrics
Ting Wang, Shicong Meng, and Jiang Bian
IEEE Transactions on Knowledge and Data Engineering (TKDE) 27(6), 1588-1601, 2015

SecGraph: A Uniform and Open-source Evaluation System for Graph Data Anonymization and De-anonymization
Shouling Ji, Weiqing Li, Prateek Mittal, Xin Hu, and Raheem Beyah
Proceedings of the 24th USENIX Security Symposium (USENIX Security), 2015

FCCE: Highly Scalable Distributed Feature Collection and Correlation Engine for Low Latency Big Data Analytics
Douglas L. Schales, Xin Hu, Jiyong Jang, Reiner Sailer, Marc Ph. Stoecklin, and Ting Wang
Proceedings of the IEEE International Conference on Data Engineering (ICDE), 2015

Rateless and Pollution-Attack-Resilient Network Coding
Wentao Huang, Ting Wang, Xin Hu, Jiyong Jang, and Theodoros Salonidis
Proceedings of the IEEE International Symposium on Information Theory (ISIT), 2015

Experimental Study of Fuzzy Hashing in Malware Clustering Analysis
Yuping Li, Sathya Chandran Sundaramurthy, Alexandru G. Bardas, Xinming Ou, Doina Caragea, Xin Hu, Jiyong Jang
Proceedings of the Workshop on Cyber Security Experimentation and Test (CSET), 2015

The Dropper Effect: Insights into Malware Distribution with Downloader Graph Analytics
Bum Jun Kwon, Jayanta Mondal, Jiyong Jang, Leyla Bilge, Tudor Dumitras
Proceedings of the ACM Conference on Computer and Communications Security (CCS), 2015


2014

Why Amazon's Ratings Might Mislead You? The Story of Herding Effects
Ting Wang and Dashun Wang
Big Data Journal (Big Data) 2(4), 196-204, 2014

Quantifying Herding Effects in Crowd Wisdom
Ting Wang, Dashun Wang, and Fei Wang
The 20th ACM SIGKDD Conference on Knowledge Discovery and Data Mining (KDD 14), 2014

On Exploiting Dynamic Execution Patterns for Workload Offloading in Mobile Cloud Applications
Wei Gao, Yong Li, Haoyang Lu, Ting Wang, and Cong Liu
The 22nd IEEE International Conference on Network Protocols (ICNP 14), 2014

Kaleido: Network Traffic Attribution using Multifaceted Footprinting
Ting Wang, Fei Wang, Douglas L. Schales, and Reiner Sailer
SIAM International Conference on Data Mining (SDM), 2014

FCCE: Highly Scalable Distributed Feature Collection and Correlation Engine for Low Latency Big Data Analytics
Douglas L. Schales, Xin Hu, Jiyong Jang, Reiner Sailer, Marc Ph. Stoecklin, and Ting Wang
IBM Research Report, RC25456, 2014

Rebuilding the Tower of Babel: Towards Cross-System Malware Information Sharing
Ting Wang, Shicong Meng, Wei Gao, and Xin Hu
Proceedings of the 23rd ACM International Conference on Information and Knowledge Management (CIKM '14), 2014

Stream Computing for Large-Scale, Multi-Channel Cyber Threat Analytics
Douglas L. Schales, Mihai Christodorescu, Xin Hu, Jiyong Jang, Josyula R. Rao, Reiner Sailer, Marc Ph. Stoecklin, Wietse Venema, and Ting Wang
Proceedings of the IEEE International Conference on Information Reuse and Integration (IRI), 2014

MUSE: Asset Risk Scoring in Enterprise Network with Mutually Reinforced Reputation Propagation
Xin Hu, Ting Wang, Marc Ph. Stoecklin, Douglas L. Schales, Jiyong Jang, and Reiner Sailer
EURASIP Journal on Information Security, 2014

Lightweight Authentication of Freshness in Outsourced Key-Value Stores
Yuzhe Tang, Ting Wang, Ling Liu, Xin Hu, and Jiyong Jang
Proceedings of the Annual Computer Security Applications Conference (ACSAC), 2014

Reconciling Malware Label Discrepancy via Consensus Learning
Ting Wang, Xin Hu, Shicong Meng, and Reiner Sailer
The 10th International Workshop on Information Integration on the Web (IIWeb'14) co-located with ICDE'14., 2014

Asset Risk Scoring in Enterprise Network with Mutually Reinforced Reputation Propagation
Xin Hu, Ting Wang, Marc Ph. Stoecklin, Douglas L. Schales, Jiyong Jang, and Reiner Sailer
Proceedings of the International Workshop on Cyber Crime (IWCC), 2014


2013

CloudLEGO: Scalable Cross-VM-Type Application Performance Prediction
Shicong Meng, Arun Iyengar, Ling Liu, Ting Wang, Jian Tan, Ignacio Silva-Lepe, and Isabelle Rouvellou
The 4th ACM Symposium on Cloud Computing (SoCC 13), 2013

LISA: Location information ScrAmbler for privacy protection on smartphones
Zhigang Chen, Xin Hu, Xiaoen Ju, Kang G Shin
Communications and Network Security (CNS), 2013 IEEE Conference on, pp. 296--304

DUET: integration of dynamic and static analyses for malware clustering with cluster ensembles
Xin Hu, Kang G Shin
Proceedings of the 29th Annual Computer Security Applications Conference (ACSAC'29), pp. 79--88, 2013

MutantX-S: Scalable Malware Clustering Based on Static Features
Xin Hu, Kang G Shin, Sandeep Bhatkar, Kent Griffin
Presented as part of the 2013 USENIX Annual Technical Conference (ATC'13), 187--198, USENIX

Practical Comprehensive Bounds on Surreptitious Communication Over DNS
Vern Paxson, Mihai Christodorescu, Mobin Javed Josyula Rao, Reiner Sailer, Douglas Schales, Marc Ph. Stoecklin, Kurt Thomas Wietse Venema, Nicholas Weaver
USENIX Security, 2013


2012

Design of SMS commanded-and-controlled and P2P-structured mobile botnets
Yuanyuan Zeng, Kang G Shin, Xin Hu
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks, pp. 137--148, 2012

Fine-Grained Access Control for Personal Data
Ting Wang, Mudhakar Srivatsa, and Ling Liu
The 17th ACM Symposium on Access Control Models and Technologies (SACMAT), 2012

Microscopic Social Influence
Ting Wang, Mudhakar Srivatsa, Dakshi Agrawal, and Ling Liu
Proceedings of the SIAM International Conference on Data Mining (SDM), 2012



2011

Stream Computing for Large-Scale, Multi-Channel Cyber Threat Analytics: Architecture, Implementation, Deployment, and Lessons Learned
Douglas L Schales, Mihai Christodorescu, Josyula R Rao, Reiner Sailer, Marc Ph Stoecklin, Wietse Venema
IBM Technical Report, IBM Research Report, 2011


2010

Synthesizing Near-Optimal Malware Specifications from Suspicious Behaviors
Matt Fredrikson, Mihai Christodorescu, Somesh Jha, Reiner Sailer, Xifeng Yan
Proceedings of the IEEE Symposium on Security and Privacy (Oakland), 2010



2009

Cloud security is not (just) virtualization security: a short paper
Mihai Christodorescu, Reiner Sailer, Douglas Lee Schales, Daniele Sgandurra, Diego Zamboni
Proceedings of the 2009 ACM workshop on Cloud computing security, pp. 97--102




Cognitive Security Analytics


Exploring the Security Knowledge Graph


Security Knowledge Graph