Full metadata
Title
Discovering and using patterns for countering security challenges
Description
Most existing security decisions for both defending and attacking are made based on some deterministic approaches that only give binary answers. Even though these approaches can achieve low false positive rate for decision making, they have high false negative rates due to the lack of accommodations to new attack methods and defense techniques. In this dissertation, I study how to discover and use patterns with uncertainty and randomness to counter security challenges. By extracting and modeling patterns in security events, I am able to handle previously unknown security events with quantified confidence, rather than simply making binary decisions. In particular, I cope with the following four real-world security challenges by modeling and analyzing with pattern-based approaches: 1) How to detect and attribute previously unknown shellcode? I propose instruction sequence abstraction that extracts coarse-grained patterns from an instruction sequence and use Markov chain-based model and support vector machines to detect and attribute shellcode; 2) How to safely mitigate routing attacks in mobile ad hoc networks? I identify routing table change patterns caused by attacks, propose an extended Dempster-Shafer theory to measure the risk of such changes, and use a risk-aware response mechanism to mitigate routing attacks; 3) How to model, understand, and guess human-chosen picture passwords? I analyze collected human-chosen picture passwords, propose selection function that models patterns in password selection, and design two algorithms to optimize password guessing paths; and 4) How to identify influential figures and events in underground social networks? I analyze collected underground social network data, identify user interaction patterns, and propose a suite of measures for systematically discovering and mining adversarial evidence. By solving these four problems, I demonstrate that discovering and using patterns could help deal with challenges in computer security, network security, human-computer interaction security, and social network security.
Date Created
2014
Contributors
- Zhao, Ziming (Author)
- Ahn, Gail-Joon (Thesis advisor)
- Yau, Stephen S. (Committee member)
- Huang, Dijiang (Committee member)
- Santanam, Raghu (Committee member)
- Arizona State University (Publisher)
Topical Subject
Resource Type
Extent
xiv, 181 p. : ill. (some col.)
Language
eng
Copyright Statement
In Copyright
Primary Member of
Peer-reviewed
No
Open Access
No
Handle
https://hdl.handle.net/2286/R.I.26801
Statement of Responsibility
by Ziming Zhao
Description Source
Viewed on January 7, 2015
Level of coding
full
Note
thesis
Partial requirement for: Ph.D., Arizona State University, 2014
bibliography
Includes bibliographical references (p. 169-181)
Field of study: Computer science
System Created
- 2014-12-01 07:00:44
System Modified
- 2021-08-30 01:32:31
- 3 years 2 months ago
Additional Formats