CAREER: Graph-Based Security Analytics: New Algorithms, Robustness under Adversarial Settings, and Robustness Enhancements

职业：基于图的安全分析：新算法、对抗设置下的鲁棒性以及鲁棒性增强

• 批准号: 1937787
• 负责人: Neil Gong
• 金额: $ 37.11万
• 依托单位: Duke University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-07-01 至 2025-02-28
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1937787&HistoricalAwards=false
• 关键词: CAREER; Graph; Based; Security; Analytics

The goal of this project is to make graph-based security analytics practical and robust. General-purpose graph algorithms and graph-based machine learning methods have had some success when applied to a number of security problems ranging from detecting malicious websites and compromised devices in computer networks to detecting compromised or inauthentic accounts in social networks. However, because the existing methods are designed for generic contexts rather than for specific security problems, there is room to improve their performance in detecting bad actors in networks. Further, in security contexts, there is often a determined adversary trying to evade detection that general-purpose algorithms are not designed to consider, which makes them vulnerable to attack. This project will develop novel graph inference algorithms that consider unique characteristics of security problems, analyze the spectrum of possible attacks on such algorithms, define measures of their robustness against attack, and develop methods to improve their robustness. The project team will create and share datasets related to graph-based security analytics along with software that implements their algorithms and robustness measures with both industrial practitioners and other researchers. They will also mentor undergraduate and graduate students in the research, using the problems and data to support new college courses and Science, Technology, Engineering, and Mathematics (STEM) outreach activities for K-12 students.The work focuses on collective classification algorithms that simultaneously label all nodes in a network as malicious or benign. The first main research thrust involves advancing analytic techniques that combine random walk and loopy belief propagation-based algorithms through local rules that model the joint probabilities of a given node and its neighbors being malicious. To do this, the team will develop versions of the algorithms that relax assumptions that neighboring nodes have strong homophily, developing characterizations of neighboring nodes' relationships and creating novel Markov Random Field formulations that leverage these characterizations. The second research thrust will model the attack surface of collective classification algorithms, characterizing the goals and capabilities of attackers, the cost of evasive moves such as creating nodes or edges and generating network activity, and the effect of different goals, capabilities, and levels of evasion on the algorithms' performance. The third thrust will be to develop methods to identify such evasion by developing attacker-resistant link prediction algorithms and similarity metrics, then mitigate evasion efforts through developing local rule-based techniques that add noise to graphs in ways that confound attacks. The team will evaluate the metrics and algorithms on datasets from a number of domains, including malicious users in social networks, malicious URLs in the web graph, malicious domains embedded in domain name service redirects, and malicious orders in an e-commerce marketplace. These problems, and the associated datasets, will be integrated into an existing course on data-driven security and a new graduate seminar course on collective classification. Results from all activities will be used as cases and materials in both existing and new courses, as well as a K-12 summer program and cybersecurity competition organized around detecting malicious actors in networks.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

该项目的目标是使基于图的安全分析实用且强大。 通用图算法和基于图的机器学习方法在应用于从检测计算机网络中的恶意网站和受损设备到检测社交网络中的受损或不真实账户的许多安全问题时已经取得了一些成功。 然而，由于现有的方法是专为通用的情况下，而不是特定的安全问题，有空间来提高其性能检测网络中的不良行为者。 此外，在安全环境中，通常有一个坚定的对手试图逃避检测，通用算法的设计不考虑，这使得他们容易受到攻击。 该项目将开发新的图推理算法，考虑到安全问题的独特特征，分析对这些算法的可能攻击的频谱，定义其对攻击的鲁棒性的措施，并开发提高其鲁棒性的方法。 该项目团队将创建和共享与基于图形的安全分析相关的数据集，沿着软件，该软件可与行业从业者和其他研究人员实现其算法和鲁棒性措施。 他们还将指导研究中的本科生和研究生，利用问题和数据支持新的大学课程和K-12学生的科学，技术，工程和数学（STEM）外展活动。这项工作的重点是集体分类算法，同时将网络中的所有节点标记为恶意或良性。 第一个主要的研究重点涉及先进的分析技术，结合联合收割机随机游走和循环的信念传播为基础的算法，通过本地规则，模型的联合概率给定的节点和它的邻居是恶意的。 为此，该团队将开发算法的版本，放松相邻节点具有强同质性的假设，开发相邻节点关系的特征，并创建利用这些特征的新型马尔可夫随机场公式。 第二个研究重点将对集体分类算法的攻击面进行建模，描述攻击者的目标和能力、创建节点或边和生成网络活动等规避行动的成本，以及不同目标、能力和水平的影响。规避对算法性能的影响。 第三个重点将是通过开发抗攻击的链接预测算法和相似性度量来开发识别这种规避的方法，然后通过开发基于本地规则的技术来减轻规避工作，这些技术以混淆攻击的方式向图形添加噪声。 该团队将评估来自多个领域的数据集的指标和算法，包括社交网络中的恶意用户、网络图中的恶意URL、嵌入域名服务重定向中的恶意域名以及电子商务市场中的恶意订单。 这些问题和相关的数据集将被纳入现有的数据驱动安全课程和新的集体分类研究生研讨会课程。所有活动的结果将被用作现有课程和新课程的案例和材料，以及K-12夏季计划和围绕检测网络中的恶意行为者组织的网络安全竞赛。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估而被认为值得支持。

项目成果

Evading Watermark based Detection of AI-Generated Content

• DOI: 10.1145/3576915.3623189
• 发表时间: 2023-05
• 期刊: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security
• 作者: Zhengyuan Jiang;Jinghuai Zhang;N. Gong

Stealing Links from Graph Neural Networks

• 发表时间: 2020-05
• 期刊: ArXiv
• 作者: Xinlei He;Jinyuan Jia;M. Backes;N. Gong;Yang Zhang

Backdoor Attacks to Graph Neural Networks

• DOI: 10.1145/3450569.3463560
• 发表时间: 2020-06
• 期刊: Proceedings of the 26th ACM Symposium on Access Control Models and Technologies
• 作者: Zaixi Zhang;Jinyuan Jia;Binghui Wang;N. Gong

Certified Robustness of Community Detection against Adversarial Structural Perturbation via Randomized Smoothing

• DOI: 10.1145/3366423.3380029
• 发表时间: 2020-02
• 期刊: Proceedings of The Web Conference 2020
• 作者: Jinyuan Jia;Binghui Wang;Xiaoyu Cao;N. Gong

Certified Robustness of Graph Neural Networks against Adversarial Structural Perturbation

• DOI: 10.1145/3447548.3467295
• 发表时间: 2020-08
• 期刊: Proceedings of the 27th ACM SIGKDD Conference on Knowledge Discovery & Data Mining
• 作者: Binghui Wang;Jinyuan Jia;Xiaoyu Cao;N. Gong