CRII: SaTC: Identifying Emerging Threats in the Online Hacker Community for Proactive Cyber Threat Intelligence: A Diachronic Graph Convolutional Autoencoder Framework
CRII:SaTC:识别在线黑客社区中的新兴威胁以实现主动网络威胁情报:历时图卷积自动编码器框架
基本信息
- 批准号:2041770
- 负责人:
- 金额:$ 16万
- 依托单位:
- 依托单位国家:美国
- 项目类别:Standard Grant
- 财政年份:2020
- 资助国家:美国
- 起止时间:2020-07-08 至 2023-06-30
- 项目状态:已结题
- 来源:
- 关键词:
项目摘要
Hackers often target the information systems that underlie critical systems in domains ranging from finance to healthcare. The estimated cost of defending against and responding to hacking incidents currently runs at hundreds of billions of dollars annually. To reduce these costs, many organizations have aimed to develop timely, relevant, actionable, and shareable Cyber Threat Intelligence (CTI) about security and privacy threats to support cybersecurity decision-making. However, existing methods tend to react to known threats rather than proactively detecting emerging ones. One promising approach to proactive exploit detection is mining large, international, and rapidly evolving online hacker community platforms to detect emerging threats and key actors. To this end, this project aims to develop advanced, proactive CTI capabilities through (1) collecting large, dynamic datasets of hacker forum posts and (2) developing methods to analyze them to extract emerging threats, particularly malware, through a novel graph-based method for modeling text content. To achieve these goals, this project aims to develop a novel CTI framework designed to collect and identify emerging threats from multi-million record hacker forums. To address the problem of collecting large-scale and dynamic datasets, the team will develop advanced obfuscated crawling mechanisms that bypass automated collection countermeasures while requiring minimal human involvement. The data collected will be segmented into time spells and analyzed by a novel computational algorithm, the Diachronic Graph Convolutional Autoencoder (D-GCAE). D-GCAE is rooted in methods drawn from the diachronic linguistics, network science, text mining, and deep learning communities. In this project, D-GCAE will extract graph embeddings at each time spell, align embeddings, and analyze semantic shifts of hacker terminology to identify potential emerging threats. These tools will be evaluated against both state-of-the-art benchmarks proposed in computer science and related domains and through analysis of their outputs by leading CTI sharing organizations. The datasets and tools will also be disseminated for use by cybersecurity researchers, practitioners, and educators.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
黑客经常针对从金融到医疗保健等领域的关键系统的基础信息系统。目前,防御和应对黑客事件的估计成本每年高达数千亿美元。 为了降低这些成本,许多组织都致力于开发有关安全和隐私威胁的及时、相关、可操作和可共享的网络威胁情报(CTI),以支持网络安全决策。 然而,现有的方法往往对已知的威胁做出反应,而不是主动检测新出现的威胁。 一种有前途的主动利用检测方法是挖掘大型、国际化且快速发展的在线黑客社区平台,以检测新兴威胁和关键参与者。 为此,该项目旨在通过以下方式开发先进的主动CTI功能:(1)收集黑客论坛帖子的大型动态数据集;(2)开发分析方法,通过基于图形的新颖方法对文本内容进行建模,以提取新出现的威胁,特别是恶意软件。 为了实现这些目标,该项目旨在开发一个新的CTI框架,旨在收集和识别来自数百万记录黑客论坛的新威胁。 为了解决收集大规模和动态数据集的问题,该团队将开发先进的混淆爬行机制,绕过自动收集对策,同时需要最少的人工参与。 收集的数据将被分割成时间段,并通过一种新的计算算法,历时图卷积自动编码器(D-GCAE)进行分析。D-GCAE植根于历时语言学、网络科学、文本挖掘和深度学习社区的方法。 在这个项目中,D-GCAE将在每个时间段提取图形嵌入,对齐嵌入,并分析黑客术语的语义变化,以识别潜在的新兴威胁。 这些工具将根据计算机科学和相关领域提出的最先进的基准进行评估,并通过分析领先的计算机技术倡议共享组织的产出进行评估。该奖项反映了NSF的法定使命,并通过使用基金会的知识价值和更广泛的影响审查标准进行评估,被认为值得支持。
项目成果
期刊论文数量(11)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
A Deep Learning Approach for Recognizing Activity of Daily Living (ADL) for Senior Care: Exploiting Interaction Dependency and Temporal Patterns
- DOI:10.25300/misq/2021/15574
- 发表时间:2021-06
- 期刊:
- 影响因子:0
- 作者:Hongyi Zhu;Sagar Samtani;Randall A. Brown;Hsinchun Chen
- 通讯作者:Hongyi Zhu;Sagar Samtani;Randall A. Brown;Hsinchun Chen
Smart Vulnerability Assessment for Scientific Cyberinfrastructure: An Unsupervised Graph Embedding Approach
- DOI:10.1109/isi49825.2020.9280545
- 发表时间:2020-11
- 期刊:
- 影响因子:0
- 作者:Steven Ullman;Sagar Samtani;Ben Lazarine;Hongyi Zhu;Benjamin Ampel;Mark W. Patton;Hsinchun Chen
- 通讯作者:Steven Ullman;Sagar Samtani;Ben Lazarine;Hongyi Zhu;Benjamin Ampel;Mark W. Patton;Hsinchun Chen
Identifying Vulnerable GitHub Repositories and Users in Scientific Cyberinfrastructure: An Unsupervised Graph Embedding Approach
- DOI:10.1109/isi49825.2020.9280544
- 发表时间:2020-11
- 期刊:
- 影响因子:0
- 作者:Ben Lazarine;Sagar Samtani;Mark W. Patton;Hongyi Zhu;Steven Ullman;Benjamin Ampel;Hsinchun Chen
- 通讯作者:Ben Lazarine;Sagar Samtani;Mark W. Patton;Hongyi Zhu;Steven Ullman;Benjamin Ampel;Hsinchun Chen
Labeling Hacker Exploits for Proactive Cyber Threat Intelligence: A Deep Transfer Learning Approach
- DOI:10.1109/isi49825.2020.9280548
- 发表时间:2020-11
- 期刊:
- 影响因子:0
- 作者:Benjamin Ampel;Sagar Samtani;Hongyi Zhu;Steven Ullman;Hsinchun Chen
- 通讯作者:Benjamin Ampel;Sagar Samtani;Hongyi Zhu;Steven Ullman;Hsinchun Chen
Behavioral Biometrics for Continuous Authentication in the Internet-of-Things Era: An Artificial Intelligence Perspective
- DOI:10.1109/jiot.2020.3004077
- 发表时间:2020-09-01
- 期刊:
- 影响因子:10.6
- 作者:Liang, Yunji;Samtani, Sagar;Yu, Zhiwen
- 通讯作者:Yu, Zhiwen
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Sagar Samtani其他文献
An Escalated Eavesdropping Attack on Mobile Devices via Low-Resolution Vibration Signals
通过低分辨率振动信号对移动设备进行升级的窃听攻击
- DOI:
10.1109/tdsc.2022.3198934 - 发表时间:
2023-07 - 期刊:
- 影响因子:7.3
- 作者:
Yunji Liang;Yuchen Qin;Qi Li;Xiaokai Yan;Luwen Huangfu;Sagar Samtani;Bin Guo;Zhiwen Yu - 通讯作者:
Zhiwen Yu
Fostering Cybersecurity Big Data Research : A Case Study of the AZSecure Data System
促进网络安全大数据研究:AZSecure 数据系统案例研究
- DOI:
- 发表时间:
2017 - 期刊:
- 影响因子:0
- 作者:
Resha Shenandoah;Sagar Samtani;Mark W. Patton;Hsinchun Chen - 通讯作者:
Hsinchun Chen
Evading Anti-Phishing Models: A Field Note Documenting an Experience in the Machine Learning Security Evasion Competition 2022
规避反网络钓鱼模型:记录 2022 年机器学习安全规避竞赛经验的现场笔记
- DOI:
- 发表时间:
2023 - 期刊:
- 影响因子:0
- 作者:
Yang Gao;Benjamin Ampel;Sagar Samtani - 通讯作者:
Sagar Samtani
Benchmarking vulnerability scanners: An experiment on SCADA devices and scientific instruments
漏洞扫描仪基准测试:SCADA 设备和科学仪器的实验
- DOI:
- 发表时间:
2017 - 期刊:
- 影响因子:0
- 作者:
Malaka El;Emma McMahon;Sagar Samtani;Mark W. Patton;Hsinchun Chen - 通讯作者:
Hsinchun Chen
Understand your shady neighborhood: An approach for detecting and investigating hacker communities
了解您的可疑社区:检测和调查黑客社区的方法
- DOI:
10.1016/j.dss.2024.114271 - 发表时间:
2024 - 期刊:
- 影响因子:7.5
- 作者:
Dalyapraz Manatova;Charles DeVries;Sagar Samtani - 通讯作者:
Sagar Samtani
Sagar Samtani的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('Sagar Samtani', 18)}}的其他基金
CAREER: An Artificial Intelligence (AI)-enabled Analytics Perspective for Developing Proactive Cyber Threat Intelligence
职业:基于人工智能 (AI) 的分析视角,用于开发主动网络威胁情报
- 批准号:
2338479 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Continuing Grant
CRII: SaTC: Identifying Emerging Threats in the Online Hacker Community for Proactive Cyber Threat Intelligence: A Diachronic Graph Convolutional Autoencoder Framework
CRII:SaTC:识别在线黑客社区中的新兴威胁以实现主动网络威胁情报:历时图卷积自动编码器框架
- 批准号:
1850362 - 财政年份:2019
- 资助金额:
$ 16万 - 项目类别:
Standard Grant
相似海外基金
CRII: SaTC: Automated Knowledge Representation for IoT Cybersecurity Regulations
CRII:SaTC:物联网网络安全法规的自动化知识表示
- 批准号:
2348147 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Standard Grant
CRII: SaTC: Reliable Hardware Architectures Against Side-Channel Attacks for Post-Quantum Cryptographic Algorithms
CRII:SaTC:针对后量子密码算法的侧通道攻击的可靠硬件架构
- 批准号:
2348261 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Standard Grant
CRII: SaTC: Privacy vs. Accountability--Usable Deniability and Non-Repudiation for Encrypted Messaging Systems
CRII:SaTC:隐私与责任——加密消息系统的可用否认性和不可否认性
- 批准号:
2348181 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: CORE: Medium: Using Intelligent Conversational Agents to Empower Adolescents to be Resilient Against Cybergrooming
合作研究:SaTC:核心:中:使用智能会话代理使青少年能够抵御网络诱骗
- 批准号:
2330940 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Continuing Grant
CRII: SaTC: Evolving I/O Protocols for Confidential Computing
CRII:SaTC:用于机密计算的不断发展的 I/O 协议
- 批准号:
2348130 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Standard Grant
SaTC: CORE: Small: An evaluation framework and methodology to streamline Hardware Performance Counters as the next-generation malware detection system
SaTC:核心:小型:简化硬件性能计数器作为下一代恶意软件检测系统的评估框架和方法
- 批准号:
2327427 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Differentially Private SQL with flexible privacy modeling, machine-checked system design, and accuracy optimization
协作研究:SaTC:核心:中:具有灵活隐私建模、机器检查系统设计和准确性优化的差异化私有 SQL
- 批准号:
2317232 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Continuing Grant
CRII: SaTC: Enforcing Expressive Security Policies using Trusted Execution Environments
CRII:SaTC:使用可信执行环境执行表达性安全策略
- 批准号:
2348304 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Standard Grant
Collaborative Research: NSF-BSF: SaTC: CORE: Small: Detecting malware with machine learning models efficiently and reliably
协作研究:NSF-BSF:SaTC:核心:小型:利用机器学习模型高效可靠地检测恶意软件
- 批准号:
2338301 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Continuing Grant
CRII: SaTC: The Right to be Forgotten in Follow-ups of Machine Learning: When Privacy Meets Explanation and Efficiency
CRII:SaTC:机器学习后续中被遗忘的权利:当隐私遇到解释和效率时
- 批准号:
2348177 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Standard Grant