CRII: SaTC: Identifying Emerging Threats in the Online Hacker Community for Proactive Cyber Threat Intelligence: A Diachronic Graph Convolutional Autoencoder Framework
CRII:SaTC:识别在线黑客社区中的新兴威胁以实现主动网络威胁情报:历时图卷积自动编码器框架
基本信息
- 批准号:2041770
- 负责人:
- 金额:$ 16万
- 依托单位:
- 依托单位国家:美国
- 项目类别:Standard Grant
- 财政年份:2020
- 资助国家:美国
- 起止时间:2020-07-08 至 2023-06-30
- 项目状态:已结题
- 来源:
- 关键词:
项目摘要
Hackers often target the information systems that underlie critical systems in domains ranging from finance to healthcare. The estimated cost of defending against and responding to hacking incidents currently runs at hundreds of billions of dollars annually. To reduce these costs, many organizations have aimed to develop timely, relevant, actionable, and shareable Cyber Threat Intelligence (CTI) about security and privacy threats to support cybersecurity decision-making. However, existing methods tend to react to known threats rather than proactively detecting emerging ones. One promising approach to proactive exploit detection is mining large, international, and rapidly evolving online hacker community platforms to detect emerging threats and key actors. To this end, this project aims to develop advanced, proactive CTI capabilities through (1) collecting large, dynamic datasets of hacker forum posts and (2) developing methods to analyze them to extract emerging threats, particularly malware, through a novel graph-based method for modeling text content. To achieve these goals, this project aims to develop a novel CTI framework designed to collect and identify emerging threats from multi-million record hacker forums. To address the problem of collecting large-scale and dynamic datasets, the team will develop advanced obfuscated crawling mechanisms that bypass automated collection countermeasures while requiring minimal human involvement. The data collected will be segmented into time spells and analyzed by a novel computational algorithm, the Diachronic Graph Convolutional Autoencoder (D-GCAE). D-GCAE is rooted in methods drawn from the diachronic linguistics, network science, text mining, and deep learning communities. In this project, D-GCAE will extract graph embeddings at each time spell, align embeddings, and analyze semantic shifts of hacker terminology to identify potential emerging threats. These tools will be evaluated against both state-of-the-art benchmarks proposed in computer science and related domains and through analysis of their outputs by leading CTI sharing organizations. The datasets and tools will also be disseminated for use by cybersecurity researchers, practitioners, and educators.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
黑客经常把从金融到医疗保健等领域关键系统的基础信息系统作为攻击目标。目前,每年用于防御和应对黑客事件的成本估计高达数千亿美元。为了降低这些成本,许多组织都致力于开发有关安全和隐私威胁的及时、相关、可操作和可共享的网络威胁情报(CTI),以支持网络安全决策。然而,现有的方法倾向于对已知的威胁做出反应,而不是主动检测新出现的威胁。一种有前景的主动漏洞检测方法是挖掘大型、国际和快速发展的在线黑客社区平台,以检测新出现的威胁和关键参与者。为此,该项目旨在通过(1)收集黑客论坛帖子的大型动态数据集和(2)开发分析方法来提取新出现的威胁,特别是恶意软件,通过一种新颖的基于图形的文本内容建模方法来开发先进的、主动的CTI功能。为了实现这些目标,该项目旨在开发一种新的CTI框架,旨在收集和识别来自数百万记录黑客论坛的新威胁。为了解决收集大规模和动态数据集的问题,该团队将开发先进的模糊爬行机制,绕过自动收集对策,同时需要最少的人工参与。收集到的数据将被分割成时间片段,并通过一种新的计算算法进行分析,即历时图卷积自编码器(D-GCAE)。D-GCAE根植于历时语言学、网络科学、文本挖掘和深度学习社区的方法。在本项目中,D-GCAE将在每次拼写时提取图嵌入,对齐嵌入,并分析黑客术语的语义变化,以识别潜在的新威胁。这些工具将根据计算机科学和相关领域提出的最先进的基准进行评估,并通过主要CTI共享组织对其产出进行分析。这些数据集和工具也将被网络安全研究人员、从业人员和教育工作者使用。该奖项反映了美国国家科学基金会的法定使命,并通过使用基金会的知识价值和更广泛的影响审查标准进行评估,被认为值得支持。
项目成果
期刊论文数量(11)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
A Deep Learning Approach for Recognizing Activity of Daily Living (ADL) for Senior Care: Exploiting Interaction Dependency and Temporal Patterns
- DOI:10.25300/misq/2021/15574
- 发表时间:2021-06
- 期刊:
- 影响因子:0
- 作者:Hongyi Zhu;Sagar Samtani;Randall A. Brown;Hsinchun Chen
- 通讯作者:Hongyi Zhu;Sagar Samtani;Randall A. Brown;Hsinchun Chen
Smart Vulnerability Assessment for Scientific Cyberinfrastructure: An Unsupervised Graph Embedding Approach
- DOI:10.1109/isi49825.2020.9280545
- 发表时间:2020-11
- 期刊:
- 影响因子:0
- 作者:Steven Ullman;Sagar Samtani;Ben Lazarine;Hongyi Zhu;Benjamin Ampel;Mark W. Patton;Hsinchun Chen
- 通讯作者:Steven Ullman;Sagar Samtani;Ben Lazarine;Hongyi Zhu;Benjamin Ampel;Mark W. Patton;Hsinchun Chen
Identifying Vulnerable GitHub Repositories and Users in Scientific Cyberinfrastructure: An Unsupervised Graph Embedding Approach
- DOI:10.1109/isi49825.2020.9280544
- 发表时间:2020-11
- 期刊:
- 影响因子:0
- 作者:Ben Lazarine;Sagar Samtani;Mark W. Patton;Hongyi Zhu;Steven Ullman;Benjamin Ampel;Hsinchun Chen
- 通讯作者:Ben Lazarine;Sagar Samtani;Mark W. Patton;Hongyi Zhu;Steven Ullman;Benjamin Ampel;Hsinchun Chen
Labeling Hacker Exploits for Proactive Cyber Threat Intelligence: A Deep Transfer Learning Approach
- DOI:10.1109/isi49825.2020.9280548
- 发表时间:2020-11
- 期刊:
- 影响因子:0
- 作者:Benjamin Ampel;Sagar Samtani;Hongyi Zhu;Steven Ullman;Hsinchun Chen
- 通讯作者:Benjamin Ampel;Sagar Samtani;Hongyi Zhu;Steven Ullman;Hsinchun Chen
Behavioral Biometrics for Continuous Authentication in the Internet-of-Things Era: An Artificial Intelligence Perspective
- DOI:10.1109/jiot.2020.3004077
- 发表时间:2020-09-01
- 期刊:
- 影响因子:10.6
- 作者:Liang, Yunji;Samtani, Sagar;Yu, Zhiwen
- 通讯作者:Yu, Zhiwen
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Sagar Samtani其他文献
An Escalated Eavesdropping Attack on Mobile Devices via Low-Resolution Vibration Signals
通过低分辨率振动信号对移动设备进行升级的窃听攻击
- DOI:
10.1109/tdsc.2022.3198934 - 发表时间:
2023-07 - 期刊:
- 影响因子:7.3
- 作者:
Yunji Liang;Yuchen Qin;Qi Li;Xiaokai Yan;Luwen Huangfu;Sagar Samtani;Bin Guo;Zhiwen Yu - 通讯作者:
Zhiwen Yu
Fostering Cybersecurity Big Data Research : A Case Study of the AZSecure Data System
促进网络安全大数据研究:AZSecure 数据系统案例研究
- DOI:
- 发表时间:
2017 - 期刊:
- 影响因子:0
- 作者:
Resha Shenandoah;Sagar Samtani;Mark W. Patton;Hsinchun Chen - 通讯作者:
Hsinchun Chen
Evading Anti-Phishing Models: A Field Note Documenting an Experience in the Machine Learning Security Evasion Competition 2022
规避反网络钓鱼模型:记录 2022 年机器学习安全规避竞赛经验的现场笔记
- DOI:
- 发表时间:
2023 - 期刊:
- 影响因子:0
- 作者:
Yang Gao;Benjamin Ampel;Sagar Samtani - 通讯作者:
Sagar Samtani
Benchmarking vulnerability scanners: An experiment on SCADA devices and scientific instruments
漏洞扫描仪基准测试:SCADA 设备和科学仪器的实验
- DOI:
- 发表时间:
2017 - 期刊:
- 影响因子:0
- 作者:
Malaka El;Emma McMahon;Sagar Samtani;Mark W. Patton;Hsinchun Chen - 通讯作者:
Hsinchun Chen
Motion Sensor-Based Prevention of Threats to Mobility for Senior Care: A Hidden Markov Model with Generative Adversarial Network (HMM-GAN) Approach
基于运动传感器的老年护理流动性威胁预防:采用生成对抗网络 (HMM-GAN) 方法的隐马尔可夫模型
- DOI:
- 发表时间:
- 期刊:
- 影响因子:4.9
- 作者:
Shuo Yu;Yidong Chai;Sagar Samtani;Hongyan Liu;Hsinchun Chen - 通讯作者:
Hsinchun Chen
Sagar Samtani的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('Sagar Samtani', 18)}}的其他基金
CAREER: An Artificial Intelligence (AI)-enabled Analytics Perspective for Developing Proactive Cyber Threat Intelligence
职业:基于人工智能 (AI) 的分析视角,用于开发主动网络威胁情报
- 批准号:
2338479 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Continuing Grant
CRII: SaTC: Identifying Emerging Threats in the Online Hacker Community for Proactive Cyber Threat Intelligence: A Diachronic Graph Convolutional Autoencoder Framework
CRII:SaTC:识别在线黑客社区中的新兴威胁以实现主动网络威胁情报:历时图卷积自动编码器框架
- 批准号:
1850362 - 财政年份:2019
- 资助金额:
$ 16万 - 项目类别:
Standard Grant
相似海外基金
CRII: SaTC: Automated Knowledge Representation for IoT Cybersecurity Regulations
CRII:SaTC:物联网网络安全法规的自动化知识表示
- 批准号:
2348147 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Standard Grant
CRII: SaTC: Reliable Hardware Architectures Against Side-Channel Attacks for Post-Quantum Cryptographic Algorithms
CRII:SaTC:针对后量子密码算法的侧通道攻击的可靠硬件架构
- 批准号:
2348261 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Standard Grant
CRII: SaTC: Privacy vs. Accountability--Usable Deniability and Non-Repudiation for Encrypted Messaging Systems
CRII:SaTC:隐私与责任——加密消息系统的可用否认性和不可否认性
- 批准号:
2348181 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Standard Grant
SaTC: CORE: Small: An evaluation framework and methodology to streamline Hardware Performance Counters as the next-generation malware detection system
SaTC:核心:小型:简化硬件性能计数器作为下一代恶意软件检测系统的评估框架和方法
- 批准号:
2327427 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Differentially Private SQL with flexible privacy modeling, machine-checked system design, and accuracy optimization
协作研究:SaTC:核心:中:具有灵活隐私建模、机器检查系统设计和准确性优化的差异化私有 SQL
- 批准号:
2317232 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Using Intelligent Conversational Agents to Empower Adolescents to be Resilient Against Cybergrooming
合作研究:SaTC:核心:中:使用智能会话代理使青少年能够抵御网络诱骗
- 批准号:
2330940 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Continuing Grant
CRII: SaTC: Evolving I/O Protocols for Confidential Computing
CRII:SaTC:用于机密计算的不断发展的 I/O 协议
- 批准号:
2348130 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Standard Grant
CRII: SaTC: Enforcing Expressive Security Policies using Trusted Execution Environments
CRII:SaTC:使用可信执行环境执行表达性安全策略
- 批准号:
2348304 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Standard Grant
Collaborative Research: NSF-BSF: SaTC: CORE: Small: Detecting malware with machine learning models efficiently and reliably
协作研究:NSF-BSF:SaTC:核心:小型:利用机器学习模型高效可靠地检测恶意软件
- 批准号:
2338301 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Continuing Grant
CRII: SaTC: The Right to be Forgotten in Follow-ups of Machine Learning: When Privacy Meets Explanation and Efficiency
CRII:SaTC:机器学习后续中被遗忘的权利:当隐私遇到解释和效率时
- 批准号:
2348177 - 财政年份:2024
- 资助金额:
$ 16万 - 项目类别:
Standard Grant