Scholarly Works, Computer Science
Permanent URI for this collection
Research articles, presentations, and other scholarship
Browse
Browsing Scholarly Works, Computer Science by Content Type "Presentation"
Now showing 1 - 12 of 12
Results Per Page
Sort Options
- Co-located Collaborative Play in Virtual Environments for Group Learning in MuseumsApostolellis, Panagiotis (ACM, 2014-06)Having witnessed the unexplored potential of co-located group collaboration in contemporary museums, the proposed research aims to identify which elements of collaborative virtual environments and serious games can be leveraged for an enhanced learning experience. Our hypothesis is that synchronous, co-located, group collaboration will afford greater learning compared to the conventional approaches. We developed C-OLiVE, an interactive virtual learning environment supporting tripartite group collaboration, which we are using as a test bed to respond to our research questions. In this paper, we discuss the proposed research which involves building and testing a conceptual framework and also suggesting a list of design guidelines for anyone interested in developing virtual environments for informal learning spaces.
- CrowdLayout: Crowdsourced Design and Evaluation of Biological Network VisualizationsSingh, Divit P.; Lisle, Lee; Murali, T. M.; Luther, Kurt (ACM, 2018-04)Biologists often perform experiments whose results generate large quantities of data, such as interactions between molecules in a cell, that are best represented as networks (graphs). To visualize these networks and communicate them in publications, biologists must manually position the nodes and edges of each network to reflect their real-world physical structure. This process does not scale well, and graph layout algorithms lack the biological underpinnings to offer a viable alternative. In this paper, we present CrowdLayout, a crowdsourcing system that leverages human intelligence and creativity to design layouts of biological network visualizations. CrowdLayout provides design guidelines, abstractions, and editing tools to help novice workers perform like experts. We evaluated CrowdLayout in two experiments with paid crowd workers and real biological network data, finding that crowds could both create and evaluate meaningful, high-quality layouts. We also discuss implications for crowdsourced design and network visualizations in other domains.
- A Declarative Approach to Hardening Services Against QoS VulnerabilitiesKwon, Young-Wo; Tilevich, Eli (IEEE, 2011)The Quality of Service (QoS) in a distributed service-oriented application can be negatively affected by a variety of factors. Network volatility, hostile exploits, poor service management, all can prevent a service-oriented application from delivering its functionality to the user. This paper puts forward a novel approach to improving the reliability, security, and availability of service-oriented applications. To counter service vulnerabilities, a special service detects vulnerabilities as they emerge at runtime, and then hardens the applications by dynamically deploying special components. The novelty of our approach lies in using a declarative framework to express both vulnerabilities and hardening strategies in a domain-specific language, independent of the service infrastructure in place. Thus, our approach will make it possible to harden serviceoriented applications in a disciplined and systematic fashion.
- Designing for Schadenfreude (or, how to express well-being and see if youʼre boring people)André, Paul; Schraefel, M.C.; Dix, Alan; White, Ryen W.; Bernstein, Michael; Luther, Kurt (ACM, 2010)This position paper presents two studies of content not normally expressed in status updates—well-being and status feedback—and considers how they may be processed, valued and used for potential quality-of-life benefits in terms of personal and social reflection and awareness. Do I Tweet Good? (poor grammar intentional) is a site investigating more nuanced forms of status feedback than current microblogging sites allow, towards understanding self-identity, reflection, and online perception. Healthii is a tool for sharing physical and emotional well-being via status updates, investigating concepts of self-reflection and social awareness. Together, these projects consider furthering the value of microblogging on two fronts: 1) refining the online personal/social networking experience, and 2) using the status update for enhancing the personal/social experience in the offline world, and considering how to leverage that online/offline split. We offer results from two different methods of study and target groups—one co-workers in an academic setting, the other followers on Twitter—to consider how microblogging can become more than just a communication medium if it facilitates these types of reflective practice.
- Detecting Malicious Landing Pages in Malware Distribution NetworksWang, Gang Alan; Stokes, Jack W.; Herley, Cormac; Felstead, David (IEEE, 2013-06)Drive-by download attacks attempt to compromise a victim’s computer through browser vulnerabilities. Often they are launched from Malware Distribution Networks (MDNs) consisting of landing pages to attract traffic, intermediate redirection servers, and exploit servers which attempt the compromise. In this paper, we present a novel approach to discovering the landing pages that lead to drive-by downloads. Starting from partial knowledge of a given collection of MDNs we identify the malicious content on their landing pages using multiclass feature selection. We then query the webpage cache of a commercial search engine to identify landing pages containing the same or similar content. In this way we are able to identify previously unknown landing pages belonging to already identified MDNs, which allows us to expand our understanding of the MDN. We explore using both a rule-based and classifier approach to identifying potentially malicious landing pages. We build both systems and independently verify using a high-interaction honeypot that the newly identified landing pages indeed attempt drive-by downloads. For the rule-based system 57%of the landing pages predicted as malicious are confirmed, and this success rate remains constant in two large trials spaced five months apart. This extends the known footprint of the MDNs studied by 17%. The classifier-based system is less successful, and we explore possible reasons.
- HOMER: An Interactive System for Home Based Stroke RehabilitationKelliher, Aisling; Choi, Jinwoo; Huang, Jia-Bin; Rikakis, Thanassis; Kitani, Kris (ACM, 2017)Delivering long term, unsupervised stroke rehabilitation in the home is a complex challenge that requires robust, low cost, scalable, and engaging solutions. We present HOMER, an interactive system that uses novel therapy artifacts, a computer vision approach, and a tablet interface to provide users with a flexible solution suitable for home based rehabilitation. HOMER builds on our prior work developing systems for lightly supervised rehabilitation use in the clinic, by identifying key features for functional movement analysis, adopting a simplified classification assessment approach, and supporting transferability of therapy outcomes to daily living experiences through the design of novel rehabilitation artifacts. A small pilot study with unimpaired subjects indicates the potential of the system in effectively assessing movement and establishing a creative environment for training.
- Keystroke-Dynamics Authentication Against Synthetic ForgeriesStefan, Deian; Yao, Danfeng (Daphne) (IEEE, 2010)We describe the use of keystroke-dynamics patterns for authentication and detecting infected hosts, and evaluate its robustness against forgery attacks. Specifically, we present a remote authentication framework called TUBA for monitoring a user’s typing patterns. We evaluate the robustness of TUBA through comprehensive experimental evaluation including two series of simulated bots. Support vector machine is used for classification. Our results based on 20 users’ keystroke data are reported. Our work shows that keystroke dynamics is robust against synthetic forgery attacks studied, where attacker draws statistical samples from a pool of available keystroke datasets other than the target. TUBA is particularly suitable for detecting extrusion in organizations and protecting the integrity of hosts in collaborative environments, as well as authentication.
- Man vs. Machine: Practical Adversarial Detection of Malicious Crowdsourcing WorkersGang, Wang; Wang, Tianyi; Zheng, Haitao; Zhao, Ben Y. (USENIX, 2014-08)Recent work in security and systems has embraced the use of machine learning (ML) techniques for identifying misbehavior, e.g. email spam and fake (Sybil) users in social networks. However, ML models are typically derived from fixed datasets, and must be periodically retrained. In adversarial environments, attackers can adapt by modifying their behavior or even sabotaging ML models by polluting training data. In this paper¹, we perform an empirical study of adversarial attacks against machine learning models in the context of detecting malicious crowdsourcing systems, where sites connect paying users with workers willing to carry out malicious campaigns. By using human workers, these systems can easily circumvent deployed security mechanisms, e.g. CAPTCHAs. We collect a dataset of malicious workers actively performing tasks on Weibo, China’s Twitter, and use it to develop MLbased detectors. We show that traditional ML techniques are accurate (95%–99%) in detection but can be highly vulnerable to adversarial attacks, including simple evasion attacks (workers modify their behavior) and powerful poisoning attacks (where administrators tamper with the training set). We quantify the robustness of ML classifiers by evaluating them in a range of practical adversarial models using ground truth data. Our analysis provides a detailed look at practical adversarial attacks on ML models, and helps defenders make informed decisions in the design and configuration of ML detectors.
- Personal Anomaly Detection and Smart-Phone SecurityXiong, Huijun; Yao, Danfeng (Daphne) (Virginia Tech, 2010-04-22)Mobile devices increasingly become the computing platform for networked applications such as Web and email. This development requires strong guarantees on the system integrity and data security of mobile devices against malicious software (malware in short). This work introduces a new personalized anomaly detection approach that is able to achieve host security by modeling and enforcing the legitimate behavior characteristics of a human user. Specifically, we identify characteristic human-user behaviors (namely application-level user inputs via keyboard and mouse), developing protocols for fine-grained traffic-input analysis, and preventing forgeries and attacks by malware. Our solution contains a combination of cryptographic techniques, correlation analysis, and hardware-based integrity measures. Our evaluation is done in computers with real-world and synthetic malware. The uniqueness of this personalized anomaly detection technique is that it allows computer security to be realized without the need for continually monitoring ever-changing malware patterns.
- Rapid Screening of Transformed Data Leaks with Efficient Algorithms and Parallel ComputingShu, Xiaokui; Zhang, Jing; Yao, Danfeng (Daphne); Feng, Wu-chun (ACM, 2015-03)The leak of sensitive data on computer systems poses a serious threat to organizational security. Organizations need to identify the exposure of sensitive data by screening the content in storage and transmission, i.e., to detect sensitive information being stored or transmitted in the clear. However, detecting the exposure of sensitive information is challenging due to data transformation in the content. Transformations (such as insertion, deletion) result in highly unpredictable leak patterns. Existing automata-based string matching algorithms are impractical for detecting transformed data leaks, because of its formidable complexity when modeling the required regular expressions. We design two new algorithms for detecting long and transformed data leaks. Our system achieves high detection accuracy in recognizing transformed leaks compared to the state-of-the-art inspection methods. We parallelize our prototype on graphics processing unit and demonstrate the strong scalability of our detection solution required by a sizable organization.
- Social Turing Tests: Crowdsourcing Sybil DetectionWang, Gang Alan; Mohanlal, Manish; Wilson, Christo; Wang, Xiao; Metzger, Miriam; Zheng, Haitao; Zhao, Ben Y. (Internet Society, 2013-02)As popular tools for spreading spam and malware, Sybils (or fake accounts) pose a serious threat to online communities such as Online Social Networks (OSNs). Today, sophisticated attackers are creating realistic Sybils that effectively befriend legitimate users, rendering most automated Sybil detection techniques ineffective. In this paper, we explore the feasibility of a crowdsourced Sybil detection system for OSNs. We conduct a large user study on the ability of humans to detect today’s Sybil accounts, using a large corpus of ground-truth Sybil accounts from the Facebook and Renren networks. We analyze detection accuracy by both “experts” and “turkers” under a variety of conditions, and find that while turkers vary significantly in their effectiveness, experts consistently produce near-optimal results. We use these results to drive the design of a multi-tier crowdsourcing Sybil detection system. Using our user study data, we show that this system is scalable, and can be highly effective either as a standalone system or as a complementary technique to current tools.
- User-Centric Dependence Analysis For Identifying Malicious Mobile AppsElish, Karim O.; Yao, Danfeng (Daphne); Ryder, Barbara G. (IEEE, 2012)This paper describes an efficient approach for identifying malicious Android mobile applications through specialized static program analysis. Our solution performs offline analysis and enforces the normal properties of legitimate dataflow patterns to identify programs that violate these properties. To demonstrate the feasibility of our user-centric dependence analysis, we implement a tool to generate a data dependence graph and perform preliminary evaluation to characterize both legitimate and malicious Android apps. Our preliminary results confirm our hypothesis on the differences in user-centric data dependence behaviors between legitimate and malicious apps.