Cyber Security Lab “AI for Cybersecurity” Initiative
We
classify our works into two groups: (1) using AI to solve cyber operation
challenges; (2) using AI to solve systems security challenges. Using AI to solve cyber operation challenges
|
Using AI to identify zero-day attack paths·
X. Sun, J. Dai, P. Liu,
A. Singhal, J. Yen, “Using Bayesian Networks for Probabilistic
Identification of Zero-day Attack Paths,” IEEE Transactions on
Information Forensics and Security, 2018.
·
X. Sun, J. Dai, P. Liu,
A. Singhal, J. Yen, “Using Bayesian Networks to Fuse Intrusion
Evidences and Detect Zero-day Attack Paths,” in Lingyu
Wang, Sushil Jajodia, and Anoop Singhal (Eds.), Network Security
Metrics, Springer LNCS, 2017.
·
Peng Xie,
Jason H Li, Xinming Ou,
Peng Liu and Renato Levy, “Using Bayesian Networks for Cyber Security
Analysis,” IEEE DSN, 2010.
Using AI to assist cyber operation data triaging·
Chen Zhong, John Yen,
Peng Liu, and Robert F. Erbacher. “Learning
from Experts’ Experience: Towards Automated Cyber Security Data
Triage,” IEEE Systems Journal, March 2019.
·
Cheng Zhong, et al.,
“A Cyber Security Data Triage Operation Retrieval System,” Computers
& Security Journal, 2018.
·
Chen Zhong, John Yen,
Peng Liu, Robert F. Erbacher and Christopher
Garneau. “Studying Analysts Data Triage Operations in Cyber Defense
Situational Analysis,” In Peng Liu, Sushil Jajodia, and Cliff Wang
(Eds.), Theory and Models for Cyber Situation Awareness, Springer
LNCS vol. 10030, 2017.
·
Chen Zhong, John Yen,
Peng Liu, and Robert F. Erbacher. “Automate
Cybersecurity Data Triage by Leveraging Human Analysts Cognitive
Process,” In Proc. IEEE International Conference on Intelligent
Data and Security (IEEE IDS), 2016.
·
C. Zhong, J. Yen, P.
Liu, R. Erbacher, R. Etoty,
and C. Garneau, “An Integrated Computer-Aided Cognitive Task Analysis
Method for Tracing Cyber-Attack Analysis Processes,” Proceedings
of the 2015 Symposium and Bootcamp on the Science of Security, ACM, 2015.
·
C. Zhong, D. Samuel, J.
Yen, P. Liu, R. Erbacher, S. Hutchinson, R. Etoty, H. Cam, and W. Glodek,
“RankAOH: Context-driven Similarity-based
Retrieval of Experiences in Cyber Analysis,” In Proceedings of
IEEE CogSIMA Conference, 2014.
Can cyber operations be made autonomous?·
C. Zhong, J. Yen, P.
Liu, “Can Cyber Operations Be Made Autonomous? An Answer from the
Situational Awareness Viewpoint,” In S. Jajodia, G. Cybenko, V. S.
Subrahmanian, V. Swarup, C. Wang, and M. Wellman (Eds.), Adaptive Autonomous
Secure Cyber Systems, Springer 2020
Using AI to solve systems security challenges
Survey paper·
Yoon-Ho Choi, Peng Liu,
Zitong Shang, Haizhou Wang, Zhilong Wang, Lan Zhang, Junwei Zhou and Qingtian
Zou. 2019. “Using Deep Learning to Solve Computer Security Challenges:
A Survey.” Cybersecurity, 2020
Handbook of use cases
·
Peng Liu, Tao Liu, Nanqing
Luo, Zitong Shang, Haizhou Wang, Zhilong Wang, Lan Zhang, and Qingtian Zou. AI for Cybersecurity: A Handbook of Use
Cases. 2022. https://www.amazon.com/gp/product/B09T3123RB,
Kindle edition. Using Deep Learning to identify zero-day vulnerabilities
·
Zhilong Wang, Li Yu, Suhang Wang, Peng Liu, “Spotting Silent
Buffer Overflows in Execution Trace through Graph Neural Network Assisted
Data Flow Analysis,” arXiv preprint arXiv:2102.10452, 2021
·
Z. Wang, H. Wang, H. Hu, P. Liu, “Identifying Non-Control
Security-Critical Data in Program Binaries with a Deep Neural Model,”
arXiv preprint arXiv:2108.12071, 2021
Using Deep Learning to detect ROP payloads·
H Wang, P Liu,
“Tackling Imbalanced Data in Cybersecurity with Transfer Learning: A
Case with ROP Payload Detection,” arXiv preprint arXiv:2105.02996,
2021 ·
X. Li, Z. Hu, H. Wang,
Y. Fu, P. Chen, M. Zhu, P. Liu, “DEEPRETURN: A Deep Neural Network Can
Learn How to Detect Previously-Unseen ROP Payloads without Using Any
Heuristics,” Journal of Computer Security, 2020
Using Deep Learning to detect network attacks·
Q. Zou, A. Singhal, X.
Sun, P. Liu, “Deep learning for detecting logic-flaw-exploiting network
attacks: An end-to-end approach,” Journal of Computer Security, 2022. (In press) Adversarial attacks against DNN malware scanners· Lan Zhang, P. Liu, Y. H. Choi, P. Chen, “Semantics-preserving Reinforcement Learning Attack Against Graph Neural Networks for Malware Detection,” IEEE TDSC, 2022. Reinforcement Learning for adaptive cyber defense· Z. Hu, P. Chen, M. Zhu, P. Liu, “A co-design adaptive defense scheme with bounded security damages against Heartbleed-like attacks,” IEEE Transactions on Information Forensics and Security, 2021. ·
Z. Hu, M. Zhu, P. Liu,
et al., “Adaptive Cyber Defense against Multi-stage Attacks using
Learning-based POMDP,” ACM Transactions on Privacy and Security,
2020.
·
Z. Hu, P. Chen, M. Zhu, P. Liu,
“Reinforcement Learning for Adaptive Cyber Defense against Zero-Day
Attacks,” In S. Jajodia, G. Cybenko, P. Liu, C. Wang, and M. Wellman
(Eds.), Adversarial and Uncertain Reasoning for Adaptive Cyber Defense,
Springer 2019.
·
Z. Hu, M. Zhu, P. Chen and P. Liu, “On
convergence rates of game theoretic reinforcement learning algorithms,”
Automatica, 2019.
·
Z. Hu, M. Zhu and P.
Liu, “Online algorithms for adaptive cyber defense on Bayesian attack
graphs,” Fourth ACM Workshop on Moving Target Defense, 2017.
Using Deep Learning to conduct anomaly detection·
Lun-Pin Yuan, Peng Liu, Sencun Zhu, “Recompose Event Sequences
vs. Predict Next Events: A Novel Anomaly Detection Approach for Discrete
Event Logs,” ACM Asia CCS, 2021.
Using data clustering to understand Android malware development phenomenon
·
Heqing Huang, et al.,
“A Large-scale Study of Android Malware Development Phenomenon on
Public Malware Submission and Scanning Platform,” IEEE
Transactions on Big Data, 2018.
|