A Sharper Sense of Self: Probabilistic Reasoning of Program Behaviors for Anomaly Detection with Context Sensitivity

Danfeng (Daphne) Yao’s paper was recently accepted to present at the IEEE DSN conference. The 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) will take place in Toulouse, France on June, 2016.

The work of Professor Yao, in collaboration with Kui Xu, Ke Tian and Barbara Ryder, presents a security monitoring system for ensuring the normal executions of complex programs and providing early detection of attacks. Their solution is based on hidden Markov model (HMM) and context-sensitive program analysis. This program-aware HMM model is new. It enables them to achieve unprecedented ultra-low false alarm rates in probabilistic program anomaly detection. Experiments show that their system has up to two orders of magnitude improvement of accuracy over state-of-the-art techniques on average. This project is supported by the Office of Naval Research.

Danfeng (Daphne) Yao is an associate professor and L-3 Faculty Fellow in the Department of Computer Science. The first author Kui Xu is a Ph.D. graduate from Dr. Yao’s group and is currently a security engineer at Amazon, Inc. Ke Tian is a third year Ph.D. student in Yao’s group. Ke Tian will intern at Qualcomm this summer researching on mobile malware detection. Barbara Ryder is the J. Byron Maupin Professor of Engineering and former CS department head.

 

Daphne Yao
Daphne Yao

 

CS_Barbara_Ryder
Barbara Ryder