Now showing items 1-20 of 24

    • The 2008 GTISC Security Summit - Emerging Cyber Security Threats 

      Ahamad, Mustaque; Goodman, Seymour E.; Rouland, Christopher Jay; Elder, Robert J., Jr.; Kwon, Mischel; Lee, Wenke; Moore, Morris; Noonan, Thomas E.; Ramsey, Jon; Ransome, James; Thompson, Heath (Georgia Institute of Technology, 2008-10-15)
      Welcome address by Mustaque Ahamad, Director, Georgia Tech Information Security Center, Professor, College of Computing. Opening remarks by Sy Goodman, Professor and Co-Director, Center for International Strategy, Technology, ...
    • Advanced Polymorphic Worms: Evading IDS by Blending in with Normal Traffic 

      Kolesnikov, Oleg; Lee, Wenke (Georgia Institute of Technology, 2005)
      Normal traffic can provide worms with a very good source of information to camouflage themselves. In this paper, we explore the concept of polymorphic worms that mutate based on normal traffic. We assume that a worm ...
    • Building data-centric security mechanisms for web applications 

      Mundada, Yogesh (Georgia Institute of Technology, 2016-04-08)
      Data loss from web applications at different points of compromise has become a major liability in recent years. Existing security guidelines, policies, and tools fail often, ostensibly for reasons stemming from blatant ...
    • CAREER: adaptive intrusion detection systems 

      Lee, Wenke (Georgia Institute of Technology, 2008-10-31)
    • Early detection of spam-related activity 

      Hao, Shuang (Georgia Institute of Technology, 2014-11-17)
      Spam, the distribution of unsolicited bulk email, is a big security threat on the Internet. Recent studies show approximately 70-90% of the worldwide email traffic—about 70 billion messages a day—is spam. Spam consumes ...
    • Emerging Cyber Threats Report for 2009 

      Ahamad, Mustaque; Amster, Dave; Barrett, Michael; Cross, Tom; Heron, George; Jackson, Don; King, Jeff; Lee, Wenke; Naraine, Ryan; Ollmann, Gunter; Ramsey, Jon; Schmidt, Howard A.; Traynor, Patrick (Georgia Institute of Technology, 2008-10-15)
      On October 15, 2008, the Georgia Tech Information Security Center (GTISC) hosted its annual summit on emerging security threats and countermeasures affecting the digital world. At the conclusion of the event, GTISC released ...
    • Empowering bystanders to facilitate Internet censorship measurement and circumvention 

      Burnett, Samuel Read (Georgia Institute of Technology, 2014-07-02)
      Free and open exchange of information on the Internet is at risk: more than 60 countries practice some form of Internet censorship, and both the number of countries practicing censorship and the proportion of Internet users ...
    • Evaluating Bluetooth as a Medium for Botnet Command and Control 

      Jain, Nehil; Lee, Wenke; Sangal, Samrit; Singh, Kapil; Traynor, Patrick (Georgia Institute of Technology, 2009)
      Malware targeting mobile phones is being studied with increasing interest by the research community. While such attention has previously focused on viruses and worms, many of which use near-field communications in order ...
    • Hardware Supported Anomaly Detection: down to the Control Flow Level 

      Zhang, Tao; Zhuang, Xiaotong; Pande, Santosh; Lee, Wenke (Georgia Institute of Technology, 2004-03-10)
      Modern computer systems are plagued with security flaws, making them vulnerable to various malicious attacks. Intrusion detection systems have been proposed to protect computer systems from unauthorized penetration. Detecting ...
    • I Own, I Provide, I Decide: Generalized User-Centric Access Control Framework for Web Applications 

      Singh, Kapil; Erete, Ikpeme; Lee, Wenke (Georgia Institute of Technology, 2010)
      With the rapid growth of Web 2.0 technologies, users are contributing more and more content on the Internet, in the form of user profiles, blogs, reviews, etc. With this increased sharing comes a pressing need for access ...
    • Improving detection and annotation of malware downloads and infections through deep packet inspection 

      Nelms, Terry Lee (Georgia Institute of Technology, 2016-01-14)
      Malware continues to be one of the primary tools employed by attackers. It is used in attacks ranging from click fraud to nation state espionage. Malware infects hosts over the network through drive-by downloads and social ...
    • An Information-Theoretic Measure of Intrusion Detection Capability 

      Gu, Guofei; Fogla, Prahlad; Dagon, David; Lee, Wenke; Skoric, Boris (Georgia Institute of Technology, 2005)
      A fundamental problem in intrusion detection is what metric(s) can be used to objectively evaluate an intrusion detection system (IDS) in terms of its ability to correctly classify events as normal or intrusion. In this ...
    • Leveraging Forensic Tools for Virtual Machine Introspection 

      Dolan-Gavitt, Brendan; Payne, Bryan; Lee, Wenke (Georgia Institute of Technology, 2011)
      Virtual machine introspection (VMI) has formed the basis of a number of novel approaches to security in recent years. Although the isolation provided by a virtualized environment provides improved security, software that ...
    • Mimesis Aegis: A Mimicry Privacy Shield 

      Lau, Billy; Chung, Simon; Song, Chengyu; Jang, Yeongjin; Lee, Wenke; Boldyreva, Alexandra (Georgia Institute of Technology, 2014-07)
      Users are increasingly storing, accessing, and exchanging data through public cloud services such as those provided by Google, Facebook, Apple, and Microsoft. Although users may want to have faith in cloud providers ...
    • Mitigating information manipulation 

      Xing, Xinyu (Georgia Institute of Technology, 2015-11-23)
      The advent of information services introduces many advantages, for example, in trade, production and services. While making important descisons today, people increasingly rely on the information gleaned from such services. ...
    • Preventing exploits against memory corruption vulnerabilities 

      Song, Chengyu (Georgia Institute of Technology, 2016-08-02)
      The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts toward building secure software, software systems of even modest complexity still routinely have serious vulnerabilities. More ...
    • Reinforcing the weakest link in cyber security: securing systems and software against attacks targeting unwary users 

      Lu, Long (Georgia Institute of Technology, 2013-06-27)
      Unwary computer users are often blamed as the weakest link on the security chain, for unknowingly facilitating incoming cyber attacks and jeopardizing the efforts to secure systems and networks. However, in my opinion, ...
    • Rotalumè: A Tool for Automatic Reverse Engineering of Malware Emulators 

      Sharif, Monirul I.; Lanzi, Andrea; Giffin, Jonathon; Lee, Wenke (Georgia Institute of Technology, 2009)
      Malware authors have recently begun using emulation technology to obfuscate their code. They convert native malware binaries into bytecode programs written in a randomly generated instruction set and paired with a ...
    • Simulating Internet Worms 

      Riley, George F.; Sharif, Monirul I.; Lee, Wenke (Georgia Institute of TechnologyInstitute of Electrical and Electronics Engineers, Inc., New York, 2004-10)
      The accurate and efficient modeling of Internet worms is a particularly challenging task for network simulation tools. The atypical and aggressive behavior of these worms can easily consume excessive resources, both ...
    • Towards secure web browsing on mobile devices 

      Amrutkar, Chaitrali Vijay (Georgia Institute of Technology, 2014-01-22)
      The Web is increasingly being accessed by portable, multi-touch wireless devices. Despite the popularity of platform-specific (native) mobile apps, a recent study of smartphone usage shows that more people (81%) browse the ...