SaTC: CORE: Small: Securing Web-to-Mobile Interface Through Characterization and Detection of Malicious Deep Links

SaTC：核心：小型：通过恶意深层链接的表征和检测来保护 Web 到移动接口的安全

• 批准号: 1717028
• 负责人: Danfeng Yao
• 金额: $ 50万
• 依托单位: Virginia Polytechnic Institute and State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-08-01 至 2021-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1717028&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Securing; Web

With the wide adoption of mobile devices, mobile websites and applications (apps) have become the primary interfaces to access online content. Mobile deep-linking, a key mechanism to index mobile content, has been widely used to enable users to navigate across websites, search engines and mobile apps and become instrumental to improving users' online experience. Unfortunately, mobile deeplinks are designed without security in mind, which allows malicious apps or websites to launch stealthy attacks to hijack user clicks, steal sensitive information and perform phishing attacks. With more apps and websites deep-linked every day, this becomes an emerging security threat to a broad Internet population. This project is developing methodologies and usable tools to measure, analyze and secure mobile deeplinks in today's mobile-web ecosystem.To first understand the emerging security threat, the researchers are developing novel measurement frameworks to map out the empirical connections between mobile apps and the web by automatically extracting mobile deeplinks from the market-scale apps. In addition, the researchers are investigating automated techniques to detect deeplink-based abuse without relying on large-scale ground-truth data. One target approach is to construct deeplink graphs for apps and websites and explore detection techniques using semi-supervised learning and trust prorogation schemes. Finally, the researchers are developing analytics tools to extract context information from mobile deeplinks to enable intelligent alert systems to safeguard the deeplink usage. The researchers are investigating the tradeoffs between security and usability to design safer ways of using deeplinks without sacrificing the usability.

随着移动设备的广泛采用，移动网站和应用程序（应用程序）已成为访问在线内容的主要界面。移动深度链接是索引移动内容的关键机制，已被广泛用于使用户能够跨网站、搜索引擎和移动应用程序进行导航，并有助于改善用户的在线体验。不幸的是，移动深度链接的设计没有考虑到安全性，这使得恶意应用程序或网站可以发起隐秘攻击，劫持用户点击、窃取敏感信息并执行网络钓鱼攻击。随着每天都有越来越多的应用程序和网站深度链接，这已成为对广大互联网人群的新兴安全威胁。该项目正在开发方法和可用工具来测量、分析和保护当今移动网络生态系统中的移动深度链接。为了首先了解新兴的安全威胁，研究人员正在开发新颖的测量框架来绘制移动应用程序与网络之间的经验联系通过从市场规模的应用程序中自动提取移动深度链接。此外，研究人员正在研究自动化技术来检测基于深度链接的滥用，而无需依赖大规模的地面实况数据。一种目标方法是为应用程序和网站构建深度链接图，并使用半监督学习和信任延长方案探索检测技术。最后，研究人员正在开发分析工具，以从移动深度链接中提取上下文信息，以使智能警报系统能够保护深度链接的使用。研究人员正在研究安全性和可用性之间的权衡，以设计更安全的方式来使用深度链接而不牺牲可用性。

项目成果

Throwing Darts in the Dark? Detecting Bots with Limited Data using Neural Data Augmentation

• DOI: 10.1109/sp40000.2020.00079
• 发表时间: 2020-01-01
• 期刊: 2020 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP 2020)
• 作者: Jan, Steve T. K.;Hao, Qingying;Viswanath, Bimal
• 通讯作者: Viswanath, Bimal

Measuring and Modeling the Label Dynamics of Online Anti-Malware Engines

• 发表时间: 2020
• 作者: Shuofei Zhu;J. Shi;Limin Yang;Boqin Qin;Ziyi Zhang;Linhai Song;Gang Wang

Security Certification in Payment Card Industry: Testbeds, Measurements, and Recommendations

• DOI: 10.1145/3319535.3363195
• 发表时间: 2019-11
• 期刊: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security
• 作者: Sazzadur Rahaman;Gang Wang;D. Yao

Ghost Riders: Sybil Attacks on Crowdsourced Mobile Mapping Services

• DOI: 10.1109/tnet.2018.2818073
• 发表时间: 2018-06-01
• 期刊: IEEE-ACM TRANSACTIONS ON NETWORKING
• 影响因子: 3.7
• 作者: Wang, Gang;Wang, Bolun;Zhao, Ben Y.
• 通讯作者: Zhao, Ben Y.

LEMNA: Explaining Deep Learning based Security Applications

• DOI: 10.1145/3243734.3243792
• 发表时间: 2018-01-01
• 期刊: PROCEEDINGS OF THE 2018 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (CCS'18)
• 作者: Guo, Wenbo;Mu, Dongliang;Xing, Xinyu
• 通讯作者: Xing, Xinyu