The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Kexin Pei

Students: Spring 2025, unless noted otherwise, sessions will be virtual on Zoom.

LEAPS: Detecting Camouflaged Attacks with Statistical Learning Guided by Program Analysis

Sep 23, 2015

Download: Video Icon MP4 Video Size: 66.8MB  
Watch on Youtube Watch on YouTube

Abstract

Currently cyberinfrastructures are facing increasingly
stealthy attacks that implant malicious payloads under the
cover of benign programs. Existing attack detection approaches
based on statistical learning methods may generate misleading
decision boundaries when processing noisy data with such a
mixture of benign and malicious behaviors. On the other hand,
attack detection based on formal program analysis may lack
completeness or adaptivity when modeling attack behaviors.
In light of these limitations, we have developed LEAPS, an
attack detection system based on supervised statistical learning
to classify benign and malicious system events. Furthermore,
we leverage control flow graphs inferred from the system event
logs to enable automatic pruning of the training data, which
leads to a more accurate classification model when applied to
the testing data. Our extensive evaluation shows that, compared
with pure statistical learning models, LEAPS achieves consistently
higher accuracy when detecting real-world camouflaged attacks
with benign program cover-up.

About the Speaker

Kexin Pei
Kexin Pei is a second year master student at Department of Computer Science, Purdue University.
His research interests include data mining and security,
focusing on solving security problems using program analysis and machine learning techniques.


Ways to Watch

YouTube

Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!