Utilizing Twitter for prediction of sentiment towards a public figure | Big Data Driven Content Distribution | Security management for open mobile platforms | Incentive Engineering | Admission control mechanisms for mobile networks | Using insurance to increase internet security | An analytic framework for modeling and detecting access layer misbehavior in wireless networks

Utilizing Twitter for prediction of sentiment towards a public figure

This project involves utilizing Twitter Streaming API for collection of incoming Tweets. The data was collected either by using keywords and stored in JSON files or using Streaming API and stored inside MongoDB. In order to decrease storage space, the incoming Tweets were first processed and unnecessary fields were removed. The tool utilizes Twitter streaming API to produce statistics such as: number of mentions of a public figure during the certain period of time, number of positive and negative mentions, time periods with most mentions, users with most retweets, most influential users etc. Tools used: MongoDB, Twitter Streaming API, Python (pandas, numpy, scipy, scikit-learn).

Big Data Driven Content Distribution

Our paper “Utilizing Social Influence in Content Distribution Networks” won the ICC 2011 best paper award in the category Next Generation Networking and Internet

This project investigated the social dimension in service adoption in cellular networks. The goal of the project was understanding the dynamics of user interactions on the social level with the goal of designing efficient network optimization strategies. We designed a model for controlling the user exposure to different services to achieve a target utilization based on their previous behavior. One of the direct applications for the designed model was slowing down the propagation of suspicious applications/services until they are verified, without impacting their future growth if they turn out to be non-malicious.

Security management for open mobile platforms

By moving towards open platform setup, mobile providers increase flexibility of users and possible revenue sources, but increase security risks brought into the network. The goal of this project was to obtain policies for constructing a secure mobile network with more open platforms in which benefits and security risks are well managed. This project investigated a subset of possible security problems that may arise in open/semi-open mobile networks, such as creation of botnets by malicious applications and privacy issues created by such applications to both users and mobile providers. In addition to that, research focused on analyzing users behavioral patterns and interactions within same and multiple networks to detect malicious behavior and predict future threats to mobile operators.

While computer operators are responsible for maintaining their machines, smart phone users are by and large at the mercy of their carriers; in fact a majority of users do not even have sufficient administrative privileges to install updated versions of their mobile operating systems on their own. At the same time, mobile devices concentrate even more private information than computers (e.g., GPS coordinates, call logs). Relatively slow, market economics-driven patch cycles, combined with the large amount of private information held on smart phones and the growing computational power that these devices can offer, pose some unique security and privacy challenges. Our goal here is to better understand the nature of these challenges, and what we can do to address them.

Incentive Engineering for Network Security

This project was collaboration with UC Berkeley School of Information: Prof John Chuang, Jens Grossklags (now Assistant Proffessor at Pennsylvania State University, College of Information) and Alvaro Cardenas, now with Fujitsu Labs.

This project looked into incentives of individuals and role of intermediaries for increasing internet security. The main purpose was analysis of economic incentives that drive individual decision-making regarding investing in the security of their system, and how individually rational decisions may lead to globally suboptimal security outcomes for the entire network. The solutions that were proposed were in the form of technical, institutional, financial, and/or policy interventions that could be taken by intermediaries such as network operators and software providers to influence individual incentives.

Using tools from game theory, behavioral economics, and risk management this project has produced insights into:

- tradeoffs of investing in protection versus insurance and the effects of such investments on security;

- the strategic uncertainty that arises in the above scenarios

- the role of experts and intermediaries in the coordination of security investments (such as Internet Service Providers (ISPs), operating system vendors, and security software providers)

Nowadays, security attacks are usually financially motivated. In this project we aim to obtain a more accurate picture of interactions between different entities involved in attacks in order to propose strategies for defending against them. We investigate the economic incentives from the perspective of the cyber-criminals, and how they may allocate resources or manage their risks in defending against counter-attacks by law enforcement. In addition to performing detailed analysis of cyber-criminal ecosystem we apply game theory for modeling the interactions of cyber criminals and individuals trying to protect their information as a variety of zero-sum games.

The objective of this project was to provide an efficient scheme for attack mitigation and prevention on the current Internet. By using results from the above projects we investgated how the combination of self-investment and ISP-based insurance impacts the overall security and residual risk. We attempt to provide an answer on how self-investments into security impact the overall network security and the extent to which individuals’ under-investment in security can impact the security of their neighbors and the security of the whole network. We also examine how ISP-imposed insurance affects the residual risk of individuals and the overall network security. Since individual security investments and ISP-based insurance represent different approaches to increasing the overall system security, the ultimate goal of this project is a universal metric that enables each user and/or ISP to evaluate the security of individuals as well as the overall system security.

Admission control mechanisms and impact of malware propagation on security of mobile networks

This project investigates the effect of malware propagation on the availability of services in the mobile network and proposes admission policies that minimize the probability of admitting insecure users to the network. The goal is to obtain a more precise model of an adversary in mobile networks and analyze the incentive chain of all the participants: cyber-criminals, network operators and users and using game theory.

Using insurance to increase internet security

This project focused on using economic incentives in order to increase security of users in the network and the netowrk itself. We focused on finding out solutions why people underinvest in security, therefore, increasing the chances of great financial losses using behavioral economy and finding out what type of incentives should network operators or ISPs provide in order to increase probability of investments in security. The conclusion of the initial research was that all existing methods reduce, but do not eliminate risks in networks.

In this project we take a new approach to the problem of Internet security and advocate managing the residual risk by buying insurance against it and consequently re-arranging the incentive chain. By performing detailed analysis we define an insurance policy that can survive in a competitive market. Following that, we analyze the impact of insurance-based ISPs on the rest of the network and attempt to answer whether using insurance can increase the overall security of the system and provide incentive to other ISPs to implement such policies.

An analytic framework for modeling and detecting access layer misbehavior in wireless networks

In this work we proposed a novel framework for detection of intelligent adaptive adversaries in the IEEE 802.11 MAC by addressing the problem of detection of the worst-case scenario attacks. We employed sequential detection methods for detecting greedy behavior and illustrated their performance for detection of least favorable attacks. By using robust statistics, we utilized the precision given by parametric tests, while avoiding the specification of the adversarial distribution. This approach established the lowest performance bound of a given Intrusion Detection System (IDS) in terms of detection delay. Further extension of this problem included performance comparison of existing schemes for detection of MAC layer misbehavior and detection of colluding adversaries in wirelles networks.

This work was done in collaboration with John S. Baras, George V. Moustakides, Iordanis Koutsopolous and Alvaro Cardenas.