PhD Proposal by Charles Lever

Event Details
  • Date/Time:
    • Thursday August 31, 2017 - Friday September 1, 2017
      10:00 am - 11:59 am
  • Location: Klaus 3402
  • Phone:
  • URL:
  • Email:
  • Fee(s):
  • Extras:
No contact information submitted.

Summary Sentence: Temporal Insights From Cross-Platform Internet Abuse at Scale

Full Summary: No summary paragraph submitted.

Title: Temporal Insights From Cross-Platform Internet Abuse at Scale

Chaz Lever
Ph.D. student
School of Computer Science
College of Computing
Georgia Institute of Technology

Date: Thursday, August 31st, 2017
Time: 10 AM - 12 PM (ET)
Location: Klaus 3402

Dr. Emmanouil Antonakakis (Advisor, School of Electrical and Computer Engineering, Georgia Institute of Technology)
Dr. Mustaque Ahamad (School of Computer Science, Georgia Institute of Technology)
Dr. Douglas Blough (School of Electrical and Computer Engineering, Georgia Institute of Technology)
Dr. Roberto Perdisci (Dept. of Computer Science, University of Georgia and School of Computer Science, Georgia Tech)

Dr. Fabian Monrose (Dept. of Computer Science, University of North Carolina, Chapel Hill)



The security landscape is constantly evolving. Therefore, in order to build

better defenses, it is critical to evaluate emerging and existing threats to

better understand how and where to prioritize future security efforts.

Ideally, such evaluation of threats should be based on real world data, but

this introduces a number of challenges. For example, real world data must be

collected, parsed, and cleaned before any sort of analysis can proceed.  These

tasks are frequently complicated as the scale of that data grows—--requiring

considerable work in order to derive useful insights.


The work in this thesis provides empirical analysis of numerous existing or

emerging threats using real world data at scale. As such, it provides the first

real world study on the prevalence of mobile malware by studying network

traffic from almost 25M devices—--showing that security practices on popular

mobile device platforms appear to be fairly effective. In addition, it studies

the unintended security consequences of hundreds of millions of domain

expirations over several years and shows that malware is increasingly using

expired domains for abuse—--as well as providing a lightweight algorithm for

detecting such expirations. Next, it studies the evolution of 27M malware

samples collected over almost half a decade—--confirming some existing findings

at scale and identifying several shortcomings of the current state of the art.

Finally, it studies nearly 35 consumer oriented IoT devices to provide a

insights into trends of insecurity across devices---linking these findings to

growth trends from real world network traffic. This study suggests that many of

the problems related to IoT devices are due to a failure to learn from decades

of prior security experience.

Additional Information

In Campus Calendar

Graduate Studies

Invited Audience
Public, Graduate students
Phd proposal
  • Created By: Tatianna Richardson
  • Workflow Status: Published
  • Created On: Aug 31, 2017 - 8:31am
  • Last Updated: Aug 31, 2017 - 8:31am