Towards Building Smart Trustworthy Systems: A Data Driven Approach

Dr. Deguang Kong
Samsung Research America


Abstract

Along with the increasing popularity of diversified computing system (e.g., PC, mobile devices, cloud), there exist severe security and privacy concerns for software, mobile apps and even multi-media information stored and shared in cloud. In this talk, I will show our efforts towards building smart trustworthy systems from the perspective of understanding and analysis of the diversified data in the modern computing systems. Firstly, we study how users’ reviews can reflect the security issues of mobile apps, and propose and develop the tool AUTOREB to protect users from the security threats by automatically understanding the existing user reviews. Experimental results on real-world datasets demonstrate that our system can infer mobile apps’ security behaviors from user reviews with high accuracy. Our research provides valuable insights and quantitative analysis in understanding mobile app security concerns from users’ perspective, and helps bridge the gap between the security issues and users’ perception. Secondly, in order to automate the process of classifying malware variants, we leverage transductive malware classification framework and propagate labels from labeled malware to unlabeled ones, given the structural information collected from static analysis of malware. Experimental results suggest that our method outperforms the existing approaches in classifying malware variants when only a small number of labeled samples are available. Thirdly, to protect the photos sharing in online social networks, we propose PuPPIeS that targets at threats about over-privileged and unauthorized sharing of photos at photo service provider (e.g., Flicker, Facebook, etc.) side. PuPPIeS leverages the image perturbation technique to “encrypt” the sensitive areas in the original images, and therefore can naturally support popular image transformations (such as cropping, rotation). Extensive experiments demonstrate that PuPPIeS is very effective for privacy protection and incurs only a small computational overhead. Finally, I will discuss my future research plans towards building smart trustworthy systems (e.g., IOT systems, cyber-physical system, healthcare system) and solving the corresponding security and privacy problems.