Acar Tamersoy

Dr. Acar Tamersoy has been a researcher in the research group at NortonLifeLock, formerly known as Symantec, since 2016. More information about him can be found on his academic website.

Selected Academic Papers

  • Secure and Utility-Aware Data Collection with Condensed Local Differential Privacy
    Mehmet Emre Gursoy, Acar Tamersoy, Stacey Truex, Wenqi Wei, and Ling Liu
    To appear in IEEE Transactions on Dependable and Secure Computing (TDSC)

  • VIGOR: Interactive Visual Exploration of Graph Query Results
    Robert Pienta, Fred Hohman, Alex Endert, Acar Tamersoy, Kevin Roundy, Chris Gates, Shamkant Navathe, Duen Horng Chau
    IEEE Transactions on Visualization and Computer Graphics (TVCG), 24(1), 2018, Presented at the 2017 IEEE Conference on Visual Analytics Science and Technology (VAST), 2017

    We present VIGOR, a novel interactive visual analytics system, for exploring and making sense of graph query results. VIGOR contributes an exemplar-based interaction technique and a feature-aware subgraph result summarization. Through a collaboration with Symantec, we demonstrate how VIGOR helps tackle real-world cybersecurity problems.

  • Smoke Detector: Cross-Product Intrusion Detection With Weak Indicators
    Kevin A. Roundy, Acar Tamersoy, Michael Spertus, Michael Hart, Daniel Kats, Matteo Dell'Amico, Robert Scott
    In Proceedings of the Annual Computer Security Applications Conference (ACSAC 2017)

    Smoke Detector significantly expands upon limited collections of hand-labeled security incidents by framing event data as relationships between events and machines, and performing random walks to rank candidate security incidents. Smoke Detector significantly increases incident detection coverage for mature Managed Security Service Providers.

  • Generating Graph Snapshots from Streaming Edge Data
    Sucheta Soundarajan, Acar Tamersoy, Elias B. Khalil, Tina Eliassi-Rad, Duen Horng Chau, Brian Gallagher, Kevin Roundy
    In Proceedings of the 25th International World Wide Web Conference (WWW), 2016

    We study the problem of determining the proper aggregation granularity for a stream of time-stamped edges. To this end, we propose ADAGE and demonstrate its value in automatically finding the appropriate aggregation intervals on edge streams for belief propagation to detect malicious files and machines.

  • Guilt by Association: Large Scale Malware Detection by Mining File-relation Graphs
    Acar Tamersoy, Kevin A. Roundy, Duen Horng Chau
    In Proceedings of the 20th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD ‘14)

    We present AESOP, a scalable algorithm that identifies malicious executable files by leveraging a novel combination of locality-sensitive hashing and belief propagation. AESOP attained early labeling of 99% of benign files and 79% of malicious files with a 0.9961 true positive rate at 0.0001 false positive rate.