Peer-Reviewed Publications from NortonLifeLock Research Group

Academic Papers - 2014

EXPOSURE: a Passive DNS Analysis Service to Detect and Report Malicious Domains

ACM Transactions on Information and System Security (TISSEC) (Volume 16 Issue 4, April 2014)
We present an extended version of Exposure and the experimental results on 17 months of its deployment on real data.

MR-TRIAGE: Scalable multi-criteria clustering for big data security intelligence applications

In Proceedings of the 2nd IEEE International Conference on Big Data 2014 (IEEE BigData 2014)
We introduce a new framework called MR-TRIAGE leveraging multi-criteria data clustering (MCDC) to perform scalable data clustering on large security data sets and further implement a set of efficient algorithms in a 3-stage MapReduce paradigm.

Study of collective user behaviour in Twitter: a fuzzy approach

Journal of Neural Computing and Applications, Volume 25, Issue 7–8, December 2014
We proposed a new approach which applies the mass assignment-based fuzzy association rules mining (MASS-FARM) algorithm to Twitter data analysis, for the first time, to automatically extract useful and meaningful knowledge from large-scale data set.

Syntax and Semantics in Quality Estimation of Machine Translation

In Proceedings of the 8th Workshop on Syntax, Semantics and Structure in Statistical Translation (SSST-8)

Ethics in Data Sharing: Developing a Model for Best Practice

In Proceedings of the 35th IEEE Symposium on Security and Privacy Workshops (SP ‘14)

On the Effectiveness of Risk Prediction Based on Users Browsing Behavior

In Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIA CCS '14)
We present a comprehensive study on the effectiveness of risk prediction based only on the web browsing behavior of users.

Quality Estimation of English-French Machine Translation: A Detailed Study of the Role of Syntax

In Proceedings of the 25th International Conference on Computational Linguistics (COLING 2014)

Malicious BGP Hijacks: Appearances Can Be Deceiving

In Proceedings of the 43rd IEEE “International Conference on Communications: Communications and Information Systems Security Symposium (ICC 2014)
This paper discusses the challenges of Internet routing anomalies and BGP hijacks investigations. With the help of a real-world potential BGP hijack case study, we describe our investigation process and highlight the challenges and limitations faced.

Guilt by Association: Large Scale Malware Detection by Mining File-relation Graphs

In Proceedings of the 20th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD ‘14)
We present AESOP, a scalable algorithm that identifies malicious executable files by leveraging a novel combination of locality-sensitive hashing and belief propagation. AESOP attained early labeling of 99% of benign files and 79% of malicious files with a 0.9961 true positive rate at 0.0001 false positive rate.

Related News

Child using tablet device

Social Good

Where possible, we want to investigate how existing technology and/or telemetry could be used to address key issues pertaining to vulnerable populations. In addition, we want to develop new techniques to try and solve specific problems in the areas of abuse, scams, and child online safety.

machine learning image

Robust and Fair Machine Learning, Data Mining, and Artificial Intelligence

The tremendous growth in the learning capacity of Machine Learning methods has yet to be met with a corresponding growth in our ability to understand these models. Equally troubling, our ability to build robust machine learning models has not kept pace with research in adversarial attacks against machine learning. As we increasingly hand over decision making to automated machine learning and AI systems, we must find ways that the life-altering decisions made by these systems can be audited for fairness, safety, robustness to adversaries, and the preservation of privacy of any personally identifiable information over which they operate.

Secure Systems Map

Systems Security: Internet of Things, Mobile, Cloud, Virtualization

There is a continual need for security systems of many kinds, including traditional endpoints, mobile devices, cloud, IoT and virtual hosts. The continual evolution of these computing platforms results in new threats, but also in opportunities to better secure these systems. Furthermore, widespread deployment of trusted hardware brings new opportunities, but also a set of hardware-level threats that are not easily mitigated. The escalating cost of data breaches continues to make defending sensitive data a priority, and enterprises are becoming increasingly open to adopting new classes of defenses and encryption-based solutions to prevent serious breaches.