GGrantIndex
← Search

CRII: SaTC: Empowering Elastic-honeypot as Real-time Malicious Content Sniffers for Social Networks

$175,000FY2020CSENSF

University Of Louisiana At Lafayette, Lafayette LA

Investigators

Abstract

Spam messages, misinformation, disinformation and outright fraud are rampant on social networks. To separate out such malicious content from benign and useful content and protect social networks, there is a need for robust content classification systems. However, before such systems can be designed, there is a need for data that train the classifiers. Honeypots are a good way to obtain such data about malicious attacker behavior. Conventional honeypots rely on manually created artificial user accounts as lures to trap attack activities. However, such honeypots are often identified easily by smart attackers. They also suffer from lack of deployment flexibility, feature variability, network scalability, and system portability. This project develops a novel and lightweight honeypot-based malicious content capturing system that cannot be easily bypassed by attackers. The honeypot is then used to intelligently gather and automatically classify contents into likely malicious and likely benign. The goal is to mitigate the adverse effects of malicious contents and sanitize social environments, significantly elevating the security and trust of social networks. Research datasets and software toolkits are shared with the broader research community. The research findings are transitioned into educational materials in the form of book chapters and hands-on classroom materials, delivered to students at the University of Louisiana at Lafayette and also shared with other universities worldwide. The project also involves undergraduate and under-represented students for research experience. This project develops a novel and lightweight honeypot-based malicious content sniffing system, named the elastic-honeypot sniffer, to overcome drawbacks in conventional honeypot-based solutions. Two core components constitute the elastic-honeypot sniffer: (1) real-time data gathering and (2) elastic-honeypot detector. Using robust learning techniques on existing spam datasets, the project identifies features and behavior profiles of users who are found to be lucrative targets for spammers. For real-time data gathering, the elastic-honeypot dynamically deploys artificial user accounts as lures based on the learnt vulnerable user profiles to trap attackers intelligently. The main advantages over conventional honeypot technology are node availability, deployment flexibility, features variability, network scalability, and system portability. The data captured by the elastic-honeypot sniffer is used to design robust classification techniques to differentiate between malicious and benign content that are resilient against adversarial attacks. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

View original record on NSF Award Search →