EAGER: Collaborative: Towards Understanding the Attack Vector of Privacy Technologies

Funding Agency: National Science Foundation

Period of Performance: 09/2016-08/2019

Abstract and Scope

Advances in privacy-enhancing technologies, including cryptographic mechanisms, standardized security protocols, and infrastructure, significantly improved privacy and had a significant impact on society by protecting users. At the same time, the success of such infrastructure has attracted abuse from illegal activities, including sophisticated botnets and ransomware, and has become a marketplace for drugs and contraband; botnets rose to be a major tool for cybercrime and their developers proved to be highly resourceful. It is contended that the next waves of botnets will extensively attempt to subvert privacy infrastructure and cryptographic mechanisms, which has the potential of both undermining their legal basis and future performance. This project will develop the theoretical and experimental foundations for analyzing, monitoring and mitigating the next generation of botnets that subvert privacy-enhancing technologies. Towards that goal, the project will develop tools for: 1) Analytical framework: the project develops a concrete strategy for approaching the detection, characterization, and mitigation of abuse of privacy infrastructure by crystallizing an analytical framework for reasoning about such botnets. This includes the identification
and formalization of their key properties (e.g., traceback and tomography resiliency, stealthy monetization), enabling mechanisms (e.g., IP address de-coupling, control/data traffic indistinguishability), fundamental limitations, and evaluation metrics. The project will explore analogous scenarios of abuse in future Internet architectures where anonymity is facilitated by design. 2) Monitoring and analysis: the project develops an experimental framework to track activities of the next generation of botnets for scalable and effective mitigation. Such framework will exploit their ideal design and behavioral properties, and draws on various preliminary measurement results in related contexts. 3) Mitigation: The project has the ultimate
goal of proactively developing an arsenal of mitigation techniques grounded in a sound theoretical foundation, analyzed within the theoretical framework, and evaluated within the experimental framework. The mitigation techniques span the gamut of increasing the cost of operating such botnets, to actively containing
and neutralizing bots, to proposing modifications to the privacy-enhancing protocols. The results of this project will be communicated with the concerned communities for having a direct and immediate impact on existing and future privacy infrastructure. The project will also develop educational material to train students in the foundations and systems for enabling privacy enhancing technologies.


The project provided training opportunities to several students, graduate and undergraduates, and results in multiple research publications in top research venues. The following provides a permanent record for the personnel (besides the PI) and associated publications. For any data related to the publications below, free to contact me (

Doctoral Students

Jinchun Choi

Jeff Spaulding, PhD Candidate, CS
First Position: Tenure-track Asst. Prof. at Niagara University

Jinchun Choi

Jeman Park, PhD Candidate, CS
First Job: Postdoctoral Research at Georgia Tech

Jinchun Choi

Ulku Meteriz, PhD Student, CS
Started: Fall 2018

Jinchun Choi

Afsah Anwar, PhD Candidate, CS
Started: Fall 2017

Jinchun Choi

Ahmed Abusnaina, PhD Student, CS
Started: Fall 2018

Master's students

Jinchun Choi

Mr. Amin Khormali. M.Sc., CS, 2019
First Position: Ph.D. student at the University of Central Florida

Jinchun Choi

Ms. S. Upadhyay. M.Sc., CS, 2020
First Position: unknown

Jinchun Choi

Ms. Priyanka Gona, M.Sc., CS, 2020
First Position: Amazon

Undergraduate students


Connor Austin, B.Sc. (Flit-Path/RA; 2018--2019)
Topic: Malware analysis


Coty Tuggle, B.Sc. (Flit-Path/RA; 2018-2019)
Topic: Web security

Key Publications

  • PDF Examining the Robustness of Learning-Based DDoS Detection in Software Defined Networks
    Ahmed Abusnaina, Aminollah Khormali, Daehun Nyang, Murat Yuksel and Aziz Mohaisen
    The 2019 IEEE Conference on Dependable and Secure Computing (IEEE DSC 2019)
  • PDF Adversarial Learning Attacks on Graph-based IoT Malware Detection Systems.
    A. Abusnaina, A. Khormali, H. Alasmary, J. Park, A. Anwar and A. Mohaisen.
    IEEE International Conference on Distributed Computing Systems (IEEE ICDCS 2019)
  • PDF Where Are You Taking Me? Behavioral Analysis of Open DNS Resolvers.
    J. Park, A. Khormali, M. Mohaisen, A. Mohaisen.
    IEEE International Conference on Dependable Systems and Networks (IEEE DSN 2019)
  • PDF Analyzing and Detecting Emerging Internet of Things Malware: A Graph-based Approach
    H. Alasmary, A. Khormali, A. Anwar, J. Park, J. Choi, A. Abusnaina, A. Awad, D. Nyang, A. Mohaisen
    IEEE Internet of Things Journal (IEEE IoT Journal 2019)
  • PDF SSD-Insider: Internal Defense of Solid-State Drive against Ransomware with Perfect Data Recovery.
    S. Baek, Y. Jung, A. Mohaisen, S. Lee and D. Nyang.
    IEEE International Conference on Distributed Computing Systems (IEEE ICDCS 2018)
  • PDF Delving Into Internet DDoS Attacks by Botnets: Characterization and Analysis
    A. Wang, W. Chang, S. Chen, and A. Mohaisen
    IEEE/ACM Transactions on Networking (IEEE/ACM TNET 2018)
  • PDF QOI: Assessing Participation in Threat Information Sharing.
    J. Park, H. Alasmary, O. Al-Ibrahim, C. Kamhoua, K. Kwiat, L. Njilla, A. Mohaisen.
    IEEE International Conference on Acoustics, Speech, and Signal Processing (IEEE ICASSP 2018).
  • PDF ABC: Enabling Smartphone Authentication with Built-in Camera.
    Z. Ba, S. Piao, X. Fu, D. Koutsonikolas, A. Mohaisen, K. Ren:
    ISOC Network and Distributed System Security Symposium (ISOC NDSS 2018)
  • PDF Timing is Almost Everything: Realistic Evaluation of the Very Short Intermittent DDoS Attacks.
    J. Park, D. Nyang, and A. Mohaisen.
    IEEE Annual Conference on Privacy, Security and Trust (IEEE PST 2018)
  • PDF Understanding Adversarial Strategies from Bot Recruitment to Scheduling
    W. Chang, A. Mohaisen, A. Wang and S. Chen:
    International Conference on Security and Privacy in Communication Networks (SECURECOMM 2017)
  • PDF Proactive detection of command and control domains in internet of things‐scale botnets using DRIFT
    J. Spaulding, J. Park, J. Kim, D. Nyang, A. Mohaisen
    Transactions on Emerging Telecommunications Technologies (ETT 2018).

Key Outreach Activities

  • [06/08/2018] SEAL hosted 80 high school students for a security summer camp with material on malware attacks, and IoT security.