2021 Fiscal Year Annual Research Report
Malicious entity detection using fine-grained DNA-inspired behavioural modelling
| Project/Area Number |
21F20785
|
|---|
| Research Institution | National Institute of Informatics |
|---|
Principal Investigator |
高須 淳宏 国立情報学研究所, コンテンツ科学研究系, 教授 (90216648)
|
|---|
| Co-Investigator(Kenkyū-buntansha) |
ANDRIOTIS PANAGIOTIS 国立情報学研究所, コンテンツ科学研究系, 外国人特別研究員
|
|---|
| Project Period (FY) |
2021-11-18 – 2023-03-31
|
| Keywords | information security |
|---|
| Outline of Annual Research Achievements |
We did a literature review of papers dealing with the problem of bot detection on social media networks (focused on Twitter) because the inspiration for the project was driven from this problem. It was obvious that since the project was envisioned, automated accounts on Twitter have become more sophisticated and more difficult to detect, as they are now more able to mimic human behaviour. Thus, we invested to aggregate Cyber Security with Bioinformatics. We worked towards three strands to achieve the integration of Bioinformatics principles in Cyber Security research: (1) a theoretical assessment of the complexity of a novel graphical password scheme using “k-mers”, (2) aggregation of DNA-inspired behavioural modelling within a ground-breaking field of research for social networks, and (3) envision to transfer knowledge learned from the latter direction of research to the problem of malicious software detection in mobile environments, using GNNs.
We initially explored how we can embed Bioinformatics (in a theoretical level) to the problem of quantifying complexity (and security) for graphical passwords. We therefore implemented a graphical password scheme and tested its usability on mobile devices running the Android operating system. Then, we used Lothaire’s Combinatorics theory (definition of “finite word”, followed by the simple metric “complexity of a word”) with basic Bioinformatics (k-mers) and we introduced a complexity metric to quantify the proposed graphical password scheme space, aiming to identify how it compares with other graphical password schemes.
|
| Current Status of Research Progress |
Current Status of Research Progress
2: Research has progressed on the whole more than it was originally planned.
Reason
This research work completed the first part of our plan and it led to the publication of a research paper to the HCI International 2022 conference, to be presented virtually, late June 2022. The paper is titled “P. Andriotis, M. Kirby, A. Takasu, Bu-dash: A universal and dynamic graphical password scheme, in: A. Moallem (Ed.), HCI for Cybersecurity, Privacy and Trust, 2022”, and a preprint can be found here: https://andriotisp.github.io/blog/2022/budashb/. Additionally, we submitted an extended version of this paper that incorporates the findings of our analysis on the complexity characteristics of the scheme. The paper is now under review.
|
| Strategy for Future Research Activity |
We now move towards the implementation of the next part of the project. To this end, we have already applied and acquired licence from Twitter to use their API for academic purposes. This will allow us to collect data from the Twitter environment and compare our method with the state of the art in bot detection. We will also use another dataset as a baseline to investigate how our approach of incorporating GNNs with DNA-inspired behavioural modelling works against well-known solutions based on GNNs. The fundamental idea of our approach is to use neighbourhood information derived from an account into question (2-hops away from it) utilising GNNs and accumulate this information with the account’s behavioural patterns, namely their digital DNA.
|
