Dan Fleck - Research

Research Interests

Cybersecurity Research Programs

In my current role within the CARE center I supervise many projects. The following list are some of my current and past projects.

CyberSecurity Testing Protocol - We developed a protocol and sample implementation for a CyberSecurity Defense Evaluation system. The system will facilitate quick and accurate testing of new defense software through testing new vulnerabilities created by our team.

Behavioral Biometrics-Based User Authentication - Measuring user behaviors to determine if the user is the one currently authorized on the Android device. (Funded by DARPA)

P2P Network for Forensics Investigations - Building a P2P network fabric to support large-scale network forensic queries. This will provide a drastic speed-up during investigations by providing investigators information in minutes versus days/weeks. (PI funded by DARPA)

Malware Analysis - applying crowdsource data to analyze unknown malware binaries. Using open source data to automatically create capability mappings through static analysis. (PI funded by DARPA)

Cloud-based DDoS Defense - implementing a moving target-based DDoS defense system in the cloud. This system is able to resist large scale DDoS attacks with fewer system resources than static overlay approaches. (Funded by DARPA)

Anomaly-based Intrusion Detection - a Network Intrusion Detection System (NIDS) using novel anomaly detection. Currently achieved better TPR/FPR than other approaches.

Resisting resource exhaustion - implemented a system to dynamically monitor binaries to detect and reverse malware code injection attacks on the usually benign programs. This tool is built on top of Intel's PIN tool and Stanford's KLEE symbolic engine. (Funded by IARPA)

Computer Vision

My previous research in computer vision focussed on feature matching for wide baseline image pairs. Using a combination of current approaches from literature and our own algorithms developed at GMU we worked to enhance feature matching in the context of rigid man-made structures. A typical usage we solved is two different people take a picture of a building from different viewpoints at different times and determining they are of the same building. Additionally, can you determine in a large corpus of building pictures which are the same and which are not?

I have also worked on different vision-based tracking techniques for a variety of scenarios. Tracking vehicles from UAV imagery to tracking human motion to create Human-Computer interfaces using optical sensors are all interesting problems I am working to solve.

Research Activities

Publications

Moving-target Defense against Botnet Reconnaissance and an Adversarial Coupon-Collection Model
George Kesidis, Yuquan Shan, Neda Nasiriani, Takis Konstantopoulos, Daniel Fleck and Angelos Stavrou
IEEE Conference on Dependable and Secure Computing (DSC 2018).

A Coupon-Collector Model of Asynchronous Moving-Target Defense Against Botnet Reconnaissance
George Kesidis, Yuquan Shan, Takis Konstantopoulos, Daniel Fleck and Angelos Stavrou
Malware Conference (MALCON 2018).

Preliminary Study of Fission Defenses Against Low-Volume DoS Attacks on Proxied Multiserver Systems
Yuquan Shan, George Kesidis, Dan Fleck, Angelos Stavrou
Malware Conference (MALCON 2017).

Numerical Evaluation of Cloud-Side Shuffling Defenses against DDoS Attacks on Proxied Multiserver Systems
Yuquan Shan, George Kesidis, Dan Fleck
9th ACM Cloud Computing Security Workshop (CCSW 2017).

Practical and Accurate Runtime Application Protection against DoS Attacks.
Mohamed Elsabagh, Dan Fleck, Angelos Stavrou, Michael Kaplan, Thomas Bowen
20th International Symposium on Research on Attacks, Intrusions and Defenses (RAID 2017).

Strict Virtual Call Integrity Checking for C++ Binaries
Mohamed Elsabagh, Dan Fleck, Angelos Stavrou.
Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIACCS) 2017, April 2-6, 2017 Abu Dhabi, UAE (Acceptance Rate: 18.7%, 67/359)

Detecting ROP with Statistical Learning of Program Characteristics (short paper)
Mohamed Elsabagh, Dan Fleck, Angelos Stavrou.
Proceedings of the 7th ACM Conference on Data and Application and Privacy (CODASPY 2017), March 22-24, 2017, Scottsdale, Arizona, USA

On Early Detection of Application-level Resource Exhaustion and Starvation
Mohamed Elsabagh, Daniel Barbara, Dan Fleck, Angelos Stavrou.
To appear in the Elsevier Journal of Systems and Software. (2017).

On the Move: Evading Distributed Denial-of-Service Attacks
Angelos Stavrou, Daniel Fleck, Constantinos Kolias.
IEEE Computer 49(3): 104-107 (2016).

Class-Chord: Efficient Messages to Classes of Nodes in Chord
Dan Fleck, Stephen Reese, Liam McGhee, Fengwei Zhang
IEEE 2nd International Conference on Cyber Security and Cloud Computing (CSCloud 2015).

Continuous Authentication on Mobile Devices Using Power Consumption, Touch Gestures
and Physical Movement of Users
Rahul Murmuria, Angelos Stavrou, Daniel Barbara, and Dan Fleck
Research in Attacks, Intrusions, and Defenses: 18th International Symposium (RAID 2015). Kyoto, Japan. November 2015

Radmin: Early Detection of Application-level Resource Exhaustion and Starvation Attacks
Mohamed Elsabagh, Dan Fleck, Daniel Barbara, Angelos Stavrou
Research in Attacks, Intrusions, and Defenses: 18th International Symposium (RAID 2015). Kyoto, Japan. November 2015.

Securing applications with Dyninst
Chris Reffett and Dan Fleck.
Technologies for Homeland Security (HST 2015), 2015 IEEE International Symposium on. IEEE, 2015.

transAD: An Anomaly Detection Network Intrusion Sensor for the Web
Sharath Hiremagalore, Daniel Barbar ́a, Dan Fleck, Walter Powell, and Angelos Stavrou.
In the Proceedings of International Security Conference (ISC 2014), Leipzig, Germany, June 2014.

Catch Me if You Can: A Cloud-Enabled DDoS Defense
Quan Jia, Huangxin Wang, Dan Fleck, Fei Li, Angelos Stavrou, Walter A. Powell.
In the Proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (IEEE DSN 2014), Atlanta, Georgia USA, June 23 - 26, 2014.

A Moving Target DDoS Defense Mechanism
Huangxin Wang, Quan Jia, Dan Fleck, Walter Powell, Fei Li, Angelos Stavrou.
In Elsevier Journal of Computer Communications, (2014), Volume 46, 15 June 2014, Pages 10–21.

PyTrigger: A System to Trigger & Extract User-Activated Malware Behavior
D. Fleck, A. Tokhtabayev, A. Alarif, A. Stavrou, T. Nykodym.
In International Conference on Availability, Reliability and Security (ARES) 2013.

Predicting Image Matching using Affine Distortion Models
D. Fleck and Z. Duric.
In IEEE conference on Computer Vision and Pattern Recognition (CVPR 2011).
Issue Date 20-25 June 2011, pages 105-112.

Using Local Affine Invariants to Improve Image Matching
D. Fleck and Z. Duric.
In 20th International Conference on Pattern Recognition (ICPR 2010), August 23-26, 2010, Istanbul, Turkey.

An evaluation of affine invariant-based classification for image matching.
D. Fleck and Z. Duric.
In International Symposium on Visual Computing (ISVC 2009), volume 5876 of LNCS, pages 417–429.

Affine invariant-based classification of inliers and outliers for image matching.
D. Fleck and Z. Duric.
In International Conference on Image Analysis and Recognition (ICIAR 2009)

Students I work with:

Mohamed Elsabagh - Static and dynamic binary rewriting to detect malware and resource exhaustion

Rahul Murmuria - Android-based authentication using behavioral biometrics

Chaitanya Yavvari - Malware analysis

Sharath Hiremagalore - Network Intrusion Detection

Fengwei Zhang - DDoS system migration

Chris Reffett - Program monitoring and sandboxing using DynInst (CS499)

Liam Mcghee - Malware analysis

Talhah Zafar - Resource monitoring

Ubaidul Khan - Resource monitoring

Stephen Reese - Network Intrusion Detection

Quan Jia - Moving Target Defense & resource monitoring

Will Petersen – Undergraduate research assistant. Image matching using Python

Josh Reese - Undergraduate research assistant. Data Mining large web collections.

Karl Majer – CS499 Independent Study - iPhone Programming

Scott Marshall – CS499 Independent Study - motion tracking and visualization