Virginia Tech®home

Ransomeware, Scams, Cyrptojacking: A Data-Driven Approach to Systems Security

Amin Kharraz

PhD Candidate, University of Illinois at Urbana-Champaign

Thursday, February 27, 2020
9:30am - 10:30am
655 McBryde Hall


Organized cybercrime occurs in different forms and has become more frequent and
consequential. How do we quickly, accurately, and comprehensively identify these
threats? How can we reduce the attack surface and improve defensive agility? The
necessary steps to make meaningful progress and answer these questions require
integrating 1) a variety of scientifically rigorous empirical methods including user studies,
machine learning, and code analysis to translate an abstract concept into quantifiable
information, and 2) data-driven approaches to enhance the agility of defenders to respond
to these attacks.

In this talk, I will highlight the contribution of empirical methods to systems security with
three examples from my work. I present systems to uncover and explore three large-scale
adversarial activities including ransomware, online scams, and in-browser covert
crypto-mining. I illustrate how data-driven approaches offer empirical techniques to study
contemporary security incidents by exposing underlying aspects of these threats, leading
to more effective defensive techniques and security models that are more closely aligned
with today’s cybersecurity landscape.


Amin Kharraz is a Postdoc at the University of Illinois at Urbana-Champaign. Amin's
research interests are broadly in the areas of empirical systems security and privacy. His
research seeks to create solutions to study cybercrime, evaluate the security and privacy
implications of emerging technologies, and improve responding to associated threats in a
scalable and reliable manner. His work spans various topics, from browser security to
malware protection. His research has been distinguished with a Best Paper Award at the
Web Conference (WWW) in 2019.