Models and Algorithms for Graph Watermarking

We introduce models and algorithmic foundations for graph watermarking. Our frameworks include security definitions and proofs, as well as characterizations when graph watermarking is algorithmically feasible, in spite of the fact that the general problem is NP-complete by simple reductions from the subgraph isomorphism or graph edit distance problems. In the digital watermarking of many types of files, an implicit step in the recovery of a watermark is the mapping of individual pieces of data, such as image pixels or movie frames, from one object to another. In graphs, this step corresponds to approximately matching vertices of one graph to another based on graph invariants such as vertex degree. Our approach is based on characterizing the feasibility of graph watermarking in terms of keygen, marking, and identification functions defined over graph families with known distributions. We demonstrate the strength of this approach with exemplary watermarking schemes for two random graph models, the classic Erd\H{o}s-R\'{e}nyi model and a random power-law graph model, both of which are used to model real-world networks

Running Experiments with Confidence and Sanity

Analyzing data from large experimental suites is a daily task for anyone doing experimental algorithmics. In this paper we report on several approaches we tried for this seemingly mundane task in a similarity search setting, reflecting on the challenges it poses. We conclude by proposing a workflow, which can be implemented using several tools, that allows to analyze experimental data with confidence. The extended version of this paper and the support code are provided at https://github.com/Cecca/running-experiments

Malware signature generation using locality sensitive hashing

Security threats due to malicious executable are getting more serious. A lot of researchers are interested in combating malware attacks. In contrast, malicious users aim to increase the usage of polymorphism and metamorphism malware in order to increase the analysis cost and prevent being identified by anti-malware tools. Due to the intuitive similarity between different polymorphisms of a malware family, clustering is an effective approach to deal with this problem. Clustering accordingly is able to reduce the number of signatures. Therefore, we have leveraged the Suffix tree structure and Locality Sensitive Hashing (LSH) to linearly cluster malicious programs and to reduce the number of signatures significantly