November 5, 2019
Machine learning advances new tool to fight cybercrime in the cloud
WEST LAFAYETTE, Ind. – Increased adoption of cloud applications, such as Dropbox and Google Drive, by private users has increased concern about use of cloud information for cybercrimes such as child exploitation, illegal drug trafficking and illegal firearm transactions.
Researchers at Purdue University have developed a cloud forensic model using machine learning to collect digital evidence related to illegal activities on cloud storage applications.
“It is crucial to detect illegal cloud activities in motion,” said Fahad Salamh, a PhD student in the Purdue Polytechnic Institute, who helped create the system. “Our technology identifies and analyzes in real time incidents related to these cybercrimes through transactions uploaded to cloud storage applications.”
Salamh worked on the technology with Marcus Rogers and Umit Karabiyik, professors in Polytechnic who specialize in computer and information technology.
The Purdue system deploys deep learning models to classify child exploitation, illegal drug trafficking and illegal firearms transactions uploaded to cloud storage applications and report illegal activities via a forensic evidence collection system.
The process begins when a cloud storage application user uploads a media file, either image or video. The pre-trained machine learning models scan both images and thumbnails to look for signs of cybercrimes.
Through identifying and analyzing these incidents using machine learning, cloud service providers can collect alerted logs, block the associated accounts and report them to law enforcement based on a cloud search warrant request.
“It is important to automate the process of digital forensic and incident response in order to cope with advanced technology and sophisticated hiding techniques and to reduce the mass storage of digital evidence on cases involving cloud storage applications,” Salamh said. “Cloud environments challenge investigators in identifying the ownership of uploaded media files because of their network architecture and data processing.”
The Purdue team tested more than 1,500 images, and the model accurately classified an image roughly 96% of the time.
The team worked with the Purdue Research Foundation Office of Technology Commercialization to patent the system. For more information on licensing a Purdue innovation, contact the Office of Technology Commercialization at firstname.lastname@example.org and reference track code 2019-ROGE-68605.
About Purdue Research Foundation Office of Technology Commercialization
The Purdue Research Foundation Office of Technology Commercialization operates one of the most comprehensive technology transfer programs among leading research universities in the U.S. Services provided by this office support the economic development initiatives of Purdue University and benefit the university's academic activities. The office is managed by the Purdue Research Foundation, which received the 2016 Innovation and Economic Prosperity Universities Award for Innovation from the Association of Public and Land-grant Universities. For more information about funding and investment opportunities in startups based on a Purdue innovation, contact the Purdue Foundry at email@example.com. To learn about licensing a Purdue innovation, contact the Office of Technology Commercialization at firstname.lastname@example.org. The Purdue Research Foundation is a private, nonprofit foundation created to advance the mission of Purdue University.
Writer: Chris Adam, 765-588-3341, email@example.com
Source: Fahad Salamh, firstname.lastname@example.org