Publications

SMARTCOPE: Smartphone Change Of Possession Evaluation for Continuous Authentication

The goal of continuous smartphone authentication is to detect when the adversary has gained possession of the user’s device …

Posture and Body Movement Effects on Behavioral Biometrics for Continuous Smartphone Authentication

Continuous authentication aims to authenticate users at regular intervals post-login, typically using biometric features that capture …

Your PIN Sounds Good! Augmentation of PIN Guessing Strategies via Audio Leakage

Personal Identification Numbers (PINs) are widely used as the primary authentication method for Automated Teller Machines (ATMs) and …

PILOT: Password and PIN Information Leakage from Obfuscated Typing Videos

This paper studies leakage of user passwords and PINs based on observations of typing feedback on screens or from projectors in the …

Passgan: A deep learning approach for password guessing

State-of-the-art password guessing tools, such as HashCat and John the Ripper, enable users to check billions of passwords per second …

DISPERSE: A Decentralized Architecture for Content Replication Resilient to Node Failures

This paper introduces DISPERSE, a distributed scalable architecture for delivery of content and services that provides resilience …

Weak and Strong Deniable Authenticated Encryption: On their Relationship and Applications

Consider a scenario in which a whistleblower (Alice) would like to disclose confidential documents to a journalist (Bob). Bob wants to …

USB Side-channel Attack on Tor

Tor is used to communicate anonymously by millions of daily users, which rely on it for their privacy, security, and often safety. In …

The impact of application context on privacy and performance of keystroke authentication systems

In this paper, we show that keystroke latencies used in continuous user authentication systems disclose application context, i.e., in …

SILK-TV: Secret Information Leakage from Keystroke Timing Videos

Shoulder surfing attacks are an unfortunate consequence of entering passwords or PINs into computers, smartphones, PoS terminals, and …

MEG: Memory and Energy Efficient Garbled Circuit Evaluation on Smartphones

Garbled circuits are a general tool that allows two parties to compute any function without disclosing their respective inputs. …

Continuous and Transparent Authentication of Haptic Users

Telerobotic systems are used to perform critical tasks in sensitive environments. The security of these systems is of paramount …

Content-Centric and Named-Data Networking Security: The Good, The Bad and The Rest

Named Data Networking and Content-Centric Networking (NDN and CCN, respectively) are closely related networking architectures which, …

Privacy-Aware Caching in Information-Centric Networking

Information-Centric Networking (ICN) is an emerging networking paradigm where named and routable data (content) is the focal point. …

On Inferring Browsing Activity on Smartphones via USB Power Analysis Side-Channel

In this paper, we show that public USB charging stations pose a significant privacy risk to smartphone users even when no data …

Secure, Fast, and Energy-Efficient Outsourced Authentication for Smartphones

Common smartphone authentication mechanisms (e.g., PINs, graphical passwords, and fingerprint scans) are not designed to offer security …

HMOG: New behavioral biometric features for continuous authentication of smartphone users

We introduce hand movement, orientation, and grasp (HMOG), a set of behavioral features to continuously authenticate smartphone users. …

FLEX: A Flexible Code Authentication Framework for Delegating Mobile App Customization

Mobile code distribution relies on digital signatures to guarantee code authenticity. Unfortunately, standard signature schemes are not …

Violating consumer anonymity: Geo-locating nodes in named data networking

Named Data Networking (NDN) is an information-centric network architecture designed as a candidate replacement for the current IP-based …

Secure outsourced biometric authentication with performance evaluation on smartphones

We design privacy-preserving protocols for Scaled Manhattan and Scaled Euclidean verifiers, secure against malicious clients and …

Secure and efficient iris and fingerprint identification

Recent advances in biometric recognition and the increasing use of biometric data prompt significant privacy challenges associated with …

Privacy-preserving user matching

Matching two or more users with related interests is an important and general primitive, applicable to a wide range of scenarios …

Secure sensing over named data networking

The anticipated proliferation of smart devices, the “Internet of Things” (IoT), is one of the motivations for some large-scale research …

Privacy-preserving population-enhanced biometric key generation from free-text keystroke dynamics

Biometric key generation techniques are used to reliably generate cryptographic material from biometric signals. Existing constructions …

Privacy-preserving distance computation and proximity testing on earth, done right

In recent years, the availability of GPS-enabled smartphones have made location-based services extremely popular. A multitude of …

Espresso: efficient privacy-preserving evaluation of sample set similarity

Electronic information is increasingly often shared among entities without complete mutual trust. To address related security and …

Covert ephemeral communication in named data networking

In the last decade, there has been a growing realization that the current Internet Protocol is reaching the limits of its senescence. …

Securing instrumented environments over content-centric networking: the case of lighting control and NDN

Instrumented environments, such as modern building automation systems (BAS), are becoming commonplace and are increasingly …

Secure privacy-preserving protocols for outsourcing continuous authentication of smartphone users with touch data

We introduce new secure privacy-preserving protocols for outsourcing continuous authentication of smartphone users. Our protocols allow …

Privacy-Preserving Symptoms-to-Disease Mapping on Smartphones

Information-Centric Networking (ICN) is an emerging networking paradigm where named and routable data (content) is the focal point. …

Privacy-preserving matching of community-contributed content

Popular consumer review sites, such as Yelp and Tripadvisor, are based upon massive amounts of voluntarily contributed content. Sharing …

Poseidon: Mitigating interest flooding DDoS attacks in named data networking

Content-Centric Networking (CCN) is an emerging networking paradigm being considered as a possible replacement for the current IP-based …

Optimizing bi-directional low-latency communication in named data networking

Content-Centric Networking (CCN) is an alternative to today’s Internet IP-style packet-switched host-centric networking. One key …

EsPRESSo: efficient privacy-preserving evaluation of sample set similarity

Electronic information is increasingly often shared among entities without complete mutual trust. To address related security and …

DoS and DDoS in Named Data Networking

With the growing realization that current Internet protocols are reaching the limits of their senescence, several on-going research …

Cache privacy in named-data networking

Content-Centric Networking (CCN) is an alternative to host-centric networking exemplified by today’s Internet. CCN emphasizes …

A lightweight mechanism for detection of cache pollution attacks in named data networking

Content-Centric Networking (CCN) is an emerging paradigm being considered as a possible replacement for the current IP-based …

On the Security of Password Manager Database Formats.

Password managers are critical pieces of software relied upon by users to securely store valuable and sensitive information, from …

Genodroid: are privacy-preserving genomic tests ready for prime time?

As fast and accurate sequencing of human genomes becomes affordable, it is expected that individuals will soon be able to carry around …

Fast and private computation of cardinality of set intersection and union

In many everyday scenarios, sensitive information must be shared between parties without complete mutual trust. Private set operations …

ANDaNA: Anonymous Named Data Networking Application

Content-centric networking — also known as information-centric networking (ICN) — shifts emphasis from hosts and interfaces (as in …

Secure and efficient protocols for iris and fingerprint identification

Recent advances in biometric recognition and the increasing use of biometric data prompt significant privacy challenges associated with …

On Re-use of randomness in broadcast encryption

Broadcast encryption provides an efficient way to encrypt a message for a large number of receivers. This paper investigates whether it …

Fast and Private Computation of Set Intersection Cardinality.

In many everyday scenarios, sensitive information must be shared between parties without complete mutual trust. Private set operations …

Countering gattaca: efficient and secure testing of fully-sequenced human genomes

Recent advances in DNA sequencing technologies have put ubiquitous availability of fully sequenced human genomes within reach. It is no …

ANDaNA: Anonymous named data networking application

Content-centric networking — also known as information-centric networking (ICN) — shifts emphasis from hosts and interfaces (as in …

A new approach to securing audio conference tools

Named Data Networking (NDN), a recently proposed Internet architecture based on content-centric networking, is designed to secure data …

On the integrity of network coding-based anonymous p2p file sharing networks

Network coding is a class of routing algorithms offering increased throughput and improved robustness to random failures. With …

Deniable cloud storage: sharing files via public-key deniability

Cloud computing provides users with ample computing resources, storage, and bandwidth to meet their computing needs, often at minimal …

Breaking and fixing the self encryption scheme for data security in mobile devices

Data security is one of the major challenges that prevents the wider acceptance of mobile devices, especially within business and …

Universally Anonymous IBE Based on the Quadratic Residuosity Assumption.

We introduce the first universally anonymous, thus key-private, IBE whose security is based on the standard quadratic residuosity …