Paolo Gasti
Home
Contact
Publications
Grants
Projects
Invited Talks
Service
Publications
Type
Conference paper
Journal article
Book section
Date
2024
2020
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2006
SMARTCOPE: Smartphone Change Of Possession Evaluation for Continuous Authentication
The goal of continuous smartphone authentication is to detect when the adversary has gained possession of the user’s device …
Nicholas Cariello
,
Seth Levine
,
Gang Zhou
,
Blair Hoplight
,
Paolo Gasti
,
Kiran Balagani
PDF
Cite
DOI
Posture and Body Movement Effects on Behavioral Biometrics for Continuous Smartphone Authentication
Continuous authentication aims to authenticate users at regular intervals post-login, typically using biometric features that capture …
Nicholas Cariello
,
Robert Eslinger
,
Rosemary Gallagher
,
Isaac Kurtzer
,
Paolo Gasti
,
Kiran S. Balagani
PDF
Cite
DOI
Your PIN Sounds Good! Augmentation of PIN Guessing Strategies via Audio Leakage
Personal Identification Numbers (PINs) are widely used as the primary authentication method for Automated Teller Machines (ATMs) and …
Matteo Cardaioli
,
Mauro Conti
,
Kiran Balagani
,
Paolo Gasti
PDF
Cite
PILOT: Password and PIN Information Leakage from Obfuscated Typing Videos
This paper studies leakage of user passwords and PINs based on observations of typing feedback on screens or from projectors in the …
Kiran Balagani
,
Matteo Cardaioli
,
Mauro Conti
,
Paolo Gasti
,
Martin Georgiev
,
Tristan Gurtler
,
Daniele Lain
,
Charissa Miller
,
Kendall Molas
,
Nikita Samarin
,
Eugen Saraci
,
Gene Tsudik
,
Lynn Wu
PDF
Cite
Passgan: A deep learning approach for password guessing
State-of-the-art password guessing tools, such as HashCat and John the Ripper, enable users to check billions of passwords per second …
Briland Hitaj
,
Paolo Gasti
,
Giuseppe Ateniese
,
Fernando Perez-Cruz
PDF
Cite
DISPERSE: A Decentralized Architecture for Content Replication Resilient to Node Failures
This paper introduces DISPERSE, a distributed scalable architecture for delivery of content and services that provides resilience …
Anand Santhanakrishnan
,
Ding Ding
,
Paolo Gasti
,
Mike O.Neal
,
Mauro Conti
,
Kiran Balagani
PDF
Cite
Weak and Strong Deniable Authenticated Encryption: On their Relationship and Applications
Consider a scenario in which a whistleblower (Alice) would like to disclose confidential documents to a journalist (Bob). Bob wants to …
Kasper Rasmussen
,
Paolo Gasti
PDF
Cite
USB Side-channel Attack on Tor
Tor is used to communicate anonymously by millions of daily users, which rely on it for their privacy, security, and often safety. In …
Qing Yang
,
Paolo Gasti
,
Kiran Balagani
,
Yantao Li
,
Gang Zhou
PDF
Cite
The impact of application context on privacy and performance of keystroke authentication systems
In this paper, we show that keystroke latencies used in continuous user authentication systems disclose application context, i.e., in …
Kiran Balagani
,
Paolo Gasti
,
Aaron Elliott
,
Azriel Richardson
,
Mike ONeal
PDF
Cite
SILK-TV: Secret Information Leakage from Keystroke Timing Videos
Shoulder surfing attacks are an unfortunate consequence of entering passwords or PINs into computers, smartphones, PoS terminals, and …
Kiran Balagani
,
Mauro Conti
,
Paolo Gasti
,
Martin Georgiev
,
Tristan Gurtler
,
Daniele Lain
,
Charissa Miller
,
Kendall Molas
,
Nikita Samarin
,
Eugen Saraci
,
Gene Tsudik
,
Lynn Wu
PDF
Cite
MEG: Memory and Energy Efficient Garbled Circuit Evaluation on Smartphones
Garbled circuits are a general tool that allows two parties to compute any function without disclosing their respective inputs. …
Qing Yang
,
Ge Peng
,
Paolo Gasti
,
Kiran Balagani
,
Yantao Li
,
Gang Zhou
PDF
Cite
Continuous and Transparent Authentication of Haptic Users
Telerobotic systems are used to perform critical tasks in sensitive environments. The security of these systems is of paramount …
Fatimah Elsayed
,
Kiran Balagani
,
Paolo Gasti
,
Chung Hyuk Park
,
Anand Santhanakrishnan
PDF
Cite
Content-Centric and Named-Data Networking Security: The Good, The Bad and The Rest
Named Data Networking and Content-Centric Networking (NDN and CCN, respectively) are closely related networking architectures which, …
Paolo Gasti
,
Gene Tsudik
PDF
Cite
Privacy-Aware Caching in Information-Centric Networking
Information-Centric Networking (ICN) is an emerging networking paradigm where named and routable data (content) is the focal point. …
Gergely Acs
,
Mauro Conti
,
Paolo Gasti
,
Cesar Ghali
,
Gene Tsudik
,
Christopher Wood
PDF
Cite
PassGAN: A Deep Learning Approach for Password Guessing
Briland Hitaj
,
Paolo Gasti
,
Giuseppe Ateniese
,
Fernando Perez-Cruz
Cite
On Inferring Browsing Activity on Smartphones via USB Power Analysis Side-Channel
In this paper, we show that public USB charging stations pose a significant privacy risk to smartphone users even when no data …
Qing Yang
,
Paolo Gasti
,
Gang Zhou
,
Aydin Farajidavar
,
Kiran Balagani
PDF
Cite
Secure, Fast, and Energy-Efficient Outsourced Authentication for Smartphones
Common smartphone authentication mechanisms (e.g., PINs, graphical passwords, and fingerprint scans) are not designed to offer security …
Paolo Gasti
,
Jaroslav Šeděnka
,
Qing Yang
,
Gang Zhou
,
Kiran Balagani
PDF
Cite
HMOG: New behavioral biometric features for continuous authentication of smartphone users
We introduce hand movement, orientation, and grasp (HMOG), a set of behavioral features to continuously authenticate smartphone users. …
Zdeňka Sitová
,
Jaroslav Šeděnka
,
Qing Yang
,
Ge Peng
,
Gang Zhou
,
Paolo Gasti
,
Kiran Balagani
PDF
Cite
FLEX: A Flexible Code Authentication Framework for Delegating Mobile App Customization
Mobile code distribution relies on digital signatures to guarantee code authenticity. Unfortunately, standard signature schemes are not …
Gabriele Costa
,
Paolo Gasti
,
Alessio Merlo
,
Shunt-Hsi Yu
PDF
Cite
Violating consumer anonymity: Geo-locating nodes in named data networking
Named Data Networking (NDN) is an information-centric network architecture designed as a candidate replacement for the current IP-based …
Alberto Compagno
,
Mauro Conti
,
Paolo Gasti
,
Luigi Vincenzo Mancini
,
Gene Tsudik
PDF
Cite
Secure outsourced biometric authentication with performance evaluation on smartphones
We design privacy-preserving protocols for Scaled Manhattan and Scaled Euclidean verifiers, secure against malicious clients and …
Jaroslav Šeděnka
,
Sathya Govindarajan
,
Paolo Gasti
,
Kiran Balagani
PDF
Cite
Secure and efficient iris and fingerprint identification
Recent advances in biometric recognition and the increasing use of biometric data prompt significant privacy challenges associated with …
Marina Blanton
,
Paolo Gasti
PDF
Cite
Privacy-preserving user matching
Matching two or more users with related interests is an important and general primitive, applicable to a wide range of scenarios …
Paolo Gasti
,
Kasper B Rasmussen
PDF
Cite
Secure sensing over named data networking
The anticipated proliferation of smart devices, the “Internet of Things” (IoT), is one of the motivations for some large-scale research …
Jeff Burke
,
Paolo Gasti
,
Naveen Nathan
,
Gene Tsudik
PDF
Cite
Privacy-preserving population-enhanced biometric key generation from free-text keystroke dynamics
Biometric key generation techniques are used to reliably generate cryptographic material from biometric signals. Existing constructions …
Jaroslav Šeděnka
,
Kiran Balagani
,
Vir Phoha
,
Paolo Gasti
PDF
Cite
Privacy-preserving distance computation and proximity testing on earth, done right
In recent years, the availability of GPS-enabled smartphones have made location-based services extremely popular. A multitude of …
Jaroslav Šeděnka
,
Paolo Gasti
PDF
Cite
Espresso: efficient privacy-preserving evaluation of sample set similarity
Electronic information is increasingly often shared among entities without complete mutual trust. To address related security and …
Carlo Blundo
,
Emiliano De Cristofaro
,
Paolo Gasti
PDF
Cite
Covert ephemeral communication in named data networking
In the last decade, there has been a growing realization that the current Internet Protocol is reaching the limits of its senescence. …
Moreno Ambrosin
,
Mauro Conti
,
Paolo Gasti
,
Gene Tsudik
PDF
Cite
Continuous authentication with cognition-centric text production and revision features
Hilbert Locklear
,
Sathya Govindarajan
,
Zdeňka Sitová
,
Adam Goodkind
,
David Guy Brizan
,
Andrew Rosenberg
,
Vir V Phoha
,
Paolo Gasti
,
Kiran Balagani
PDF
Cite
Automatic identification of solid-phase medication intake using wireless wearable accelerometers
Rui Wang
,
Zdeňka Sitová
,
Xiaoqing Jia
,
Xiang He
,
Tobi Abramson
,
Paolo Gasti
,
Kiran Balagani
,
Aydin Farajidavar
Cite
A multimodal data set for evaluating continuous authentication performance in smartphones
Qing Yang
,
Ge Peng
,
David T Nguyen
,
Xin Qi
,
Gang Zhou
,
Zdeňka Sitová
,
Paolo Gasti
,
Kiran Balagani
Cite
Securing instrumented environments over content-centric networking: the case of lighting control and NDN
Instrumented environments, such as modern building automation systems (BAS), are becoming commonplace and are increasingly …
Jeff Burke
,
Paolo Gasti
,
Naveen Nathan
,
Gene Tsudik
PDF
Cite
Secure privacy-preserving protocols for outsourcing continuous authentication of smartphone users with touch data
We introduce new secure privacy-preserving protocols for outsourcing continuous authentication of smartphone users. Our protocols allow …
Sathya Govindarajan
,
Paolo Gasti
,
Kiran Balagani
PDF
Cite
Privacy-Preserving Symptoms-to-Disease Mapping on Smartphones
Information-Centric Networking (ICN) is an emerging networking paradigm where named and routable data (content) is the focal point. …
Michael Holmes
,
Jerald Liu
,
Huanying Gu
,
Paolo Gasti
PDF
Cite
Privacy-preserving matching of community-contributed content
Popular consumer review sites, such as Yelp and Tripadvisor, are based upon massive amounts of voluntarily contributed content. Sharing …
Mishari Almishari
,
Paolo Gasti
,
Gene Tsudik
,
Ekin Oguz
PDF
Cite
Poseidon: Mitigating interest flooding DDoS attacks in named data networking
Content-Centric Networking (CCN) is an emerging networking paradigm being considered as a possible replacement for the current IP-based …
Alberto Compagno
,
Mauro Conti
,
Paolo Gasti
,
Gene Tsudik
PDF
Cite
Optimizing bi-directional low-latency communication in named data networking
Content-Centric Networking (CCN) is an alternative to today’s Internet IP-style packet-switched host-centric networking. One key …
Mishari Almishari
,
Paolo Gasti
,
Naveen Nathan
,
Gene Tsudik
PDF
Cite
EsPRESSo: efficient privacy-preserving evaluation of sample set similarity
Electronic information is increasingly often shared among entities without complete mutual trust. To address related security and …
Carlo Blundo
,
Emiliano De Cristofaro
,
Paolo Gasti
PDF
Cite
DoS and DDoS in Named Data Networking
With the growing realization that current Internet protocols are reaching the limits of their senescence, several on-going research …
Paolo Gasti
,
Gene Tsudik
,
Ersin Uzun
,
Lixia Zhang
PDF
Cite
Cache privacy in named-data networking
Content-Centric Networking (CCN) is an alternative to host-centric networking exemplified by today’s Internet. CCN emphasizes …
Gergely Acs
,
Mauro Conti
,
Paolo Gasti
,
Cesar Ghali
,
Gene Tsudik
PDF
Cite
A lightweight mechanism for detection of cache pollution attacks in named data networking
Content-Centric Networking (CCN) is an emerging paradigm being considered as a possible replacement for the current IP-based …
Mauro Conti
,
Paolo Gasti
,
Marco Teoli
PDF
Cite
On the Security of Password Manager Database Formats.
Password managers are critical pieces of software relied upon by users to securely store valuable and sensitive information, from …
Paolo Gasti
,
Kasper Bonne Rasmussen
PDF
Cite
NDN interest flooding attacks and countermeasures
Alberto Compagno
,
Mauro Conti
,
Paolo Gasti
,
G Tsudikz
Cite
Genodroid: are privacy-preserving genomic tests ready for prime time?
As fast and accurate sequencing of human genomes becomes affordable, it is expected that individuals will soon be able to carry around …
Emiliano De Cristofaro
,
Sky Faber
,
Paolo Gasti
,
Gene Tsudik
PDF
Cite
Fast and private computation of cardinality of set intersection and union
In many everyday scenarios, sensitive information must be shared between parties without complete mutual trust. Private set operations …
Emiliano De Cristofaro
,
Paolo Gasti
,
Gene Tsudik
PDF
Cite
ANDaNA: Anonymous Named Data Networking Application
Content-centric networking — also known as information-centric networking (ICN) — shifts emphasis from hosts and interfaces (as in …
Steve DiBenedetto
,
Paolo Gasti
,
Gene Tsudik
,
Ersin Uzun
PDF
Cite
Secure and efficient protocols for iris and fingerprint identification
Recent advances in biometric recognition and the increasing use of biometric data prompt significant privacy challenges associated with …
Marina Blanton
,
Paolo Gasti
PDF
Cite
On Re-use of randomness in broadcast encryption
Broadcast encryption provides an efficient way to encrypt a message for a large number of receivers. This paper investigates whether it …
Paolo Gasti
,
Alessio Merlo
PDF
Cite
Fast and Private Computation of Set Intersection Cardinality.
In many everyday scenarios, sensitive information must be shared between parties without complete mutual trust. Private set operations …
Emiliano De Cristofaro
,
Paolo Gasti
,
Gene Tsudik
PDF
Cite
Countering gattaca: efficient and secure testing of fully-sequenced human genomes
Recent advances in DNA sequencing technologies have put ubiquitous availability of fully sequenced human genomes within reach. It is no …
Pierre Baldi
,
Roberta Baronio
,
Emiliano De Cristofaro
,
Paolo Gasti
,
Gene Tsudik
PDF
Cite
Anonymous named data networking application
Ersin Uzun
,
Steven DiBenedetto
,
Gene Tsudik
,
Paolo Gasti
Cite
ANDaNA: Anonymous named data networking application
Content-centric networking — also known as information-centric networking (ICN) — shifts emphasis from hosts and interfaces (as in …
Steven DiBenedetto
,
Paolo Gasti
,
Gene Tsudik
,
Ersin Uzun
PDF
Cite
A new approach to securing audio conference tools
Named Data Networking (NDN), a recently proposed Internet architecture based on content-centric networking, is designed to secure data …
Zhenkai Zhu
,
Jeffery Burke
,
Lixia Zhang
,
Paolo Gasti
,
Yanbin Lu
,
Van Jacobson
PDF
Cite
On the integrity of network coding-based anonymous p2p file sharing networks
Network coding is a class of routing algorithms offering increased throughput and improved robustness to random failures. With …
Paolo Gasti
,
Alessio Merlo
,
Giuseppe Ciaccio
,
Giovanni Chiola
PDF
Cite
Deniable cloud storage: sharing files via public-key deniability
Cloud computing provides users with ample computing resources, storage, and bandwidth to meet their computing needs, often at minimal …
Paolo Gasti
,
Giuseppe Ateniese
,
Marina Blanton
PDF
Cite
Breaking and fixing the self encryption scheme for data security in mobile devices
Data security is one of the major challenges that prevents the wider acceptance of mobile devices, especially within business and …
Paolo Gasti
,
Yu Chen
PDF
Cite
Universally Anonymous IBE Based on the Quadratic Residuosity Assumption.
We introduce the first universally anonymous, thus key-private, IBE whose security is based on the standard quadratic residuosity …
Giuseppe Ateniese
,
Paolo Gasti
PDF
Cite
StemCerts-2: pairs of X. 509 v3 certificates for greater security, flexibility and convenience
Giovanni Chiola
,
Paolo Gasti
Cite
Resource management with X. 509 inter-domain authorization certificates (InterAC)
Vishwas Patil
,
Paolo Gasti
,
Luigi Mancini
,
Giovanni Chiola
PDF
Cite
StemCerts: customizable X. 509 v3 certificates for higher security, flexibility, and convenience
G Chiola
,
P Gasti
Cite
Cite
×