Category: Publications

Home / Publications
Post

Smartwatches Locking Methods: A Comparative Study

Toan Nguyen and Nasir Memon Smartwatches are rapidly emerging to be the next generation of personal devices from the smartphone era due to their novel form factor and broad applications. However, their emergence also poses new challenges to securing user information. An important challenge is preventing unauthorized access to private information stored on the watch,...

Post

New Me: Understanding Expert and Non-Expert Perceptions and Usage of the Tor Anonymity Network

Kevin Gallagher, Sameer Patil, Nasir Memon Proper use of an anonymity system requires adequate understanding of how it functions. Yet, there is surprisingly little research that looks into user understanding and usage of anonymity software. Improper use stemming from a lack of sufficient knowledge of the system has the potential to lead to deanonymization, which...

Post

Mercury: Bandwidth-Effective Prevention of Rollback Attacks Against Community Repositories

Trishank Karthik Kuppusamy, Vladimir Diaz and Justin Cappos A popular community repository such as Docker Hub, PyPI, or RubyGems distributes tens of thousands of software projects to millions of users. The large number of projects and users make these repositories attractive targets for exploitation. After a repository compromise, a malicious party can launch a number...

Post

Optimal impulse control of bi-virus SIR epidemics with application to heterogeneous Internet of Things

Vladislav Taynitskiy, Elena Gubar and Quanyan Zhu With the emerging Internet of Things (IoT) technologies, malware spreading over increasingly connected networks becomes a new security concern. To capture the heterogeneous nature of the IoT networks, we propose a continuous-time Susceptible-Infected-Recovered (SIR) epidemic model with two types of malware for heterogeneous populations over a large network...

Post

Strategic Trust in Cloud-Enabled Cyber-Physical Systems with an Application to Glucose Control

Jeffrey Pawlick and Quanyan Zhu Advances in computation, sensing, and networking have led to interest in the Internet of things (IoT) and cyberphysical systems (CPS). Developments concerning the IoT and CPS will improve critical infrastructure, vehicle networks, and personal health products. Unfortunately, these systems are vulnerable to attack. Advanced persistent threats (APTs) are a class...

Post

How Biometric Authentication Poses New Challenges to Our Security and Privacy

Nasir Memon Discusses the challenges that face biometric authentication in the areas of privacy and network security. The use of biometric data — an individual’s measurable physical and behavioral characteristics — isn’t new. Government and law enforcement agencies have long used it. The Federal Bureau of Investigation (FBI) has been building a biometric recognition database;...

Post

IllusionPIN: Shoulder-Surfing Resistant Authentication Using Hybrid Images

Athanasios Papadopoulos, Toan Nguyen, Emre Durmus and Nasir Memon. We address the problem of shoulder-surfing attacks on authentication schemes by proposing IllusionPIN (IPIN), a PIN-based authentication method that operates on touchscreen devices. IPIN uses the technique of hybrid images to blend two keypads with different digit orderings in such a way, that the user who...

Post

Proactive Defense Against Physical Denial of Service Attacks using Poisson Signaling Games

Jeffrey Pawlick and Quanyan Zhu While the Internet of things (IoT) promises to improve areas such as energy efficiency, health care, and transportation, it is highly vulnerable to cyberattacks. In particular, distributed denial-of-service (DDoS) attacks overload the bandwidth of a server. But many IoT devices form part of cyber-physical systems (CPS). Therefore, they can be...

Post

A Factored MDP Approach to Optimal Mechanism Design for Resilient Large-Scale Interdependent Critical Infrastructures

Linan Huang, Juntao Chen and Quanyan Zhu Enhancing the security and resilience of interdependent infrastructures is crucial. In this paper, we establish a theoretical framework based on Markov decision processes(MDPs) to design optimal resiliency mechanisms for interdependent infrastructures. We use MDPs to capture the dynamics of the failure of constituent components of an infrastructure and...