Below is a comprehensive list of my publications and patents.
You can also check out my Google Scholar page.
It is cost-effective to process wireless frames on general-purpose
processors (GPPs) in place of dedicated hardware.
Wireless operators are decoupling signal processing from
basestations and implementing it in a cloud of compute resources,
also known as a cloud-RAN (C-RAN). A C-RAN
must meet the deadlines of processing wireless frames; for
example, 3ms to transport, decode and respond to an LTE
uplink frame. The design of baseband processing on these
platforms is thus a major challenge for which various processing
and real-time scheduling techniques have been proposed.
In this paper, we implement a medium-scale C-RAN-type platform and conduct an in-depth analysis of its real-time performance. We find that the commonly used (e.g., partitioned) scheduling techniques for wireless frame processing are inefficient as they either over-provision resources or suffer from deadline misses. This inefficiency stems from the large variations in processing times due to fluctuations in wireless traffic. We present a new framework called RT-OPEX, that leverages these variations and proposes a flexible approach for scheduling. RT-OPEX dynamically migrates parallelizable tasks to idle compute resources at runtime, reducing processing times and hence deadline misses at no additional cost. We implement and evaluate RT-OPEX on a commodity GPP platform using realistic cellular workload traces. Our results show that RT-OPEX achieves an order-of-magnitude improvement over existing C-RAN schedulers in meeting frame processing deadlines.
Bluetooth Low Energy (BLE) has emerged as an attractive technology to enable Internet of Things (IoTs) to interact with others in their vicinity. Our study of the behavior of more than 200 types of BLE-equipped devices has led to a surprising discovery: the BLE protocol, despite its privacy provisions, fails to address the most basic threat of all—hiding the device’s presence from curious adversaries. Revealing the device’s presence is the stepping stone toward more serious threats that include user profiling/fingerprinting, behavior tracking, inference of sensitive information, and exploitation of known vulnerabilities on the device. With thousands of manufacturers and developers around the world, it is very challenging, if not impossible, to envision the viability of any privacy or security solution that requires changes to the devices or the BLE protocol. In this paper, we propose a new device-agnostic system, called BLE-Guardian, that protects the privacy of the users/environments equipped with BLE devices/IoTs. It lets the users and administrators control those who discover, scan, and connect to their devices. We have implemented BLE-Guardian using Ubertooth One, an off-the-shelf open Bluetooth development platform, facilitating its wide deployment. Our evaluation with real devices shows that BLE-Guardian effectively protects the users’ privacy while incurring little overhead on the communicating BLE-devices.
With the advance of indoor localization technology, indoor location-based services (ILBS) are gaining popularity. They, however, accompany privacy concerns. ILBS providers track the users’ mobility to learn more about their behavior, and then provide them with improved and personalized services. Our survey of 200 individuals highlighted their concerns about this tracking for potential leakage of their personal/private traits, but also showed their willingness to accept reduced tracking for improved service. In this paper, we propose PR-LBS (Privacy vs. Reward for Location-Based Service), a system that addresses these seemingly conflicting requirements by balancing the users’ privacy concerns and the benefits of sharing location information in indoor location tracking environments. PR-LBS relies on a novel location-privacy criterion to quantify the privacy risks pertaining to sharing indoor location information. It also employs a repeated play model to ensure that the received service is proportionate to the privacy risk. We implement and evaluate PR-LBS extensively with various real-world user mobility traces. Results show that PR-LBS has low overhead, protects the users’ privacy, and makes a good tradeoff between the quality of service for the users and the utility of shared location data for service providers.
Traditional mechanisms for delivering notice and enabling choice have so far failed to protect users’ privacy. Users are continuously frustrated by complex privacy policies, unreachable privacy settings, and a multitude of emerging standards. The miniaturization trend of smart devices and the emergence of the Internet of Things (IoTs) will exacerbate this problem further. In this paper, we propose Conversational Privacy Bots (PriBots) as a new way of delivering notice and choice through a two-way dialogue between the user and a computer agent (a chatbot). PriBots improve on state-of-the-art by offering users a more intuitive and natural interface to inquire about their privacy settings, thus allowing them to control their privacy. In addition to presenting the potential applications of PriBots, we describe the underlying system needed to support their functionality. We also delve into the challenges associated with delivering privacy as an automated service. PriBots have the potential for enabling the use of chatbots in other related fields where users need to be informed or to be put in control.
Mobile users are becoming increasingly aware of the privacy threats resulting from apps’ access of their location. Few of the solutions proposed thus far to mitigate these threats have been deployed as they require either app or platform modifications. Mobile operating systems (OSes) also provide users with location access controls. In this paper, we analyze the efficacy of these controls in combating the location-privacy threats. For this analysis, we conducted the first location measurement campaign of its kind, analyzing more than 1000 free apps from Google Play and collecting detailed usage of location by more than 400 location-aware apps and 70 Advertisement and Analytics (A&A) libraries from more than 100 participants over a period ranging from 1 week to 1 year. Surprisingly, 70% of the apps and the A&A libraries pose considerable profiling threats even when they sporadically access the user’s location. Existing OS controls are found ineffective and inefficient in mitigating these threats, thus calling for a finer-grained location access control. To meet this need, we propose LP-Doctor, a light-weight user-level tool that allows Android users to effectively utilize the OS’s location access controls while maintaining the required app’s functionality as our user study (with 227 participants) shows.
Usage behaviors of different smartphone apps capture different views of an individual’s life, and are largely independent of each other. However, in the current mobile app ecosystem, a curious party can covertly link and aggregate usage behaviors of the same user across different apps. We refer to this as unregulated aggregation of app usage behaviors. In this paper, we present a fresh perspective of unregulated aggregation, focusing on monitoring, characterizing and reducing the underlying linkability across apps. The cornerstone of our study is the Dynamic Linkability Graph (DLG) which tracks applevel linkability during runtime. We observed how DLG evolves on real-world users and identified real-world evidence of apps abusing IPCs and OS-level identifying information to establish linkability. Based on these observations, we propose a linkability-aware extension to current mobile operating systems, called LinkDroid,which provides runtime monitoring and mediation of linkability across different apps. LinkDroid is a client-side solution and compatible with the existing smartphone ecosystem. It helps end-users “sense” this emerging threat and provides them intuitive opt-out options.
This work proposes a replication scheme that is implemented on top of a previously proposed system for MANETs that cache submitted queries in special nodes, called query directories, and uses them to locate the data (responses) that are stored in the nodes that first request them, called caching nodes. The system, which was named distributed cache invalidation method (DCIM), includes client-based mechanisms for keeping the cached data consistent with the data source. In this work, we extend DCIM to handle cache replicas inside the MANET. For this purpose, we utilize a push-based approach within the MANET to propagate the server updates to replicas inside the network. The result is a hybrid approach that utilizes the benefits of pull approaches for client server communication and those of push approaches inside the network between the replicas. The approach is analyzed analytically, and the appropriate number of replicas is obtained, where it was concluded that full replication of the indices of data items at the query directory and two-partial replication of the data items themselves makes most sense. Simulation results based on ns2 demonstrate the ability of the added replication scheme to lower delays and improve hit ration at the cost of mild increases in overhead traffic.
Coverage criteria aim at satisfying test requirements and compute metrics values that quantify the adequacy of test suites at revealing defects in programs. Typically, a test requirement is a structural program element, and the coverage metric value represents the percentage of elements covered by a test suite. Empirical studies show that existing criteria might characterize a test suite as highly adequate, while it does not actually reveal some of the existing defects. In other words, existing structural coverage criteria are not always sensitive to the presence of defects. This paper presents PBCOV, a Property-Based COVerage criterion, and empirically demonstrates its effectiveness. Given a program with properties therein, static analysis techniques, such as model checking, leverage formal properties to find defects. PBCOV is a dynamic analysis technique that also leverages properties and is characterized by the following: (a) It considers the state space of first-order logic properties as the test requirements to be covered; (b) it uses logic synthesis to compute the state space; and (c) it is practical, i.e., computable, because it considers an over-approximation of the reachable state space using a cut-based abstraction.We evaluated PBCOV using programs with test suites comprising passing and failing test cases. First, we computed metrics values for PBCOV and structural coverage using the full test suites. Second, in order to quantify the sensitivity of the metrics to the absence of failing test cases, we computed the values for all considered metrics using only the passing test cases. In most cases, the structural metrics exhibited little or no decrease in their values, while PBCOV showed a considerable decrease. This suggests that PBCOV is more sensitive to the absence of failing test cases, i.e., it is more effective at characterizing test suite adequacy to detect defects, and at revealing deficiencies in test suites.
As smartphones are increasingly used to run apps that provide users with location-based services, the users' location privacy has become a major concern. Existing solutions to this concern are deficient in terms of practicality, efficiency, and effectiveness. To address this problem, we design, implement, and evaluate LP-Guardian, a novel and comprehensive framework for location privacy protection for Android smartphone users. LP-Guardian's overcomes the shortcomings of existing approaches by addressing the tracking, profiling, and identification threats while maintaining app functionality. We have implemented and evaluated LP-Guardian's on Android 4.3.1. Our evaluation results show that LP-Guardian's effectively thwarts the privacy threats, without deteriorating the user's experience (less than 10% overhead in delay and energy). Also, LP-Guardian's privacy protection is shown to be achieved at a tolerable loss in app functionality.
The Wireless Access in Vehicular Environments (WAVE) protocol stack has been recently defined to enable vehicular communication on the Dedicated Short Range Communication (DSRC) frequencies. Some recent studies have demonstrated that the WAVE technology might not provide sufficient spectrum for reliable exchange of safety information over congested urban scenarios. In this paper, we address this issue, and present a novel cognitive network architecture in order to dynamically extend the Control Channel (CCH) used by vehicles to transmit safety-related information. To this aim, we propose a cooperative spectrum sensing scheme, through which vehicles can detect available spectrum resources on the 5.8 GHz ISM band along their path, and forward the data to a fixed infrastructure known as Road Side Units (RSUs). We design a novel Fuzzy-Logic based spectrum allocation algorithm, through which the RSUs infer the actual CCH contention conditions, and dynamically extend the CCH bandwidth in network congestion scenarios, by using the vacant frequencies detected by the sensing module. The simulation results reveal the effectiveness of our architecture in providing dynamic and scalable allocation of spectrum resources, and in increasing the performance of safety-related applications.
This paper proposes distributed cache invalidation mechanism (DCIM), a client-based cache consistency scheme that is implemented on top of a previously proposed architecture for caching data items in mobile ad hoc networks (MANETs), namely COACS, where special nodes cache the queries and the addresses of the nodes that store the responses to these queries. We have also previously proposed a server-based consistency scheme, named SSUM, whereas in this paper, we introduce DCIM that is totally client-based. DCIM is a pull-based algorithm that implements adaptive time to live (TTL), piggybacking, and prefetching, and provides near strong consistency capabilities. Cached data items are assigned adaptive TTL values that correspond to their update rates at the data source, where items with expired TTL values are grouped in validation requests to the data source to refresh them, whereas unexpired ones but with high request rates are prefetched from the server. In this paper, DCIM is analyzed to assess the delay and bandwidth gains (or costs) when compared to polling every time and push-based schemes. DCIM was also implemented using ns2, and compared against client-based and server-based schemes to assess its performance experimentally. The consistency ratio, delay, and overhead traffic are reported versus several variables, where DCIM showed to be superior when compared to the other systems.
Mobile devices are getting more pervasive, and it is becoming increasingly necessary to integrate web services into applications that run on these devices. We introduce a novel approach for dynamically invoking web service methods from mobile devices with minimal user intervention that only involves entering a search phrase and values for the method parameters. The architecture overcomes technical challenges that involve consuming discovered services dynamically by introducing a man-in-the-middle (MIM) server that provides a web service whose responsibility is to discover needed services and build the client-side proxies at runtime. The architecture moves to the MIM server energy-consuming tasks that would otherwise run on the mobile device. Such tasks involve communication with servers over the Internet, XML-parsing of files, and on-the-fly compilation of source code. We perform extensive evaluations of the system performance to measure scalability as it relates to the capacity of the MIM server in handling mobile client requests, and device battery power savings resulting from delegating the service discovery tasks to the server.
This paper proposes a data replication scheme implemented on top of a cooperative data caching architecture in MANETs that caches submitted queries in special nodes, called query directories (QDs), and uses them to locate data (responses) stored in the nodes that requested them, and called caching nodes (CNs). The QD entries are replicated according to a cost minimization model, and the actual data items are placed in nearby CNs. The proposed system is dynamic, as it adapts to topology changes and relocates replicas as necessary. The preliminary prototype of the proposed method is simulated using ns2 to assess its performance experimentally. Enhancements in performance in terms of lowered access delay and improved hit rates are reported, while maintaining a cap on overhead traffic.
Mobile Ad hoc Networks (MANETs) have become increasingly popular with the rapid emergence of hand-held devices and advanced communication technologies. As a result, several MANET applications have been proposed one of which is the data access application. To enhance the performance of this application cache management systems have been suggested; however, they have been designed regardless of the privacy concerns they raise. We study the cache management system COACS (a COoperative and Adaptive Caching System for MANETs) and its weaknesses in terms of privacy to propose a privacy-preserving protocol to render such a caching system well protected against all kind of internal or external privacy breaches. We also provide a mathematical analysis to measure the system's degree of anonymity.
Port scanning is the most popular reconnaissance technique attackers use to discover services they can break into. Port scanning detection has received a lot of attention by researchers. However a slow port scan attack can deceive most of the existing Intrusion Detection Systems (IDS). In this paper, we present a new, simple, and efficient method for detecting slow port scans. Our proposed method is mainly composed of two phases: (1) a feature collection phase that analyzes network traffic and extracts the features needed to classify a certain IP as malicious or not. (2) A classification phase that divides the IPs, based on the collected features, into three groups: normal IPs, suspicious IPs and scanner IPs. The IPs our approach classify as suspicious are kept for the next (K) time windows for further examination to decide whether they represent scanners or legitimate users. Hence, this approach is different than the traditional approach used by IDSs that classifies IPs as either legitimate or scanners, and thus producing a high number of false positives and false negatives. A small Local Area Network was put together to test our proposed method. The experiments show the effectiveness of our proposed method in correctly identifying malicious scanners when both normal and slow port scan were performed using the three most common TCP port scanning techniques. Moreover, our method detects malicious scanners that are otherwise not detected using well known IDSs such as Snort.
The Wireless Access in Vehicular Environments (WAVE) protocol stack is one of the most important protocols proposed to standardize and allocate spectrum for vehicle-to-vehicle and vehicle-to-infrastructure communication. In a previous work, we proved that WAVE faces a spectrum scarcity problem which hinders reliable exchange of safety information. To overcome this problem, we proposed a system that applies cognitive networks principles to WAVE as to increase the spectrum allocated to the control channel (CCH) by the IEEE 802.11p amendment, where all safety information is transmitted. However, the decision making process in our previous work did not utilize the extra spectrum efficiently as it was not allocated according to the contention level experienced by the vehicle. In this paper, we suggest a system that employs a fuzzy logic system (FLS) to dynamically assign additional spectrum from the ISM band to the CCH. This system, which we call FCVANET, assigns the minimum necessary additional bandwidth to relieve the contention. The FLS takes as input 2 parameters, the message delay and the un-transmitted packets and utilizes a feedback loop. Our simulations show that the proposed system allocates bandwidth more efficiently in accordance with the contention level faced by the vehicles. The system succeeds to relieve contention by reducing delay and the number of un-transmitted packets.
Wireless Access in Vehicular Environments (WAVE) protocol stack is the most important protocol used to allocate spectrum for vehicular communication. The capabilities of WAVE to provide reliable exchange of safety information are questionable. In a previous work, we suggested a system that employs cognitive networks principles to increase the spectrum allocated to the control channel (CCH) by the IEEE 802.11p amendment, where all safety information is transmitted. However, the decision making process implemented in that work does not differentiate between contention levels and does not relate precisely the measured contention to the amount of needed spectrum, which leads to an inefficient utilization of the white spectrum. In order to assign the minimum necessary additional bandwidth to relieve the contention, we suggest in this paper a new system that quantifies contention into multiple levels of severity based on Fuzzy Logic and maps additional spectrum correspondingly. Simulations show the effectiveness of the system in allocating the minimum needed bandwidth to relieve contention, without affecting other QoS parameters such as delay and number of untransmitted packets.
The Wireless Access in Vehicular Environments (WAVE) protocol stack is one of the most important protocols used to allocate spectrum for vehicular communication. In a previous work, we proved that WAVE does not provide sufficient spectrum for reliable exchange of safety information. More specifically, safety message delay is not acceptable and exceeds application requirements. In this paper, we propose a system that provides Data delivery guarantees using Cognitive networks principles in congested Vehicular ad hoc networks. We will refer to our system as DCV. Our goal is to ensure that all safety packets get generated and transmitted during the same interval. The system monitors the contention delay experienced by cars on the control channel where all safety packets should be transmitted. If the sensed contention delay exceeds delay threshold γ, the Road Side Unit (RSU) needs to increase the spectrum allocated to the control channel using cognitive networks. The RSU employs a feedback control design where additional bandwidth is added to drive the contention delay below the delay threshold γ used as reference input for the controller. Analysis and simulations indicate the effectiveness of the system in providing data delivery guarantees in vehicular networks and thus increasing safety measures on the road.
Researchers have suggested Vehicular Ad hoc Networks as a way to enable car to car communications and to allow for the exchange of safety and other types of information among cars. The Wireless Access in Vehicular Environments (WAVE) protocol stack is standardized by the IEEE, and it allocates spectrum for vehicular communication. In our work we prove that it does not provide sufficient spectrum for reliable exchange of safety information. To alleviate this problem, we present a system that employs cognitive network principles to increase the spectrum allocated to the control channel (CCH) by the WAVE protocols, where all safety information is transmitted. To accomplish this objective, the proposed system relies on sensed data sent by the cars to road side units that in turn forward the aggregated data to a processing unit. The processing unit infers data contention locations and generates spectrum schedules to dispatch to the passing cars. Analysis and simulation results indicate the effectiveness of the system in improving data delivery in vehicular networks and thus increasing the reliability of safety applications.
This work builds on the LIME (Linda in mobile environment) tuple space framework to implement a system that offers clustering and routing capabilities for mobile ad hoc network (MANET) environments, and provide an agent-like architecture for running distributed and collaborative applications on mobile devices. This paper describes the components that were added to the LIME system, which were necessary to implement engagement and disengagement of hosts into and out of spaces, and illustrates the developed engagement mechanism and routing protocol with the aid of example scenarios. The paper then discusses the system performance obtained from implementing its functions using the ns-2 network simulation software. The obtained results indicate that the system works reasonably well under different conditions (host transmission range, host mobility, and density of hosts in the network). For instance, the time for a host to join a space is well under one second in sparse spaces and goes up to only two seconds in moderately dense spaces). Moreover, the system offers routing performance that is moderately better than that of ZRP, both in terms of route discovery delay and generated traffic.
In this paper, we present a novel integrated method for testing gate-oxide shorts due to pinhole defects in the gate oxide of CMOS circuits using a wavelet transform-based transient current (iDDT) analysis technique. Wavelet transform has the property of resolving events in both time and frequency domains unlike Fourier transform which decomposes a signal in frequency components only. The proposed method is based on switching the CMOS gate, monitoring the wavelet transform of the transient current and comparing it to the one of the defect-free gate. The MOS transistor is modeled using a two-dimensional non-linear split model. Simulation results on the circuit under test show that wavelet transform has higher fault detection sensitivity than Fourier or peak-current value comparison methods and hence, can be considered very promising for defect oriented testing of gate-oxide shorts.
The time based localization utilizing cellular communication networks has been investigated as a complementation to Global Navigation Satellite Systems (GNSS) for critical scenarios, like indoor or urban canyon areas. By suitable Hybrid Data Fusion (HDF) algorithms which combine the information from GNSS and terrestrial cellular networks, the estimated position accuracy can be improved. However, the wave propagation characteristics for joint GNSS and terrestrial mobile radio based localization as application has not been studied yet. Therefore, a measurement campaign for GNSS at 1.51 GHz and terrestrial radio at 5.2 GHz was performed. In this paper, an analysis of the outdoor to indoor channel for the joint localization as application is presented. It turns out to be that the Time of Arrival (ToA) bias, which is the difference between the geometric distance and the distance propagated by the first incoming wave, is depending on the elevation angle of incoming rays seen from the building to the transmitter. A comparison between two carrier frequencies is addressed.
This paper describes a fast HTML web page detection approach that saves computation time by limiting the similarity computations between two versions of a web page to nodes having the same HTML tag type, and by hashing the web page in order to provide direct access to node information. This efficient approach is suitable as a client application and for implementing server applications that could serve the needs of users in monitoring modifications to HTML web pages made over time, and that allow for reporting and visualizing changes and trends in order to gain insight about the significance and types of such changes. The detection of changes across two versions of a page is accomplished by performing similarity computations after transforming the web page into an XML-like structure in which a node corresponds to an open–close HTML tag. Performance and detection reliability results were obtained, and showed speed improvements when compared to the results of a previous approach.
Vehicular ad hoc networks, also known as VANETs, constitute a major pillar in making the dream of an Intelligent Transportation System (ITS) come true. By enabling vehicles to communicate with each other, it would be possible to have safer and more efficient roads where drivers and concerned authorities are supplied with timely information. Based on a short to medium range communication systems, VANETs can enable both safety and entertainment types of applications to come to reality. Unfortunately, the application layer has not received sufficient attention. Although some of the undergoing projects have touched on the subject, their works do not seriously cover issues dealing with actual implementations of VANET scenarios. This paper describes some application layer scenarios which we developed using the network simulator ns2. We describe the limitations of ns2 as it concerns VANET simulations and our implemented solution, and then move on to considering car braking and changing lane scenarios in order to demonstrate how such applications may work.
In spite of the existence of several systems that organize and offer information to users (e.g. Internet, Intranet, or private databases), finding the desired data is still a time consuming task. ASKME solves this problem by providing users with a collaborative learning environment which evolves through direct and indirect user contributions. The system includes a credit/debit system to make sure users participate in providing answers and feedback. The system can also provide users with online material that it has located. The current system is implemented as a web server and thus the knowledge-base (KB) is centralized. Future plans include allowing for distributed data.