My research interests primarily include the security and privacy for users interacting with their devices, with emphasis on voice interfaces, privacy policies, malware detection, data privacy, and wireless security and privacy. My overall research objective is to bring effective, practical, and usable security and privacy protection to the masses especially in the emerging computing paradigm of the Internet of Things. In the past, I made research contributions to software systems as well as wireless communications and networks.
Please click on each project to find more details and links to source codes as well as datasets.
Traditional mechanisms for delivering notice and enabling choice have so far failed to protect users’ privacy. Users are continuously frustrated by complex privacy policies, unreachable privacy settings, and a multitude of emerging standards. The miniaturization trend of smart devices and the emergence of the Internet of Things (IoTs) will exacerbate this problem further. In this project, we are proposing Conversational Privacy Bots (PriBots) as a new way of delivering notice and choice through a two-way dialogue between the user and a computer agent (a chatbot). PriBots improve on state-of-the-art by offering users a more intuitive and natural interface to inquire about their privacy settings, thus allowing them to control their privacy. In addition to presenting the potential applications of PriBots, we describe the underlying system needed to support their functionality. We also delve into the challenges associated with delivering privacy as an automated service. PriBots have the potential for enabling the use of chatbots in other related fields where users need to be informed or to be put in control.
Voice has become an increasingly popular User Interaction (UI) channel, largely contributing to the ongoing trend of wearables, smart vehicles, and home automation systems. Voice assistants such as Siri, Google Now and Cortana, have become our everyday fixtures, especially in scenarios where touch interfaces are inconvenient or even dangerous to use, such as driving or exercising. Nevertheless, the open nature of the voice channel makes voice assistants difficult to secure and exposed to various attacks as demonstrated by security researchers. VAuth is the first system that provides continuous and usable authentication for voice assistants. We design VAuth to fit in a necklace's pendant, where it collects the sternum-surface vibrations of the user and matches it with the speech signal received by the voice assistant's microphone. VAuth passes to the voice assistant only those commands that originate from the voice of the owner. We tested VAuth on 8 users and 30 voice commands and found it achieving an almost perfect matching accuracy with less than 1% false positives. VAuth successfully thwarts different practical attacks such as replayed attacks, mangled voice attacks, or impersonation attacks. It also has low energy overhead and is compatible with most existing voice assistants.
Bluetooth Low Energy (BLE) has emerged as the de facto communication protocol in the new computing paradigm of the Internet of Things (IoT). A BLE-equipped device or sensor advertises its presence to let interested parties connect and glean relevant information. These advertisements, however, are a double-edged sword; an adversary can exploit them to learn more about the BLE-equipped devices of a certain user or in a specific environment – generally referred to in literature as the inventory attack. Revealing the device's presence is the stepping stone toward more serious privacy and security attacks with grave consequences, as demonstrated for medical devices. My analysis of the advertisements from 214 different types of BLE-equipped devices and sensors revealed that BLE's security and privacy provisions are ineffective; BLE advertisements leak an alarming amount of information that allows an adversary to track, profile, fingerprint, and access user's sensitive information. To address these threats, current approaches require changes to the protocol itself or to the way the BLE-equipped devices function rendering them impractical to deploy.
I designed and implemented BLE-Guardian, a novel device-agnostic system that defends against security and privacy threats to BLE- equipped devices. BLE-Guardian efficiently invokes friendly jamming to prevent others from receiving a selected device's advertisement, effectively rendering it invisible, without affecting other nearby devices. Hiding a device prevents an adversary from being aware of its existence and hence limits the potential security/privacy threats to its owner/carrier. In addition, BLE-Guardian includes an access control module that allows only authorized devices to discover, scan, and connect to the user's BLE-equipped devices. BLE-Guardian is effective in combating security and privacy threats, has low overhead, and incurs minimal or no disruption to the legitimate BLE devices.
I designed and implemented PR-LBS (Privacy vs. Reward for Location Based Service), a system that balances the users' privacy concerns and the benefits of sharing location data in indoor location tracking environments. PR-LBS includes three novel online location release mechanisms that achieve differential privacy guarantees, and ensures that the user engages in a fair location-service exchange with the service provider. Moreover, PR-LBS achieves equilibrium between user's privacy protection and SP's data utility in indoor scenarios. As localization can be device-based or infrastructure-based, PR-LBS can be installed on individual devices or deployed as a broker between users and service providers.PR-LBS is inspired and motivated by an online survey that we performed for 200 hypothetical shoppers in Walmart and Nordstrom.
You can find a link to the Walmart survey
and the respondents' responses to the survey
You can also find a link to the Nordstrom survey here, and the respondents' responses to the survey here.
Mobile devices are manifesting as very attractive targets for attacks, with the number of detected malware instances increasing exponentially. Malicious apps exploit device vulnerabilities, steal personal information, track users through aggressive sensor polling, convert the mobile device to a bot for DDoS attacks or spamming, and embezzle the users through toll fraud attacks. Current mobile malware detection strategies depend on signature matching – identifying malware based on known and static characteristics. Nevertheless, malware, advancing at a fast rate, employ a set of techniques to hide their malicious payload and evade detection. Behavioral analysis techniques overcome the shortcomings of the existing malware detection mechanisms; they continuously monitor app behaviors through tracking a number of features on the device. As the number of features increases, the behavioral analysis engine becomes too expensive to run on the mobile device which impacts user experience.
I contributed to Qualcomm's Smart Protect platform, the first efficient and performance-aware behavioral analysis architecture for mobile malware detection. At the core of this architecture lies my work – JFSP, a joint feature selection and pruning algorithm that converts a malware classification model based on the full feature set to a lean model based on a reduced feature set. JFSP performs this task dynamically, on the device, without retraining, while incurring little loss in detection accuracy. JFSP is able to reduce 70% of the original number of features at a minimal loss (less than 7%) of detection accuracy.
As people rely more on location-aware mobile phones for their daily lives and businesses, they expose more of their location information to service providers. An entity with access to the user’s location traces can infer information about the points of interest (PoIs) the user visits, thus raising the risk of his privacy. To protect a user’s location privacy, we propose a new approach that creates Dummy Crowd for Location Privacy Protection (D-Coy). D-Coy protects a user’s location privacy at three levels. On the highest level, it hides the user’s frequently-visiting PoIs within a set of dummy PoIs, effectively protecting his identity. On the next level, D-Coy protects the user’s trajectories by generating a set of dummy paths that are indistinguishable from his actual path. As D-Coy associates every location sample with a set of dummy locations, it achieves instantaneous protection of location privacy on the lowest level. Our extensive evaluation of D-Coy using real-life traces has shown that it effectively protects the user’s location privacy while providing an acceptable quality of service and real-time user experience.