• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Home Page
  • Research
  • Publications
  • Students
  • Teaching & WFD
  • Media
  • Links
  • News Archive

Nitesh Saxena - Professor, Computer Science; Associate Director, Global Cyber Research Institute; Dean's Research Fellow 2022-23

Texas A&M University College of Engineering

Uncategorized

Paper accepted to ICME 2025

Posted on June 24, 2025 by nsaxena

MarkMatch: Same-Hand Stuffing Detection.
Fei Zhao, Runlin Zhang, Chengcui Zhang, and Nitesh Saxena
IEEE International Conference on Multimedia and expo (ICME), June 30-July 4th, 2025.

Filed Under: Uncategorized

SPIES Lab’s Browser Fingerprinting Work in the News

Posted on June 23, 2025 by Jimmy Dani

SPIES Lab’s study, led by Zengrui Liu (former SPIES), Jimmy Dani and Nitesh Saxena, provides the first evidence of the use of browser fingerprints for online tracking. The researchers discovered that websites are covertly employing browser fingerprinting — a technique that uniquely identifies a web browser — to track users across browsing sessions and sites.

Read our full paper here.

Media outlets featuring our browser fingerprinting work include:

  • Your browser is snitching on you, The Kim Komando Show
  • New Research Reveals How Websites Secretly Track Users Without Cookies, Israel Homeland Security (iHSL)
  • Your web browser may be spying on you — Even without cookies, Knowridge Science Report
  • VPNs cannot protect against browser fingerprinting – but this new web browser could be the fix, msn.com
  • Researchers Link Browser Fingerprints to Ad Targeting, Undermining Online Privacy Promises, Digital Information world
  • Websites are secretly tracking you using your browser’s ‘fingerprint’, Earth.com
  • Websites Are Tracking You Via Browser Fingerprinting, Hacker News
  • Websites Are Tracking You Via Browser Fingerprinting, researchers show, Tech Xplore
  • Psylo browser tries to obscure digital fingerprints by giving every tab its own IP address, The Register
  • The browser reveals its identity. Why is this a problem?, gazeta na niedzielę (GNN)
  • Risky Bulletin: Russian hackers abuse app-specific passwords to bypass MFA, RISKY.BIZ
  • Researchers relate browser fingerprints to ad targeting, undermining promises of online privacy., Consultant ALEX BARBOSA
  • VPNs cannot protect against browser fingerprinting – but this new web browser could be the fix, Tech Radar, June 21, 2025

Filed Under: Uncategorized

Journal paper accepted to IEEE TIFS

Posted on June 19, 2025 by nsaxena

Building and Testing a Hidden-Password Online Password Manager
Mohammed Jubur, Chistopher Price, Maliheh Shirvanian, Stanislaw Jarecki, Hugo Krawczyk and Nitesh Saxena
In IEEE Transactions on Information Forensics and Security (TIFS), 2025.

Filed Under: Uncategorized

SPIES Lab’s Browser Fingerprinting Work Features in News

Posted on June 18, 2025 by Jimmy Dani

SPIES Lab’s study, led by Zengrui Liu (former SPIES), Jimmy Dani and Nitesh Saxena, provides the first evidence of the use of browser fingerprints for online tracking. The researchers discovered that websites are covertly employing browser fingerprinting — a technique that uniquely identifies a web browser — to track users across browsing sessions and sites.

Read our full paper here.

Websites Are Tracking You Via Browser Fingerprinting, Department of Computer Science & Engineering, Texas A&M University

Filed Under: Uncategorized

Paper Accepted to USENIX Security 2025

Posted on June 6, 2025 by Jimmy Dani

SoK: Inaccessible & Insecure: An Exposition of Authentication Challenges Faced by Blind and Visually Impaired Users in State-of-the-Art Academic Proposals
Md Mojibur Rahman Redoy Akanda, Amanda Lacy, Nitesh Saxena
In 34th USENIX Security Symposium, August 2025.

Filed Under: Uncategorized

2 Papers Accepted to PST 2025

Posted on June 6, 2025 by Jimmy Dani

  • A Machine Learning-Based Framework for Assessing Cryptographic Indistinguishability of Lightweight Block Ciphers
    Jimmy Dani, Kalyan Nakka, Nitesh Saxena
    In 22nd Annual International Conference on Privacy, Security, and Trust (PST), August 2025.
  • Encryption Struggles Persist: When Tech-Savvy Students Face Challenges with PGP in Thunderbird
    Md Imanul Huq, Ahmed Tanvir Mahdad, Nitesh Saxena
    In 22nd Annual International Conference on Privacy, Security, and Trust (PST), August 2025.

Filed Under: Uncategorized

The 17th SPIES PhD Graduate – Ahmed Tanvir Mahdad

Posted on June 2, 2025 by nsaxena

Tanvir Ahmad Mahdad successfully defended his PhD dissertation. SPIES Lab’s 17th PhD graduate. Congratulations! Next Stop: Ohio University.

Filed Under: Uncategorized

AI Spies News — BPSniff (IEEE S&P 2025) Paper News Story

Posted on May 12, 2025 by Jimmy Dani

New Study Uncovers Privacy Risks: VR Headsets Can Secretly Monitor Your Blood Pressure

College Station, TX — May 2025

This news story was fully generated by AI, the text using GPT-4o and the image using GPT, with necessary review and corrections by the SPIES researchers.

SHARE THIS












A team of researchers from Temple University, Texas A&M University, Rutgers University and New Jersey Institute of Technology has uncovered a serious privacy vulnerability in consumer virtual reality (VR) headsets. The study reveals that built-in motion sensors, typically used to enhance immersive VR experiences, can be covertly exploited to continuously infer users’ blood pressure without their knowledge or consent. The full findings are being presented at the 2025 IEEE Symposium on Security and Privacy (S&P), one of the leading conferences in cybersecurity and privacy research.

The attack, dubbed BPSniff, demonstrates that blood-pressure-related vibrations—specifically ballistocardiogram (BCG) signals generated by blood flow—can be detected by high-frequency motion sensors embedded in devices like Meta Quest and Meta Quest 2. By analyzing these subtle physiological movements, attackers can estimate both systolic and diastolic blood pressure with a level of accuracy comparable to clinical-grade devices.

Unlike traditional health monitoring systems that require user calibration or consent, BPSniff bypasses both. The research shows that malicious apps or web-based scripts can access motion sensor data from VR headsets without explicit permissions. This allows adversaries to passively collect highly sensitive biometric data in real time, raising alarms about user surveillance in metaverse environments.

BPSniff utilizes advanced machine learning models, combining variational autoencoders (VAE) and long short-term memory (LSTM) networks, to reconstruct blood flow patterns from sensor data. These reconstructions are then used to estimate blood pressure continuously, achieving mean errors of just 1.75 mmHg (systolic) and 1.34 mmHg (diastolic)—well within FDA and AAMI medical standards.

The researchers tested the attack across multiple use cases, including various physical postures, headset models, and user movements. Even with noise introduced by normal VR activity like gaming or walking, BPSniff remained effective. The system’s robustness was further confirmed through an eight-week longitudinal study with 37 participants.

The implications are broad and alarming. Unauthorized access to blood pressure data can reveal information about a person’s health status, stress levels, emotional states, and reactions to stimuli—potentially enabling manipulation, discrimination, or psychological profiling. This threat escalates when combined with identity linkage from other data sources, opening the door to highly personalized and invasive surveillance.

To mitigate the risk, the researchers advocate for stronger privacy controls on motion sensor access, including real-time usage monitoring, permission-based frameworks, and AI-driven auditing tools within VR platforms. As the metaverse grows into a space for entertainment, collaboration, and even healthcare, this study highlights the urgent need to secure embedded sensors against misuse.

Read more stories like this on AI Spies News.

Filed Under: Uncategorized

Launching the AI Spies News Channel

Posted on May 12, 2025 by Jimmy Dani

We’re excited to introduce the AI Spies News Channel, where the latest updates, insights, and breakthroughs from the SPIES research lab are transformed into engaging, media-style stories generated fully using AI (after necessary reviews and corrections by SPIES researchers).

Visit the AI Spies News Channel

Filed Under: Uncategorized

Paper accepted to WiSec 2025

Posted on May 11, 2025 by nsaxena

“Alexa, Is Dynamic Content Safe?” Understanding the risks of Dynamic Content
Nathan McClaran, Payton Walker, Zhao Zheng, Yangyong Zhang, Nitesh Saxena and Guofei Gu
In the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), June/July 2025.

Filed Under: Uncategorized

  • 1
  • Go to page 2
  • Go to page 3
  • Interim page numbers omitted …
  • Go to page 11
  • Go to Next Page »

Recent News

  • Paper accepted to ICME 2025 June 24, 2025
  • SPIES Lab’s Browser Fingerprinting Work in the News June 23, 2025
  • Journal paper accepted to IEEE TIFS June 19, 2025
  • SPIES Lab’s Browser Fingerprinting Work Features in News June 18, 2025
  • Paper Accepted to USENIX Security 2025 June 6, 2025
  • 2 Papers Accepted to PST 2025 June 6, 2025
  • The 17th SPIES PhD Graduate – Ahmed Tanvir Mahdad June 2, 2025
  • AI Spies News — BPSniff (IEEE S&P 2025) Paper News Story May 12, 2025
  • Launching the AI Spies News Channel May 12, 2025
  • Paper accepted to WiSec 2025 May 11, 2025
  • SPIES Lab’s Secure Messaging Work Features in News May 3, 2025
  • SPIES Lab Student to Start as an Assistant Professor April 18, 2025
  • Dr. Saxena’s Primer on Secure Communications in News Media March 31, 2025
  • Dr. Saxena recognized with the Dean’s Excellence Award! February 14, 2025
  • Dr. Saxena appointed as the Senior Area Editor, IEEE TIFS February 6, 2025
  • 2 Full papers Accepted to WWW 2025 January 20, 2025
  • Journal paper accepted to IEEE TMC December 18, 2024
  • New post-doctoral researcher joins the lab December 11, 2024
  • Paper Accepted to ACM Computing Surveys 2024 November 30, 2024
  • Paper Accepted to IEEE S&P 2025 October 21, 2024

Contact Info

Nitesh Saxena

PETR 238

435 Nagle Street

College Station, Tx 77843-3112
email: nsaxena[at]tamu.edu (best way to reach me)

RSS SPIES Lab, Computer Science and Engineering

  • Paper accepted to ICME 2025
  • SPIES Lab’s Browser Fingerprinting Work in the News
  • Journal paper accepted to IEEE TIFS
  • SPIES Lab’s Browser Fingerprinting Work Features in News
  • Paper Accepted to USENIX Security 2025
  • 2 Papers Accepted to PST 2025
  • AI Spies News — BPSniff (IEEE S&P 2025) Paper News Story
  • Launching the AI Spies News Channel
  • Paper accepted to WiSec 2025
  • SPIES Lab’s Secure Messaging Work Features in News

© 2016–2025 Nitesh Saxena - Professor, Computer Science; Associate Director, Global Cyber Research Institute; Dean's Research Fellow 2022-23 Log in

Texas A&M Engineering Experiment Station Logo
  • College of Engineering
  • Facebook
  • Twitter
  • State of Texas
  • Open Records
  • Risk, Fraud & Misconduct Hotline
  • Statewide Search
  • Site Links & Policies
  • Accommodations
  • Environmental Health, Safety & Security
  • Employment