News

Exciting news! An MS Cybersecurity degree from the Computer Science and Engineering at TAMU is coming out soon, we cautiously anticipate, in Fall 2026 (pending state level approvals). This will be a great enabler for our students, the state of Texas and the nation as whole. 

This is the third MS Cybersecurity degree program that Dr. Saxena has helped architect and launch (working together with the department leadership and other cybersecurity faculty). Starting from the MS Cybersecurity at NYU Tandon (launched 2009; co-directed until 2011) and followed by the MS Cybersecurity at UAB (launched 2013; co-directed until 2021). Both programs have been very successful for years. The UAB’s program, ranked as the top graduate program in cybersecurity by Fortune in 2021, was/is also the cornerstone of the NSF-funded SFS CyberCorps program that Dr. Saxena designed and led (from 2017 to 2021).

The SPIES lab led by Dr. Saxena takes immense pride in this continuous journey to innovate in education and incessantly serve students in an area of national importance.

https://www.kbtx.com/2026/02/03/texas-am-board-regents-could-approve-new-programs-across-university-system/

TrackAR: AR/VR Device Fingerprinting and User-Device Pairing Detection via Shared Motion Sensor Data
Tanvir Ahmed Mahdad, Md Shahidur Rahman and Nitesh Saxena
In the 19th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), June-July 2026.

SPIES Research Lab’s study, led by Kalyan Nakka, Jimmy Dani and Nitesh Saxena, has been cited in a major South Korean news coverage, featuring a significant AI security incident of LG Uplus’s popular AI calling app “ixi-O”. Our study on the trust and ethics gap in Small Language Models (SLMs) applied to on-device AI, has revealed that SLMs have “much lower reliability than server-based SLMs” and pose “greater risk of leaking personal information”. These findings proved prescient, when “ixi-O” app, promoted as strong on security due to on-device AI, has experienced a data breach affecting dozens of users in South Korea, emphasizing our study’s privacy concerns in on-device AI systems and their real-world impact.

 

Link: https://biz.chosun.com/en/en-it/2025/12/09/LYNFHR3PKJAVDHXP4LWOBIHHXQ/

Read More: arXiv

 

The Texas A&M University College of Engineering highlighted SPIES Lab’s browser fingerprinting research, emphasizing how websites are stealthily using browser fingerprinting to track users online. The study shows that clearing cookies provides a false sense of security, as websites link unique device signatures to advertising behavior in real time to track users invisibly. To combat this, we developed the FPTrace framework that exposes fingerprint-based tracking practices even under current privacy regulations like GDPR and CCPA.

Links:
1. YouTube
2. TAMU College of Engineering (LinkedIn Post)

• LiteLMGuard: Seamless and Lightweight On-Device Guardrails for Small Language Models against Quantization Vulnerabilities
  Kalyan Nakka, Jimmy Dani, Ausmit Mondal, Nitesh Saxena
  In the International Joint Conference on Natural Language Processing & Asia-Pacific Chapter of the Association for Computational Linguistics (IJCNLP-AACL) Findings, December 2025
  [pdf]

We are delighted to share that our paper, “Harnessing Vital Sign Vibration Harmonics for Effortless and Inbuilt XR User Authentication,” has received the Distinguished Paper Award at the ACM Conference on Computer and Communications Security (CCS) 2025.

This recognition highlights the impact and innovation of our collaborative work, which introduces a novel authentication mechanism leveraging vibration harmonics derived from users’ vital signs within extended reality (XR) systems to enable continuous, effortless, and built-in user verification.

The acceptance rate for CCS 2025 was 13.9% (316 accepted out of 2,278 submissions), and only about 1% of all submitted papers received a Distinguished Paper Award.

Congratulations to the entire team for this outstanding achievement!

#ACMCCS2025 #CyberSecurity #XR #Authentication

6 out of 7 of our PhD graduates from the past 4 years have been recruited as faculty members, making the positive difference to the world of academia. Not to say that the 7th one is not a special one too — he is holding the cybersecurity fort at the US government. Truly exceptional pool of students I have been fortunate to work with. 

Those six:

1. Ahmed Tanvir Mahdad (@TAMU, Fall 2019 to Summer 2025; thesis title “New Frontiers in Authentication and Side Channels in Emerging Platforms: 2FA Attacks, Sensor Exploits and AR/VR Security”; now an Assistant Professor of EECS at Ohio University)
2. Mashari Alatawi (@TAMU, Spring 2019 to Spring 2024; thesis title “On the Security of End-to-End Encrypted Messaging and Calling Applications”; now an Assistant Professor of Computer Science in the College of Computer and Information Sciences at King Saud University, Saudi Arabia).
3. Zengrui Liu (@TAMU, Fall 2018 – Fall 2023; thesis title “An Exposition of User Privacy on the Web: Fingerprinting and Tracking”, now an Assistant Professor at College of Information Engineering at the Nanjing University of Finance and Economics, China)
4. Cagri Arisoy (since Fall 2018 – Fall 2023; thesis title “A Neurophysiological Exploration Of Human Behavior In User-Centered Cybersecurity”, now an Assistant Professor at College Engineering Computer Engineering department at the Yozgat Bozok University. Turkey).
5. Shalini Saini (@TAMU;  Fall 2019 – Summer 2023; thesis title “Privacy and Security of Emerging Technologies in Changing Healthcare Paradigms”; now an Assistant Professor of the Computer Science and Engineering Technology department at the University of Maryland Eastern Shore)
6. Anuradha Mandal (@UAB; Fall 2019 – Summer 2022; thesis title “On the Privacy Leakage via Neural Devices”; now a Visiting Assistant Professor to tenure-track Assistant Professor in the Computer Science department at the University at Albany, State University of New York (SUNY)

That one (outlier?):

1. Payton Walker (@TAMU; Fall 2019 – Summer 2022; thesis title “An Exposition of Speech-based Threats in the Face of Emerging Technology”; now a Researcher and Project Leaer at the MITRE, recruited as part of the National Security Accelerator Program (NSAP))