JOURNALS
- 2022
- Chirp-Loc: Multi-Factor Authentication via Acoustically-Generated Location Signatures
Prakash Shrestha, Hien Truong, Pupu Toivonen, Nitesh Saxena, Sasu Tarkoma, Petteri Nurmi
In Pervasive and Mobile Computing (PMC) Journal, November 2022. - Enabling Finger-touch-based Mobile User Authentication via Physical Vibrations on
IoT Devices
Xin Yang, Song Yang, Jian Liu, Chen Wang, Yingying Chen and Nitesh Saxena
In IEEE Transactions on Mobile Computing (TMC), 2022
- Chirp-Loc: Multi-Factor Authentication via Acoustically-Generated Location Signatures
- 2021
- Authentication of Voice Commands on Voice Assistance Systems Leveraging Vibrations on Wearables
Cong Shi, Yan Wang, Yingying Chen, and Nitesh Saxena.
In IEEE Security and Privacy (Magazine), Special Issue of Selected Papers from ACSAC’20, 2021.
- Authentication of Voice Commands on Voice Assistance Systems Leveraging Vibrations on Wearables
- 2020
-
- Two-Factor Password-Authenticated Key Exchange with End-to-End Password Security.
Stanislaw Jarecki, Mohammed Jubur, Hugo Krawczyk, Maliheh Shirvanian, and Nitesh Saxena. In ACM Transactions on Privacy and Security, 2020. [pdf]
- Two-Factor Password-Authenticated Key Exchange with End-to-End Password Security.
- 2019
-
- Building and Studying a Password Store that Perfectly Hides Passwords from Itself.
Maliheh Shirvanian, Nitesh Saxena, Stanislaw Jarecki, and Hugo Krawczyk
In IEEE Transactions on Dependable and Secure Computing (TDSC), Special Issue on Paradigm Shifts in Cryptographic Engineering, 2019
[pdf] - Sensor-based Proximity Detection in the Face of Active Adversaries
Babins Shrestha, Nitesh Saxena, Hien Truong and N. Asokan.
In IEEE Transactions on Mobile Computing (TMC), 2019
[pdf] - Emerging-Image Motion CAPTCHAs: Vulnerabilities of Existing Designs, and Countermeasures
Song Gao, Manar Mohamed, Nitesh Saxena, and Chengcui Zhang
In IEEE Transactions on Dependable and Secure Computing (TDSC), 2017.
[pdf]
- Building and Studying a Password Store that Perfectly Hides Passwords from Itself.
- 2018
-
- Noisy Vibrational Pairing of IoT Devices
Abhishek Anand, and Nitesh Saxena
In IEEE Transactions on Dependable and Secure Computing (TDSC), Special Issue on Emerging Attacks and Solutions for Secure Hardware in the Internet of Things, 2018.
[pdf] - Good Vibrations: Accessing ‘Smart’ Systems by Touching Any Solid Surface
Jian Liu, Chen Wang, Yingying Chen, and Nitesh Saxena,
Biometric Technology Today, Issue 4, Pages 7-10, 2018.
[pdf] - An Offensive and Defensive Exposition of Wearable Computing
Prakash Shrestha and Nitesh Saxena
In ACM Computing Surveys (CSUR), 2018.
[pdf] - Short Voice Imitation Man-in-the-Middle Attacks on Crypto Phones: Defeating Humans and Machines
Maliheh Shirvanian, Dibya Mukhopadhyay and Nitesh Saxena
In Journal of Computer Security (JCS), 2018.
[pdf]
- Noisy Vibrational Pairing of IoT Devices
- 2017
-
- On the Security and Usability of Dynamic Cognitive Game CAPTCHAs.
Manar Mohamed, Song Gao, Niharika Sachdeva, Nitesh Saxena, Chengcui Zhang, Ponnurangam Kumaraguru and Paul van Oorschot
In Journal of Computer Security (JCS), 2017.
[pdf]
- On the Security and Usability of Dynamic Cognitive Game CAPTCHAs.
- 2016
-
- SMASheD: Sniffing and Manipulating Android Sensor Data for Offensive Purposes.
Manar Mohamed, Babins Shrestha and Nitesh Saxena
In IEEE Transactions on Information Forensics and Security (TIFS), 2016.
[pdf] - Neural Markers of Cybersecurity: An fMRI Study of Phishing, and Malware Warnings
Ajaya Neupane, Nitesh Saxena, Jose O Maximo, and Rajesh K Kana
IEEE Transactions on Information Forensics and Security (TIFS), 2016.
[pdf] - Task-dependent Changes in Frontal-Parietal Activation and Connectivity during Visual Search
Jose O Maximo, Ajaya Neupane, Nitesh Saxena, Robert M Joseph, and Rajesh K Kana
Brain Connectivity, 2016.
[pdf]
- SMASheD: Sniffing and Manipulating Android Sensor Data for Offensive Purposes.
- 2015
-
- Tap-Wave-Rub: Lightweight Human Interaction Approach to Curb Emerging Smartphone Malware
Babins Shresth, Di Ma, Yan Zhu, Haoyu Li, and Nitesh Saxena
IEEE Transactions on Information Forensics and Security (TIFS), to appear, 2015.
[pdf] - Consumer Perceptions of Mobile and Traditional Point-Of-Sale Credit or Debit Card Systems
Nitesh Saxena, John J. Sloan, Manasvee Godbole, Jun Yu Jacinta Cai, Michael Georgescu, Oliver Nick Harper and David C. Schwebel
In International Journal of Cyber Criminology, Volume 2, Issue 2, 2015.
[pdf]
- Tap-Wave-Rub: Lightweight Human Interaction Approach to Curb Emerging Smartphone Malware
- 2014
-
- Using Contextual Co-Presence to Strengthen Zero-Interaction Authentication: Design, Integration and Usability
Hien Thi Thu Truong, Xiang Gao, Babins Shrestha, Nitesh Saxena, N. Asokan and Petteri Nurmi
Elsevier Journal of Pervasive and Mobile Computing (PMC), to appear, 2014.
[pdf] - Keyboard Acoustic Side Channel Attacks: Exploring Realistic and Security-Sensitive Scenarios
Tzipora Halevi and Nitesh SaxenaInternational Journal of Information Security, to appear, 2014.[pdf] - Web Search Query Privacy: Evaluating Query Obfuscation and Anonymizing Networks
Sai Teja Peddinti and Nitesh Saxena
Journal of Computer Security, Volume 22, Number 1, 2014.
[pdf]
- Using Contextual Co-Presence to Strengthen Zero-Interaction Authentication: Design, Integration and Usability
- 2013
-
- Context-Aware Defenses to RFID Unauthorized Reading and Relay Attacks
Tzipora Halevi, Haoyu Li, Di Ma, Nitesh Saxena, Jonathan Voris, and Tuo Xiang
IEEE Transactions on Emerging Topics in Computing (TETC), Volume 1, Issue 2, November, 2013.
[pdf] - Acoustic Eavesdropping Attacks on Constrained Wireless Device Pairing
Tzipora Halevi and Nitesh Saxena
IEEE Transactions on Information Forensics and Security (TIFS), Volume:8, Issue: 3, March, 2013.
[pdf] - Location-Aware and Safer Cards: Enhancing RFID Security and Privacy via Location Sensing
Di Ma, Nitesh Saxena, Tuo Xiang, and Yan Zhu
IEEE Transactions on Dependable and Secure Computing, Vol 10, Issue 2, March 2013.
[pdf]
- Context-Aware Defenses to RFID Unauthorized Reading and Relay Attacks
- 2012
-
- Authenticated Key Exchange with Key Re-Use in the Short Authenticated Strings Model
Stanislaw Jarecki and Nitesh Saxena
American Mathematical Society, Special Session on Mathematical Aspects of Cryptography and Cyber Security, Volume 582, December 2012.
[pdf] - Secure Initialization of Multiple Constrained Wireless Devices for an Unaided User
Toni Perkovic, Mario Cagalj, Toni Mastelic, Nitesh Saxena, Dinko Begusic
IEEE Transactions on Mobile Computing, February, 2011.
[pdf]
- Authenticated Key Exchange with Key Re-Use in the Short Authenticated Strings Model
- 2011
-
- A Context-Aware Approach to Defend Against Unauthorized Reading and Relay Attacks in RFID Systems
Di Ma and Nitesh Saxena
Wiley International Journal of Security and Communication Networks, Special Issue on “Protecting the Internet of Things”, December, 2011.
[pdf] - Data Remanence Effects on Memory Based Entropy Collection for RFID Systems
Nitesh Saxena and Jonathan Voris
International Journal of Information Security, Volume 10, Number 4, July 2011.
[pdf] - Secure Device Pairing based on a Visual Channel: Design and Usability Study
Nitesh Saxena, Jan-Erik Ekberg, Kari Kostiainen, and N. Asokan
IEEE Transactions on Information Forensics and Security (TIFS), Volume 6, Issue 1, March 2011.
[pdf]
- A Context-Aware Approach to Defend Against Unauthorized Reading and Relay Attacks in RFID Systems
- 2010
-
- Tree-based HB Protocols for Privacy-Preserving Authentication of RFID Tags
Tzipora Halevi, Nitesh Saxena and Shai Halevi
Journal of Computer Security — Special Issue on RFID System Security, Volume 19, Issue 2, April 2011.
[pdf] - On the Insecurity of Proactive RSA in the URSA Mobile Ad Hoc Network Access Control Protocol
Stanislaw Jarecki and Nitesh Saxena,
IEEE Transactions on Information Forensics and Security (TIFS), Volume 5, Issue 4, December 2010
[pdf]
- Tree-based HB Protocols for Privacy-Preserving Authentication of RFID Tags
- 2009
-
- Non-Interactive Self-Certification for Long-Lived Mobile Ad Hoc Networks
Nitesh Saxena, and Jeong H. Yi,
IEEE Transactions on Information Forensics and Security (TIFS), Volume 4, Issue 4, December 2009
[pdf] - A Comparative Study of Secure Device Pairing Methods
Arun Kumar, Nitesh Saxena, Gene Tsudik and Ersin Uzun
Elsevier Pervasive and Mobile Computing Journal (PMC), Volume 5, Issue 6, December 2009.
[pdf] - Efficient Node Admission and Certificate-less Secure Communication in Short-lived MANETs
Nitesh Saxena, Gene Tsudik and Jeong H. Yi,
IEEE Transactions on Parallel and Distributed Systems (TPDS), Volume 20, Issue 2, February 2009
[pdf]
- Non-Interactive Self-Certification for Long-Lived Mobile Ad Hoc Networks
- 2007
-
- Threshold Cryptography in P2P and MANETs: the Case of Access Control
Nitesh Saxena, Gene Tsudik and Jeong H. Yi,
Elsevier Computer Networks, Volume 51 , Issue 12, August 2007
[pdf] - Robust Self-Keying Mobile Ad Hoc Networks,
Claude Castellucia, Nitesh Saxena, and Jeong H. Yi,
Elsevier Computer Networks, Volume 51, Issue 4, March 2007
[pdf]
- Threshold Cryptography in P2P and MANETs: the Case of Access Control
CONFERENCES / WORKSHOPS
-
2023
- Privacy Leakage via Unrestricted Motion-Position Sensors in the Age of Virtual Reality: A Study of Snooping Typed Input on Virtual Keyboards
Yi Wu, Cong Shi, Tianfang Zhang, Payton Walker, Jian Liu, Nitesh Saxena and Yingying Chen
In IEEE Symposium on Security and Privacy (IEEE S&P; Oakland), May 2023. - Hidden Reality: Caution, Your Hand Gesture Inputs in the Immersive Virtual World are Visible to All!
Sindhu Reddy Kalathur Gopal, Diksha Shukla, James Wheelock, and Nitesh Saxena
In the 32nd USENIX Security Symposium, August 2023. - BarrierBypass: Out-of-Sight Clean Voice Command Injection Attacks through Physical Barriers
Payton Walker, Tianfang Zhang, Cong Shi, Nitesh Saxena and Yinying Chen
In the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), May/June 2023. - SoK: An Analysis of End-to-End Encryption and Authentication Ceremonies in Secure Messaging Systems
Mashari Alatawi and Nitesh Saxena
In the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), May 2023.
- Privacy Leakage via Unrestricted Motion-Position Sensors in the Age of Virtual Reality: A Study of Snooping Typed Input on Virtual Keyboards
- 2022
-
- Laser Meager Listener: A Scientific Exploration of Laser-based Speech Eavesdropping in Commercial User Space
Payton Walker and Nitesh Saxena
In the 7th IEEE European Symposium on Security and Privacy (EuroS&P), June 2022. - Hearing Check Failed: Using Laser Vibrometry to Analyze the Potential for Hard Disk Drives to Eavesdrop Speech Vibrations
Payton Walker, Nitesh Saxena, S. Abhishek Anand, Tzipora Halevi and Shalini Saini
In the 17th ACM ASIA Conference on Computer and Communications Security (ASIA CCS), May/June 2022 - Defending against Thru-barrier Stealthy Voice Attacks via Cross-Domain Sensing on Phoneme Sounds
Cong Shi, Tianming Zhao, Wenjin Zhang, Ahmed Tanvir Mahdad, Zhengkun Ye, Yan Wang, Nitesh Saxena and Yingying Chen
In the 42nd IEEE International Conference on Distributed Computing Systems (ICDCS), July 2022 - SoK: Your Mind Tells a Lot About You: On the Privacy Leakage via Brainwave Devices
Anuradha Mandal and Nitesh Saxena
In the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), May 2022 - BiasHacker: Voice Command Disruption by Exploiting Speaker Biases in Automatic Speech Recognition
Payton Walker, Nathan McClaran, Zihao Zheng, Nitesh Saxena and Guofei Gu
In the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), May 2022 - Gummy Browsers: Targeted Browser Spoofing against State-of-the-Art Fingerprinting Techniques
Zengrui Liu, Prakash Shrestha and Nitesh Saxena.
In International Conference on Applied Cryptography and Network Security (ACNS), June 2022. - Beware of Your Vibrating Devices! Vibrational Relay Attacks on Zero-Effort Deauthentication
Prakash Shrestha and Nitesh Saxena.
In International Conference on Applied Cryptography and Network Security (ACNS), June 2022. - Human Brains Can’t Detect Fake News: A Neuro-Cognitive Study of Textual Disinformation Susceptibility
Cagri Arisoy, Anuradha Mandal and Nitesh Saxena
In the International Conference on Privacy, Security and Trust (PST), 2022
[pdf] - Mobile Mental Health Apps: Alternative Intervention or Intrusion?
Mobile Mental Health Apps: Alternative Intervention or Intrusion?
In the International Conference on Privacy, Security and Trust (PST), 2022 - Predatory Medicine: Exploring and Measuring the Vulnerability of Medical AI to Predatory Science
Shalini Saini, Nitesh Saxena.
In The Conference on Health, Inference, and Learning (CHIL), April 2022. - Exploring Encrypted Keyboards to Defeat Client-Side Scanning in End-to-End Encryption Systems
Mashari Alatawi, Nitesh Saxena.
International Conference on Information Security and Cryptology (ICISC), November/December 2022
- Laser Meager Listener: A Scientific Exploration of Laser-based Speech Eavesdropping in Commercial User Space
- 2021
- Face-Mic: Inferring Live Speech and Speaker Identity via Subtle Facial Dynamics Captured by AR/VR Motion Sensors
Cong Shi, Xiangyu Xu, Tianfang Zhang , Payton Walker, Yi Wu, Jian Liu, Nitesh Saxena, Yingying Chen and Jiadi Yu
In the 27th Annual International Conference on Mobile Computing and Networking (Mobicom), Jan/Feb 2022. - Press @$@$ to Login: Strong Wearable Second Factor Authentication via Short Memorywise Effortless Typing Gestures
Prakash Shrestha, Nitesh Saxena, Diksha Shukla and Vir Phoha
In the IEEE European Symposium on Security and Privacy (EuroS&P), Sep 2021. - Countering Concurrent Login Attacks in Just Tap Push-based Authentication: A Redesign and Usability Evaluations
Jay Prakash, Clarice Chua Qing Yu, Tanvi Ravindra Thombre, Andrei Bytes, Mohammed Jubur, Nitesh Saxena, Lucienne Blessing, Jianying Zhou and Tony Quek
In the IEEE European Symposium on Security and Privacy (EuroS&P), Sep 2021. - Evaluating the Effectiveness of Protection Jamming Devices in Mitigating Smart Speaker Eavesdropping Attacks Using Gaussian White Noise
Payton Walker and Nitesh Saxena
In Annual Computer Security Applications Conference (ACSAC), December 2021. - SoK: Assessing the Threat Potential of Vibration-based Attacks against Live Speech using Mobile Sensors
Payton Walker and Nitesh Saxena
In ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), Jun-Jul 2021.
[pdf] - Spearphone: A Lightweight Speech Privacy Exploit via Accelerometer-Sensed Reverberations from Smartphone Loudspeakers
Abhishek Anand, Chen Wang, Jian Liu, Nitesh Saxena and Yingying Chen
In ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), Jun-Jul 2021.
[pdf] - EchoVib: Exploring Voice Authentication via Unique Non-Linear Vibrations of Short Replayed Speech
Abhishek Anand, Jian Liu, Chen Wang, Maliheh Shirvanian, Nitesh Saxena and Yingying Chen
In ACM Symposium on Information, Computer and Communications Security (AsiaCCS), June 2021. - Bypassing Push-based Second Factor and Passwordless Authentication with Human-Indistinguishable Notifications
Mohammed Jubur, Prakash Shrestha, Nitesh Saxena and Jay Prakash
In ACM Symposium on Information, Computer and Communications Security (AsiaCCS), June 2021. - HVAC: Evading Classifier-based Defenses in Hidden Voice Attacks
Yi Wu, Xiangyu Xu, Payton Walker, Jian Liu, Nitesh Saxena, Yingying Chen and Jiadi Yu
In ACM Symposium on Information, Computer and Communications Security (AsiaCCS), June 2021. - Analyzing the Security of OTP 2FA in the Face of Malicious Terminals
Tanvir Mahdad, Mohammed Jubur, and Nitesh Saxena
In the International Conference on Information and Communications Security (ICICS), 2021.
- Face-Mic: Inferring Live Speech and Speaker Identity via Subtle Facial Dynamics Captured by AR/VR Motion Sensors
- 2020
- IvoriWatch: Exploring Transparent Integrity Verification of Remote User Input Leveraging Wearables
Prakash Shrestha, Zengrui Liu and Nitesh Saxena.
In Annual Computer Security Applications Conference (ACSAC), December 2020. - Voicefox: Leveraging Inbuilt Transcription to Enhance the Security of Machine-Human Speaker Verification against Voice Synthesis Attacks
Maliheh Shirvanian, Manar Mohammed, Abhishek Anand and Nitesh Saxena.
In Annual Computer Security Applications Conference (ACSAC), December 2020. - WearID: Low-Effort Wearable-Assisted Authentication of Voice Commands via Cross-Domain Comparison without Training
Cong Shi, Yan Wang, Yingying Chen, Nitesh Saxena and Chen Wang.
In Annual Computer Security Applications Conference (ACSAC), December 2020. - Hacksaw: Biometric-Free Non-Stop Web Authentication in an Emerging World of Wearables. Prakash Shrestha and Nitesh Saxena In ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), July 2020.
[pdf] - CREPE: A Privacy-Enhanced Crash Reporting System.
Kiavash Satvat, Mahshid Hosseini, Maliheh Shirvanian and Nitesh Saxena
In ACM Conference on Data and Application Security and Privacy (CODASPY), March 2020.
[pdf]
- IvoriWatch: Exploring Transparent Integrity Verification of Remote User Input Leveraging Wearables
- 2019
-
- The Crux of Voice (In)Security: A Brain Study of Speaker Legitimacy Detection
Ajaya Neupane, Nitesh Saxena, Leanne Hirshfield and Sarah Bratt
In the Network and Distributed System Security Symposium (NDSS), February 2019.
[pdf] - Quantifying the Breakability of Mobile Assistants
[Runner Up, The Mark Weiser Best Paper Award]
Maliheh Shirvanian, Summer Vo and Nitesh Saxena
International Conference on Pervasive Computing and Communications (PerCom), March 2019.
[pdf] - Challenge-Response Behavioral Mobile Authentication: A Comparative Study of Graphical Patterns and Cognitive Games
Manar Mohamed, Prakash Shrestha and Nitesh Saxena.
In Annual Computer Security Applications Conference (ACSAC), December 2019.
[pdf] - Defeating Hidden Audio Channel Attacks on Voice Assistants via Audio-Induced Surface Vibrations
Chen Wang, Abhishek Anand, Jian Liu, Payton Walker, Yingying Chen and Nitesh Saxena
In Annual Computer Security Applications Conference (ACSAC), December 2019.
[pdf] - Stethoscope: Crypto Phones with Transparent & Robust Fingerprint Comparisons using Inter Text-Speech TransformationsMaliheh Shirvanian, and Nitesh SaxenaInternational Conference on Privacy, Security and Trust (PST), August, 2019
[pdf] - ZEMFA: Zero-Effort Multi-Factor Authentication based on Multi-Modal Gait BiometricsBabins Shrestha, Manar Mohamed and Nitesh SaxenaInternational Conference on Privacy, Security and Trust (PST), August, 2019
[pdf] - Compromising Speech Privacy under Continuous Masking in Personal SpacesS Abhishek Anand, Payton Walker and Nitesh SaxenaInternational Conference on Privacy, Security and Trust (PST), August, 2019
[pdf] - Brain Hemorrhage: When Brainwaves Leak Sensitive Medical Conditions and Personal InformationAjaya Neupane, Kiavash Satvat, Mahshid Hosseini and Nitesh SaxenaInternational Conference on Privacy, Security and Trust (PST), August, 2019
[pdf] - CATCHA: When Cats Track Your Movements OnlinePrakash Shrestha, Nitesh Saxena, Ajaya Neupane and Kiavash SatvatInternational Conference on Information Security Practice and Experience (ISPEC), November, 2019
[pdf]
- The Crux of Voice (In)Security: A Brain Study of Speaker Legitimacy Detection
- 2018
-
- Speechless: Analyzing the Threat to Speech Privacy from Smartphone Motion Sensors.
Abhishek Anand and Nitesh Saxena
In IEEE Symposium on Security and Privacy (IEEE S&P; Oakland), May 2018.
[pdf] - Do Social Disorders Facilitate Social Engineering? A Case Study of Autism and Phishing Attacks.
Ajaya Neupane, Kiavash Satvat, Nitesh Saxena, Despina Stavrinos and Haley J. Bishop
In the 34th Annual Computer Security Applications Conference (ACSAC), December 2018.
[pdf] - Listening Watch: Wearable Two-Factor Authentication using Speech Signals Resilient to Near-Far Attacks
Prakash Shrestha, and Nitesh Saxena
In ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), June 2018.
[pdf] - Two-Factor Authentication with End-to-End Password Security.
Stanislaw Jarecki, Hugo Krawczyk, Maliheh Shirvanian and Nitesh Saxena
In International Conference on Practice and Theory of Public Key Cryptography (PKC), March 2018.
[pdf] - Keyboard Emanations in Remote Voice Calls: Password Leakage and Noise(less) Masking Defenses.
Abhishek Anand and Nitesh Saxena
In ACM Conference on Data and Application Security and Privacy (CODASPY), March 2018..
[pdf] - Home Alone: The Insider Threat of Unattended Wearables and A Defense using Audio Proximity.
Prakash Shrestha, Babins Shrestha and Nitesh Saxena
In IEEE Conference on Communications and Network Security (CNS), May/June 2018..
[pdf]
- Speechless: Analyzing the Threat to Speech Privacy from Smartphone Motion Sensors.
- 2017
-
- CCCP: Closed Caption Crypto Phones to Resist MITM Attacks, Human Errors and Click-Through
Maliheh Shirvanian and Nitesh Saxena
ACM Conference on Computer and Communications Security (CCS), October/Novermber 2017.
[pdf] - VibWrite: Towards Finger-input Authentication on Ubiquitous Surfaces via Physical Vibration.
Jian Liu, Chen Wang, Yingying Chen and Nitesh Saxena
In ACM Conference on Computer and Communications Security (CCS), October/Novermber 2017.
[pdf] - On the Pitfalls of End-to-End Encrypted Communications: A Study of Remote Key-Fingerprint Verification.
Maliheh Shirvanian, Nitesh Saxena and Jesvin James George.
In Annual Computer Security Applications Conference (ACSAC), December 2017; arXiv preprint arXiv:1707.05285, 2017/7/17.
[pdf] - Neural Underpinnings of Website Legitimacy and Familiarity Detection: An fNIRS Study.
Ajaya Neupane, Nitesh Saxena and Leanne Hirshfield
In Security and Privacy Track, the World-Wide Web Conference (WWW), 2017.
[pdf] - SPHINX: A Password Store that Perfectly Hides Passwords from Itself.
Maliheh Shirvanian, Stanislaw Jarecki, Hugo Krawczyk and Nitesh Saxena
In IEEE International Conference on Distributed Computing Systems (ICDCS) , June 2017.
[pdf] - YELP: Masking Sound-based Opportunistic Attacks in Zero-Effort Deauthentication
Prakash Shrestha, Abhishek Anand and Nitesh Saxena
ACM Conference on Wireless Network Security (WiSec), July 2017.
[pdf] - Coresident Evil: Noisy Vibrational Pairing in the Face of Co-located Acoustic Eavesdropping
Abhishek Anand, and Nitesh Saxena
ACM Conference on Wireless Network Security (WiSec), July 2017.
[pdf] - PEEP: Passively Eavesdropping Private Input via Brainwave Signals
Ajaya Neupane, Md. Lutfor Rahman and Nitesh Saxena
In Financial Cryptography and Data Security (FC), April 2017.
[pdf]
- CCCP: Closed Caption Crypto Phones to Resist MITM Attacks, Human Errors and Click-Through
- 2016
-
- The Sounds of the Phones: Dangers of Zero-Effort Second Factor Login based on Ambient Audio.
Babins Shrestha, Maliheh Shirvanian, Prakash Shrestha and Nitesh Saxena
In ACM Conference on Computer and Communications Security (CCS), October 2016.
[pdf] - Pitfalls in Designing Zero-Effort Deauthentication: Opportunistic Human Observation Attacks.
Otto Huhta, Prakash Shrestha, Swapnil Udar, Mika Juuti, Nitesh Saxena and N. Asokan
In the Network and Distributed System Security Symposium (NDSS), February 2016.
[pdf] - Gametrics: Towards Attack-Resilient Behavioral Authentication with Simple Cognitive Games
Manar Mohamed and Nitesh Saxena
In Annual Computer Security Applications Conference (ACSAC), December 2016
[pdf] - Theft-Resilient Mobile Payments: Transparently Authenticating NFC Users with Tapping Gesture Biometrics
Babins Shrestha, Manar Mohamed, Sandeep Tamrakar and Nitesh Saxena
In Annual Computer Security Applications Conference (ACSAC), December 2016
[pdf] - Device-Enhanced Password Protocols with Optimal Online-Offline Protection.
Stanislaw Jarecki, Hugo Krawczyk, Maliheh Shirvanian and Nitesh Saxena
In ACM Symposium on Information, Computer and Communications Security (AsiaCCS), June 2016.
[pdf] - Slogger: Smashing Motion-based Touchstroke Logging with Transparent System Noise
Prakash Shrestha, Manar Mohamed and Nitesh Saxena
ACM Conference on Wireless Network Security (WiSec), July 2016
[pdf] - Vibreaker: Securing Vibrational Pairing with Deliberate Acoustic Noise
Abhishek Anand, and Nitesh Saxena
ACM Conference on Wireless Network Security (WiSec), July 2016
[pdf] - A Sound for a Sound: Mitigating Acoustic Side Channel Attacks on Password Keystrokes with Active Sounds.
Abhishek Anand and Nitesh Saxena
In Financial Cryptography and Data Security, February, 2016..
[pdf] - SMASheD: Sniffing and Manipulating Android Sensor Data.
Manar Mohamed, Babins Shrestha and Nitesh Saxena
In ACM Conference on Data and Application Security and Privacy (CODASPY), March 2016.
[pdf]
- The Sounds of the Phones: Dangers of Zero-Effort Second Factor Login based on Ambient Audio.
- 2015
-
- A Multi-Modal Neuro-Physiological Study of Phishing Detection and Malware Warnings
Ajaya Neupane, Md. Lutfor Rahman, Nitesh Saxena, and Leanne Hirshfield
In ACM Conference on Computer and Communications Security (CCS), October 2015
[pdf] - Emerging Image Game CAPTCHAs for Resisting Automated and Human-Solver Relay Attacks
Song Gao, Manar Mohamed, Nitesh Saxena, and Chengcui Zhang
In Annual Computer Security Applications Conference (ACSAC), December 2015
[pdf] - On the Security and Usability of Crypto Phones
Maliheh Shirvanian and Nitesh Saxena
In Annual Computer Security Applications Conference (ACSAC), December 2015
[pdf] - All Your Voices Are Belong to Us: Stealing Voices to Fool Humans and Machines
Dibya Mukhopadhyay, Maliheh Shirvanian and Nitesh Saxena
European Symposium on Research in Computer Security (ESORICS), September 2015.
[pdf] - Bad Sounds Good Sounds: Attacking and Defending Tap-based Rhythmic Passwords using Acoustic Signals
S Abhishek Anand, Prakash Shrestha, and Nitesh Saxena
International Conference on Cryptology and Network Security (CANS), December 2015.
[pdf] - Curbing Mobile Malware based on User-Transparent Hand Movements
Babins Shrestha, Manar Mohamed, Anders Borg, Nitesh Saxena and Sandeep Tamrakar.
International Conference on Pervasive Computing and Communications (PerCom), March 2015.
[pdf]
- A Multi-Modal Neuro-Physiological Study of Phishing Detection and Malware Warnings
- 2014
-
- Wiretapping via Mimicry: Short Voice Imitation Man-in-the-Middle Attacks on Crypto Phones
Maliheh Shirvanian and Nitesh Saxena
ACM Conference on Computer and Communications Security (CCS), November 2014.
[pdf] - Neural Signatures of User-Centered Security: An fMRI Study of Phishing, and Malware Warnings [Distinguished Paper Award]
Ajaya Neupane, Nitesh Saxena, Keya Kuruvilla, Michael Georgescu, and Rajesh Kana
The Network and Distributed System Security Symposium (NDSS), February 2014
[pdf] - Two-Factor Authentication Resilient to Server Compromise Using Mix-Bandwidth Devices
Maliheh Shirvanian, Stanislaw Jarecki, Nitesh Saxena and Naveen Nathan.
The Network and Distributed System Security Symposium (NDSS), February 2014
[pdf] - Gaming the Game: Defeating a Game CAPTCHA with Efficient and Robust Hybrid Attacks
Song Gao, Manar Mohamed, Nitesh Saxena, and Chengcui Zhang.
In Security and Forensics Track, IEEE International Conference on Multimedia and Expo (ICME), July 2014.
[pdf] - Comparing and Fusing Different Sensor Modalities for Relay Attack Resistance in Zero-Interaction Authentication
Hien Truong, Xiang Gao, Babins Shrestha, Nitesh Saxena, N. Asokan, and Petteri Nurmi.
International Conference on Pervasive Computing and Communications (PerCom), March 2014.
[pdf] - A Three-Way Investigation of a Game-CAPTCHA: Automated Attacks, Relay Attacks and Usability.
Manar Mohamed, Niharika Sachdeva, Michael Georgescu, Song Gao, Nitesh Saxena, Chengcui Zhang, Ponnurangam Kumaraguru, Paul C. Van Oorschot and Wei-Bang Chen
In ACM Symposium on Information, Computer and Communications Security (AsiaCCS), June 2014.
[pdf] - Drone to the Rescue: Relay-Resilient Authentication using Ambient Multi-Sensing
Babins Shrestha, Nitesh Saxena, Hien Truong and N. Asokan.
In Financial Cryptography and Data Security, March 2014.
[pdf] - Dynamic Cognitive Game CAPTCHA Usability and Detection of Streaming-Based Farming
Manar Mohamed, Song Gao, Nitesh Saxena, and Chengcui Zhang.
In the Workshop on Usable Security (USEC), co-located with NDSS, February 2014.
[pdf]
- Wiretapping via Mimicry: Short Voice Imitation Man-in-the-Middle Attacks on Crypto Phones
- 2013
-
- On the Viability of CAPTCHAs for Use in Telephony Systems: A Usability Field Study
NIharika Sachdeva, Nitesh Saxena, and Ponnurangam Kumaraguru
Information Security Conference (ISC), November 2013..
[pdf] - Wave-to-Access: Protecting Sensitive Mobile Device Services via a Hand Waving Gesture
Babins Shrestha, Nitesh Saxena and Justin Harrison
International Conference on Cryptology and Network Security, November 2013.
[pdf] - Tap-Wave-Rub: Lightweight Malware Prevention for Smartphones using Intuitive Human Gestures
Di Ma, Nitesh Saxena, Babins Shrestha, Yan Zhu, and Haoyu Li
ACM Conference on Wireless Network Security (WiSec), April 2013
[extended version pdf] - Sensing-Enabled Channels for Hard-to-Detect Command and Control of Mobile Devices
Ragib Hasan, Nitesh Saxena, Tzipora Halevi, Shams Zawoad, and Dustin Rinehart
ACM Symposium on Information, Computer and Communications Security (AsiaCCS), May 2013
[pdf] - Exploring Extrinsic Motivation for Better Security: A Usability Study of Scoring-Enhanced Device Pairing
Alexander Gallego, Nitesh Saxena, and Jonathan Voris
International Conference on Financial Cryptography and Data Security (FC), April 2013.
[pdf] - An Investigation of the Usability of a Game for Secure Wireless Device Association
Alexander Gallego, Nitesh Saxena, and Jonathan Voris
6th International Conference on Computer Games, Multimedia and Allied Technology (CGAT), April 2013.
[pdf]
- On the Viability of CAPTCHAs for Use in Telephony Systems: A Usability Field Study
- 2012
-
- Secure Proximity Detection for NFC Devices based on Ambient Sensor Data
Tzipora Halevi, Di Ma, Nitesh Saxena, and Tuo Xiang
European Symposium on Research in Computer Security (ESORICS), September 2012
[pdf] - Exploring Mobile Proxies for Better Password Authentication
Nitesh Saxena and Jonathan Voris
International Conference on Information and Communications Security (ICICS), October 2012
[pdf] - A Closer Look at Keyboard Acoustic Emanations: Random Passwords, Typing Styles and Decoding Techniques
Tzipora Halevi and Nitesh Saxena
ACM Symposium on Information, Computer and Communications Security (AsiaCCS), May 2012
[pdf] - Location-Aware and Safer Cards: Enhancing RFID Security and Privacy via Location Sensing
Di Ma, Anudath K Prasad, Nitesh Saxena, and Tuo Xiang
ACM Conference on Wireless Network Security (WiSec), April 2012
[pdf] - Sensing-Enabled Defenses to RFID Unauthorized Reading and Relay Attacks without Changing the Usage Model
Tzipora Halevi, Sein Lin, Di Ma, Anudath K Prasad, Nitesh Saxena, Jonathan Voris and Tuo Xiang
International Conference on Pervasive Computing and Communications (PerCom), March 2012
[pdf] - Estimating Age Privacy Leakage in Online Social Networks
Ratan Dey, Cong Tang, Keith Ross and Nitesh Saxena
International Conference on Computer Communications (IEEE INFOCOM), March 2012
[pdf]
- Secure Proximity Detection for NFC Devices based on Ambient Sensor Data
- 2011
-
- Password-Protected Secret Sharing
Ali Bagherzandi, Stanislaw Jarecki, Nitesh Saxena and Yanbin Liu
ACM Conference on Computer and Communications Security (CCS), October 2011
[pdf] - Cover Locations: Availing Location-Based Services Without Revealing the Location
Sai Teja Peddinti, Avis Dsouza, and Nitesh Saxena
Workshop on Privacy in the Electronic Society (WPES 2010), co-located with ACM CCS, October, 2011.
[pdf] - On the Limitations of Query Obfuscation Techniques for Location Privacy
Sai Teja Peddinti and Nitesh Saxena
International Conference on Ubiquitous Computing (Ubicomp), September 2011.
[pdf] - Playful Security: A Computer Game for Secure Pairing of Wireless Devices
Alexander Gallego, Nitesh Saxena, and Jonathan Voris
The 16th International Computer Games Conference (CGames): AI, Animation, Mobile, Interactive Multimedia, Educational & Serious Games, July 2011.
[pdf] - Accelerometers and Randomness: Perfect Together
Jonathan Voris, Nitesh Saxena, and Tzipora Halevi
ACM Conference on Wireless Network Security (WiSec), June 2011.
[pdf] - Vibrate-to-Unlock: Mobile Phone Assisted User Authentication to Multiple Personal RFID Tags
Nitesh Saxena, Md. Borhan Uddin, Jonathan Voris and N. Asokan
International Conference on Pervasive Computing and Communications (PerCom), March 2011.
[pdf] - What’s in a Name: A Study of Names, Gender Inference, and Gender Behavior in Facebook
Cong Tang, Keith Ross, Nitesh Saxena and Ruichuan Chen
International Workshop on Social Networks and Social Media Mining on the Web (SNSMW), co-located with DASFAA, April 2011.
[pdf] - Pairing Devices for Social Interactions: A Comparative Usability Evaluation
Ersin Uzun, Nitesh Saxena and Arun Kumar
ACM Conference on Human Factors in Computing Systems (CHI), May 2011.
[pdf] - On the Effectiveness of Anonymizing Networks for Web Search Privacy
Sai Teja Peddinti and Nitesh Saxena
ACM Symposium on Information, Computer and Communications Security (AsiaCCS), March 2011.
[pdf]
- Password-Protected Secret Sharing
- 2010
-
- On Pairing Constrained Wireless Devices Based on Secrecy of Auxiliary Channels: The Case of Acoustic Eavesdropping
Tzipora Halevi and Nitesh Saxena
ACM Conference on Computer and Communications Security (CCS), October 2010
[pdf] - A Comparative Usability Evaluation of Traditional Password Managers
Ambarish Karole, Nitesh Saxena and Nicolas Christin
International Conference on Information Security and Cryptology (ICISC), December 2010
[pdf] - On the Privacy of Peer-Assisted Distribution of Security Patches
Di Wu, Cong Tang, Prithula Dhungel, Nitesh Saxena and Keith W. Ross
IEEE International Conference on Peer-to-Peer Computing (P2P), August 2010
[pdf] - Authenticated Key Agreement with Key Re-Use in the Short Authenticated Strings Model
Stanislaw Jarecki and Nitesh Saxena
Conference on Security and Cryptography for Networks (SCN), September 2010.
[pdf] - Groupthink: Usability of Secure Group Association for Wireless Devices
Rishab Nithyanand, Nitesh Saxena, Gene Tsudik and Ersin Uzun
International Conference on Ubiquitous Computing (Ubicomp), September 2010.
[pdf] - Still and Silent: Motion Detection for Enhanced RFID Security and Privacy without Changing the Usage Model
Nitesh Saxena and Jonathan Voris
Workshop on RFID Security (RFIDSec), June 2010.
[pdf] - On the Privacy of Web Search Based on Query Obfuscation: A Case Study of TrackMeNot
Sai Teja Peddinti and Nitesh Saxena
Privacy Enhancing Technologies Symposium (PETS), July 2010.
[pdf] - Shoulder Surfing Safe Login in a Partially Observable Attacker Model
Toni Perkovic, Mario Cagalj and Nitesh Saxena
Financial Cryptography (FC), January 2010.
[pdf]
- On Pairing Constrained Wireless Devices Based on Secrecy of Auxiliary Channels: The Case of Acoustic Eavesdropping
- 2009
-
- On the Usability of Secure Association of Wireless Devices Based On Distance Bounding
Mario Cagalj, Nitesh Saxena and Ersin Uzun
Cryptology and Network Security (CANS), December 2009.
[pdf] - Blink ‘Em All: Secure, Scalable and User-Friendly Initialization of Sensor Nodes
Nitesh Saxena and Md. Borhan Uddin
Cryptology and Network Security (CANS), December 2009.
[pdf] - Authentication Technologies for the Blind or Visually Impaired
Nitesh Saxena and James Watt
USENIX Workshop on Hot Topics in Secuirty (HotSec), August 2009.
[pdf] - We Can Remember It for You Wholesale: Implications of Data Remanence on the Use of RAM for True Random Number Generation on RFID Tags
Nitesh Saxena and Jonathan Voris
Workshop on RFID Security (RFIDSec), July 2009.
[pdf] - Using HB Family of Protocols for Privacy-Preserving Authentication of RFID Tags in a Population
Tzipora Halevi, Nitesh Saxena and Shai Halevi
Workshop on RFID Security (RFIDSec), July 2009.
[pdf] - Improving the Robustness of Wireless Device Pairing Using Hyphen-Delimited Numeric Comparison
Ambarish Karole and Nitesh Saxena
International Symposium on Emerging Ubiquitous and Pervasive Systems (EUPS), August 2009.
[pdf] - Bootstrapping Key Pre-Distribution: Secure, Scalable and User-Friendly Initialization of Sensor Nodes
Nitesh Saxena and Md. Borhan Uddin
Applied Cryptography and Network Security (ACNS), Industrial Track paper, June 2009.
[pdf] - Secure Pairing of “Interface-Constrained” Devices Resistant Against Rushing User Behavior
Nitesh Saxena and Md. Borhan Uddin
Applied Cryptography and Network Security (ACNS), June 2009.
[pdf] - Caveat Emptor: A Comparative Study of Secure Device Pairing Methods
Arun Kumar, Nitesh Saxena, Gene Tsudik and Ersin Uzun
International Conference on Pervasive Computing and Communications (PerCom), March 2009.
[pdf]
- On the Usability of Secure Association of Wireless Devices Based On Distance Bounding
- 2008
-
- Automated Device Pairing for Asymmetric Pairing Scenarios
Nitesh Saxena and Md. Borhan Uddin
International Conference on Information and Communications Security (ICICS), October 2008.
[pdf] - Universal Device Pairing using an Auxiliary Device
Nitesh Saxena, Md. Borhan Uddin and Jonathan Voris
Symposium On Usable Privacy and Security (SOUPS), July 2008.
[pdf] - Efficient Device Pairing using Synchronized “Human-Comparable” Audiovisual Patterns
Ramnath Prasad and Nitesh Saxena
Applied Cryptography and Network Security (ACNS), June 2008.
[pdf] - Pairing Devices with Good Quality Output Interfaces
Nitesh Saxena and Jonathan Voris
International Workshop on Wireless Security and Privacy (WISP) (co-located with ICDCS).
June 2008.
[pdf]
- Automated Device Pairing for Asymmetric Pairing Scenarios
- 2007
-
- The Pollution Attack in P2P Live Video Streaming: Messurement Results and Defenses
Prithula Dhungel, Xiaojun Hei, Keith W. Ross, and Nitesh Saxena
Peer-to-Peer Streaming and IP-TV Workshop (P2P-TV) (co-located with SIGCOMM),
August 2007
[pdf]
- The Pollution Attack in P2P Live Video Streaming: Messurement Results and Defenses
- 2006 and earlier
-
- Public Key Cryptography sans Certificates in Ad Hoc Networks (Best Student Paper!)
Nitesh Saxena
Applied Cryptography and Network Security (ACNS), June 2006.
[pdf] - Secure Device Pairing based on a Visual Channel
Nitesh Saxena, Jan-Erik Ekberg, Kari Kostiainen, and N. Asokan
IEEE Symposium on Security and Privacy, Oakland, appeared as short paper (6 pages),
May 2006.
[full paper: pdf][short paper: pdf] - Securing Communication in Various Ad Hoc Network Settings
Nitesh Saxena
IEEE Infocom Student Workshop, April 2006. - Efficient Node Admission for Short-lived Mobile Ad Hoc Networks
Nitesh Saxena, Gene Tsudik, and Jeong H. Yi,
IEEE Conference on Networking Protocols (ICNP), November 2005.
[pdf] - Self-Configurable Key Pre-distribution in Mobile Ad Hoc Networks,
Claude Castellucia, Nitesh Saxena, and Jeong H. Yi,
IFIP Networking Conference, May 2005.
[pdf] - Futher Simplifications in Proactive RSA Signatures,
Stanislaw Jarecki, and Nitesh Saxena,
Theory of Cryptography Conference (TCC), February 2005.
[pdf] - Identity-based Access Control for Ad Hoc Groups,
Nitesh Saxena, Gene Tsudik, and Jeong H. Yi,
International Conference on Information Security and Cryptology (ICISC), December 2004.
[pdf] - An Attack on the Proactive RSA Signature Scheme in the URSA Ad Hoc Network Access Control Protocol,
Stanislaw Jarecki, Nitesh Saxena, and Jeong Hyun Yi,
ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN), pp.1-9, Washington, DC, USA, October 25, 2004.
[pdf] - Access Control in Ad Hoc Groups,
Nitesh Saxena, Gene Tsudik, and Jeong H. Yi,
International Workshop on Hot Topics in Peer-to-Peer Systems (HOT-P2P), Volendam, The Netherlands, October 2004.
[pdf] - Experimenting with Admission Control in P2P,
Nitesh Saxena, Gene Tsudik, and Jeong H. Yi,
International Workshop on Advanced Developments in System and Software Security (WADIS), Taipei, Taiwan, December 2003.
[pdf] - Admission Control in Peer-to-Peer: Design and Performance Evaluation,
Nitesh Saxena, Gene Tsudik, and Jeong H. Yi,
ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN), pp.104-114, Fairfax, VA, USA, October 31, 2003.
[pdf]
- Public Key Cryptography sans Certificates in Ad Hoc Networks (Best Student Paper!)
BOOK CHAPTERS
-
- Towards Sensing-Enabled RFID Security and PrivacyDi Ma and Nitesh Saxena
Security and Trends in Wireless Identification and Sensing Platform Tags: Advancements in RFID, IGI Global, 2012. - Expermenting with Admission Control in P2P NetworksNitesh Saxena, Gene Tsudik and Jeong H. Yi,
Computer Security in the 21st Century, ISBN: 0-387-24005-5, Springer, 2005.
- Towards Sensing-Enabled RFID Security and PrivacyDi Ma and Nitesh Saxena
DISSERTATIONS
-
- Decentralized Security Services (Nominated for the ACM Doctoral Dissertation Award!)Nitesh Saxena,
Ph.D Dissertation, UC Irvine, August 2006 - Cryptanalysis of the SchlusselzusatzNitesh Saxena,
M.S. Dissertation, UC Santa Barbara, March 2002
Also appears in the chapter on “The Emergence of Cipher Machines” of the book Computer Security and Crypgraphy, by Alan G. Konheim
- Decentralized Security Services (Nominated for the ACM Doctoral Dissertation Award!)Nitesh Saxena,