WACA: Publications

March 3, 2018

GUTE-URLS

Wordpress is loading infos from fiu

Please wait for API server guteurls.de to collect data from
news.fiu.edu/2017/12/cybers...

  Publications  Invention Disclosures Media Coverages Presentation and Talks Publications: Abbas Acar, Wenyi Liu, Raheem Bayeh, Kemal Akkaya, and A. Selcuk Uluagac, “A Privacy-preserving Multi-factor Authentication System”, Wiley Security and Privacy, 2019. [pdf] Abbas Acar, Hidayet Aksu, Kemal Akkaya, and A. Selcuk Uluagac. “WACA: Wearable-Assisted Continuous Authentication.” Security and Privacy Workshops (SPW), 2018 IEEE. IEEE, 2018. [pdf] Abbas Acar, Hidayet Aksu, Kemal Akkaya, and A. Selcuk Uluagac. WACA: Wearable-Assisted Continuous Authentication Framework with Motion Sensors. In Proceedings of the 25th Usenix Security Symposium, 2016 (poster). [pdf] [bibtex] Invention Disclosures:  Abbas Acar, Hidayet Aksu, A. Selcuk Uluagac, and Kemal Akkaya, “A Method for Continuous User Authentication with Wearables,” Filed to US Patent and Trademark Office (US 15/674,133), August 2017. [link] [bibtex] Presentations and Talks: Abbas Acar, Hidayet Aksu, Kemal Akkaya, and A. Selcuk Uluagac. WACA: Wearable-Assisted Continuous Authentication Framework.  Presentation of the accepted paper at the 39th IEEE Symposium on Security and Privacy Workshops, San Francisco, CA, May 24, 2018. Abbas Acar, Hidayet Aksu, Kemal Akkaya, and A. Selcuk Uluagac. WACA: Wearable-Assisted Continuous Authentication Framework with Motion Sensors. Poster Presentation at Florida Institute of Cybersecurity Research Annual Conference on Cybersecurity, University of Florida, Gainesville, March 1, 2018. [pdf] Media Coverages: Abbas Acar, Amit Kumar Sikder, Leonardo Babun, and A. S. Uluagac, “Experts talk cyber attacks on business, lead live hack,” FIU News, Gisela Valencia, December 21, 2017

UrlPreviewBox

https://csl.fiu.edu/waca/waca-publications/

Projects

September 20, 2017

CSPoweR-Watch: A Cyber-Resilient Residential Power Management System Modern Energy Management Systems (EMS) are becoming increasingly complex in order to address the urgent issue of global energy consumption. These systems retrieve vital information from various Internet-connected devices in a smart grid to function effectively. However, due to the critical tasks they perform and the sensitive information they handle, such devices make a very attractive target for attackers. Numerous factors including high interconnectivity and outdated firmware, result in such devices being susceptible to cyber attacks. Malicious actors can exploit these vulnerabilities present in the devices to perform detrimental tasks such as modifying critical firmware, sending bogus sensor data, or stealing sensitive information. To address this issue, we propose a novel framework that integrates PowerWatch, a solution that detects compromised devices in the smart grid, with Cyber-secure Power Router (CSPR), a modern energy management system that is connected to various smart-grid devices. In addition, we propose a distributed infrastructure scheme in which numerous CSPR devices are being monitored using PowerWatch capabilities. The goal is to ascertain whether or not CSPR has operated maliciously, which PowerWatch achieves by utilizing a machine learning model that analyzes information from system or library call lists extracted from CSPR in order to detect malicious activity in the EMS. To test the efficacy of our framework, a number of unique attack scenarios were performed on a realistic testbed that comprises functional versions of CSPR and PowerWatch. Our performance evaluation investigates the effectiveness of this first-of-its-kind merger and provides insight into the feasibility of developing future cyber-secure EMS. The results of our experimental procedures yielded 100\% accuracy for each of the attack scenarios. Finally, our implementation demonstrates that the integration of PowerWatch and CSPR is effective and yields minimal overhead to the EMS. Project Sponsor: National Science Foundation HDMI-Walk: Attacking HDMI devices through the High Definition Media Interface (HDMI) The High Definition Multimedia Interface (HDMI) is the backbone and the de-facto standard for Audio/Video interfacing between video-enabled devices. Today, almost tens of billions of HDMI devices exist in the world and are widely used to distribute A/V signals in smart homes, offices, concert halls, and sporting events making HDMI one of the most highly deployed systems in the world. An important component in HDMI is the Consumer Electronics Control (CEC) protocol, which allows for the interaction between devices within an HDMI distribution network. Nonetheless, existing network security mechanisms only protect traditional networking components, leaving HDMI-Walk outside of their scope. In this work, we identify and tap into CEC protocol vulnerabilities, using them to implement realistic proof-of-work attacks on HDMI distribution networks. Project Sponsor: National Science Foundation Project Duration: 06/15/18-08/23/19 Privacy-Aware Wearable-Assisted Continuous Authentication Framework Whether it is one-factor or MFA, a one-time login process does not guarantee that the identified user is the real user throughout the login session. Even if it is an insider who has been authorized once, forever access is provided in most cases not to interrupt the current user. Hence, an authentication that re-verifies the user periodically without breaking the continuity of the session is vital. In this project, we introduce a Wearable-Assisted Continuous Authentication framework called WACA, where a wearable device (e.g., smartwatch) is used to authenticate a computer user continuously utilizing the motion sensors of the smartwatch.                                 Project Sponsor: National Science Foundation        Project Duration: 8/15/17-7/31/19 SaINT: Sensitive Information Tracking in IoT Applications Broadly defined as the Internet of Things (IoT), the growth of commodity devices that integrate physical processes with digital connectivity has had profound effects on society—smart homes, personal monitoring devices, enhanced manufacturing, and other IoT applications have changed the way we live, play and work. Yet extant IoT platforms provide few means of evaluating the use (and potential misuse) of sensitive information. In this project, we present SaINT, a tool for analyzing sensitive data leakage in IoT implementations. SaINT operates in three phases; (a) translation of platform-specific source code into an IR modeling sensor-computation-actuator structures, (b) identifying sensitive sources and sinks, and (c) performing static analysis to identify sensitive data leakage. Proviz: Sensor Development Software for IoT Devices Proviz is an Internet of Things application development software. You can use Proviz to create Internet of Things applications without requiring any software or hardware experiences. Project Sponsor: National Science Foundation Project Duration: 09/01/13-08/31/17 6thSense: Securing Sensory Side-Channels in Cyber-Physical Systems and IoT Devices and Applications Modern devices have become “smart” in recent years with the advancement of modern electronics and wireless communication systems. Smart devices such as smartphone, smartwatch, fitness trackers, etc. are equipped with high precision sensors, empowering them to gather information about user characteristics as well as the surrounding environment. These sensor-enriched devices have opened a new domain of sensing-enabled applications. With the rapid growth sensing-enabled applications, smart devices are integrated into every possible application domain, from home security to health care to the military. Some applications can even learn the characteristics of users using sensor data and take automatic decisions to improve the user experience. Project Sponsor: National Science Foundation Project Duration: 06/01/15-05/31/20 Compromised Device Detection The core concept of the smart grid is the realization of two-way communications between smart devices. The integration of complex and heterogeneous networks as well as their devices into the smart grid must be done not only in an efficient but also in a secure manner. Nonetheless, with all its dependency upon device operations and communications, the smart grid is highly vulnerable to any security risk stemming from devices. Especially, the use of compromised devices can wreak havoc on the smart grid’s critical functionalities and can cause catastrophic consequences to the integrity of the smart grid data and/or users’ privacy. Project Sponsor: Department of Energy Project Duration: 09/15/15-09/14/20 ct Sponsor: National Science Foundation Project Duration: 06/01/15-05/31/20 Peek-a-Boo: I see your smart home activities, even encrypted! Authors: Abbas Acar, Hossein Fereidooni, Tigist Abera, Amit Kumar Sikder, Markus Miettinen, Hidayet Aksu, Mauro Conti, Ahmad-Reza Sadeghi, A. Selcuk Uluagac Link: https://arxiv.org/pdf/1808.02741.pdf Corresponding Author: Abbas Acar In this work, we introduce a novel multi-stage privacy attack against user privacy in a smart environment. It is realized utilizing state-of-the-art machine-learning approaches for detecting and identifying particular types of IoT devices, their actions, states, and ongoing user activities in a cascading style by only observing passively the traffic from smart home devices and sensors. The attack effectively works on both encrypted […]

https://csl.fiu.edu/projects-3/

Proviz Publications

March 26, 2017

                            Publications Shruthi Ravichandran, Ramalingam K. Chandrasekar, A. Selcuk Uluagac, and R. A. Beyah,”A Simple Visualization and Programming Framework for Wireless Sensor Networks: PROVIZ,” Elsevier Ad Hoc Networks Journal, Volume 53, 15 December 2016, Pages 1-16, ISSN 1570-870, [bibtex],[pdf] Ramalingam K. C., A.Selcuk Uluagac, and R. A. Beyah,“PROVIZ: An Integrated Visualization and Programming Framework for WSNs,“ in Proceedings of the 8th IEEE Workshop on Practical Issues in Building Sensor Network Applications 2013 (IEEE SenseApp 2013), Australia, October 2013, [bibtex],[pdf]

https://csl.fiu.edu/proviz-project/proviz-publications/

6thSense: Publications

March 21, 2017

  Publications  Invention Disclosures Media Coverage Presentation and Talks   Publications: K. Denney, A. S. Uluagac, K. Akkaya and S. Bhansali, “A novel storage covert channel on wearable devices using status bar notifications,” 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, 2016, pp. 845-848. doi: 10.1109/CCNC.2016.7444898 A. S. Uluagac, V. Subramanian and R. Beyah, “Sensory channel threats to Cyber Physical Systems: A wake-up call,” 2014 IEEE Conference on Communications and Network Security, San Francisco, CA, 2014, pp. 301-309. doi: 10.1109/CNS.2014.6997498 Amit Kumar Sikder, Hidayet Aksu, and A. Selcuk Uluagac, “6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices”, In proceedings of 26th USENIX security symposium, Vancouver, Canada, 2017. [PDF], [BibTex] Amit Kumar Sikder, Hidayet Aksu, and A. Selcuk Uluagac, “A Context-aware Framework for Detecting Sensor-based Threats on Smart Devices”, IEEE Transactions on Mobile Computing (2019). [PDF], [BibTex] Amit Kumar Sikder, Leonardo Babun, Hidayet Aksu, and A. Selcuk Uluagac, “Aegis: A Context-aware Security Framework for Smart Home Systems”, Accepted to appear in 2019 Annual Computer Security Applications Conference (ACSAC), Puerto Rico. [PDF] [BibTex] Invention Disclosures:  Amit Kumar Sikder, Hidayet Aksu, and A. Selcuk Uluagac, “A context-aware Intrusion Detection method for smart devices with sensors”, submitted to Florida International University and accepted by United State Patent and Trademark Office (US 10,417,413 B2). [PDF] [BibTex] Media Coverages: Guard Your Gadgets: Channel 7 covers our project in evening news on November 11, 2016.     Dangers of Unsecured Surveillance Cameras: NBC 6 news highlights a news featuring unsecured surveillance cameras where Dr. A. Selcuk Uluagac talked about how camera sensors can be hacked in surveillance cameras.   Your phone is like a spy in your pocket: Science News highlights our research work in their magazine on February, 2018. Magazine issue: Vol. 193, No. 2, February 3, 2018, p. 18. Presentations and Talks: Amit Kumar Sikder, H. Aksu, and A. S. Uluagac, 6thSense: Sensor-based  Attack Detector for Smart Devices, Technical Presentation at Graduate Student Appreciation Week (GSAW) in Florida International University, Miami, 2017. Amit Kumar Sikder, H. Aksu, and A. S. Uluagac, 6thSense: Sensor-based  Attack Detector for Smart Devices, Technical Presentation at 26th USENIX security symposium, Vancouver, Canada, 2017.   Amit Kumar Sikder, Abbas Acar, Leonardo Babun, and A. S. Uluagac, Experts talk cyber attacks on business, lead live ‘hack’, Workshop on cyber security leadership and strategy, hosted by Florida International University, the U.S Chamber of Commerce, the Florida Small Business Development Center Network and the Greater Miami Chamber of Commerce. Amit Kumar Sikder and A. Selcuk Uluagac, “6thSense: A Context-aware Sensor-based Attack Detector for CPS Devices”, Poster presentation at Transforming Antennas Center workshop, hosted by Florida International University.

UrlPreviewBox

https://csl.fiu.edu/sensor-based-threat-detector/sensor-based-threat-publications/

News

September 27, 2014

Two papers accepted at ACM WiSec 2020: Our papers “KRATOS: Multi-User Multi-Device-Aware Access Control System for the Smart Home” and “Peek-a-Boo: I see your smart home activities, even encrypted!” were accepted for publication at the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec 2020). Congratulations to Amit Kumar Sikder, Abbas Acar, and the rest of the team! Outstanding Student Life Award: Our team member, Leonardo Babun, received the distinguished Outstanding Student Life Award in the category of Outstanding Scholar awarded  by the Florida International University. Congrats to Leo! CSL lab congratulates Abbas Acar for successfully defending his Ph.D. dissertation titled “Privacy-Aware Security Applications in the Era of Internet of Things.” (April 16, 2020). The CSL family congratulates Leonardo Babun for successfully defending his Ph.D. dissertation titled “On-device Security and Privacy Mechanisms for Resource-limited Devices: A Bottom-Up Approach” (March 23, 2020). UGS Provost Award 2020 (March 31, 2020): Our Ph.D. student, Amit Kumar Sikder, received the distinguished University Provost Award for Outstanding Graduate Project awarded by the University graduate school and provost office, Florida International University. Congrats to Amit! Invited Technical Talk at MITRE: Our Ph.D. candidate Leonardo Babun was invite to give the technical talk entitled “On-Device Security and Privacy Mechanisms for Resource-limited Devices: A Bottom-Up Approach” at the MITRE Corporation, Bedford, MA. Invited Technical Talk at ORNL: Our Ph.D. candidate Leonardo Babun was invite to give the technical talk entitled “On-Device Security and Privacy Mechanisms for Resource-limited Devices: A Bottom-Up Approach” at the Oak Ridge National Laboratory (ORNL), Oak Ridge, TN. Invited Technical Talk at ARL: Our Ph.D. candidate Leonardo Babun was invite to give the technical talk entitled “On-Device Security and Privacy Mechanisms for Resource-limited Devices: A Bottom-Up Approach” at the Army Research Laboratory (ARL), Adelphi, MD. Paper accepted at IEEE ICC 2020: Our paper “Z-IoT: Passive Device-class Fingerprinting of Zigbee and Z-wave IoT Devices” was accepted for publication at the 2020 IEEE International Conference of Communications. Congratulations to Leo Babun and the rest of the team! Accepted paper at IEEE CNS 2020 (March 23, 2020): Our paper, “HEKA: A Novel Intrusion Detection System for Attacks to Personal Medical Devices” was accepted for publication at the 8th IEEE Conference on Communications and Network Security (CNS 2020). Congrats to Iqtidar, Amit, Leo, and the entire team. Poster Presentation at RSA: Our Ph.D. candidate Leonardo Babun presented the technical poster titled “Security and Privacy Mechanisms for IoT and IIoT Devices and Applications” at the 2020 RSA Conference. Congrats to Leo! RSA Scholar Award: Our Ph.D. candidate Leonardo Babun received the RSAC Security Scholar Award to participate in the 2020 RSA conference. Congrats to Leo! Manuscript accepted at Springer HASS: Our manuscript “USB-Watch: A Generalized Hardware-Assisted Insider Threat Detection Framework” was accepted for publication at the Springer Journal of Hardware and Systems Security. Congratulations to Kyle, Leo Babun, and the entire team!. The manuscript is available here. Paper at IEEE Transactions on Mobile Computing (February 10, 2020): Our paper, “A Usable and Robust Continuous Authentication Framework using Wearables” was accepted to appear in IEEE Transactions on Mobile Computing (IEEE TMC). Congrats to Abbas Acar and the entire team. More information about this work is available here. CSL Lab Welcomes (January 6, 2020): Genevieve Liberte as a new Master of Science student. Genevieve previously worked with the lab during the Security of Smart Things REU in the summer of 2017. Technical Talk at ACSAC 2019 (December 12, 2019): Our Ph.D. student, Amit Kumar Sikder, gave a technical talk titled “A Novel Fine-grained Access Control System for Multi-user Multi-device Smart Home Systems” at the 35th Annual Computer Security Applications Conference (ACSAC 2019). Congrats to Amit, Leo, and the entire team. The details of the project and pre-print of our work can be found here. CSL Lab Welcomes (December 12, 2019):  Harun Oz as a new Master of Science student. Technical Talk at ACSAC 2019 (December 13, 2019): Our Ph.D. candidate Leonardo Babun, gave a technical presentation titled “Real-time Privacy Analysis of IoT Apps”” at the 35th Annual Computer Security Applications Conference (ACSAC 2019). Congrats to Leo, and the entire team. Technical Talk at ACSAC 2019 (December 13, 2019): Our Ph.D. student Luis Puche Rondon, gave a technical talk titled “HDMI-Walk: Attacking HDMI Distribution Networks via Consumer Electronic Control Protocol” at the 35th Annual Computer Security Applications Conference (ACSAC 2019). Congrats to Luis, Leo, and the entire team. The details of the project and pre-print of our work can be found here. Poster Presentation at ACSAC 2019 (December 12, 2019): Our Ph.D. student, Amit Kumar Sikder, presented a poster titled “A Novel Fine-grained Access Control System for Multi-user Multi-device Smart Home Systems” at the 35th Annual Computer Security Applications Conference (ACSAC 2019). Congrats to Amit, Leo, and the entire team. Poster Presentation at ACSAC 2019 (December 12, 2019): Our Ph.D. candidate, Leonardo Babun, presented a poster titled “Real-time Privacy Analysis of IoT Apps” at the 35th Annual Computer Security Applications Conference (ACSAC 2019). Congrats to Leo and the entire team. Telemundo Noticias Coverage (December 12, 2019): Our Ph.D. candidate Leonardo Babun explained the privacy risks of smart cameras and how we can protect ourselves from cyber attacks at Telemundo Noticias (Spanish). Congrats Leo! Manuscript accepted at ACM TCPS: Our manuscript “System-level Behavioral Detection Framework for Compromised CPS Devices: Smart-Grid Case” was accepted for publication at the ACM Transactions of Cyber-Physical Systems. Congrats to Leo Babun and the entire team. The manuscript is available here. Dissertation Year Fellowship Award (November 27, 2019):  Our Ph.D. student, Amit Kumar Sikder, received the prestigious Dissertation Year Fellowship awarded by the University Graduate School, Florida International University. Congrats to Amit! Poster presentation at NFS CPS PI Meeting 2019 (November 21, 2019): Amit Kumar Sikder and Dr. Uluagac presented a poster, “CAREER: Securing Sensory Side-Channels in Cyber-Physical Systems” at the 2019 NSF CPS PI Meeting, Crystal City, VA, USA. The details of the project can be found here. Poster Presentation at 2019 GDRR: Our poster “Blockchain-assisted Privacy Analysis of IoT Apps” was accepted for presentation at the 2019 GDRR Foundations for Blockchain Data Analytics Workshop. Congratulations to Leo Babun and the rest of the team! Travel Award: Our Ph.D. candidate Leonardo Babun received a Travel Award to participate in the 2019 SAMSI Foundations for Blockchain Data Analytics Workshop. Congrats to Leo! Paper accepted at IEEE GreenComm: Our paper “CSPoweR-Watch: A Cyber-resilient Residential Power Management System” was accepted […]

https://csl.fiu.edu/news/
USA