Uncategorized

• Harnessing Vital Sign Vibration Harmonics for Effortless and Inbuilt XR User Authentication
  Tianfang Zhang, Qiufan Ji, Md Mojibur Rahman Redoy Akanda, Zhengkun Ye, Ahmed Tanvir Mahdad, Cong Shi, Yan Wang, Nitesh Saxena, Yingying Chen
  In the ACM SIGSAC Conference on Computer and Communications Security (CCS), October 2025. 

MarkMatch: Same-Hand Stuffing Detection.
Fei Zhao, Runlin Zhang, Chengcui Zhang, and Nitesh Saxena
IEEE International Conference on Multimedia and expo (ICME), June 30-July 4th, 2025.

SPIES Lab’s study, led by Zengrui Liu (former SPIES), Jimmy Dani and Nitesh Saxena, provides the first evidence of the use of browser fingerprints for online tracking. The researchers discovered that websites are covertly employing browser fingerprinting — a technique that uniquely identifies a web browser — to track users across browsing sessions and sites.

Read our full paper here.

Media outlets featuring our browser fingerprinting work include:

• Your browser is snitching on you, The Kim Komando Show
• New Research Provides First Evidence of the Use of Browser Fingerprints for Online Tracking, Soylent News
• Tracking of Internet users via browser fingerprinting, IT Daily
• Tracking of Internet users via browser fingerprinting, PCtipp
• Tracking Internet users via browser fingerprinting, Innovation & Information
• Psylo browser tries to obscure digital fingerprints by giving every tab its own IP address, The Register
• Tracking of Internet users via fingerprinting, pressetext
• New Research Reveals How Websites Secretly Track Users Without Cookies, Israel Homeland Security (iHSL)
• Your web browser may be spying on you — Even without cookies, Knowridge Science Report
• VPNs cannot protect against browser fingerprinting – but this new web browser could be the fix, msn.com
• Researchers Link Browser Fingerprints to Ad Targeting, Undermining Online Privacy Promises, Digital Information World
• Websites are secretly tracking you using your browser’s ‘fingerprint’, Earth.com
• Websites Are Tracking You Via Browser Fingerprinting, Hacker News
• Websites Are Tracking You Via Browser Fingerprinting, researchers show, Tech Xplore
• Psylo browser tries to obscure digital fingerprints by giving every tab its own IP address, The Register
• The browser reveals its identity. Why is this a problem?, gazeta na niedzielę (GNN)
• Risky Bulletin: Russian hackers abuse app-specific passwords to bypass MFA, RISKY.BIZ
• Researchers relate browser fingerprints to ad targeting, undermining promises of online privacy., Consultant ALEX BARBOSA
• VPNs cannot protect against browser fingerprinting – but this new web browser could be the fix, Tech Radar, June 21, 2025

Building and Testing a Hidden-Password Online Password Manager
Mohammed Jubur, Chistopher Price, Maliheh Shirvanian, Stanislaw Jarecki, Hugo Krawczyk and Nitesh Saxena
In IEEE Transactions on Information Forensics and Security (TIFS), 2025

SPIES Lab’s study, led by Zengrui Liu (former SPIES), Jimmy Dani and Nitesh Saxena, provides the first evidence of the use of browser fingerprints for online tracking. The researchers discovered that websites are covertly employing browser fingerprinting — a technique that uniquely identifies a web browser — to track users across browsing sessions and sites.

Read our full paper here.

Websites Are Tracking You Via Browser Fingerprinting, Department of Computer Science & Engineering, Texas A&M University

SoK: Inaccessible & Insecure: An Exposition of Authentication Challenges Faced by Blind and Visually Impaired Users in State-of-the-Art Academic Proposals
Md Mojibur Rahman Redoy Akanda, Amanda Lacy, Nitesh Saxena
In 34th USENIX Security Symposium, August 2025.

• A Machine Learning-Based Framework for Assessing Cryptographic Indistinguishability of Lightweight Block Ciphers
  Jimmy Dani, Kalyan Nakka, Nitesh Saxena
  In 22nd Annual International Conference on Privacy, Security, and Trust (PST), August 2025.

• Encryption Struggles Persist: When Tech-Savvy Students Face Challenges with PGP in Thunderbird
  Md Imanul Huq, Ahmed Tanvir Mahdad, Nitesh Saxena
  In 22nd Annual International Conference on Privacy, Security, and Trust (PST), August 2025.