Uncategorized

• Hearing Check Failed: Using Laser Vibrometry to Analyze the Potential for Hard Disk Drives to Eavesdrop Speech Vibrations
  Payton Walker, Nitesh Saxena, S. Abhishek Anand, Tzipora Halevi and Shalini Saini
  In the 17th ACM ASIA Conference on Computer and Communications Security (ASIA CCS), May/June 2022

The lab welcomes three new PhD students:

• Jimmy Dani (since Spring 2022)
• Md Mojibur Rahman Redoy Akanda (since Spring 2022)
• Md Imanul Huq (since Spring 2022)

Dr. Saxena is offering a brand new special topics course for graduate students, CSCE 689: Secure Authentication Systems, in Spring 2022.  This is a research-centered course covering a wide variety of authentication techniques, and the strengths and pitfalls of these techniques. Student groups will be presenting research papers, and pursuing a practical project on a topic of their interest relevant to authentication, with the potential to convert these projects into research publications depending on their merit. No exams! Fully online (so no COVID worries!). Please consider enrolling for the course and learn about some cool research in one of the most important areas of cybersecurity — authentication breaks are often used as a stepping stone for many other devastating cyber attacks (e.g., the SolarWinds and Twitter hacks of 2020).

For any questions, please free to reach out to Dr. Saxena: nsaxena@tamu.edu.

• Gummy Browsers: Targeted Browser Spoofing against State-of-the-Art Fingerprinting Techniques
  Zengrui Liu,  Prakash Shrestha and Nitesh Saxena.
  In International Conference on Applied Cryptography and Network Security (ACNS), June  2022.
• Beware of Your Vibrating Devices! Vibrational Relay Attacks on Zero-Effort Deauthentication
  Prakash Shrestha and Nitesh Saxena.
  In International Conference on Applied Cryptography and Network Security (ACNS), June  2022

• Evaluating the Effectiveness of Protection Jamming Devices in Mitigating Smart Speaker Eavesdropping Attacks Using Gaussian White Noise
  Payton Walker and Nitesh Saxena
  In Annual Computer Security Applications Conference (ACSAC), December 2021.

Face-Mic: Inferring Live Speech and Speaker Identity via Subtle Facial Dynamics Captured by AR/VR Motion Sensors
Cong Shi, Xiangyu Xu, Tianfang Zhang , Payton Walker, Yi Wu, Jian Liu, Nitesh Saxena, Yingying Chen and Jiadi Yu
In the 27th Annual International Conference on Mobile Computing and Networking (Mobicom), Jan/Feb 2022.

 

Analyzing the Security of OTP 2FA in the Face of
Malicious Terminals
Tanvir Mahdad, Mohammed Jubur, and Nitesh Saxena
In the International Conference on Information and Communications Security (ICICS), 2021.

Dr. Saxena has a new NSF CICI grant funded:

NSF Cybersecurity Innovation for Cyberinfrastructure (CICI), “UCSS: Towards Secure and Usable Push Notification Authentication for Collaborative Scientific Infrastructures”, $499,934, Aug 2021 – Aug 2024, Sole PI.

This project will allow us to study and redesign push notification based authentication.

• SoK: Assessing the Threat Potential of Vibration-based Attacks against Live Speech using Mobile Sensors
  Payton Walker and Nitesh Saxena
  In ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), Jun-Jul 2021.
  [pdf]
• Spearphone: A Lightweight Speech Privacy Exploit via Accelerometer-Sensed Reverberations from Smartphone Loudspeakers
  Abhishek Anand, Chen Wang, Jian Liu, Nitesh Saxena and Yingying Chen
  In ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), Jun-Jul 2021.
  [pdf]

Authentication of Voice Commands on Voice Assistance Systems Leveraging Vibrations on Wearables
Cong Shi, Yan Wang, Yingying Chen, and Nitesh Saxena.
In IEEE Security and Privacy (Magazine), Special Issue of Selected Papers from ACSAC’20, 2021.