Bogdan Carbunar

Building castles out of mud: practical access pattern privacy and correctness on untrusted storage

We introduce a new practical mechanism for remote data storage with efficient access pattern privacy and correctness. A storage client can deploy this mechanism to issue encrypted reads, writes, and inserts to a potentially curious and malicious storage service provider, without revealing information or access patterns. The provider is unable to establish any correlation between successive accesses, or even to distinguish between a read and a write. Moreover, the client is provided with strong correctness assurances for its operations -- illicit provider behavior does not go undetected. We built a first practical system -- orders of magnitude faster than existing implementations -- that can execute over several queries per second on 1Tbyte+ databases with full computational privacy and correctness.

Continuous mobile authentication using touchscreen gestures

Securing the sensitive data stored and accessed from mobile devices makes user authentication a problem of paramount importance. The tension between security and usability renders however the task of user authentication on mobile devices a challenging task. This paper introduces FAST (Fingergestures Authentication System using Touchscreen), a novel touchscreen based authentication approach on mobile devices. Besides extracting touch data from touchscreen equipped smartphones, FAST complements and validates this data using a digital sensor glove that we have built using off-the-shelf components. FAST leverages state-of-the-art classification algorithms to provide transparent and continuous mobile system protection. A notable feature is FAST s continuous, user transparent post-login authentication. We use touch data collected from 40 users to show that FAST achieves a False Accept Rate (FAR) of 4.66% and False Reject Rate of 0.13% for the continuous post-login user authentication. The low FAR and FRR values indicate that FAST provides excellent post-login access security, without disturbing the honest mobile users.

Redundant reader elimination in RFID systems

While recent technological advances have motivated large-scale deployment of RFID systems, a number of critical design issues remain unresolved. In this paper we deal with de- tecting redundant RFID readers (the redundant reader problem). The underlying difficulty associated with this problem arises from the lack of collision detection mechanisms, the potential inability of RFID readers to relay packets generated by other readers, and severe resource constraints on RFID tags. We prove that an optimal solution to the redundant reader problem is NP-hard and propose a randomized, distributed, and localized approximation algorithm, RRE. We provide a detailed probabilistic analysis of the accuracy and time complexity of RRE and conduct elaborate simulations to demonstrate their correctness and efficiency. I. INTRODUCTION

Coverage preserving redundancy elimination in sensor networks

In this paper, we study the problem of detecting and eliminating redundancy in a sensor network with a view to improving energy efficiency, while preserving the networks coverage. We also examine the impact of redundancy elimination on the related problem of coverage-boundary detection. We reduce both problems to the computation of Voronoi diagrams, prove and achieve lower bounds on the solution of these problems, and present efficient distributed algorithms for computing and maintaining solutions in cases of sensor failures or insertion of new sensors. We prove the correctness and termination properties of our distributed algorithms, and analytically characterize the time complexity and the traffic generated by our algorithms. Our simulations show that the traffic generated per sensor insertion or removal (failure) experiences a dramatic decrease with an increase in sensor density, (up to 300% when the number of sensors deployed in the same 1000 /spl times/ 1000 m/sup 2/ area increases from 150 to 800), and with an increase in radio transmission range (up to 200% when the sensors transmission range increases from 70 m to 200 m).

Query privacy in wireless sensor networks

Existing mechanisms for querying wireless sensor networks leak client interests to the servers performing the queries. The leaks are not only in terms of specific regions but also of client access patterns. In this paper we introduce the problem of preserving the privacy of clients querying a wireless sensor network owned by untrusted organizations. We investigate two architectures and their corresponding trust models. For the first model, consisting of multiple, mutually distrusting servers governing the network, we devise an efficient protocol, SPYC, and show that it provides full query privacy. For the second model, where all queries are performed through a single server, we introduce two metrics for quantifying the privacy achieved by a clients query sequence. We propose a suite of practical algorithms, then analyze the privacy and efficiency levels they provide. Our TOSSIM simulations show that the proposed query mechanisms are communication efficient while significantly improving client query privacy levels.

Efficient tag detection in RFID systems

Recent technological advances have motivated large-scale deployment of RFID systems. However, a number of critical design issues relating to efficient detection of tags remain unresolved. In this paper, we address three important problems associated with tag detection in RFID systems: (i) accurately detecting RFID tags in the presence of reader interference (reader collision avoidance problem); (ii) eliminating redundant tag reports by multiple readers (optimal tag reporting problem); and (iii) minimizing redundant reports from multiple readers by identifying a minimal set of readers that cover all tags present in the system (optimal tag coverage problem). The underlying difficulties associated with these problems arise from the lack of collision detection mechanisms, the potential inability of RFID readers to relay packets generated by other readers, and severe resource constraints on RFID tags. In this paper we present a randomized, distributed and localized Reader Collision Avoidance (RCA) algorithm and provide detailed probabilistic analysis to establish the accuracy and the efficiency of this algorithm. Then, we prove that the optimal tag coverage problem is NP-hard even with global knowledge of reader and tag locations. We develop a distributed and localized Redundant Reader Elimination (RRE) algorithm, that efficiently identifies redundant readers and avoids redundant reporting by multiple readers. In addition to rigorous analysis of performance and accuracy, we provide results from elaborate simulations for a wide range of system parameters, demonstrating the correctness and efficiency of the proposed algorithms under various scenarios.

JANUS: towards robust and malicious resilient routing in hybrid wireless networks

In this paper we investigate and provide solutions for security threats in the context of hybrid networks consisting of a cellular base station and mobile devices equipped with dual cellular and ad-hoc (802.11b) cards. The cellular connection is used for receiving services (i.e. Internet access) from the base station, while the ad-hoc links are used to improve the quality of the connection. We provide detailed descriptions of several attacks that arbitrarily powerful adversaries, whether outsiders or insiders, can mount against well-behaved members of the network. We introduce a secure routing protocol called JANUS, that focuses on the establishment of secure routes between the base station and mobile devices, and the secure routing of the data. We show that our protocol is secure against the attacks described and experimentally compare the message overhead introduced by JANUS and UCAN.

Continuous Mobile Authentication Using Virtual Key Typing Biometrics

Due to the increasing popularity of mobile technologies, sensitive user information is often stored on mobile devices. However, the essential task of mobile user authentication is rendered more challenging by the conflicting requirements of security and usability: usable solutions are often insecure, while secure solutions hinder device accessibility. In this paper we propose TAP (Typing Authentication and Protection), a virtual key typing based authentication system for mobile devices that takes steps toward addressing this tradeoff. TAP transparently enhance the security of the mobile device in two stage, the login stage and the post-login stage. In the login stage, TAP leverages the biometric information embedded in the typing habit and hand morphology to accomplish secure user identity management with a simple password. While in the post-login stage, TAP transparently monitors the users virtual key dynamics behavior to continuously authenticate the user. We evaluated three user studies which compare authentication performance under different virtual key typing settings, without pressure and haptics feedback, with pressure information, and with both pressure and haptics feedback. The experiments demonstrated our TAP can maintain both security and usability for the mobile system.

You unlocked the Mt. Everest badge on foursquare! Countering location fraud in Geosocial Networks

GeoSocial Networks (GSNs) are online social networks centered on the location information of their users. Users “check-in” their location and use it to acquire location-based special status (e.g., badges, mayorships) and receive venue dependent rewards. The strategy of rewarding user participation however makes cheating a profitable behavior. In this paper we introduce XACT, a suite of venue-oriented secure location verification mechanisms that enable venues and GSN providers to certify the locations claimed by users. We prove that XACT is correct, secure and easy to use. We validate the need for secure location verification mechanisms by collecting and analyzing data from the most popular GSNs today: 780,000 Foursquare users and 143,000 Gowalla users. Through a proof-of-concept implementation on a Revision C4 BeagleBoard embedded system we show that XACT is easy to deploy and economically viable. We analytically and empirically prove that XACT detects location cheating attacks.

Oblivious outsourced storage with delegation

In the past few years, outsourcing private data to untrusted servers has become an important challenge. This raises severe questions concerning the security and privacy of the data on the external storage. In this paper we consider a scenario where multiple clients want to share data on a server, while hiding all access patterns. We propose here a first solution to this problem based on Oblivious RAM (ORAM) techniques. Data owners can delegate rights to external new clients enabling them to privately access portions of the outsourced data served by a curious server. Our solution is as efficient as the underlying ORAM constructs and allows for delegated read or write access while ensuring strong guarantees for the privacy of the outsourced data. The server does not learn anything about client access patterns while clients do not learn anything more than what their delegated rights permit.