Ram Dantu

Safe Driving Using Mobile Phones

As vehicle manufacturers continue to increase their emphasis on safety with advanced driver-assistance systems (ADASs), we propose a device that is not only already in abundance but portable enough as well to be one of the most effective multipurpose devices that are able to analyze and advise on safety conditions. Mobile smartphones today are equipped with numerous sensors that can help to aid in safety enhancements for drivers on the road. In this paper, we use the three-axis accelerometer of an Android-based smartphone to record and analyze various driver behaviors and external road conditions that could potentially be hazardous to the health of the driver, the neighboring public, and the automobile. Effective use of these data can educate a potentially dangerous driver on how to safely and efficiently operate a vehicle. With real-time analysis and auditory alerts of these factors, we can increase a drivers overall awareness to maximize safety.

Magnetic Maps for Indoor Navigation

Magnetic field fluctuations and anomalies inside buildings tend to have a great effect on the compass, which is one of the simplest navigation devices. Alternative navigation requires landmark identification, so those landmarks can be used as guideposts in assisting individuals. By employing a mobile phone with built_in magnetometer, an extensive data set of 2000 measurements was collected. Using these fields, we identify landmarks and guideposts and create magnetic maps for multiple corridors of a floor in a building. Different phones are used at different sensitivity rates, which effectively portray similar results. Magnetic signatures are used for identifying locations and rooms and are independent of the person, the phone, and the sensitivity of the sensor being used. Magnetic field behavior is demonstrated and compared with theoretical distributions of these fields. The developed magnetic maps can complement existing visual maps for location tracking and navigation of autonomous robots indoors. These maps are particularly useful during limited visual feedback in poor lighting conditions. Moreover, building designers could include this landmark and guidepost information when developing the architecture of a building, which could in turn help people or robots navigate during disasters and emergency evacuations.

Cuffless Differential Blood Pressure Estimation Using Smart Phones

Smart phones today have become increasingly popular with the general public for their diverse functionalities such as navigation, social networking, and multimedia facilities. These phones are equipped with high-end processors, high-resolution cameras, and built-in sensors such as accelerometer, orientation-sensor, and light-sensor. According to comScore survey, 26.2% of U.S. adults use smart phones in their daily lives. Motivated by this statistic and the diverse capability of smart phones, we focus on utilizing them for biomedical applications. We present a new application of the smart phone with its built-in camera and microphone replacing the traditional stethoscope and cuff-based measurement technique, to quantify vital signs such as heart rate and blood pressure. We propose two differential blood pressure estimating techniques using the heartbeat and pulse data. The first method uses two smart phones whereas the second method replaces one of the phones with a customized external microphone. We estimate the systolic and diastolic pressure in the two techniques by computing the pulse pressure and the stroke volume from the data recorded. By comparing the estimated blood pressure values with those measured using a commercial blood pressure meter, we obtained encouraging results of 95-100% accuracy.

Socio-technical defense against voice spamming

Voice over IP (VoIP) is a key enabling technology for migration of circuit-switched PSTN (Public Switched Telephone Network) architectures to packet-based networks. One problem of the present VoIP networks is filtering spam calls referred to as SPIT (Spam over Internet Telephony). Unlike spam in e-mail systems, VoIP spam calls have to be identified in real time. Many of the techniques devised for e-mail spam detection rely upon content analysis, and in the case of VoIP, it is too late to analyze the content (voice) as the user would have already attended the call. Therefore, the real challenge is to block a spam call before the telephone rings. In addition, we believe it is imperative that spam filters integrate human behavioral aspects to gauge the legitimacy of voice calls. We know that, when it comes to receiving or rejecting a voice call, people use the social meaning of trust, reputation, friendship of the calling party and their own mood. In this article, we describe a multi-stage, adaptive spam filter based on presence (location, mood, time), trust, and reputation to detect spam in voice calls. In particular, we describe a closed-loop feedback control between different stages to decide whether an incoming call is spam. We further propose formalism for voice-specific trust and reputation analysis. We base this formal model on a human intuitive behavior for detecting spam based on the called partys direct and indirect relationships with the calling party. No VoIP corpus is available for testing the detection mechanism. Therefore, for verifying the detection accuracy, we used a laboratory setup of several soft-phones, real IP phones and a commercial-grade proxy server that receives and processes incoming calls. We experimentally validated the proposed filtering mechanisms by simulating spam calls and measured the filters accuracy by applying the trust and reputation formalism. We observed that, while the filter blocks a second spam call from a spammer calling from the same end IP host and domain, the filter needs only a maximum of three calls---even in the case when spammer moves to a new host and domain. Finally, we present a detailed sensitivity analysis for examining the influence of parameters such as spam volume and network size on the filters accuracy.

LocateMe: Magnetic-fields-based indoor localization using smartphones

Fine-grained localization is extremely important to accurately locate a user indoors. Although innovative solutions have already been proposed, there is no solution that is universally accepted, easily implemented, user centric, and, most importantly, works in the absence of GSM coverage or WiFi availability. The advent of sensor rich smartphones has paved a way to develop a solution that can cater to these requirements. By employing a smartphones built-in magnetic field sensor, magnetic signatures were collected inside buildings. These signatures displayed a uniqueness in their patterns due to the presence of different kinds of pillars, doors, elevators, etc., that consist of ferromagnetic materials like steel or iron. We theoretically analyze the cause of this uniqueness and then present an indoor localization solution by classifying signatures based on their patterns. However, to account for user walking speed variations so as to provide an application usable to a variety of users, we follow a dynamic time-warping-based approach that is known to work on similar signals irrespective of their variations in the time axis. Our approach resulted in localization distances of approximately 2m--6m with accuracies between 80--100% implying that it is sufficient to walk short distances across hallways to be located by the smartphone. The implementation of the application on different smartphones yielded response times of less than five secs, thereby validating the feasibility of our approach and making it a viable solution.

EAP methods for wireless networks

This paper presents an overview and analysis of Extensible Authentication Protocol (EAP) and its place in securing wireless LANs. A number of specific widely used EAP methods are examined and evaluated for their advantages and susceptibility to types of attack. Next we propose suitable EAP methods for wireless technologies beyond LANs, including RFID and WiMAX. After analyzing requirements for different wireless networks, we conclude that a new lightweight and secure EAP method is warranted for fixed mobile convergence interoperability.

Risk management using behavior based attack graphs

Security administration is an uphill task to implement in an enterprise network providing secured corporate services. With the slew of patches being released by Microsoft, HP and other vendors, system administrators require a barrage of tools for analyzing the risk due to these vulnerabilities. In addition to this, criticalities in patching some end hosts (e.g., in hospitals) raises serious security issues about the network to which the end hosts are connected. In this context, it would be imperative to know the risk level of all critical resources (e.g., Oracle Server in HR department) keeping in view the everyday emerging new vulnerabilities. We hypothesize that sequence of network actions by an attacker depends on the social behavior (e.g., skill level, tenacity, financial ability). By verifying our hypothesis on hacker email communications, we extended this methodology and calculated risk level for a small network. Towards this goal, we formulated a mechanism to estimate the risk level of critical resources that may be compromised based on attacker behavior. This estimation is accomplished using behavior based attack graphs. These graphs represent all the possible attack paths to all the critical resources. Based on these graphs, we calculate the risk level of a critical resource using Bayesian methodology and periodically update the subjective beliefs about the occurrence of an attack. Such a calculated risk level would be a measure of the vulnerability of the resource and it forms an effective basis for a system administrator to perform suitable changes to network configuration. Thus suitable vulnerability analysis and risk management strategies can be formulated to efficiently curtail the risk from different types of attacker (script kiddies, hackers, criminals and insiders).

Issues and challenges in securing VoIP

Voice over the Internet protocol (VoIP) is being rapidly deployed, and the convergence of the voice and data worlds is introducing exciting opportunities. Lower cost and greater flexibility are the key factors luring enterprises to transition to VoIP. Some security problems may surface with the widespread deployment of VoIP. In this article, we discuss these security problems and propose a high-level security architecture that captures required features at each boundary-network-element in the VoIP infrastructure. We describe mechanisms to efficiently integrate information between distributed security components in the architecture.

Network risk management using attacker profiling

Risk management refers to the process of making decisions that minimize the effects of vulnerabilities on the network hosts. This can be a difficult task in the context of high-exploit probability and the difficult to identify new exploits and vulnerabilities. For many years, security engineers have performed risk analysis using economic models for the design and operation of risk-prone, technological systems using attack profiles. Based on the type of attacker identified, security administrators can formulate effective risk management policies for a network. We hypothesize that sequence of network actions by an attacker depends on the social behavior (e.g., skill level, tenacity, financial ability). We extended this and formulated a mechanism to estimate the risk level of critical resources that may be compromised based on attacker behavior. This estimation is accomplished using behavior based attack graphs representing all the possible attack paths to all the critical resources. The risk level is computed based on these graphs and are used as a measure of the vulnerability of the resource and forming an effective basis for a system administrator to perform suitable changes to network configuration. Copyright

Behavior analysis of spam botnets

Compromised computers, known as bots, are the major source of spamming and their detection helps greatly improve control of unwanted traffic. In this work we investigate the behavior patterns of spammers based on their underlying similarities in spamming. To our knowledge, no work has been reported on identifying spam botnets based on spammerspsila temporal characteristics. Our study shows that the relationship among spammers demonstrates highly clustering structures based on features such as content length, time of arrival, frequency of email, active time, inter-arrival time, and content type. Although the dimensions of the collected feature set is low, we perform principal component analysis (PCA) on feature set to identify the features which account for the maximum variance in the spamming patterns. Further, we calculate the proximity between different spammers and classify them into various groups. Each group represents similar proximity. Spammers in the same group inherit similar patterns of spamming a domain. For classification into Botnet groups, we use clustering algorithms such as Hierarchical and K-means.We identify Botnet spammers into a particular group with a precision of 90%.