• Publications
  • Influence
ORide: A Privacy-Preserving yet Accountable Ride-Hailing Service
TLDR
It is shown that a RHS can offer strong privacy guar- antees to both riders and drivers while maintaining the convenience of its services, using real data-sets that consist of millions of rides. Expand
PrivateRide: A Privacy-Enhanced Ride-Hailing Service
TLDR
This work proposes PrivateRide, a privacy-enhancing and practical solution that offers anonymity and location privacy for riders, and protects drivers’ information from harvesting attacks, and lowers the high-risk privacy threats in RHSs to a level that is at least as low as that of many taxi services. Expand
SmarPer: Context-Aware and Automatic Runtime-Permissions for Mobile Devices
TLDR
This work is the first to show, using a large dataset of real in situ permission decisions, that it is possible to learn users' unique decision patterns at runtime using contextual information while supporting data obfuscation, this is an important step towards automating the management of permissions in smartphones. Expand
One-Time Cookies: Preventing Session Hijacking Attacks with Disposable Credentials
TLDR
It is demonstrated that one-time cookies can significantly improve the security of web sessions with minimal changes to current infrastructure and be efficient, easy to deploy and resistant to session hijacking. Expand
Trust No One Else: Detecting MITM Attacks against SSL/TLS without Third-Parties
TLDR
This paper proposes Direct Validation of Certificates (DVCert), a novel protocol that, instead of relying on third-parties for certificate validation, allows domains to directly and securely vouch for their certificates using previously established user authentication credentials. Expand
For your phone only: custom protocols for efficient secure function evaluation on mobile devices
TLDR
Efficient Mobile Oblivious Computation, a set of SFE protocols customized for the mobile platform using partially homomorphic cryptosystems to meet the needs of two popular application types: location-based and social networking is developed. Expand
One-time cookies: Preventing session hijacking attacks with stateless authentication tokens
TLDR
It is shown that OTC can be combined with HTTPS to effectively add another layer of security to Web applications with minimal impact on performance and scalability. Expand
SERvartuka: Dynamic Distribution of State to Improve SIP Server Scalability
TLDR
The design and evaluation of SERvartuka, a more scalable SIP server that dynamically determines the number of SIP requests for which the server is stateful while delegating state maintenance for the remainder of the requests to a server further downstream are evaluated. Expand
Proxychain: Developing a Robust and Efficient Authentication Infrastructure for Carrier-Scale VoIP Networks
TLDR
Proxychain is presented - a novel VoIP authentication protocol based on a modified hash chain construction that improves performance and scalability, but also offers additional security properties such as mutual authentication. Expand
Human Ear Recognition
...
1
2
3
4
...