• Publications
  • Influence
SmarPer: Context-Aware and Automatic Runtime-Permissions for Mobile Devices
Permission systems are the main defense that mobile platforms, such as Android and iOS, offer to users to protect their private data from prying apps. However, due to the tension between usabilityExpand
  • 50
  • 8
ORide: A Privacy-Preserving yet Accountable Ride-Hailing Service
In recent years, ride-hailing services (RHSs) have be- come increasingly popular, serving millions of users per day. Such systems, however, raise significant privacy concerns, because serviceExpand
  • 33
  • 8
PrivateRide: A Privacy-Enhanced Ride-Hailing Service
Abstract In the past few years, we have witnessed a rise in the popularity of ride-hailing services (RHSs), an online marketplace that enables accredited drivers to use their own cars to driveExpand
  • 34
  • 6
One-Time Cookies: Preventing Session Hijacking Attacks with Disposable Credentials
Many web applications are vulnerable to session hijacking attacks due to the insecure use of cookies for session management. The most recommended defense against this threat is to completely replaceExpand
  • 21
  • 5
Trust No One Else: Detecting MITM Attacks against SSL/TLS without Third-Parties
The security guarantees provided by SSL/TLS depend on the correct authentication of servers through certificates signed by a trusted authority. However, as recent incidents have demonstrated, trustExpand
  • 59
  • 2
For your phone only: custom protocols for efficient secure function evaluation on mobile devices
Mobile applications increasingly require users to surrender private information, such as GPS location or social networking data. To facilitate user privacy when using these applications, secureExpand
  • 27
  • 2
Proxychain: Developing a Robust and Efficient Authentication Infrastructure for Carrier-Scale VoIP Networks
Authentication is an important mechanism for the reliable operation of any Voice over IP (VoIP) infrastructure. Digest authentication has become the most widely adopted VoIP authentication protocolExpand
  • 12
  • 1
SERvartuka: Dynamic Distribution of State to Improve SIP Server Scalability
A growing class of applications, including VoIP, IM and presence, are enabled by the session initiation protocol (SIP). Requests in SIP typically traverse through multiple proxies. The availabilityExpand
  • 14
  • 1
Human Ear Recognition
  • 14
  • 1
Consensual and Privacy-Preserving Sharing of Multi-Subject and Interdependent Data
Individuals share increasing amounts of personal data online. This data often involves–or at least has privacy implications for–data subjects other than the individuals who shares it (e.g., photos,Expand
  • 4
  • 1