Ramya Jayaram Masti

Learn More
The integration of Trusted Computing technologies into virtualized computing environments enables the hardware-based protection of private information and the detection of malicious software. Their use in virtual platforms, however, requires appropriate virtualization of their main component, the Trusted Platform Module (TPM) by means of virtual TPMs(More)
Side channels remain a challenge to information flow control and security in modern computing platforms. Resource partitioning techniques that minimise the number of shared resources among processes are often used to address this challenge. In this work, we focus on multicore platforms and we demonstrate that even seemingly strong isolation techniques based(More)
The growing complexity and increased networking of security and safety-critical systems expose them to the risk of adversarial compromise through remote attacks. These attacks can result in full system compromise, but often the attacker gains control only over some system components (e.g., a peripheral) and over some applications running on the system. We(More)
Phishing in mobile applications is a relevant threat with successful attacks reported in the wild. In such attacks, malicious mobile applications masquerade as legitimate ones to steal user credentials. In this paper we categorize application phishing attacks in mobile platforms and possible countermeasures. We show that personalized security indicators can(More)
The deployment of RFID poses a number of security and privacy threats such as cloning, unauthorized tracking, etc. Although the literature contains many investigations of these issues on the logical level, few works have explored the security implications of the physical communication layer. Recently, related studies have shown the feasibility of(More)
We propose an architecture that enables the creation and management of multiple, concurrent secure execution environments on multi-core systems. Our architecture is suitable for use in cloud settings where each user may require an independent secure environment within which he can run his sensitive applications. Our solution effectively scales architectures(More)
Application phishing attacks are rooted in users inability to distinguish legitimate applications from malicious ones. Previous work has shown that personalized security indicators can help users in detecting application phishing attacks in mobile platforms. A personalized security indicator is a visual secret, shared between the user and a(More)
Mobile application phishing happens when a malicious mobile application masquerades as a legitimate one to steal user credentials. Personalized security indicators may help users to detect phishing attacks, but rely on the user's alertness. Previous studies in the context of website phishing have shown that users tend to ignore personalized security(More)
The Location Service (LCS) proposed by the telecommunication industry is an architecture that allows the location of mobile devices to be accessed in various applications. We explore the use of LCS in location-enhanced server authentication, which traditionally relies on certificates. Given recent incidents involving certificate authorities, various(More)
We explore how many-core platforms can be used to enhance the security of future systems and to support important security properties such as runtime isolation using a small Trusted Computing Base (TCB). We focus on the Intel Single-chip Cloud Computer (SCC) to show that such properties can be implemented in current systems. We design a system called SEMA(More)