Visible to the public Biblio

Filters: Keyword is Global Positioning System  [Clear All Filters]
2021-05-20
Sunehra, Dhiraj, Sreshta, V. Sai, Shashank, V., Kumar Goud, B. Uday.  2020.  Raspberry Pi Based Smart Wearable Device for Women Safety using GPS and GSM Technology. 2020 IEEE International Conference for Innovation in Technology (INOCON). :1—5.
Security has become a major concern for women, children and even elders in every walk of their life. Women are getting assaulted and molested, children are getting kidnapped, elder citizens are also facing many problems like robbery, etc. In this paper, a smart security solution called smart wearable device system is implemented using the Raspberry Pi3 for enhancing the safety and security of women/children. It works as an alert as well as a security system. It provides a buzzer alert alert to the people who are nearby to the user (wearing the smart device). The system uses Global Positioning System (GPS) to locate the user, sends the location of the user through SMS to the emergency contact and police using the Global System for Mobile Communications (GSM) / General Radio Packet Service (GPRS) technology. The device also captures the image of the assault and surroundings of the user or victim using USB Web Camera interfaced to the device and sends it as an E-mail alert to the emergency contact soon after the user presses the panic button present on Smart wearable device system.
2021-02-23
Olowononi, F. O., Rawat, D. B., Liu, C..  2020.  Dependable Adaptive Mobility in Vehicular Networks for Resilient Mobile Cyber Physical Systems. 2020 IEEE International Conference on Communications Workshops (ICC Workshops). :1—6.

Improved safety, high mobility and environmental concerns in transportation systems across the world and the corresponding developments in information and communication technologies continue to drive attention towards Intelligent Transportation Systems (ITS). This is evident in advanced driver-assistance systems such as lane departure warning, adaptive cruise control and collision avoidance. However, in connected and autonomous vehicles, the efficient functionality of these applications depends largely on the ability of a vehicle to accurately predict it operating parameters such as location and speed. The ability to predict the immediate future/next location (or speed) of a vehicle or its ability to predict neighbors help in guaranteeing integrity, availability and accountability, thus boosting safety and resiliency of the Vehicular Network for Mobile Cyber Physical Systems (VCPS). In this paper, we proposed a secure movement-prediction for connected vehicles by using Kalman filter. Specifically, Kalman filter predicts the locations and speeds of individual vehicles with reference to already observed and known information such posted legal speed limit, geographic/road location, direction etc. The aim is to achieve resilience through the predicted and exchanged information between connected moving vehicles in an adaptive manner. By being able to predict their future locations, the following vehicle is able to adjust its position more accurately to avoid collision and to ensure optimal information exchange among vehicles.

2021-02-16
Başkaya, D., Samet, R..  2020.  DDoS Attacks Detection by Using Machine Learning Methods on Online Systems. 2020 5th International Conference on Computer Science and Engineering (UBMK). :52—57.
DDoS attacks impose serious threats to many large or small organizations; therefore DDoS attacks have to be detected as soon as possible. In this study, a methodology to detect DDoS attacks is proposed and implemented on online systems. In the scope of the proposed methodology, Multi Layer Perceptron (MLP), Random Forest (RF), K-Nearest Neighbor (KNN), C-Support Vector Machine (SVC) machine learning methods are used with scaling and feature reduction preprocessing methods and then effects of preprocesses on detection accuracy rates of HTTP (Hypertext Transfer Protocol) flood, TCP SYN (Transport Control Protocol Synchronize) flood, UDP (User Datagram Protocol) flood and ICMP (Internet Control Message Protocol) flood DDoS attacks are analyzed. Obtained results showed that DDoS attacks can be detected with high accuracy of 99.2%.
2021-01-20
Lei, M., Jin, M., Huang, T., Guo, Z., Wang, Q., Wu, Z., Chen, Z., Chen, X., Zhang, J..  2020.  Ultra-wideband Fingerprinting Positioning Based on Convolutional Neural Network. 2020 International Conference on Computer, Information and Telecommunication Systems (CITS). :1—5.

The Global Positioning System (GPS) can determine the position of any person or object on earth based on satellite signals. But when inside the building, the GPS cannot receive signals, the indoor positioning system will determine the precise position. How to achieve more precise positioning is the difficulty of an indoor positioning system now. In this paper, we proposed an ultra-wideband fingerprinting positioning method based on a convolutional neural network (CNN), and we collect the dataset in a room to test the model, then compare our method with the existing method. In the experiment, our method can reach an accuracy of 98.36%. Compared with other fingerprint positioning methods our method has a great improvement in robustness. That results show that our method has good practicality while achieves higher accuracy.

2020-12-28
Liu, H., Di, W..  2020.  Application of Differential Privacy in Location Trajectory Big Data. 2020 International Conference on Intelligent Transportation, Big Data Smart City (ICITBS). :569—573.

With the development of mobile internet technology, GPS technology and social software have been widely used in people's lives. The problem of big data privacy protection related to location trajectory is becoming more and more serious. The traditional location trajectory privacy protection method requires certain background knowledge and it is difficult to adapt to massive mass. Privacy protection of data. differential privacy protection technology protects privacy by attacking data by randomly perturbing raw data. The method used in this paper is to first sample the position trajectory, form the irregular polygons of the high-frequency access points in the sampling points and position data, calculate the center of gravity of the polygon, and then use the differential privacy protection algorithm to add noise to the center of gravity of the polygon to form a new one. The center of gravity, and the new center of gravity are connected to form a new trajectory. The purpose of protecting the position trajectory is well achieved. It is proved that the differential privacy protection algorithm can effectively protect the position trajectory by adding noise.

2020-12-21
Tseng, S.-Y., Hsiao, C.-C., Wu, R.-B..  2020.  Synthesis and Realization of Chebyshev Filters Based on Constant Electromechanical Coupling Coefficient Acoustic Wave Resonators. 2020 IEEE/MTT-S International Microwave Symposium (IMS). :257–260.
This paper proposes a method to synthesis acoustic wave (AW) filters with Chebyshev response automatically. Meanwhile, each AW resonator used to design the filter can be easily fabricated on the same piezoelectric substrate. The method is based on an optimization algorithm with constraints for constant electromechanical coupling coefficient ( kt2) to minimize the defined cost function. Finally, the experimental result for a surface acoustic wave (SAW) filter of global positioning system (GPS) frequency band based on the 42° lithium tantalate (LiTaO3) substrate validates the simulation results. The designed filter shows insertion loss (IL) and return loss (RL) better than 2.5dB and 18dB respectively in the pass-band, and out-band reflection larger than 30dB.
2020-12-14
Lim, K., Islam, T., Kim, H., Joung, J..  2020.  A Sybil Attack Detection Scheme based on ADAS Sensors for Vehicular Networks. 2020 IEEE 17th Annual Consumer Communications Networking Conference (CCNC). :1–5.
Vehicular Ad Hoc Network (VANET) is a promising technology for autonomous driving as it provides many benefits and user conveniences to improve road safety and driving comfort. Sybil attack is one of the most serious threats in vehicular communications because attackers can generate multiple forged identities to disseminate false messages to disrupt safety-related services or misuse the systems. To address this issue, we propose a Sybil attack detection scheme using ADAS (Advanced Driving Assistant System) sensors installed on modern passenger vehicles, without the assistance of trusted third party authorities or infrastructure. Also, a deep learning based object detection technique is used to accurately identify nearby objects for Sybil attack detection and the multi-step verification process minimizes the false positive of the detection.
2020-11-02
Davydov, Vadim, Bezzateev, Sergey.  2018.  Secure Information Exchange in Defining the Location of the Vehicle. 2018 41st International Conference on Telecommunications and Signal Processing (TSP). :1—5.

With the advent of the electric vehicle market, the problem of locating a vehicle is becoming more and more important. Smart roads are creating, where the car control system can work without a person - communicating with the elements on the road. The standard technologies, such as GPS, can't always accurately determine the location, and not all vehicles have a GPS-module. It is very important to build an effective secure communication protocol between the vehicle and the base stations on the road. In this paper we consider different methods of location determination, propose the improved communicating protocol between the vehicle and the base station.

2020-09-18
Ameli, Amir, Hooshyar, Ali, El-Saadany, Ehab F..  2019.  Development of a Cyber-Resilient Line Current Differential Relay. IEEE Transactions on Industrial Informatics. 15:305—318.
The application of line current differential relays (LCDRs) to protect transmission lines has recently proliferated. However, the reliance of LCDRs on digital communication channels has raised growing cyber-security concerns. This paper investigates the impacts of false data injection attacks (FDIAs) on the performance of LCDRs. It also develops coordinated attacks that involve multiple components, including LCDRs, and can cause false line tripping. Additionally, this paper proposes a technique for detecting FDIAs against LCDRs and differentiating them from actual faults in two-terminal lines. In this method, when an LCDR detects a fault, instead of immediately tripping the line, it calculates and measures the superimposed voltage at its local terminal, using the proposed positive-sequence (PS) and negative-sequence (NS) submodules. To calculate this voltage, the LCDR models the protected line in detail and replaces the rest of the system with a Thevenin equivalent that produces accurate responses at the line terminals. Afterwards, remote current measurement is utilized by the PS and NS submodules to compute each sequence's superimposed voltage. A difference between the calculated and the measured superimposed voltages in any sequence reveals that the remote current measurements are not authentic. Thus, the LCDR's trip command is blocked. The effectiveness of the proposed method is corroborated using simulation results for the IEEE 39-bus test system. The performance of the proposed method is also tested using an OPAL real-time simulator.
2020-07-30
Bays, Jason, Karabiyik, Umit.  2019.  Forensic Analysis of Third Party Location Applications in Android and iOS. IEEE INFOCOM 2019 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). :1—6.
Location sharing applications are becoming increasingly common. These applications allow users to share their own locations and view contacts’ current locations on a map. Location applications are commonly used by friends and family members to view Global Positioning System (GPS) location of an individual, but valuable forensic evidence may exist in this data when stored locally on smartphones. This paper aims to discover forensic artifacts from two popular third-party location sharing applications on iOS and Android devices. Industry standard mobile forensic suites are utilized to discover if any locally stored data could be used to assist investigations reliant on knowing the past location of a suspect. Security issues raised regarding the artifacts found during our analysis is also discussed.
2020-07-03
Arif, Syed Waqas, Coskun, Adem, Kale, Izzet.  2019.  A Fully Adaptive Lattice-based Notch Filter for Mitigation of Interference in GPS. 2019 15th Conference on Ph.D Research in Microelectronics and Electronics (PRIME). :217—220.

Intentional interference presents a major threat to the operation of the Global Navigation Satellite Systems. Adaptive notch filtering provides an excellent countermeasure and deterrence against narrowband interference. This paper presents a comparative performance analysis of two adaptive notch filtering algorithms for GPS specific applications which are based on Direct form Second Order and Lattice-Based notch filter structures. Performance of each algorithm is evaluated considering the ratio of jamming to noise density against the effective signal to noise ratio at the output of the correlator. A fully adaptive lattice notch filter is proposed, which is able to simultaneously adapt its coefficients to alter the notch frequency along with the bandwidth of the notch filter. The filter demonstrated a superior tracking performance and convergence rate in comparison to an existing algorithm taken from the literature. Moreover, this paper describes the complete GPS modelling platform implemented in Simulink too.

2020-06-19
Lai, Chengzhe, Du, Yangyang, Men, Jiawei, Zheng, Dong.  2019.  A Trust-based Real-time Map Updating Scheme. 2019 IEEE/CIC International Conference on Communications in China (ICCC). :334—339.

The real-time map updating enables vehicles to obtain accurate and timely traffic information. Especially for driverless cars, real-time map updating can provide high-precision map service to assist the navigation, which requires vehicles to actively upload the latest road conditions. However, due to the untrusted network environment, it is difficult for the real-time map updating server to evaluate the authenticity of the road information from the vehicles. In order to prevent malicious vehicles from deliberately spreading false information and protect the privacy of vehicles from tracking attacks, this paper proposes a trust-based real-time map updating scheme. In this scheme, the public key is used as the identifier of the vehicle for anonymous communication with conditional anonymity. In addition, the blockchain is applied to provide the existence proof for the public key certificate of the vehicle. At the same time, to avoid the spread of false messages, a trust evaluation algorithm is designed. The fog node can validate the received massages from vehicles using Bayesian Inference Model. Based on the verification results, the road condition information is sent to the real-time map updating server so that the server can update the map in time and prevent the secondary traffic accident. In order to calculate the trust value offset for the vehicle, the fog node generates a rating for each message source vehicle, and finally adds the relevant data to the blockchain. According to the result of security analysis, this scheme can guarantee the anonymity and prevent the Sybil attack. Simulation results show that the proposed scheme is effective and accurate in terms of real-time map updating and trust values calculating.

Chowdhury, Abdullahi, Karmakar, Gour, Kamruzzaman, Joarder.  2019.  Trusted Autonomous Vehicle: Measuring Trust using On-Board Unit Data. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :787—792.

Vehicular Ad-hoc Networks (VANETs) play an essential role in ensuring safe, reliable and faster transportation with the help of an Intelligent Transportation system. The trustworthiness of vehicles in VANETs is extremely important to ensure the authenticity of messages and traffic information transmitted in extremely dynamic topographical conditions where vehicles move at high speed. False or misleading information may cause substantial traffic congestions, road accidents and may even cost lives. Many approaches exist in literature to measure the trustworthiness of GPS data and messages of an Autonomous Vehicle (AV). To the best of our knowledge, they have not considered the trustworthiness of other On-Board Unit (OBU) components of an AV, along with GPS data and transmitted messages, though they have a substantial relevance in overall vehicle trust measurement. In this paper, we introduce a novel model to measure the overall trustworthiness of an AV considering four different OBU components additionally. The performance of the proposed method is evaluated with a traffic simulation model developed by Simulation of Urban Mobility (SUMO) using realistic traffic data and considering different levels of uncertainty.

2020-06-01
Utomo, Subroto Budhi, Hendradjaya, Bayu.  2018.  Multifactor Authentication on Mobile Secure Attendance System. 2018 International Conference on ICT for Smart Society (ICISS). :1–5.
BYOD (Bring Your Own Device) trends allows employees to use the smartphone as a tool in everyday work and also as an attendance device. The security of employee attendance system is important to ensure that employees do not commit fraud in recording attendance and when monitoring activities at working hours. In this paper, we propose a combination of fingerprint, secure android ID, and GPS as authentication factors, also addition of anti emulator and anti fake location module turn Mobile Attendance System into Mobile Secure Attendance System. Testing based on scenarios that have been adapted to various possible frauds is done to prove whether the system can minimize the occurrence of fraud in attendance recording and monitoring of employee activities.
2020-03-23
Unnikrishnan, Grieshma, Mathew, Deepa, Jose, Bijoy A., Arvind, Raju.  2019.  Hybrid Route Recommender System for Smarter Logistics. 2019 IEEE 5th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). :239–244.
The condition of road surface has a significant role in land transportation. Due to poor road conditions, the logistics and supply chain industry face a drastic loss in their business. Unmaintained roads can cause damage to goods and accidents. The existing routing techniques do not consider factors like shock, temperature and tilt of goods etc. but these factors have to be considered for the logistics and supply chain industry. This paper proposes a recommender system which target management of goods in logistics. A 3 axis accelerometer is used to measure the road surface conditions. The pothole location is obtained using Global Positioning System (GPS). Using these details a hybrid recommender system is built. Hybrid recommender system combines multiple recommendation techniques to develop an effective recommender system. Here content-based and collaborative-based techniques is combined to build a hybrid recommender system. One of the popular Multiple Criteria Decision Making (MCDM) method, The Technique for Order Preference by Similarity to Ideal Solution (TOPSIS) is used for content based filtering and normalised Euclidean distance and KNN algorithm is used for collaborative filtering. The best route recommended by the system will be displayed to the user using a map application.
2019-12-02
Elfar, Mahmoud, Zhu, Haibei, Cummings, M. L., Pajic, Miroslav.  2019.  Security-Aware Synthesis of Human-UAV Protocols. 2019 International Conference on Robotics and Automation (ICRA). :8011–8017.
In this work, we synthesize collaboration protocols for human-unmanned aerial vehicle (H-UAV) command and control systems, where the human operator aids in securing the UAV by intermittently performing geolocation tasks to confirm its reported location. We first present a stochastic game-based model for the system that accounts for both the operator and an adversary capable of launching stealthy false-data injection attacks, causing the UAV to deviate from its path. We also describe a synthesis challenge due to the UAV's hidden-information constraint. Next, we perform human experiments using a developed RESCHU-SA testbed to recognize the geolocation strategies that operators adopt. Furthermore, we deploy machine learning techniques on the collected experimental data to predict the correctness of a geolocation task at a given location based on its geographical features. By representing the model as a delayed-action game and formalizing the system objectives, we utilize off-the-shelf model checkers to synthesize protocols for the human-UAV coalition that satisfy these objectives. Finally, we demonstrate the usefulness of the H-UAV protocol synthesis through a case study where the protocols are experimentally analyzed and further evaluated by human operators.
Khan, Rafiullah, McLaughlin, Kieran, Laverty, John Hastings David, David, Hastings, Sezer, Sakir.  2018.  Demonstrating Cyber-Physical Attacks and Defense for Synchrophasor Technology in Smart Grid. 2018 16th Annual Conference on Privacy, Security and Trust (PST). :1–10.
Synchrophasor technology is used for real-time control and monitoring in smart grid. Previous works in literature identified critical vulnerabilities in IEEE C37.118.2 synchrophasor communication standard. To protect synchrophasor-based systems, stealthy cyber-attacks and effective defense mechanisms still need to be investigated.This paper investigates how an attacker can develop a custom tool to execute stealthy man-in-the-middle attacks against synchrophasor devices. In particular, four different types of attack capabilities have been demonstrated in a real synchrophasor-based synchronous islanding testbed in laboratory: (i) command injection attack, (ii) packet drop attack, (iii) replay attack and (iv) stealthy data manipulation attack. With deep technical understanding of the attack capabilities and potential physical impacts, this paper also develops and tests a distributed Intrusion Detection System (IDS) following NIST recommendations. The functionalities of the proposed IDS have been validated in the testbed for detecting aforementioned cyber-attacks. The paper identified that a distributed IDS with decentralized decision making capability and the ability to learn system behavior could effectively detect stealthy malicious activities and improve synchrophasor network security.
2019-11-26
Pulungan, Farid Fajriana, Sudiharto, Dodi Wisaksono, Brotoharsono, Tri.  2018.  Easy Secure Login Implementation Using Pattern Locking and Environmental Context Recognition. 2018 International Conference on Applied Engineering (ICAE). :1-6.

Smartphone has become the tool which is used daily in modern human life. Some activities in human life, according to the usage of the smartphone can be related to the information which has a high privilege and needs a privacy. It causes the owners of the smartphone needs a system which can protect their privacy. Unfortunately, the secure the system, the unease of the usage. Hence, the system which has an invulnerable environment but also gives the ease of use is very needful. The aspect which is related to the ease of use is an authentication mechanism. Sometimes, this aspect correspondence to the effectiveness and the efficiency. This study is going to analyze the application related to this aspect which is a lock screen application. This lock screen application uses the context data based on the environment condition around the user. The context data used are GPS location and Mac Address of Wi-Fi. The system is going to detect the context and is going to determine if the smartphone needs to run the authentication mechanism or to bypass it based on the analysis of the context data. Hopefully, the smartphone application which is developed still can provide mobility and usability features, and also can protect the user privacy even though it is located in the environment which its context data is unknown.

2019-11-04
Altay, Osman, Ulas, Mustafa.  2018.  Location Determination by Processing Signal Strength of Wi-Fi Routers in the Indoor Environment with Linear Discriminant Classifier. 2018 6th International Symposium on Digital Forensic and Security (ISDFS). :1-4.

Location determination in the indoor areas as well as in open areas is important for many applications. But location determination in the indoor areas is a very difficult process compared to open areas. The Global Positioning System (GPS) signals used for position detection is not effective in the indoor areas. Wi-Fi signals are a widely used method for localization detection in the indoor area. In the indoor areas, localization can be used for many different purposes, such as intelligent home systems, locations of people, locations of products in the depot. In this study, it was tried to determine localization for with the classification method for 4 different areas by using Wi-Fi signal values obtained from different routers for indoor location determination. Linear discriminant analysis (LDA) classification was used for classification. In the test using 10k fold cross-validation, 97.2% accuracy value was calculated.

2019-07-01
Kolosok, I., Korkina, E., Mahnitko, A., Gavrilovs, A..  2018.  Supporting Cyber-Physical Security of Electric Power System by the State Estimation Technique. 2018 IEEE 59th International Scientific Conference on Power and Electrical Engineering of Riga Technical University (RTUCON). :1–6.

Security is one of the most important properties of electric power system (EPS). We consider the state estimation (SE) tool as a barrier to the corruption of data on current operating conditions of the EPS. An algorithm for a two-level SE on the basis of SCADA and WAMS measurements is effective in terms of detection of malicious attacks on energy system. The article suggests a methodology to identify cyberattacks on SCADA and WAMS.

2019-05-01
Sowah, R., Ofoli, A., Koumadi, K., Osae, G., Nortey, G., Bempong, A. M., Agyarkwa, B., Apeadu, K. O..  2018.  Design and Implementation of a Fire Detection andControl System with Enhanced Security and Safety for Automobiles Using Neuro-Fuzzy Logic. 2018 IEEE 7th International Conference on Adaptive Science Technology (ICAST). :1-8.

Automobiles provide comfort and mobility to owners. While they make life more meaningful they also pose challenges and risks in their safety and security mechanisms. Some modern automobiles are equipped with anti-theft systems and enhanced safety measures to safeguard its drivers. But at times, these mechanisms for safety and secured operation of automobiles are insufficient due to various mechanisms used by intruders and car thieves to defeat them. Drunk drivers cause accidents on our roads and thus the need to safeguard the driver when he is intoxicated and render the car to be incapable of being driven. These issues merit an integrated approach to safety and security of automobiles. In the light of these challenges, an integrated microcontroller-based hardware and software system for safety and security of automobiles to be fixed into existing vehicle architecture, was designed, developed and deployed. The system submodules are: (1) Two-step ignition for automobiles, namely: (a) biometric ignition and (b) alcohol detection with engine control, (2) Global Positioning System (GPS) based vehicle tracking and (3) Multisensor-based fire detection using neuro-fuzzy logic. All submodules of the system were implemented using one microcontroller, the Arduino Mega 2560, as the central control unit. The microcontroller was programmed using C++11. The developed system performed quite well with the tests performed on it. Given the right conditions, the alcohol detection subsystem operated with a 92% efficiency. The biometric ignition subsystem operated with about 80% efficiency. The fire detection subsystem operated with a 95% efficiency in locations registered with the neuro-fuzzy system. The vehicle tracking subsystem operated with an efficiency of 90%.

2019-02-18
Yuan, Y., Huo, L., Wang, Z., Hogrefe, D..  2018.  Secure APIT Localization Scheme Against Sybil Attacks in Distributed Wireless Sensor Networks. IEEE Access. 6:27629–27636.
For location-aware applications in wireless sensor networks (WSNs), it is important to ensure that sensor nodes can get correct locations in a hostile WSNs. Sybil attacks, which are vital threats in WSNs, especially in the distributed WSNs. They can forge one or multiple identities to decrease the localization accuracy, or sometimes to collapse the whole localization systems. In this paper, a novel lightweight sybilfree (SF)-APIT algorithm is presented to solve the problem of sybil attacks in APIT localization scheme, which is a popular range-free method and performs at individual node in a purely distributed fashion. The proposed SF-APIT scheme requires minimal overhead for wireless devices and works well based on the received signal strength. Simulations demonstrate that SF-APIT is an effective scheme in detecting and defending against sybil attacks with a high detection rate in distributed wireless localization schemes.
Wang, G., Wang, B., Wang, T., Nika, A., Zheng, H., Zhao, B. Y..  2018.  Ghost Riders: Sybil Attacks on Crowdsourced Mobile Mapping Services. IEEE/ACM Transactions on Networking. 26:1123–1136.
Real-time crowdsourced maps, such as Waze provide timely updates on traffic, congestion, accidents, and points of interest. In this paper, we demonstrate how lack of strong location authentication allows creation of software-based Sybil devices that expose crowdsourced map systems to a variety of security and privacy attacks. Our experiments show that a single Sybil device with limited resources can cause havoc on Waze, reporting false congestion and accidents and automatically rerouting user traffic. More importantly, we describe techniques to generate Sybil devices at scale, creating armies of virtual vehicles capable of remotely tracking precise movements for large user populations while avoiding detection. To defend against Sybil devices, we propose a new approach based on co-location edges, authenticated records that attest to the one-time physical co-location of a pair of devices. Over time, co-location edges combine to form large proximity graphs that attest to physical interactions between devices, allowing scalable detection of virtual vehicles. We demonstrate the efficacy of this approach using large-scale simulations, and how they can be used to dramatically reduce the impact of the attacks. We have informed Waze/Google team of our research findings. Currently, we are in active collaboration with Waze team to improve the security and privacy of their system.
2019-02-14
Kelkar, S., Kraus, T., Morgan, D., Zhang, J., Dai, R..  2018.  Analyzing HTTP-Based Information Exfiltration of Malicious Android Applications. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :1642-1645.

Exfiltrating sensitive information from smartphones has become one of the most significant security threats. We have built a system to identify HTTP-based information exfiltration of malicious Android applications. In this paper, we discuss the method to track the propagation of sensitive information in Android applications using static taint analysis. We have studied the leaked information, destinations to which information is exfiltrated, and their correlations with types of sensitive information. The analysis results based on 578 malicious Android applications have revealed that a significant portion of these applications are interested in identity-related sensitive information. The vast majority of malicious applications leak multiple types of sensitive information. We have also identified servers associated with three country codes including CN, US, and SG are most active in collecting sensitive information. The analysis results have also demonstrated that a wide range of non-default ports are used by suspicious URLs.

2019-01-31
Nakamura, T., Nishi, H..  2018.  TMk-Anonymity: Perturbation-Based Data Anonymization Method for Improving Effectiveness of Secondary Use. IECON 2018 - 44th Annual Conference of the IEEE Industrial Electronics Society. :3138–3143.

The recent emergence of smartphones, cloud computing, and the Internet of Things has brought about the explosion of data creation. By collating and merging these enormous data with other information, services that use information become more sophisticated and advanced. However, at the same time, the consideration of privacy violations caused by such merging is indispensable. Various anonymization methods have been proposed to preserve privacy. The conventional perturbation-based anonymization method of location data adds comparatively larger noise, and the larger noise makes it difficult to utilize the data effectively for secondary use. In this research, to solve these problems, we first clarified the definition of privacy preservation and then propose TMk-anonymity according to the definition.