Indrakshi Ray

Indrakshi Ray
Colorado State University | CSU · Department of Computer Science

Ph.D.

About

289
Publications
98,451
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
5,543
Citations
Additional affiliations
July 2014 - present
Colorado State University
Position
  • Professor (Full)
August 2001 - December 2013
Colorado State University
August 1997 - July 2001
University of Michigan–Dearborn

Publications

Publications (289)
Article
Supervised machine learning is often used to detect phishing websites. However, the scarcity of phishing data for training purposes limits the classifier's performance. Further, machine learning algorithms are prone to adversarial attacks: small perturbations on attack data can bypass the classifier. These problems make machine learning less effect...
Conference Paper
Full-text available
Internet of Things (IoT) devices use mobile companion apps to configure, update, and proxy communications between devices, cloud endpoints, and users. However, to the best of our knowledge, their accessibility characteristics have received little study. Thus, we report the analysis results of 248 IoT companion apps. Our approach involves manual ana...
Chapter
Identifying and mitigating vulnerabilities as rapidly and extensively as possible is essential for preventing security breaches. Thus, organizations and companies often store vulnerability information, expressed in natural language, and share them with other stakeholders. Disclosure and dissemination of this information in a structured and unambigu...
Article
With the spread of the SARS-CoV-2, enormous amounts of information about the pandemic are disseminated through social media platforms such as Twitter. Social media posts often leverage the trust readers have in prestigious news agencies and cite news articles as a way of gaining credibility. Nevertheless, it is not always the case that the cited ar...
Conference Paper
Full-text available
Most Internet of Things (IoT) devices provide access through mobile companion apps to configure, update, and control the devices. In many cases, these apps handle all user data moving in and out of devices and cloud endpoints. Thus, they constitute a critical component in the IoT ecosystem from a privacy standpoint, but they have historically been...
Conference Paper
Full-text available
Organizations collect data from various sources, and these datasets may have characteristics that are unknown. Selecting the appropriate statistical and machine learning algorithm for data analytical purposes benefits from understanding these characteristics, such as if it contains temporal attributes or not. This paper presents a theoretical basis...
Chapter
Industrial control systems are target-rich environments for cyber criminals, terrorists and advanced persistent threats. Researchers have investigated various types of industrial control systems in smart grids, gas pipelines and manufacturing facilities to understand how they can be compromised by cyber threats. However, the manner in which industr...
Chapter
Full-text available
The Internet of Things (IoT) is revolutionizing society by connecting people, devices, and environments seamlessly and providing enhanced user experience and functionalities. Security and privacy issues remain mostly ignored. Attackers can compromise devices, inject spurious packets into an IoT network, and cause severe damage. Machine learning-bas...
Chapter
Full-text available
Most Internet of Things (IoT) devices provide access through mobile companion apps to configure, update, and control the devices. In many cases, these apps handle all user data moving in and out of devices and cloud endpoints. Thus, they constitute a critical component in the IoT ecosystem from a privacy standpoint, but they have historically been...
Chapter
Full-text available
Social networks are playing an increasingly important role in modern society. Social media bots are also on the rise. Bots can propagate misinformation and spam, thereby influencing economy, politics, and healthcare. The progress in Natural Language Processing (NLP) techniques makes bots more deceptive and harder to detect. Easy availability of rea...
Article
Hackers are increasingly launching phishing attacks via SMS and social media. Games and dating apps introduce yet another attack vector. However, current deep learning-based phishing detection applications are not applicable to mobile devices due to the computational burden. We propose a lightweight phishing detection algorithm that distinguishes p...
Article
Full-text available
Anomaly detection and explanation in big volumes of real-world medical data, such as those pertaining to COVID-19, pose some challenges. First, we are dealing with time-series data. Typical time-series data describe behavior of a single object over time. In medical data, we are dealing with time-series data belonging to multiple entities. Thus, the...
Chapter
In an Internet of Things (IoT) environment, devices may become compromised by cyber or physical attacks causing security and privacy breaches. When a device is compromised, its network behavior changes. In an IoT environment where there is insufficient attack data available and the data is unlabeled, novelty detection algorithms may be used to dete...
Article
Tracking individuals or groups based on their hidden and/or emergent behaviors is an indispensable task in homeland security, mental health evaluation, and consumer analytics. On-line and off-line communication patterns, behavior profiles and social relationships form complex dynamic evolving knowledge graphs. Investigative search involves capturin...
Article
Phishing websites trick honest users into believing that they interact with a legitimate website and capture sensitive information, such as user names, passwords, credit card numbers, and other personal information. Machine learning is a promising technique to distinguish between phishing and legitimate websites. However, machine learning approache...
Article
Full-text available
The field of synthetic biology relies on an ever-growing supply chain of synthetic genetic material. Technologies to secure the exchange of this material are still in their infancy. Solutions proposed thus far have focused on watermarks, a dated security approach that can be used to claim authorship, but is subject to counterfeit, and does not prov...
Conference Paper
Internet of Things (IoT) device adoption is on the rise. Such devices are mostly self-operated and require minimum user interventions. This is achieved by abstracting away their design complexities and functionalities from the users. However, this abstraction significantly limits a user's insights on evaluating the true capabilities (i.e., what act...
Chapter
Internet of Things (IoT) device adoption is on the rise. Such devices are mostly self-operated and require minimum user interventions. This is achieved by abstracting away their design complexities and functionalities from the users. However, this abstraction significantly limits a user’s insights on evaluating the true capabilities (i.e., what act...
Chapter
Full-text available
Modern automobiles have more than 70 electronic control units (ECUs) and 100 million lines of code to improve safety, fuel economy, performance, durability, user experience, and to reduce emissions. Automobiles are becoming increasingly interconnected with the outside world. Consequently, modern day automobiles are becoming more prone to cyber secu...
Preprint
We present an IoT home network visualizer that utilizes virtual reality (VR). This prototype demonstrates the potential that VR has to aid in the understanding of home IoT networks. This is particularly important due the increased number of household devices now connected to the Internet. This prototype is able to function in a standard display or...
Chapter
Denizens of the Internet are under a barrage of phishing attacks of increasing frequency and sophistication. Emails accompanied by authentic looking websites are ensnaring users who, unwittingly, hand over their credentials compromising both their privacy and security. Methods such as the blacklisting of these phishing websites become untenable and...
Conference Paper
Full-text available
Modern automobiles have more than 70 electronic control units (ECUs) and 100 million lines of code to improve safety, fuel economy , performance, durability, user experience, and to reduce emissions. Automobiles are becoming increasingly interconnected with the outside world. Consequently, modern day automobiles are becoming more prone to cyber sec...
Article
Embedded computing devices play an integral role in the mechanical operations of modern-day vehicles. These devices exchange information containing critical vehicle parameters that reflect the current state of operations. Such information can be captured for various purposes, such as diagnostics, fleet management, and analytics. Although monitoring...
Article
Full-text available
Rapid advances in the Internet‐of‐Things (IoT) domain have led to the development of several useful and interesting devices that have enhanced the quality of home living and industrial automation. The vulnerabilities in the IoT devices have rendered them susceptible to compromise and forgery. The problem of device authentication, that is, the quest...
Preprint
Synthetic biologists use a growing number of software tools to generate DNA sequences encoding complex functions. In this context, some synthetic biologists have inserted watermarks in synthetic DNA to assert claims of authorships. DNA watermarking demonstrates the need to assert the rights and responsibilities associated with authorships of synthe...
Conference Paper
Internet of Things (IoT) consists of multifarious devices communicating with each other, with the environment, and also with people to provide enhanced functionality and experience for the users. Security and privacy breaches in such smart environments can compromise the physical, emotional, and financial well-being of the users. The lack of well-d...
Chapter
Full-text available
Phishing websites trick users into believing that they are interacting with a legitimate website, and thereby, capture sensitive information, such as user names, passwords, credit card numbers and other personal information. Machine learning appears to be a promising technique for distinguishing between phishing websites and legitimate ones. Howeve...
Poster
Full-text available
Data quality tests validate the data stored in databases and data warehouses to detect violations of syntactic and semantic constraints. Domain experts grapple with the issues related to the capturing of all the important constraints and checking that they are satisfied. Domain experts often define the constraints in an ad hoc manner based on their...
Chapter
Mobile Health (mHealth) refers to a healthcare-provision scheme which uses mobile communication devices for effective detection, prognosis and delivery of services. mHealth systems consists of sensors collecting information from patients, cell phones through which users access the data, and a cloud-based remote data store for holding health informa...
Chapter
The area under the ROC curve (AUC) is a widely used measure for evaluating classification performance on heavily imbalanced data. The kernelized AUC maximization machines have established a superior generalization ability compared to linear AUC machines because of their capability in modeling the complex nonlinear structures underlying most real-wo...
Chapter
Full-text available
Distributed Denial-of-Service (DDoS) attack has been identified as one of the most serious threats to Internet services. The attack denies service to legitimate users by flooding and consuming network resources of the target server. We propose a distributed defense mechanism that filters out malicious traffic and allows significant legitimate traff...
Conference Paper
Full-text available
Data quality tests check the properties of data stored in databases and data warehouses to detect violations of syntactic and semantic constraints. Domain experts define the constraints based on the needs of the stakeholders and knowledge of the application domain. Approaches that can automatically generate the constraints on data without requiring...
Conference Paper
Full-text available
The Internet-of-Things (IoT) has brought in new challenges in device identification --what the device is, and authentication --is the device the one it claims to be. Traditionally, the authentication problem is solved by means of a cryptographic protocol. However, the computational complexity of cryptographic protocols and/or problems related to ke...
Conference Paper
Full-text available
Various types of applications and services generate vast amounts of XML data feeds that may be streamed in near real time to different subscribing endpoints in order to take actions in a timely manner. In an earlier work we proposed an XML overlay network comprised of brokers that can be configured for efficient XML message filtering and replicatio...
Article
With the advancements in contemporary multi-core CPU architectures and increase in main memory capacity, it is now possible for a server operating system (OS), such as Linux, to handle a large number of concurrent application services on a single server instance. Individual application components of such services may run in different isolated runti...
Article
Full-text available
Introduction Bloom Filters (BFs) are a scalable solution for probabilistic privacy-preserving record linkage but BFs can be compromised. Yao’s garbled circuits (GCs) can perform secure multi-party computation to compute the similarity of two BFs without a trusted third party. The major drawback of using BFs and GCs together is poor efficiency. Obj...
Conference Paper
Full-text available
The Extract-Transform-Load (ETL) process in data warehousing involves extracting data from source databases, transforming it into a form suitable for research and analysis, and loading it into a data warehouse. ETL processes can use complex transformations involving sources and targets that use different schemas, databases, and technologies, which...
Conference Paper
Full-text available
Broadcast authentication is an important problem in several network settings such as wireless sensor networks and ad-hoc networks. We focus on the problem of independent key distribution protocols, which use efficient symmetric key signatures in distributed systems to permit (local) broadcast authentication. We focus on five types of communication...
Conference Paper
Full-text available
Phishing websites remain a persistent security threat. Thus far, machine learning approaches appear to have the best potential as defenses. But, there are two main concerns with existing machine learning approaches for phishing detection. The first is the large number of training features used and the lack of validating arguments for these feature...
Article
Full-text available
The Internet-of-Things (IoT) has brought in new challenges in, device identification --what the device is, and, authentication --is the device the one it claims to be. Traditionally, the authentication problem is solved by means of a cryptographic protocol. However, the computational complexity of cryptographic protocols and/or scalability problems...
Article
The electronic Personal Health Records (PHRs) such as medical history, lab reports, and insurance are stored in systems such as Microsoft Health Vault where a medical care provider or a patient is responsible for uploading and managing the health information. Storing PHRs in such a manner prohibits the patients from having complete control over the...
Conference Paper
Full-text available
Rapid advances in ıotn~ have led to the proliferation of several end-user ıot devices. A modern day home ıot environment now resembles a complete network ecosystem with a variety of devices co-existing and operating concurrently. It is necessary that these devices do not disrupt the operations of other devices, either accidentally or maliciously. A...
Article
Full-text available
Denizens of the Internet are under a barrage of phishing attacks of increasing frequency and sophistication. Emails accompanied by authentic looking websites are ensnaring users who, unwittingly, hand over their credentials compromising both their privacy and security. Methods such as the blacklisting of these phishing websites become untenable and...
Chapter
Enterprises use data warehouses to accumulate data from multiple sources for data analysis and research. Since organizational decisions are often made based on the data stored in a data warehouse, all its components must be rigorously tested. Researchers have proposed a number of approaches and tools to test and evaluate different components of dat...
Chapter
This survey focuses on the cryptographic access control technique, attribute-based encryption (ABE), its applications and future directions. Since its inception, there has been a tremendous interest in applying this technique to solve various problems related to access control. Significant research efforts have been devoted to design efficient cons...
Article
In modern day operating systems, such as Linux, it is now possible to handle a large number of concurrent application services on a single server instance. Individual application components of such services may run in different isolated runtime environments, such as chrooted jails or application containers, and may need access to system resources a...
Poster
Vehicle security has been receiving a lot of attention from both the black hat and white hat community of late. Research in this area has already led to the fabrication of different attacks, of which some have been shown to have potentially grave consequences. Vehicle vendors and original equipment manufacturers (OEM)s are thus presented with the a...
Conference Paper
Full-text available
Medical institutions must comply with various federal and state policies when they share sensitive medical data with others. Traditionally, such sharing is performed by sanitizing the identifying information from individual records. However, such sanitization removes the ability to later link the records belonging to the same patient across multipl...
Conference Paper
Full-text available
Vehicle security has been receiving a lot of attention from both the black hat and white hat community of late. Research in this area has already led to the fabrication of different attacks, of which some have been shown to have potentially grave consequences. Vehicle vendors and original equipment manufacturers (OEM)s are thus presented with the a...
Article
Area Under the ROC Curve (AUC) is a reliable metric for measuring the quality of the classification performance on imbalanced data. The existing pairwise learn to rank linear algorithms can optimize the AUC metric efficiently, but lack modeling the nonlinearity underlying the data. The large scale and nonlinear distribution of many real world data...
Conference Paper
Vehicles now include Electronic Control Units (ECUs) that communicate with each other via broadcast networks. Cyber-security professionals have shown that such embedded communication networks can be compromised. Very recently, it has been shown that embedded devices connected to commercial vehicle networks can be manipulated to perform unintended a...
Conference Paper
Distributed Denial of Service (DDoS) attacks remain one of the most serious threats on the Internet. Combating such attacks to protect the victim and network infrastructure requires a distributed real-time defense mechanism. We propose Responsive Point Identification using Hop distance and Attack estimation rate (RPI-HA) that when deployed is able...
Conference Paper
Full-text available
Fast Health Interoperability Services (FHIR) is the most recent in the line of standards for healthcare resources. FHIR represents different types of medical artifacts as resources and also provides recommendations for their authorized disclosure using web-based protocols including O-Auth and OpenId Connect and also defines security labels. In most...