Kiran Balagani

Kiran Balagani
New York Institute of Technology | NYIT · Department of Computer Science and Security

About

43
Publications
4,584
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,261
Citations
Citations since 2016
15 Research Items
936 Citations
2016201720182019202020212022050100150
2016201720182019202020212022050100150
2016201720182019202020212022050100150
2016201720182019202020212022050100150

Publications

Publications (43)
Chapter
Personal Identification Numbers (PINs) are the most common user authentication method for in-person banking transactions at ATMs. The US Federal Reserve reported that, in 2018, PINs secured 31.4 billion transactions in the US, with an overall worth of US$ 1.19 trillion.One well-known attack type involves the use of cameras to spy on the ATM PIN pad...
Article
Full-text available
A multistage biometric verification system uses multiple biometrics and/or multiple biometric verifiers to generate a verification decision. The core of a multistage biometric verification system is reject option which allows a stage not to give a genuine/impostor decision when it is not confident enough. This paper studies the effectiveness of sym...
Chapter
Personal Identification Numbers (PINs) are widely used as the primary authentication method for Automated Teller Machines (ATMs) and Point of Sale (PoS). ATM and PoS typically mitigate attacks including shoulder-surfing by displaying dots on their screen rather than PIN digits, and by obstructing the view of the keypad. In this paper, we explore se...
Article
This paper studies leakage of user passwords and PINs based on observations of typing feedback on screens or from projectors in the form of masked characters (?- or) that indicate keystrokes. To this end, we developed an attack called Password and Pin Information Leakage from Obfuscated Typing Videos (PILOT). Our attack extracts inter-keystroke tim...
Article
This paper introduces DISPERSE, a distributed scalable architecture for delivery of content and services that provides resilience against node failure through location-independent storage and replication of content. Current content delivery networks (CDNs) have, at least to some degree, a centralized structure thus susceptible to a single point of...
Preprint
Personal Identification Numbers (PIN) are widely used as authentication method for systems such as Automated Teller Machines (ATMs) and Point of Sale (PoS). Input devices (PIN pads) usually give the user a feedback sound when a key is pressed. In this paper, we propose an attack based on the extraction of inter-keystroke timing from the feedback so...
Preprint
This paper studies leakage of user passwords and PINs based on observations of typing feedback on screens or from projectors in the form of masked characters that indicate keystrokes. To this end, we developed an attack called Password and Pin Information Leakage from Obfuscated Typing Videos (PILOT). Our attack extracts inter-keystroke timing info...
Article
Garbled circuits are a general tool that allows two parties to compute any function without disclosing their respective inputs. Applications of this technique vary from distributed privacy-preserving machine learning tasks, to secure outsourced authentication. Unfortunately, the energy cost of garbled circuit evaluation protocols is substantial. Th...
Chapter
Shoulder surfing attacks are an unfortunate consequence of entering passwords or PINs into computers, smartphones, PoS terminals, and ATMs. Such attacks generally involve observing the victim’s input device. This paper studies leakage of user secrets (passwords and PINs) based on observations of output devices (screens or projectors) that provide “...
Preprint
This paper introduces DISPERSE, a distributed scalable architecture for delivery of content and services that provides resilience against node failure through location-independent storage and replication of content. Current content delivery networks (CDNs) have, at least to some degree, a centralized structure thus susceptible to a single point of...
Article
Tor is used to communicate anonymously by millions of daily users, which rely on it for their privacy, security, and often safety. In this paper we present a new attack on Tor that allows a malicious USB charging device (e.g., a public USB charging station) to identify which website is being visited by a smartphone user via Tor, thus breaking Tor's...
Article
Keystroke timing based active authentication systems are conceptually attractive because: (i) they use the keyboard as the sensor and are not hardware-cost prohibitive, and (ii) they use the keystrokes generated from normal usage of computers as input and are not interruptive. Several experiments have been reported on the performance of keystroke b...
Article
In this paper, we show that keystroke latencies used in continuous user authentication systems disclose application context, i.e., in which application user is entering text. Using keystroke data collected from 62 subjects, we show that an adversary can infer application context from keystroke latencies with 95.15% accuracy. To prevent leakage from...
Article
In this paper, we show that public USB charging stations pose a significant privacy risk to smartphone users even when no data communication is possible between the station and the user’s mobile device. We present a side-channel attack that allows a charging station to identify which webpages are loaded while the smartphone is charging. To evaluate...
Article
Common smartphone authentication mechanisms (e.g., PINs, graphical passwords, and fingerprint scans) are not designed to offer security post-login. Multi-modal continuous authentication addresses this issue by frequently and unobtrusively authenticating the user via behavioral biometric signals, such as touchscreen interaction and hand movements. B...
Article
Entering information on a computer keyboard is a ubiquitous mode of expression and communication. We investigate whether typing behavior is connected to two factors: the cognitive demands of a given task and the demographic features of the typist. We utilize features based on keystroke dynamics, stylometry, and “language production”, which are nove...
Article
Maintaining a high level of data security with a low impact on system performance is more challenging in wireless multimedia applications. Protocols that are used for wireless local area network (WLAN) security are known to significantly degrade performance. In this paper, we propose an enhanced security system for a WLAN. Our new design aims to de...
Article
We design privacy-preserving protocols for scaled Manhattan and scaled Euclidean verifiers, secure against malicious clients and honest-but-curious server. We then augment our protocols with principal component analysis (PCA), which can help to improve authentication accuracy. We evaluate the performance of our protocols on an emerging application-...
Article
In this paper, we introduce Hand Movement, Orientation, and Grasp (HMOG), a behavioral biometric to continuously authenticate smartphone users. HMOG unobtrusively captures subtle micro-movement and orientation dynamics resulting from how a user grasps, holds, and taps on the smartphone. We evaluated the authentication and biometric key generation (...
Article
We introduce hand movement, orientation, and grasp (HMOG), a set of behavioral features to continuously authenticate smartphone users. HMOG features unobtrusively capture subtle micro-movement and orientation dynamics resulting from how a user grasps, holds, and taps on the smartphone. We evaluated authentication and biometric key generation (BKG)...
Article
Most continuous user authentication techniques based on typing behavior rely on the keystroke dynamics or on the linguistic style of the user. However, there is a rich spectrum of cognition-centric behavioral traits that a typist exhibits during different stages of text production (e.g., composition, translation, and revision), which to our knowled...
Conference Paper
Continuous authentication modalities allow a device to authenticate users transparently without interrupting them or requiring their attention. This is especially important on smartphones, which are more prone to be lost or stolen than regular computers, and carry plenty of sensitive information. There is a multitude of signals that can be harnesse...
Article
We have proposed a novel solution to a fundamental problem encountered in implementing non-ingestion based medical adherence monitoring systems, namely, how to reliably identify pill medication intake. We show how wireless wearable devices with tri-axial accelerometer can be used to detect and classify hand gestures of users during solid-phase medi...
Article
Full-text available
Biometric key generation techniques are used to reliably generate cryptographic material from biometric signals. Existing constructions require users to perform a particular activity (e.g., type or say a password, or provide a handwritten signature), and are therefore not suitable for generating keys continuously. In this paper we present a new tec...
Conference Paper
We introduce new secure privacy-preserving protocols for outsourcing continuous authentication of smartphone users. Our protocols allow a smartphone to privately perform continuous and unobtrusive authentication using touch behaviors. Through our protocols, the smartphone does not need to disclose touch information to the authentication server. Fur...
Article
For biometric modalities in which error rates are typically high--including behavioral biometrics, such as keystroke dynamics--temporal information associated with the occurrence of errors might help answer questions regarding performance evaluation.
Conference Paper
An important problem in multi-stage biometric verification is to select an appropriate reject region. A reject region says which samples to be rejected. Rejecting impostor samples does not incur any cost in terms of user inconvenience, however, erroneously rejecting genuine samples leads to both user and administrator inconvenience. The problem bec...
Article
We present a new attack called the snoop-forge-replay attack on keystroke-based continuous verification systems. The snoop-forge-replay is a sample-level forgery attack and is not specific to any particular keystroke-based continuous verification method or system. It can be launched with easily available keyloggers and APIs for keystroke synthesis....
Conference Paper
Previous studies in continuous keystroke verification have shown that users' templates built with enrollment samples collected in multiple sessions are instrumental in reducing verification error rates. However, to our knowledge, no work has addressed how to achieve low error rates in situations where only weak keystroke templates (i.e., templates...
Conference Paper
While recent research has demonstrated how frequent updating of users' templates can enhance the performance of a biometric system, there has not been much work devoted to studying the effects of attacks against template update mechanisms. In this work, we present an attack which stealthily leverages the template update scheme of a keystroke verifi...
Conference Paper
Previous efforts in continuous cyber-behavioral verification have considered only zero-effort impostor attacks. Taking continuous verification with keystroke dynamics as a case in point, we demonstrate that forgery attempts created using snooped information (stolen keystroke timing information in our case) have alarmingly high success rates. In our...
Article
Heterogeneous and aggregate vectors are the two widely used feature vectors in fixed text keystroke authentication. In this paper, we address the question “Which vectors, heterogeneous, aggregate, or a combination of both, are more discriminative and why?” We accomplish this in three ways – (1) by providing an intuitive example to illustrate how ag...
Article
Full-text available
We derive the feature selection criterion presented in [1] and [2] from the multidimensional mutual information between features and the class. Our derivation: 1) specifies and validates the lower-order dependency assumptions of the criterion and 2) mathematically justifies the utility of the criterion by relating it to Bayes classification error.
Article
Full-text available
Guo and Nixon proposed a feature selection method based on maximizing I ( x ; Y ), the multidimensional mutual information between feature vector x and class variable Y . Because computing I ( x ; Y ) can be difficult in practice, Guo and Nixon proposed an approximation of I ( x ; Y ) as the criterion for feature selection. We show that Guo and Nix...
Article
We propose a load balancing algorithm that adapts its strategies for allocating Web requests based on the Web servers’ status. The system used in our experiment comprises of two components: (1) a Prober and (2) an Allocator. The Prober gathers the status information from the Web servers every 50 milliseconds. The status information consists of the...
Article
Full-text available
Wong and Poon (1989) showed that Chow and Liu's tree dependence approximation can be derived by minimizing an upper bound of the Bayes error rate. Wong and Poon's result was obtained by expanding the conditional entropy H(omega|X). We derive the correct expansion of H(omega|X) and present its implication.
Conference Paper
Full-text available
We present 'D-CAD,' a novel divergence-measure based classification method for anomaly detection in network traffic. The D-CAD method identifies anomalies by performing classification on features drawn from software sensors that monitor network traffic. We compare the performance of the D-CAD method with two classifier based anomaly detection metho...
Article
Full-text available
In this paper, we present "k-means+ID3", a method to cascade k-means clustering and the ID3 decision tree learning methods for classifying anomalous and normal activities in a computer network, an active electronic circuit, and a mechanical mass-beam system. The k-means clustering method first partitions the training instances into k clusters using...
Article
Introduction Mobile Robot Simulation Setup Software Anomalies in Mobile Robotic Networks Soft Sensor Software Anomaly Detection Architecture Anomaly Detection Mechanisms Test Bed for Software Anomaly Detection in Mobile Robot Application Results and Discussion Conclusions and Future Work Appendix A Appendix B References
Conference Paper
Full-text available
We present a novel signed gain in information (GI) measure for quantitative evaluation of gain or loss in information due to dimension reduction using feature extraction in misuse detection applications. GI is defined in terms of sensitivity mismatch measure (Φ) and specificity mismatch measure (⊗). 'Φ' quantifies information gain or loss in featur...
Article
Full-text available
The degree of personalization that a Web site offers in presenting its services to users is an important attribute contributing to the site's popularity. Web server access logs contain substantial data about user access patterns. One way to solve this problem is to group users on the basis of their Web interests and then organize the site's structu...
Article
Full-text available
In this paper, we present a novel approach to group users according to their Web access patterns. Our technique for grouping users is based on the ART1 neural network. We compare the quality of clustering of our ART1 based clustering technique with that of the K-Means clustering algorithm in terms of inter-cluster and intra-cluster distances. Our r...
Article
Full-text available
Recently, Guo and Nixon [1] proposed a feature selection method based on max-imizing I(x; Y), the multidimensional mutual information between feature vector x and class variable Y . Because computing I(x; Y) can be difficult in practice, Guo and Nixon proposed an approximation of I(x; Y) as the criterion for feature selection. We show that Guo and...

Network

Cited By