Raheem Beyah

Raheem Beyah
Georgia Institute of Technology | GT · School of Electrical & Computer Engineering

PhD

About

178
Publications
34,672
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
2,907
Citations

Publications

Publications (178)
Article
Full-text available
Digital light processing (DLP) is a high‐resolution, high‐speed additive manufacturing method that builds 3D parts by selectively curing photopolymerizable resins layer‐by‐layer. To achieve multi‐color DLP printing, researchers have used multiple switchable resin vats. However, these methods require complex vat switching devices and cleaning manipu...
Preprint
Full-text available
One intriguing property of adversarial attacks is their "transferability" -- an adversarial example crafted with respect to one deep neural network (DNN) model is often found effective against other DNNs as well. Intensive research has been conducted on this phenomenon under simplistic controlled conditions. Yet, thus far, there is still a lack of...
Article
Despite their tremendous success in various machine learning tasks, deep neural networks (DNNs) are inherently vulnerable to adversarial examples, which are maliciously crafted inputs to cause DNNs to misbehave. Intensive research has been conducted on this phenomenon in simple tasks (e.g., image classification). However, little is known about this...
Article
One intriguing property of deep neural networks (DNNs) is their vulnerability to adversarial examples -- those maliciously crafted inputs that deceive target DNNs. While a plethora of defenses have been proposed to mitigate the threats of adversarial examples, they are often penetrated or circumvented by even stronger attacks. To end the constant a...
Article
Following the principle of to set one's own spear against one's own shield, we study how to design adversarial completely automated public turing test to tell computers and humans apart (CAPTCHA) in this article. We first identify the similarity and difference between adversarial CAPTCHA generation and existing hot adversarial example (image) gener...
Article
The Internet of Things (IoT) has become ubiquitous and greatly affected peoples‘ daily lives. With the increasing development of IoT devices, the corresponding security issues are becoming more and more challenging. Such a severe security situation raises the following questions that need urgent attention: What are the primary security threats that...
Preprint
A flurry of fuzzing tools (fuzzers) have been proposed in the literature, aiming at detecting software vulnerabilities effectively and efficiently. To date, it is however still challenging to compare fuzzers due to the inconsistency of the benchmarks, performance metrics, and/or environments for evaluation, which buries the useful insights and thus...
Article
Fuzzing is a technique of finding bugs by executing a target program recurrently with a large number of abnormal inputs. Most of the coverage-based fuzzers consider all parts of a program equally and pay too much attention to how to improve the code coverage. It is inefficient as the vulnerable code only takes a tiny fraction of the entire code. In...
Chapter
Docker has become increasingly popular because it provides efficient containers that are directly run by the host kernel. Docker Hub is one of the most popular Docker image repositories. Millions of images have been downloaded from Docker Hub billions of times. However, in the past several years, a number of high-profile attacks that exploit this k...
Article
Web search queries reveal extensive sensitive information about users’ interests and preferences to the search engines and eavesdroppers. Obfuscation-based private web search solutions automatically generate dummy queries and send the obfuscated queries to the search engine to hide users’ search intentions. Despite many obfuscation methods and tool...
Conference Paper
In the modern world, the reliable and continuous operation of cyber-physical systems (CPSs) have become increasingly crucial factors of our daily life. As a result, the networking protocols of CPSs have been developed to achieve availability without serious consideration for security. Security flaws in these protocols could lead to system misconfig...
Article
Full-text available
With the emergence of the Internet of Things (IoT) in recent years, the security has been significantly called more and more people’s attention on wireless communication between the devices and the human-beings, as well as the devices to devices. Smart home (SH), as a small-scale example of the smart application-based field, has benefited from the...
Article
Programmable logic controllers (PLCs) make up the majority of endpoints on industrial control system (ICS) networks and are the vital bridge between the cyber and physical worlds. Although these devices are critical, they are often insecure by design: communicating over unauthenticated protocols, failing to provide standard password protection, and...
Article
Image captchas have recently become very popular and are widely deployed across the Internet to defend against abusive programs. However, the ever-advancing capabilities of computer vision have gradually diminished the security of image captchas and made them vulnerable to attack. In this paper, we first classify the currently popular image captcha...
Preprint
In recent years, cyber-physical system (CPS) security as applied to robotic systems has become a popular research area. Mainly because robotics systems have traditionally emphasized the completion of a specific objective and lack security oriented design. Our previous work, HoneyBot \cite{celine}, presented the concept and prototype of the first so...
Article
As a large number of distributed devices are connected to the modern smart grid, the traditional centralized connectivity models fail to provide economic value. These models have relied on sending data to the cloud for processing and receiving commands to exert control actions, resulting in an ‘on-demand system’ with high bandwidth, low latency and...
Preprint
In this paper, we study the privacy of online health data. We present a novel online health data De-Anonymization (DA) framework, named De-Health. De-Health consists of two phases: Top-K DA, which identifies a candidate set for each anonymized user, and refined DA, which de-anonymizes an anonymized user to a user in its candidate set. By employing...
Preprint
Motivated by many existing security and privacy applications, e.g., network traffic attribution, linkage attacks, private web search, and feature-based data de-anonymization, in this paper, we study the Feature-based Data Inferability (FDI) quantification problem. First, we conduct the FDI quantification under both naive and general data models fro...
Preprint
Despite their immense popularity, deep learning-based acoustic systems are inherently vulnerable to adversarial attacks, wherein maliciously crafted audios trigger target systems to misbehave. In this paper, we present SirenAttack, a new class of attacks to generate adversarial audios. Compared with existing attacks, SirenAttack highlights with a s...
Preprint
Following the principle of to set one's own spear against one's own shield, we study how to design adversarial CAPTCHAs in this paper. We first identify the similarity and difference between adversarial CAPTCHA generation and existing hot adversarial example (image) generation research. Then, we propose a framework for text-based and image-based ad...
Article
Cyber-physical systems (CPS) have been deployed in many areas and have reached unprecedented levels of performance and efficiency. However, the security and privacy problems in CPS have not been properly addressed, e.g., the monitored source location can be inferred by an attacker, which can substantially undermine the reliability of CPS. Unfortuna...
Article
Full-text available
The popularity of cloud hosting services also brings in new security chal- lenges: it has been reported that these services are increasingly utilized by miscreants for their malicious online activities. Mitigating this emerging threat, posed by such “bad repositories” (simply Bar), is challenging due to the different hosting strategy to traditional...
Article
Due to the increasing attacks against cyber-physical systems, it is important to develop novel solutions to secure these critical systems. System security can be improved by using the physics of process actuators (that is, devices). Device physics can be used to generate device fingerprints to increase the integrity of responses from process actuat...
Article
Historically, robotics systems have not been built with an emphasis on security. Their main purpose has been to complete a specific objective, such as to deliver the correct dosage of a drug to a patient, perform a swarm algorithm, or safely and autonomously drive humans from point A to point B. As more and more robotic systems become remotely acce...
Article
To keep password users from creating simple and common passwords, major websites and applications provide a password-strength measure, namely a password checker. While critical requirements for a password checker to be stringent have prevailed in the study of password security, we show that regardless of the stringency, such static checkers can lea...
Article
The modern world is becoming increasingly dependent on computing and communication technology to function, but unfortunately its application and impact on areas such as critical infrastructure and industrial control system (ICS) networks remains to be thoroughly studied. Significant research has been conducted to address the myriad security concern...
Article
In this paper, we study the impacts of non-Personal Identifiable Information (non-PII) on the privacy of graph data with attribute information (e.g., social networks data with users' profiles (attributes)), namely Structure-Attribute Graph (SAG) data, both theoretically and empirically. Our main contributions are two-fold: (i) we conduct the first...
Conference Paper
The modern world is becoming increasingly dependent on computing and communication technology to function, but unfortunately its application and impact on areas such as critical infrastructure and industrial control system (ICS) networks remains to be thoroughly studied. Significant research has been conducted to address the myriad security concern...
Article
The modern world is becoming increasingly dependent on computing and communication technology to function, but unfortunately its application and impact on areas such as critical infrastructure and industrial control system (ICS) networks remains to be thoroughly studied. Significant research has been conducted to address the myriad security concern...
Article
owadays, many computer and communication systems generate graph data. Graph data span many different domains, ranging from online social network data from networks like Facebook to epidemiological data used to study the spread of infectious diseases.owadays, many computer and communication systems generate graph data. Graph data span many different...
Conference Paper
Full-text available
To adapt to the rapidly evolving landscape of cyber threats, security professionals are actively exchanging Indicators of Compromise (IOC) (e.g., malware signatures, botnet IPs) through public sources (e.g. blogs, forums, tweets, etc.). Such information, often presented in articles, posts, white papers etc., can be converted into a machine-readable...
Conference Paper
The popularity of cloud hosting services also brings in new security challenges: it has been reported that these services are increasingly utilized by miscreants for their malicious online activities. Mitigating this emerging threat, posed by such "bad repositories" (simply Bar), is challenging due to the different hosting strategy to traditional h...
Article
Honeypots derive much of their value from their ability to fool attackers into believing they're authentic machines. Current cyber-physical system (CPS) honeypots fail to sufficiently capture and simulate behavior that's necessary to project this authenticity. In response, the HoneyPhy framework was developed for CPS honeypots that takes into accou...
Article
Wireless Sensor Networks (WSNs) are rapidly gaining popularity in various critical domains like health care, critical infrastructure, and climate monitoring, where application builders have diversified development needs for programming, visualization, and simulation tools. However, these tools are designed as separate stand-alone applications. To a...
Article
In this paper, we implement the first comprehensive quantification of the perfect de-anonymizability and partial de-anonymizability of real-world social networks with seed information under general scenarios, which provides the theoretical foundation for the existing structure-based de-anonymization attacks and closes the gap between de-anonymizati...
Article
When people utilize social applications and services, their privacy suffers a potential serious threat. In this article, we present a novel, robust, and effective de-anonymization attack to mobility trace data and social data. First, we design a Unified Similarity (US) measurement, which takes account of local and global structural characteristics...
Conference Paper
The popularity of long-tail search engine optimization (SEO) brings with new security challenges: incidents of long-tail keyword poisoning to lower competition and increase revenue have been reported. The emergence of cloud web hosting services provides a new and effective platform for long-tail SEO spam attacks. There is growing evidence that larg...
Article
In this paper, we study the quantification, practice, and implications of structural data de-anonymization, including social data, mobility traces, and so on. First, we answer several open questions in structural data de-anonymization by quantifying perfect and (1-ε)-perfect structural data de-anonymization, where ε is the error tolerated by a de-a...
Conference Paper
In this paper, we introduce an open-source and modular password analysis and research system, PARS, which provides a uniform, comprehensive and scalable research platform for password security. To the best of our knowledge, PARS is the first such system that enables researchers to conduct fair and comparable password security research. PARS contain...
Article
In this paper, we conduct a large-scale study on the crackability, correlation, and security of ∼145 million real world passwords, which were leaked from several popular Internet services and applications. To the best of our knowledge, this is the largest empirical study that has been conducted. Specifically, we first evaluate the crackability of ∼...
Article
Full-text available
In this article, we illustrate that the boundary of a general-purpose node can be extended into the network by extracting information from network traffic generated by that general-purpose node to infer the state of its hardware components. This information is represented in a delay signature latent within the network traffic. In contrast, the trad...
Article
This paper presents a new proposed infrastructure that enables simultaneous cyber security and operational security. The basis of the method is command interception and fast authentication from the cyber security point of view (reliable detection of cyber intrusions) and from the operational reliability point of view. To simplify the process, the c...
Article
A connected dominating set (CDS) is used as a virtual backbone (VB) for efficient routing and broadcasting in wireless sensor networks (WSNs). Currently, almost all existing works focus on constructing minimum-sized CDS under the deterministic network model. However, because of the existence of many probabilistic lossy links in WSNs, it is more pra...
Article
Nearly every aspect of modern life today, from businesses, transportation, and healthcare, depends on the power grid operating safely and reliably. While the recent push for a 'Smart Grid' has shown promise for increased efficiency, security has often been an after-thought, leaving this critical infrastructure vulnerable to a variety of cyber attac...
Article
The purpose of network traffic characterization is to explore unknown patterns in different types of network communications to help improve many aspects of the network. While many previous studies have explored the characterization of many different networks (e.g., university networks), the power grid network (and other SCADA networks) characteriza...
Article
Routing is one of the most important and fundamental issues in Cognitive Radio Networks (CRNs). However, most of the existing routing algorithms for CRNs either cannot fully take account of the spectrum dynamics or are resource aided which might introduce too much cost. Therefore, in this paper, we study to design an effective routing scheme with r...
Article
Cyber-Physical Systems (CPS) is a relatively novel computing paradigm where there is a tight integration of communications, computation, and the physical environment. An important component of the CPS devices is the sensors they use to interact with each other and the physical world around them. With CPS applications, engineers monitor the structur...