Vir V. Phoha

Vir V. Phoha
Louisiana Tech University | Louisiana Tech · Department of Computer Science

About

222
Publications
36,641
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
3,884
Citations

Publications

Publications (222)
Article
Full-text available
The digital economy drives a surge in online digital image transactions, increasing the risk of data breaches due to extensive image file transmission. Stream ciphers, known for their efficiency compared to block ciphers, have emerged as a preferred choice for encrypting images in such transactions to safeguard transmitted data. Nevertheless, tradi...
Conference Paper
Emotion Recognition is a critical research area for enhancing human-computer interaction. Keystroke dynamics, a behavioral biometric capturing typing patterns, offers a non-intrusive, user-friendly method for recognizing emotions. We propose a Dual-Stream Transformer-based Emotion Recognition (DSTER) model, which leverages keystroke dynamics to det...
Book
Full-text available
This article addresses analytical (probabilistic and game theoretic) and simulation-based (Monte Carlo) treatments of Risk Assessment and Risk Management methodology using observational outcomes for unwanted oil spills and gas releases to study certain goals such as developments for attaining improved response, mitigation, detection, characterizati...
Article
In real-world deployment, continuous authentication for mobile devices faces challenges such as intermittent data streams, variable data quality, and varying modality reliability. To address these challenges, we introduce a framework based on Markov process, named State-Space Perturbation-Resistant Approach (SSPRA). SSPRA integrates a two-level mul...
Article
The recent prevalence of machine learning-based techniques and smart device embedded sensors has enabled widespread human-centric sensing applications. However, these applications are vulnerable to false data injection attacks (FDIA) that alter a portion of the victim's sensory signal with forged data comprising a targeted trait. Such a mixture of...
Preprint
Full-text available
Accelerometer signals generated through gait present a new frontier of human interface with mobile devices. Gait cycle detection based on these signals has applications in various areas, including authentication, health monitoring, and activity detection. Template-based studies focus on how the entire gait cycle represents walking patterns, but the...
Preprint
Full-text available
Individuals can be misled by fake news and spread it unintentionally without knowing it is false. This phenomenon has been frequently observed but has not been investigated. Our aim in this work is to assess the intent of fake news spreaders. To distinguish between intentional versus unintentional spreading, we study the psychological explanations...
Article
Full-text available
A multi-biometric verification system lowers the verification errors by fusing information from multiple biometric sources. Information can be fused in parallel or serial modes. While parallel fusion gives a higher accuracy, it may suffer from a serious problem of taking a longer verification time. Serial fusion can alleviate this problem by allowi...
Chapter
Using keystroke acoustics to predict typed text has significant advantages, such as being recorded covertly from a distance and requiring no physical access to the computer system. Recently, some studies have been done on keystroke acoustics, however, to the best of our knowledge none have used them to predict adversarial activities, such as passwo...
Article
In this work, we examine the impact of Treadmill Assisted Gait Spoofing (TAGS) on Wearable Sensor-based Gait Authentication (WSGait). We consider more realistic implementation and deployment scenarios than the previous study, which focused only on the accelerometer sensor and a fixed set of features. Specifically, we consider the situations in whic...
Article
Potential for huge loss from malicious exploitation of software calls for development of principles of cyber-insurance. Estimating what to insure and for how much and what might be the premiums poses challenges because of the uncertainties, such as the timings of emergence and lethality of malicious apps, human propensity to favor ease by giving mo...
Article
Full-text available
A multistage biometric verification system uses multiple biometrics and/or multiple biometric verifiers to generate a verification decision. The core of a multistage biometric verification system is reject option which allows a stage not to give a genuine/impostor decision when it is not confident enough. This paper studies the effectiveness of sym...
Preprint
In this work, we examine the impact of Treadmill Assisted Gait Spoofing (TAGS) on Wearable Sensor-based Gait Authentication (WSGait). We consider more realistic implementation and deployment scenarios than the previous study, which focused only on the accelerometer sensor and a fixed set of features. Specifically, we consider the situations in whic...
Article
Full-text available
A large body of research has focused on analyzing large networks and graphs. However, network and graph data is often anonymized for reasons such as protecting data privacy. Under such circumstances, it is difficult to verify the source of network data, which leads to questions such as: Given an anonymized graph, can we identify the network from wh...
Article
Massive dissemination of fake news and its potential to erode democracy has increased the demand for accurate fake news detection. Recent advancements in this area have proposed novel techniques that aim to detect fake news by exploring how it propagates on social networks. Nevertheless, to detect fake news at an early stage, i.e., when it is publi...
Article
Full-text available
Very few studies have explored linkages between physiological, such as electroencephalograph (EEG), and behavioral patterns, such as wrist movements. These linkages provide us a unique mechanism to predict one set of patterns from other related patterns. Unlike conventional biometrics, EEG biometrics are hard to spoof using standard presentation at...
Article
Full-text available
In this paper, we propose enhanced continuous authentication by supplementing keystroke and mouse dynamics with wrist motion behaviors. Our method bridges the security gap when neither the mouse nor the keyboard is being used, such as during transitions from mouse to keyboard and vice versa, or during intermittent pauses when wrist movement is capt...
Article
Research in Keystroke-Dynamics (KD) has customarily focused on temporal features without considering context to generate user templates that are used in authentication. Additionally, work on KD in hand-held devices such as smart-phones and tablets have shown that these features alone do not perform satisfactorily for authentication. In this work, w...
Conference Paper
Auditing physical data using machine learning can enhance the security in Cyber-Manufacturing System (CMS). However, the physical data processing itself is prone to cyber-attacks. Connections based on the internet in CMS opens the route for adversaries to compromise the attack detection system itself. To prevent data from malicious data injection i...
Preprint
Behavioral biometrics are key components in the landscape of research in continuous and active user authentication. However, there is a lack of large datasets with multiple activities, such as typing, gait and swipe performed by the same person. Furthermore, large datasets with multiple activities performed on multiple devices by the same person ar...
Article
Smart wearable devices have recently become one of the major technological trends and been widely adopted by the general public. Wireless earphones, in particular, have seen a skyrocketing growth due to its great usability and convenience. With the goal of seeking a more unobtrusive wearable authentication method that the users can easily use and c...
Conference Paper
Full-text available
Research on networks is commonly performed using anonymized network data for various reasons such as protecting data privacy. Under such circumstances, it is difficult to verify the source of network data, which leads to questions such as: Given an anonymized graph, can we identify the network from which it is collected? Or if one claims the graph...
Conference Paper
Abstract—To meet the ever-increasing demand of electric power, microgrids are establishing themselves to be one of the most reliable power delivery systems. Microgrids can deliver power efficiently, cost-effectively and environment-friendly. To design a sustainable microgrid; several tasks such as resource allocation, optimization, power flow analy...
Preprint
Full-text available
The explosive growth of fake news and its erosion of democracy, justice, and public trust has significantly increased the demand for accurate fake news detection. Recent advancements in this area have proposed novel techniques that aim to detect fake news by exploring how it propagates on social networks. However, to achieve fake news early detecti...
Article
Use of mobile phones in public places opens up the possibilities of remote side channel attacks on these devices. We present a video-based side channel attack to decipher passwords on mobile devices. Our method uses short video clips ranging from 5 to 10 seconds each, which can be taken unobtrusively from a distance and does not require the keyboar...
Chapter
Recent research shows that video recordings of the user’s hand movement and his or her smartphone screen display can be used to steal sensitive information such as pins and passwords. The methods presented in the past assume the victim to be present in a well illuminated place. In this paper, we present a novel attack on the smartphone users’ pins...
Article
Full-text available
To provide privacy protection, task recommendation protocols for mobile crowdsourcing networks typically encrypt tasks before publishing them to the service provider. However, current task recommendation protocols are mainly focusing the privacy of user data and lacking the protection for users’ real identities, resulting in a lot of security issue...
Chapter
This paper demonstrates that electrocardiogram (ECG) signals can be used to detect and classify stress in a person using as low as 5 s data stream. The analysis focuses on determining the minimum ECG data required to classify stress levels. Time taken to detect level of stress can be crucial to prevent cardiac arrest and other abnormalities. The EC...
Article
Keystroke timing based active authentication systems are conceptually attractive because: (i) they use the keyboard as the sensor and are not hardware-cost prohibitive, and (ii) they use the keystrokes generated from normal usage of computers as input and are not interruptive. Several experiments have been reported on the performance of keystroke b...
Article
Full-text available
While developing continuous authentication systems (CAS), we generally assume that samples from both genuine and impostor classes are readily available. However, the assumption may not be true in certain circumstances. Therefore, we explore the possibility of implementing CAS using only genuine samples. Specifically, we investigate the usefulness o...
Conference Paper
In this paper, we propose a novel continuous authentication system for smartphone users. The proposed system entirely relies on unlabeled phone movement patterns collected through smartphone accelerometer. The data was collected in a completely unconstrained environment over five to twelve days. The contexts of phone usage were identified using k-m...
Article
Due to the lack of security infrastructures, data transmission protocols for underwater wireless communications have to use identity-based cryptography for protecting the transmitted data. However, current identity-based cryptographic schemes need to transmit vehicles' real identities along with messages. Once adversaries can get real identities of...
Article
In this paper, we propose a novel continuous authentication system for smartphone users. The proposed system entirely relies on unlabeled phone movement patterns collected through smartphone accelerometer. The data was collected in a completely unconstrained environment over five to twelve days. The contexts of phone usage were identified using k-m...
Article
Full-text available
Message authentication has vital significance for dynamic microgrid partition in smart grid. However, current message authentication protocols based on “public key infrastructure” are too complicated to be deployed in smart grid and lack group information management function. On the other hand, group information management protocols based on “logic...
Conference Paper
Full-text available
3D printing, or additive manufacturing, is a key technology for future manufacturing systems. However, 3D printing systems have unique vulnerabilities presented by the ability to affect the infill without affecting the exterior. In order to detect malicious infill defects in 3D printing process, this paper proposes the following: 1) investigate mal...
Chapter
Security in wireless sensor networks (WSNs) is centered on six fundamental requirements namely, authentication, confidentiality, integrity, reliability, availability and data freshness [4, 39, 52, 62]. In this chapter, we describe these requirements, the different kinds of attacks that aim to compromise these requirements (and hence the security of...
Chapter
A major advantage of wireless sensor networks (WSNs) over wired networks is the potential for ad hoc deployment of the network. If the monitoring of a dangerous environment is required, then one may not be able to deploy a wired network.
Chapter
Localization—the process by which the positions of the nodes of a Wireless Sensor Network (WSN) are found with respect to some absolute or relative frame of reference—is fundamental to how the WSN performs at executing its functions.
Chapter
A wireless sensor network (WSN) is a system that consists of multiple sensing elements distributed spatially with a specific objective to measure different physical quantities and communicate those measurements between themselves and the central gateway.
Chapter
Previous chapters describe sensor network architecture, communication protocols and various characteristics related to security of WSNs.
Chapter
WSNs are used for a wide range of applications such as environmental sensing, clinical monitoring, and military surveillance. As in traditional data networks such as the Internet and Mobile Ad hoc Networks (MANETs), the different applications of WSNs demand that certain service requirements be met for optimal performance.
Chapter
The development of microcontrollers, communication technology, micro-electromechanical systems (MEMS) and nanotechnology allowed for research and development of new systems for sensing and communication called wireless sensor networks (WSNs). Such networks are characterized as ad hoc (no previous setup or supporting infrastructure is required), uti...
Conference Paper
We studied the fusion of three biometric authentication modalities, namely, swiping gestures, typing patterns and the phone movement patterns observed during typing or swiping. A web browser was customized to collect the data generated from the aforementioned modalities over four to seven days in an unconstrained environment. Several features were...
Article
Full-text available
Machine learning is used in a number of security related applications such as biometric user authentication, speaker identification etc. A type of causative integrity attack against machine learning called Poisoning attack works by injecting specially crafted data points in the training data so as to increase the false positive rate of the classifi...
Article
Despite the tremendous amount of research fronting the use of touch gestures as a mechanism of continuous authentication on smartphones, very little research has been conducted to evaluate how these systems could behave if attacked by sophisticated adversaries. In this paper we present two Lego-driven robotic attacks on touch-based authentication;...
Article
Full-text available
In this paper, we propose four continuous authentication designs by using the characteristics of arm movements while individuals walk. The first design uses acceleration of arms captured by a smartwatch's accelerometer sensor, the second design uses the rotation of arms captured by a smartwatch's gyroscope sensor, third uses the fusion of both acce...
Book
This book presents a comprehensive overview of wireless sensor networks (WSNs) with an emphasis on security, coverage, and localization. It offers a structural treatment of WSN building blocks including hardware and protocol architectures and also provides a systems-level view of how WSNs operate. These building blocks will allow readers to program...
Chapter
The development of microcontrollers, communication technology, microelectromechanical systems (MEMS), and nanotechnology allowed for research and development of new systems for sensing and communication called wireless sensor networks.
Conference Paper
Full-text available
We showcase an attack in which an autonomous humanoid robot is trained to execute touch gestures that match those of a target user. Different from past work which addressed a similar problem using a Lego robot, we harness the significant processing power and unique motoric capabilities of the autonomous humanoid robot to implement an attack that: (...
Conference Paper
Full-text available
In this paper, we demonstrate that gait patterns of an individual captured through a smartphone accelerometer can be imitated with the support of a digital treadmill. Furthermore, we design an attack for a baseline gait based authentication system (GBAS) and rigorously test its performance over an eighteen user data-set. By employing only two imita...
Article
Full-text available
Entering information on a computer keyboard is a ubiquitous mode of expression and communication. We investigate whether typing behavior is connected to two factors: the cognitive demands of a given task and the demographic features of the typist. We utilize features based on keystroke dynamics, stylometry, and “language production”, which are nove...
Article
Size-based scheduling (SBS) has been shown to offer significant performance improvement in Web servers and routers. However, most of the performance benefits offered by SBS rely on the premise that the scheduler will interact with a “well behaved” heavy tailed job size distribution. In this paper we design an attack that degrades the performance of...
Article
Most continuous user authentication techniques based on typing behavior rely on the keystroke dynamics or on the linguistic style of the user. However, there is a rich spectrum of cognition-centric behavioral traits that a typist exhibits during different stages of text production (e.g., composition, translation, and revision), which to our knowled...
Conference Paper
Full-text available
Research on attacks which exploit video-based side-channels to decode text typed on a smartphone has traditionally assumed that the adversary is able to leverage some information from the screen display (say, a reflection of the screen or a low resolution video of the content typed on the screen). This paper introduces a new breed of side-channel a...
Article
Privacy settings are a crucial part of any online social network as users are confronted with determining which and how many profile attributes to disclose. Revealing more attributes increases users’ chances of finding friends and yet leaves users more vulnerable to dangers such as identity theft. In this paper, we consider the problem of finding t...
Article
Full-text available
Biometric key generation techniques are used to reliably generate cryptographic material from biometric signals. Existing constructions require users to perform a particular activity (e.g., type or say a password, or provide a handwritten signature), and are therefore not suitable for generating keys continuously. In this paper we present a new tec...
Preprint
Privacy settings are a crucial part of any online social network as users are confronted with determining which and how many profile attributes to disclose. Revealing more attributes increases users' chances of finding friends and yet leaves users more vulnerable to dangers such as identity theft. In this paper, we consider the problem of finding t...
Article
We introduce a non-interactive dual-channel protocol for continuous traffic authentication and analyze its security properties. We realize the proposed protocol by facilitating dual channels at the keyboard with the assistance of a lightweight hardware module. The proposed protocol does not require users' explicit engagement in the authentication p...
Article
Concerns with the security of the cyber-physical systems include the malicious attempts by an adversary to intercept, disrupt, defect or fail cyber-physical systems that may affect a large group of population, an important government agency or an influential business entity by denying availability of services, stealing sensitive data, or causing va...
Conference Paper
Full-text available
While body movement patterns recorded by a smartphone accelerometer are now well understood to be discriminating enough to separate users, little work has been done to address the question of if or how the position in which the phone is held affects user authentication. In this work, we show through a combination of supervised learning methods and...
Article
Full-text available
Users of online social networks often adjust their privacy settings to control how much information on their profiles is accessible to other users of the networks. While a variety of factors have been shown to affect the privacy strategies of these users, very little work has been done in analyzing how these factors influence each other and collect...
Conference Paper
A variety of schemes based on the technique of Probabilistic Packet Marking (PPM) have been proposed to identify Distributed Denial of Service (DDoS) attack traffic sources by IP traceback. These PPM-based schemes provide a way to reconstruct the attack graph — the network path taken by the attack traffic — hence identifying its sources. Despite th...
Patent
Full-text available
At least two biometric measurements of a person are collected, then a statistical measure based on the measurements is computed. The statistical measure is abounded estimate of the discriminative power of a test based on the measurements. While the discriminative power is less than a target value, additional biometric measurements are collected. Wh...
Conference Paper
Touch-based verification --- the use of touch gestures (e.g., swiping, zooming, etc.) to authenticate users of touch screen devices --- has recently been widely evaluated for its potential to serve as a second layer of defense to the PIN lock mechanism. In all performance evaluations of touch-based authentication systems however, researchers have a...
Article
Research on keystroke-based authentication has traditionally assumed human impostors who generate forgeries by physically typing on the keyboard. With bots now well understood to have the capacity to originate precisely timed keystroke sequences, this model of attack is likely to underestimate the threat facing a keystroke-based system in practice....
Conference Paper
Despite the tremendous need for the evaluation of touch-based authentication as an extra security layer for mobile devices, the huge disparity in the experimental methodology used by different researchers makes it hard to determine how much research in this area has progressed. Critical variables such as the types of features and how they are pre-p...
Article
Research on keystroke-based authentication has traditionally assumed human impostors who generate forgeries by physically typing on the keyboard. With bots now well understood to have the capacity to originate precisely timed keystroke sequences, this model of attack is likely to underestimate the threat facing a keystroke-based system in practice....
Conference Paper
Full-text available
Users of online social networks are often required to adjust their privacy settings because of frequent changes in the users' connections as well as occasional changes in the social network's privacy policy. In this paper, we specifically model the user's behavior in the disclosure of user attributes in a possible social network from a game-theoret...
Patent
Full-text available
A method of identifying a user as an authorized user from free test text typed by that user into an input device. From the received test text, features associated with the typed text are extracted, such as timing data associated with alphanumeric letter pairs. These extracted features are compared to previously stored series of authorized user prof...
Article
For biometric modalities in which error rates are typically high--including behavioral biometrics, such as keystroke dynamics--temporal information associated with the occurrence of errors might help answer questions regarding performance evaluation.