Research

We leverage a multitude of techniques to study mobility (localization, navigation etc.) and security aspects (confidentiality, integrity, authentication and authorization) in emerging application domains. In particular, we utilize access control, optimization, machine learning and natural language processing among others to tackle prevalent threats and challenges in an ever-connected world.

Our research focuses on three main research directions:

A. Authentication, Authorization and Access Control

Operating systems rely on authentication to verify that subjects (the users and programs) sharing the platform and OS resources are who they claim to be. Lack or weak authentication can result in untrusted parties having access to privileged operations. Authorization schemes determine the privileges a subject has on the system. To enforce the authorization constraints and to help manage the distribution, revocation and enforcement of privileges in a particular context or system, we design effective and efficient access control schemes. Modern operating systems employ a variety of such access control schemes, such as discretionary access control, mandatory access control and application permission models.

 

Recent Publications:

Back to top

B. Mobile Device and IoT Systems Security

With smartphone penetration soaring and the rapid advancements in internet connected devices, mobile and IoT device security guarantees are needed more than ever. Adversaries can leverage the fact that mobile devices are equipped with a multitude of sensing and their always present nature to launch sophisticated inference attacks to violate users’ confidentiality and the platforms’ integrity. This research thrust aims to study such adversarial capabilities in smartphone and IoT systems in consumer and enterprise settings.

Recent Publications:

Back to top

C. Mobile Sensing and Localization

Mobile devices are equipped with numerous sensors which allow them to offer efficient and effective personalized services and applications. For example, connected and autonomous vehicles (CAVs) feature advanced sensing capabilities, including multiples of range sensors (Lidar and Radar), 360° cameras, onboard GPUs, and high-speed connectivity: Tesla Motors uses a forward radar, a front-facing camera, and multiple ultrasonic sensors to enable its Autopilot feature; Google’s and Apple’s version of CAV uses Lidar and cameras to support autonomous driving; Ford and Uber are also actively experimenting with CAVs.

These advanced capabilities open up a plethora of exciting opportunities for next generation services related to better localization and navigation and traffic optimization. At the same time, their reliance on sensing data and machine learning algorithms for route prediction, collision avoidance and object detection and recognitions, introduces new attack surfaces. Given the widening gap between autonomy and security in this application domain, in tandem with their safety repercussions, there is an impending need for novel solutions that can guarantee trusted outcomes from such sensor-fusion and machine learning algorithms.

 

Recent Publications:

Back to top