WordCloud representation of paper abstracts.

Research Interests

• Online privacy
• Network traffic analysis
• Privacy in IoT
• Privacy in Voice and VR interfaces
• Privacy-enhancing technologies
• Inference attacks
• Usable security and privacy
• Machine Learning+Privacy
• Anonymity networks

Today, with the rapid adoption of the Internet of Things (IoT), we face a new world where we are never alone. At all times, a plethora of connected devices, from smartphones to home assistants to motion detectors, sense and monitor our activities. While these devices provide us convenience, they are often backed by powerful analytics to sift through a large volume of personal data, at times collected without our awareness or consent. In my research, I look at developing novel frameworks that can discover, inform and control information flow. We are also looking at developing privacy-preserving techniques for different emerging IoT ecosystems.

Please visit our IoTLab page for more details on projects we are currently working on.

Relevant publications:

• "What are they gonna do with my data?": Privacy Expectations, Concerns, and Behaviors in Virtual Reality. Abhinaya S.B., Abhishri Agrawal, Yaxing Yao, Yixin Zou, and Anupam Das. Proceedings on Privacy Enhancing Technologies (PoPETs), 2025. PDF » BibTex »
  ×

  BibTex

  @article{jakarai2024,
  		author  = {Abhinaya S.B. and Abhishri Agrawal and Yaxing Yao and Yixin Zou and Anupam Das},
  		title   = {"What are they gonna do with my data?": Privacy Expectations, Concerns, and Behaviors in Virtual Reality},
  		journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
  		year    = {2025},
  		volume  = {2025},
  		number  = {1},
  	}
  								  		

• Unveiling Users’ Security and Privacy Concerns Regarding Smart Home IoT Products from Online Reviews. Taufiq Islam Protick, Aafaq Sabir, S.B. Abhinaya, and Anupam Das. ACM Journal on Computing and Sustainable Societies, 2024. PDF » BibTex »
  ×

  BibTex

  @ARTICLE{protick2024,
  		author = {Taufiq Islam Protick and Aafaq Sabir and S.B. Abhinaya and Anupam Das},
  		journal = {ACM Journal on Computing and Sustainable Societies},
  		title = {Unveiling Users’ Security and Privacy Concerns Regarding Smart Home IoT Products from Online Reviews},
  		year = {2024},
  		volume = {},
  		number = {},
  	}
  								  		

• Detecting Smart Home Device Activities Using Packet-Level Signatures from Encrypted Traffic. Mohammad Shamim Ahsan, Md. Shariful Islam, Md. Shohrab Hossain, and Anupam Das. IEEE Transactions on Dependable and Secure Computing (TDSC), 2024. PDF » BibTex »
  ×

  BibTex

  @ARTICLE{shamim2024,
  		author = {Mohammad Shamim Ahsan and Md. Shariful Islam and Md. Shohrab Hossain and Anupam Das},
  		journal = {IEEE Transactions on Dependable and Secure Computing},
  		title = {Detecting Smart Home Device Activities Using Packet-Level Signatures from Encrypted Traffic},
  		year = {2024},
  		volume = {},
  		number = {01},
  		issn = {1941-0018},
  		pages = {1-12},
  		doi = {10.1109/TDSC.2024.3424299},
  	}
  								  		

• Understanding Parents’ Perceptions and Practices Toward Children’s Security and Privacy in Virtual Reality. Jiaxun Cao, Abhinaya S.B., Anupam Das and Pardis Emami-Naeini. Proceedings of the 45th IEEE Symposium on Security and Privacy (IEEE S&P), 2024. PDF » BibTex »
  ×

  BibTex

  @inproceedings{Jessie-SP2024,
  		author  = {Jiaxun Cao and Abhinaya S.B. and Anupam Das and Pardis Emami-Naeini},
  		title   = {Understanding Parents’ Perceptions and Practices Toward Children’s Security and Privacy in Virtual Reality},
  		booktitle = {Proceedings of 45th IEEE Symposium on Security and Privacy (IEEE S\&P)},
  		year ={2024}
  	}
  								  		

• Enabling Developers, Protecting Users: Investigating Harassment and Safety in VR. Abhinaya S.B., Aafaq Sabir and Anupam Das. Proceedings of the 33rd USENIX Security Symposium (USENIX Security), 2024. PDF » BibTex »
  ×

  BibTex

  @inproceedings{Abhinaya-USENIX2024,
  		author  = {Abhinaya S.B. and Aafaq Sabir and Anupam Das},
  		title   = {Enabling Developers, Protecting Users: Investigating Harassment and Safety in VR},
  		booktitle = {Proceedings of the 33rd USENIX Security Symposium (USENIX Security)},
  		year ={2024}
  	}
  								  		

• Connecting the Dots: Tracing Data Endpoints in IoT Devices. Md Jakaria, Danny Yuxing Huang and Anupam Das. Proceedings on Privacy Enhancing Technologies (PoPETs), 2024. PDF » BibTex »
  ×

  BibTex

  @article{jakarai2024,
  		author  = {Md Jakaria and
  		           Danny Yuxing Huang and
  	                Anupam Das},
  		title   = {Connecting the Dots: Tracing Data Endpoints in IoT Devices},
  		journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
  		year    = {2024},
  		volume  = {2024},
  		number  = {3},
  	}
  								  		

  Artifacts »
• Spying through your voice assistants: Realistic voice command fingerprinting. Dilawer Ahmed, Aafaq Sabir and Anupam Das. Proceedings of the 32nd USENIX Security Symposium (USENIX Security), 2023. PDF » BibTex »
  ×

  BibTex

  @inproceedings{Dilawer-USENIX2023,
  		author  = {Dilawer Ahmed and Aafaq Sabir and Anupam Das},
  		title   = {Spying through your voice assistants: Realistic voice command fingerprinting},
  		booktitle = {Proceedings of the 32nd USENIX Security Symposium (USENIX Security)},
  		year ={2023}
  	}
  								  		

  Artifacts »
• INSPIRE: Instance-level Privacy-preserving Transformation for Vehicular Camera Videos. Zhouyu Li, Ruozhou Yu, Anupam Das, Shaohu Zhang, Huayue Gu, Xiaojian Wang, Fangtong Zhou, Aafaq Sabir, Dilawer Ahmed and Ahsan Zafar. Proceedings of the 32nd International Conference on Computer Communications and Networks (ICCCN), 2023. PDF » BibTex »
  ×

  BibTex

  @inproceedings{Zhouyu-ICCCN2023,
  		author  = {Zhouyu Li and Ruozhou Yu and Anupam Das and Shaohu Zhang and Huayue Gu and Xiaojian Wang and Fangtong Zhou and Aafaq Sabir and Dilawer Ahmed and Ahsan Zafar},
  		title   = {INSPIRE: Instance-level Privacy-preserving Transformation for Vehicular Camera Videos},
  		booktitle = {Proceedings of the 32nd International Conference on Computer Communications and Networks (ICCCN)},
  		year ={2023}
  	}
  								  		

• VoicePM: A Robust Privacy Measurement on Voice Anonymity. Shaohu Zhang, Zhouyu Li and Anupam Das. Proceedings of the 16th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2023. PDF » BibTex »
  ×

  BibTex

  @inproceedings{shaohu-wisec2023,
  		author  = {Shaohu Zhang and Zhouyu Li and Anupam Das},
  		title   = {VoicePM: A Robust Privacy Measurement on Voice Anonymity},
  		booktitle = {Proceedings of the 16th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)},
  		year ={2023}
  	}
  								  		

• Speaker Orientation-Aware Privacy Control to Thwart Misactivation of Voice Assistants. Shaohu Zhang, Aafaq Sabir and Anupam Das. Proceedings of the 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Network (IEEE IFIP DSN), 2023. PDF » BibTex »
  ×

  BibTex

  @inproceedings{shaohu-dsn2023,
  		author  = {Shaohu Zhang and Aafaq Sabir and Anupam Das},
  		title   = {Speaker Orientation-Aware Privacy Control to Thwart Misactivation of Voice Assistants},
  		booktitle = {Proceedings of the 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Network (IEEE IFIP DSN)},
  		year ={2023}
  	}
  								  		

• Heat Marks the Spot: De-Anonymizing User’s Geographical Data on the Strava Heatmap. Kevin Childs, Daniel Nolting and Anupam Das. 7th Workshop on Technology and Consumer Protection (ConPro), 2023. PDF » BibTex »
  ×

  BibTex

  @inproceedings{kevin-conpro2023,
  		author  = {Shaohu Zhang and Daniel Nolting and Anupam Das},
  		title   = {Heat Marks the Spot: De-Anonymizing User’s Geographical Data on the Strava Heatmap},
  		booktitle = {7th Workshop on Technology and Consumer Protection (ConPro)},
  		year ={2023}
  	}
  								  		

• MetaMorphosis: Task-oriented Privacy Cognizant Feature Generation for Multi-task Learning. Md Adnan Arefeen, Zhouyu Li, Md Yusuf Sarwar Uddin and Anupam Das. Proceedings of the 8th ACM/IEEE Conference on Internet of Things Design and Implementation (IoTDI), 2023. PDF » BibTex »
  ×

  BibTex

  @inproceedings{arefeen-iotdi2023,
  		author  = {Md Adnan Arefeen and Zhouyu Li and Md Yusuf Sarwar Uddin and Anupam Das},
  		title   = {MetaMorphosis: Task-oriented Privacy Cognizant Feature Generation for Multi-task Learning},
  		booktitle = {Proceedings of the 8th ACM/IEEE Conference on Internet of Things Design and Implementation (IoTDI)},
  		year ={2023}
  	}
  								  		

• Hey Alexa, Who Am I Talking to?: Analyzing Users’ Perception and Awareness Regarding Third-party Alexa Skills. Aafaq Sabir, Evan Lafontaine and Anupam Das. Proceedings of the 2022 ACM Conference on Human Factors in Computing Systems (CHI) , 2022. PDF » BibTex »
  ×

  BibTex

  @inproceedings{aafaq-chi2022,
  		author  = {Aafaq Sabir and Evan Lafontaine and Anupam Das},
  		title   = {Hey Alexa, Who Am I Talking to?: Analyzing Users’ Perception and Awareness Regarding Third-party Alexa Skills},
  		book = {Proceedings of the 2022 ACM Conference on Human Factors in Computing Systems (CHI)},
  		year ={2022}
  	}
  								  		

• Analyzing the Feasibility and Generalizability of Fingerprinting Internet of Things Devices. Dilawer Ahmed, Anupam Das and Fareed Zaffar. Proceedings on Privacy Enhancing Technologies (PoPETs), 2022. PDF » BibTex »
  ×

  BibTex

  @article{dilawer2021,
  		author  = {Dilawer Ahmed and
  	                Anupam Das and
  	                Fareed Zaffar},
  		title   = {Analyzing the Feasibility and Generalizability of Fingerprinting Internet of Things Devices},
  		journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
  		year    = {2022},
  		volume  = {2022},
  		number  = {2},
  	}
  								  		

  Website »
• HandLock: Enabling 2-FA for Smart Home Voice Assistants using Inaudible Acoustic Signal. Shaohu Zhang and Anupam Das. International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2021. PDF » BibTex »
  ×

  BibTex

  @inproceedings{shaohu2021,
  	  author    = {Shaohu Zhang and Anupam Das},
  	  title     = {HandLock: Enabling {2-FA} for Smart Home Voice Assistants using Inaudible Acoustic Signal},
  	  booktitle = {Proceedings of the 24th International Symposium on Research in Attacks, Intrusions and Defenses (RAID)},
  	  year      = {2021},
  }
  							  		

• Understanding People's Attitude and Concerns towards Adopting IoT Devices. Evan Lafontaine, Aafaq Sabir, and Anupam Das. CHI Conference on Human Factors in Computing Systems Extended Abstracts (CHI ’21 Extended Abstracts), 2021. PDF » BibTex »
  ×

  BibTex

  @inproceedings{evan-chi2021,
  	  author    = {Evan Lafontaine and Aafaq Sabir and Anupam Das},
  	  title     = {Understanding People's Attitude and Concerns towardsAdopting {IoT} Devices},
  	  booktitle = {Proceedings CHI Conference on Human Factors in Computing Systems Extended Abstracts (CHI ’21 Extended Abstracts)},
  	  year      = {2021},
  }
  							  		

• Hey Alexa, is this Skill Safe?: Taking a Closer Lookat the Alexa Skill Ecosystem. Christopher Lentzsch, Sheel Jayesh Shah, Benjamin Andow, Martin Degeling, Anupam Das and William Enck. Network and Distributed System Security Symposium (NDSS), 2021. PDF » BibTex »
  ×

  BibTex

  @inproceedings{Lentzsch-NDSS2021,
  	  author    = {Christopher Lentzsch and
  	               Sheel Jayesh Shah and
  	               Benjamin Andow and
  	               Martin Degeling and
  	               Anupam Das and
  	               William Enck},
  	  title     = {Hey {Alexa}, is this Skill Safe?: Taking a Closer Lookat the {Alexa} Skill Ecosystem},
  	  booktitle = {Proceedings of the 28th Annual Network and Distributed System Security Symposium (NDSS)},
  	  year      = {2021},
  }
  							  		

  Website »
• ''Did you know this camera tracks your mood?'': Understanding Privacy Expectations and Preferences in the Age of Video Analytics. Shikun Zhang, Yuanyuan Feng, Lujo Bauer, Lorrie Cranor, Anupam Das and Norman Sadeh. Proceedings on Privacy Enhancing Technologies (PoPETs), 2021. PDF » BibTex »
  ×

  BibTex

  @article{Shikun2021,
  	author  = {Shikun Zhang and
                  Yuanyuan Feng and
                  Lujo Bauer and
                  Lorrie Cranor and
                  Anupam Das and
                  Norman Sadeh},
  	title   = {``{D}id you know this camera tracks your mood?'': Understanding Privacy Expectations and Preferences in the Age of Video Analytics},
  	journal = {Proceedings on Privacy Enhancing Technologies},
  	year    = {2021},
  	volume  = {2021},
  	number  = {2},
  }
  							  		

• Enabling Live Video Analytics with a Scalable and Privacy-Aware Framework. Junjue Wang, Brandon Amos, Anupam Das, Padmanabhan Pillai, Norman Sadeh and Mahadev Satyanarayanan. ACM Transactions on Multimedia Computing, Communications, and Applications (TOMM), 2018. PDF » BibTex »
  ×

  BibTex

  @article{Wang:2018:ELV:3233173.3209659,
  	author 	  = {Junjue Wang and Brandon Amos and Anupam Das and Padmanabhan Pillai and Norman Sadeh and Mahadev Satyanarayanan},
  	title 	  = {Enabling Live Video Analytics with a Scalable and Privacy-Aware Framework},
  	journal   = {ACM Transactions on Multimedia Computing, Communications, and Applications (TOMM)},
  	volume 	  = {14},
  	number 	  = {3s},
  	month 	  = jun,
  	year 	  = {2018},
  	pages 	  = {64:1--64:24},
  	url 	  = {http://doi.acm.org/10.1145/3209659},
  	doi 	  = {10.1145/3209659},
  	publisher = {ACM},
  }
  							  		

• Personalized Privacy Assistants for the Internet of Things: Providing Users with Notice and Choice. Anupam Das, Martin Degeling, Daniel Smullen and Norman Sadeh. IEEE Pervasive Computing: The Spectre of Malicious Computing, 2018. PDF » BibTex »
  ×

  BibTex

  @ARTICLE{8490188,
  	author={Anupam Das and Martin Degeling and Daniel Smullen and Norman Sadeh},
  	journal={IEEE Pervasive Computing},
  	title={Personalized Privacy Assistants for the {I}nternet of {T}hings: {P}roviding Users with Notice and Choice},
  	year={2018},
  	volume={17},
  	number={3},
  	pages={35--46},
  	doi={10.1109/MPRV.2018.03367733},
  }
  							  		

  Website »
• A Scalable and Privacy-Aware IoT Service for Live Video Analytics. Junjue Wang, Brandon Amos, Anupam Das, Padmanabhan Pillai, Norman Sadeh and Mahadev Satyanarayanan. ACM Multimedia Systems Conference (MMSys), 2017. PDF » BibTex »
  ×

  BibTex

  @inproceedings{Wang:2017:SPI:3083187.3083192,
  	author 	  = {Junjue Wang and Brandon Amos and Anupam Das and Padmanabhan Pillai and Norman Sadeh and Mahadev Satyanarayanan},
  	title 	  = {A Scalable and Privacy-Aware {IoT} Service for Live Video Analytics},
  	booktitle = {Proceedings of the 8th ACM on Multimedia Systems Conference (MMSys)},
  	year      = {2017},
  	pages 	  = {38--49},
  	numpages  = {12},
  	url 	  = {http://doi.acm.org/10.1145/3083187.3083192},
  	doi 	  = {10.1145/3083187.3083192},
  	publisher = {ACM},
  } 
  							  		

• Some Recipes Can Do More Than Spoil Your Appetite: Analyzing the Security and Privacy Risks of IFTTT Recipes. Milijana Surbatovich, Jassim Aljuraidan, Lujo Bauer, Anupam Das and Limin Jia. International World Wide Web Conference (WWW), 2017. PDF » BibTex »
  ×

  BibTex

  @inproceedings{Surbatovich:2017:RMS:3038912.3052709,
  	author 	  = {Milijana Surbatovich and Jassim Aljuraidan and Lujo Bauer and Anupam Das and Limin Jia},
  	title 	  = {Some Recipes Can Do More Than Spoil Your Appetite: {A}nalyzing the Security and Privacy Risks of {IFTTT} Recipes},
  	booktitle = {Proceedings of the 26th International Conference on World Wide Web (WWW)},
  	year 	  = {2017},
  	pages 	  = {1501--1510},
  	numpages  = {10},
  	url 	  = {https://doi.org/10.1145/3038912.3052709},
  	doi 	  = {10.1145/3038912.3052709},
  	publisher = {International World Wide Web Conferences Steering Committee},
  } 
  							  		

• Assisting Users in a World Full of Cameras: A Privacy-aware Infrastructure for Computer Vision Applications. Anupam Das, Martin Degeling, Xiaoyou Wang, Junjue Wang, Norman Sadeh and Mahadev Satyanarayanan. Workshop on the Bright and Dark Sides of Computer Vision: Challenges and Opportunities for Privacy and Security (CV-COPS, co-located with IEEE CVPR), 2017. PDF » BibTex »
  ×

  BibTex

  @INPROCEEDINGS{8014915, 
  	author 	  = {A. Das and M. Degeling and X. Wang and J. Wang and N. Sadeh and M. Satyanarayanan}, 
  	booktitle = {IEEE Conference on Computer Vision and Pattern Recognition Workshops (CVPRW)}, 
  	title     = {Assisting Users in a World Full of Cameras: {A} Privacy-Aware Infrastructure for Computer Vision Applications}, 
  	year	  = {2017},  
  	pages	  = {1387--1396},
  	doi       = {10.1109/CVPRW.2017.181}, 
  }
  							  		

• Towards Privacy-Aware Smart Buildings: Capturing, Communicating, and Enforcing Privacy Policies and Preferences. Primal Pappachan,, Martin Degeling, Roberto Yus, Anupam Das, Sruti Bhagavatula, William Melicher, Pardis Emami Naeini, Shikun Zhang, Lujo Bauer, Alfred Kobsa, Sharad Mehrotra, Norman Sadeh and Nalini Venkatasubramanian. International Workshop on the Internet of Things Computing and Applications (IoTCA, co-located with ICDCS), 2017. PDF » BibTex »
  ×

  BibTex

  @INPROCEEDINGS{7979816, 
  	author    = {P. Pappachan and M. Degeling and R. Yus and A. Das and S. Bhagavatula and W. Melicher and P. E. Naeini and S. Zhang and L. Bauer and A. Kobsa and S. Mehrotra and N. Sadeh and N. Venkatasubramanian}, 
  	booktitle = {IEEE 37th International Conference on Distributed Computing Systems Workshops (ICDCSW)}, 
  	title     = {Towards Privacy-Aware Smart Buildings: {C}apturing, Communicating, and Enforcing Privacy Policies and Preferences}, 
  	year	  = {2017}, 
  	pages	  = {193--198}, 
  	doi       = {10.1109/ICDCSW.2017.52},
  }
  							  		

When we interact with the Web, we leave behind traces of our interactions, called digital footprints. These footprints reveal a lot about ourselves; our identity, habits, and desires. Such intensely personal information has great commercial value to advertisers in the form of serving targeted ads, but at the same time, it can also be misused by employers and repressive governments. To protect users, privacy tools such as ad- and tracker-blocking extensions have been developed. In turn, advertisers have begun leveraging more advanced tracking techniques that reduce the effectiveness of these approaches. In my research, I look at emerging techniques to track users and devices online, as well as ways to develop usable countermeasures.

Relevant publications:

• JSHint: Revealing API Usage to Improve Detection of Malicious JavaScript. Shaown Sarker, Aleksandr Nahapetyan, Anupam Das, and Alexandros Kapravelos. Proceedings of the 27th Information Security Conference (ISC), 2024. PDF » BibTex »
  ×

  BibTex

  @inproceedings{Jessie-SP2024,
  		author  = {Shaown Sarker and Aleksandr Nahapetyan and Anupam Das and Alexandros Kapravelos},
  		title   = {{JSHint}: Revealing {API} Usage to Improve Detection of Malicious {JavaScript}},
  		booktitle = {Proceedings of the 27th Information Security Conference (ISC)},
  		year ={2024}
  	}
  								  		

• Automated Generation of Behavioral Signatures for Malicious Web Campaigns. Shaown Sarker, William Melicher, Oleksii Starov, Anupam Das, and Alexandros Kapravelos. Proceedings of the 27th Information Security Conference (ISC), 2024. PDF » BibTex »
  ×

  BibTex

  @inproceedings{Jessie-SP2024,
  		author  = {Shaown Sarker and William Melicher and Oleksii Starov and Anupam Das and Alexandros Kapravelos},
  		title   = {Automated Generation of Behavioral Signatures for Malicious Web Campaigns},
  		booktitle = {Proceedings of the 27th Information Security Conference (ISC)},
  		year ={2024}
  	}
  								  		

• Comparative Privacy Analysis of Mobile Browsers. Ahsan Zafar and Anupam Das. Proceedings of the 13th ACM Conference on Data and Application Security and Privacy (CODASPY), 2023. PDF » BibTex »
  ×

  BibTex

  @inproceedings{ahsan-codaspy2023,
  		author  = {Ahsan Zafar and Anupam Das},
  		title   = {Comparative Privacy Analysis of Mobile Browsers},
  		booktitle = {Proceedings of the 13th ACM Conference on Data and Application Security and Privacy (CODASPY)},
  		year ={2023},
  		doi = {10.1145/3411763.3451633}
  	}
  								  		

• Analyzing the Impact and Accuracy of Facebook Activity on Facebook's Ad-Interest Inference Process. Aafaq Sabir, Evan Lafontaine and Anupam Das. Proceedings of the 25th ACM Conference On Computer-Supported Cooperative Work And Social Computing (CSCW), 2022. PDF » BibTex »
  ×

  BibTex

  @article{aafaq2022,
  		author  = {Aafaq Sabir and Evan Lafontaine and Anupam Das},
  		title   = {Analyzing the Impact and Accuracy of Facebook Activity on Facebook's Ad-Interest Inference Process},
  		journal = {Proceedings of the ACM on Human-Computer Interaction (PACM HCI)},
  		volume = {CSCW1},
  		article ={76},
  		year ={2022}
  	}
  								  		

• Understanding the Privacy Implications of Adblock Plus’s Acceptable Ads. Ahsan Zafar, Aafaq Sabir, Dilawer Ahmed and Anupam Das. ACM ASIA Conference on Computer and Communications Security (ASIACCS), 2021. PDF » BibTex »
  ×

  BibTex

  @inproceedings{ahsan-asiaccs2021,
  	  author    = {Ahsan Zafar and Aafaq Sabir and Dilawer Ahmed and Anupam Das},
  	  title     = {Understanding the Privacy Implications of {Adblock Plus’s} Acceptable Ads},
  	  booktitle = {Proceedings of the 16th ACM ASIA Conference on Computer and Communications Security (ASIACCS)},
  	  year      = {2021},
  }
  							  		

• The Web’s Sixth Sense: A Study of Scripts Accessing Smartphone Sensors. Anupam Das, Gunes Acar, Nikita Borisov and Amogh Pradeep. ACM Conference on Computer and Communications Security (CCS), 2018. PDF » BibTex »
  ×

  BibTex

  @inproceedings{sensor-js-2018,
  	author    = {Anupam Das and Gunes Acar and Nikita Borisov and Amogh Pradeep},
  	title     = {The {Web's} Sixth Sense: A Study of Scripts Accessing Smartphone Sensors},
  	booktitle = {Proceedings of the 25th ACM Conference on Computer and Communication Security (CCS)},
  	year      = {2018},
  	publisher = {ACM},
  	doi       = {10.1145/3243734.3243860},
  	url       = {https://doi.org/0.1145/3243734.3243860}
  }
  							  		

  Website » Code »
• Every Move You Make: Exploring Practical Issues in Smartphone Motion Sensor Fingerprinting and Countermeasures. Anupam Das, Nikita Borisov and Edward Chou. Privacy Enhancing Technologies Symposium (PETS), 2018. PDF » BibTex »
  ×

  BibTex

  @article{EveryMoveYouMake,
  	author  = {Anupam Das and Nikita Borisov and Edward Chou},
  	title   = {Every Move You Make: {E}xploring Practical Issues in Smartphone Motion Sensor Fingerprinting and Countermeasures},
  	journal = {Proceedings on Privacy Enhancing Technologies},
  	year    = {2018},
  	volume  = {2018},
  	number  = {1},
  	pages   = {88--108},
  	url     = {https://content.sciendo.com/view/journals/popets/2018/1/article-p88.xml}
  }
  							  		

  Website » Dataset 1 » Dataset 2 »
• Tracking Mobile Web Users Through Motion Sensors: Attacks and Defenses. Anupam Das, Nikita Borisov and Matthew Caesar. Network and Distributed System Security Symposium (NDSS), 2016. PDF » BibTex »
  ×

  BibTex

  @inproceedings{DasBC16,
  	author    = {Anupam Das and
  	             Nikita Borisov and
  	             Matthew Caesar},
  	title     = {Tracking Mobile Web Users Through Motion Sensors: {A}ttacks and Defenses},
  	booktitle = {Proceedings of the 23rd Annual Network and Distributed System Security Symposium (NDSS)},
  	year      = {2016},
  	url       = {http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2017/09/tracking-mobile-web-users-through-motion-sensors-attacks-defenses.pdf},
  }	
  							  		

  Website » Dataset »
• Do You Hear What I Hear? Fingerprinting Smart Devices Through Embedded Acoustic Components. Anupam Das, Nikita Borisov and Matthew Caesar. ACM Conference on Computer and Communications Security (CCS), 2014. PDF » BibTex »
  ×

  BibTex

  @inproceedings{Das:2014:YHI:2660267.2660325,
  	author 	  = {Anupam Das and Nikita Borisov and Matthew Caesar},
  	title 	  = {Do You Hear What I Hear?: {F}ingerprinting Smart Devices Through Embedded Acoustic Components},
  	booktitle = {Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS)},
  	year 	  = {2014},
  	pages 	  = {441--452},
  	numpages  = {12},
  	url 	  = {http://doi.acm.org/10.1145/2660267.2660325},
  	doi 	  = {10.1145/2660267.2660325},
  	publisher = {ACM},
  }
  							  		

  Website »

Today’s Internet services rely heavily on text-based passwords for user authentication. The pervasiveness of these services, coupled with the difficulty of remembering large numbers of secure passwords, tempts users to reuse or modify existing passwords at multiple sites. My research looks at analyzing and identifying different ways in which users reuse or modify passwords using real-world, large-scale leaked data sets.

Relevant publications:

• The Tangled Web of Password Reuse. Anupam Das, Joseph Bonneau, Matthew Caesar, Nikita Borisov and XiaoFeng Wang. Network and Distributed System Security Symposium (NDSS), 2014. PDF » BibTex »
  ×

  BibTex

  @inproceedings{DasBCBW14,
  	author    = {Anupam Das and
  	           Joseph Bonneau and
  	           Matthew Caesar and
  	           Nikita Borisov and
  	           XiaoFeng Wang},
  	title     = {The Tangled Web of Password Reuse},
  	booktitle = {Proceedings of the 21st Annual Network and Distributed System Security Symposium (NDSS)},
  	year      = {2014},
  	url       = {https://www.ndss-symposium.org/ndss2014/tangled-web-password-reuse},
  }
  							  		

  Website » Dataset »
• Password Correlation: Quantification, Evaluation and Application. Shouling Ji, Shukun Yang, Anupam Das, Xin Hu and Raheem Beyah. IEEE International Conference on Computer Communications (INFOCOM), 2017. PDF » BibTex »
  ×

  BibTex

  @INPROCEEDINGS{8057067, 
  	author	  = {S. Ji and S. Yang and A. Das and X. Hu and R. Beyah}, 
  	booktitle = {Proceedings of the 36th IEEE International Conference on Computer Communications (INFOCOM)}, 
  	title     = {Password correlation: {Q}uantification, evaluation and application}, 
  	year	  = {2017},  
  	pages	  = {1--9},
  	doi       = {10.1109/INFOCOM.2017.8057067}, 
  } 
  							  		

Many people use anonymity networks like Tor to hide their digital footprints on the Internet. My research looks at analyzing the security and privacy guarantees provided by Tor in the presence of active and passive attackers.

Relevant publications:

• Defending Tor from Network Adversaries: A Case Study of Network Path Prediction. Joshua Juen, Aaron Johnson, Anupam Das, Nikita Borisov and Matthew Caesar. Privacy Enhancing Technologies Symposium (PETS), 2015. PDF » BibTex »
  ×

  BibTex

  @article { DefendingTor,
  	author 	= {Joshua Juen and Aaron Johnson and Anupam Das and Nikita Borisov and Matthew Caesar},
  	title 	= {Defending {T}or from Network Adversaries: {A} Case Study of Network Path Prediction},
  	journal = {Proceedings on Privacy Enhancing Technologies},
  	year 	= {2015},
  	volume 	= {2015},
  	number 	= {2},
  	pages 	= {171--187},
  	url 	= {https://content.sciendo.com/view/journals/popets/2015/2/article-p171.xml}
  }	
  							  		

  Website »
• Re^3: Relay Reliability Reputation for Anonymity Systems. Anupam Das, Nikita Borisov, Prateek Mittal and Matthew Caesar. ACM Symposium on Information, Computer and Communications Security (ASIA CCS), 2014. PDF » BibTex »
  ×

  BibTex

  @inproceedings{DasBMC14,
  	author    = {Anupam Das and
  	           Nikita Borisov and
  	           Prateek Mittal and
  	           Matthew Caesar},
  	title     = {Re\({}^{\mbox{3}}\): {R}elay Reliability Reputation for Anonymity Systems},,
  	booktitle = {Proceedings of the 9th Symposium on Information, Computer and Communications Security (ASIA CCS)},
  	pages     = {63--74},
  	year      = {2014},
  	url       = {http://doi.acm.org/10.1145/2590296.2590338},
  	doi       = {10.1145/2590296.2590338},
  	publisher = {ACM}
  }
  							  		

• Analyzing an Adaptive Reputation Metric for Anonymity Systems. Anupam Das, Nikita Borisov and Matthew Caesar. Symposium and Bootcamp on the Science of Security (HotSoS), 2014. PDF » BibTex »
  ×

  BibTex

  @inproceedings{DasBC14,
  	author    = {Anupam Das and
  	           Nikita Borisov and
  	           Matthew Caesar},
  	title     = {Analyzing an adaptive reputation metric for anonymity systems},
  	booktitle = {Proceedings of the 1st Symposium and Bootcamp on the Science of Security (HotSoS)},
  	pages     = {11:1--11:11},
  	articleno = {11},
  	numpages  = {11},
  	year      = {2014},
  	url       = {http://doi.acm.org/10.1145/2600176.2600187},
  	doi       = {10.1145/2600176.2600187},
  	publisher = {ACM},
  }
  							  		

• Securing Anonymous Communication Channels under the Selective-DoS Attack. Anupam Das and Nikita Borisov. International Conference on Financial Security and Data Security (FC) 2013. PDF » BibTex »
  ×

  BibTex

  @inProceedings{10.1007/978-3-642-39884-1_31,
  	author    = {Anupam Das and Nikita Borisov},
  	title     = {Securing Anonymous Communication Channels under the Selective {DoS} Attack},
  	booktitle = {Proceedings of the 17th International Conference on Financial Security and Data Security (FC)},
  	year      = {2013},
  	publisher = {Springer},
  	doi       = {10.1007/978-3-642-39884-1_31},
  	url       = {https://doi.org/10.1007/978-3-642-39884-1_31},
  	pages     = {362--370},
  }