More lists of publications from
Google Scholar,
(or
my
Google
Scholar profile),
DBLP,
ACM Author
Profile,
ResearcherID profile, or
orcid.org/0000-0002-5093-9871.
You can find my list of books at
my Amazon author page.
Research interests
I am primarily interested systems security broadly, including
topics like the development and use of novel platform security features,
applying cryptographic techniques to design secure protocols for
distributed systems, applying machine learning techniques to security/privacy
problems, and understanding/addressing the security and privacy of
machine learning applications themselves.
List of publications
Disclaimer
The documents distributed from this page have been provided as a means to ensure timely dissemination of
scholarly and technical work on a noncommercial basis. Copyright and
all rights therein are maintained by the authors or by other copyright
holders, notwithstanding that they have offered their works here
electronically. It is understood that all persons copying this
information will adhere to the terms and constraints invoked by each
author's copyright. These works may not be reposted without the
explicit permission of the copyright holder.
- Effective writing style transfer via combinatorial paraphrasing (with Tommi Gröndahl)
-
- A little goes a long way: Improving toxic language classification despite data scarcity (with Mika Juuti et al.)
-
- Confronting the Limitations of Hardware-Assisted Security (with M. Mannan)
-
- DÏoT: A Federated Self-learning Anomaly Detection System for IoT. (wit Thien Duc Nguyen et al)
-
- DoubleEcho: Mitigating Context-Manipulation Attacks in Copresence Verification (with Hien Truong et al)
-
- Circumventing Cryptographic Deniability with Remote Attestation (with Lachlan Gunn and Ricardo Vieitez Parra)
-
- Sustainable Security & Safety: Challenges and Opportunities (with Andrew Paverd et al)
-
- SoK: Modular and Efficient Private Decision Tree Evaluation (with Agnes Kiss et al)
-
- AuDI: Towards autonomous IoT device-type identification using periodic communications (with Samuel Marchal et al)
-
- Scalable Byzantine Consensus via Hardware-assisted Secret Sharing (with Jian Liu et al)
-
- Sensor-based Proximity Detection in the Face of Active Adversaries (with Babins Shrestha et al.)
-
- Stay On-Topic: Generating Context-Specific Fake Restaurant Reviews (with Mika Juuti et al.)
-
- ASSURED: Architecture for Secure Software Update of Realistic Embedded Devices (with Thomas Nyman et al.)
-
- Toward Linux kernel memory safety (with Elena Reshetova et al.)
-
- On Designing and Evaluating Phishing Webpage Detection Techniques for the Real World (with Samuel Marchal)
-
- Ad-Hoc Key Agreement: a Brief History and the Challenges Ahead (with Markus Miettinen)
-
- Toward Fairness of Cryptocurrency Payments (with Jian Liu, Wenting Li and Ghassan Karame)
-
- Migrating SGX Enclaves with Persistent State (with Fritz Alder et al.)
-
- OmniShare: Encrypted Cloud Storage for the Multi-Device Era (with Andrew Paverd et al.)
-
- SafeKeeper: Protecting Web Passwords using Trusted Execution Environments (with Klaudia Krawiecka et al.)
-
- Get in Line: Ongoing Co-presence Verification of a Vehicle Formation Based on Driving Trajectories (with Christian Vaas, Mika Juuti and Ivan Martinovic)
-
- Secure Deduplication of Encrypted Data: Refined Model and New Constructions (with Jian Liu et al.)
-
- CFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers (with Thomas Nyman et al.)
-
-
Randomization Can't Stop BPF JIT Spray.
with Elena Reshetova and Filippo Bonazzi
-
- Off-the-Hook: An Efficient and Usable Client-Side Phishing Prevention Application (with Samuel Marchal et al.)
-
- IEEE Transactions on Computers, 66(10):1717-1733, 2017 (DOI Bookmark)
- Private set intersection for unequal set sizes with mobile applications (with Ágnes Kiss et al.)
-
- Ethics in Information Security
-
- Editorial, IEEE Security & Privacy, 15(3):3-4, June 2017, (DOI Bookmark)
- Profiling Users by Modeling Web Transactions (with Radek Tomšů and Samuel Marchal)
-
- IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT (with Markus Miettinen et al.)
-
- STASH: Securing Transparent Authentication Schemes Using Prover-Side Proximity Verification (with Mika Juuti et al.)
-
- SELint: An SEAndroid Policy Analysis Tool (with Elena Reshetova and Filippo Bonazzi)
-
(Honorable mention, ASIACCS 2017 best paper competition, Finalist, CSAW '17 Europe, Applied Research competition.)
- Know Your Phish: Novel Techniques for Detecting Phishing Sites and Their Targets (with Samuel Marchal, Kalle Saari and Nidhi Singh)
-
- Real-Time Client-Side Phishing Prevention Add-On (with Giovanni Armano and Samuel Marchal)
.
-
- Characterizing SEAndroid Policies in the Wild (with Elena Reshetova, Filippo Bonazzi, Thomas Nyman and Ravishankar Borgaonkar)
-
- On improving tie strength estimates by aggregating multiple communication channels (with Narges Yousefnezhad and Marcin Nagy)
-
- Pitfalls in Designing Zero-Effort Deauthentication: Opportunistic Human Observation Attacks. (with Otto Huhta, Swapnil Udar, Mika Juuti, Prakash Shrestha and Nitesh Saxena)
-
- Practical Attacks Against Privacy and Availability in 4G/LTE Mobile Communication Systems (with Altaf Shaik, Jean-Pierre Seifert, Ravishankar Borgaonkar, and Valtteri Niemi)
-
- LookAhead: Augmenting Crowdsourced Website Reputation Systems with Predictive Modeling (with Sourav Bhattacharya and Otto Huhta)
-
- On Making Emerging Trusted Execution Environments Accessible to Developers (with Thomas Nyman and Brian McGillion)
-
- Using contextual co-presence to strengthen Zero-Interaction Authentication: Design, integration and usability (with Hien Truong et al)
-
- in Pervasive and Mobile Computing 16(B):187-204, 2015 (DOI Bookmark)
- Mobile Trusted Computing (with Jan-Erik Ekberg et al)
-
- Proceedings of the IEEE 102(8): 1189-1206 (2014) (DOI Bookmark)
- Security of OS-Level Virtualization Technologies (with Elena Reshetova et al)
-
-
-
(Best paper award)
- Comparing and Fusing Different Sensor Modalities for Relay
Attack Resistance in Zero-Interaction Authentication (with Hien
Truong et al)
-
- Drone to the Rescue: Relay-Resilient Authentication using
Ambient Multi-Sensing (with Babins Shrestha, Nitesh
Saxena and Hien Truong)
-
- The Company You Keep: Mobile Malware Infection Rates and
Inexpensive Risk Indicators (with Hien Truong et al)
-
-
- The Untapped Potential of Trusted Execution Environments on
Mobile Devices
(with Jan-Erik Ekberg and Kari Kostiainen)
-
- In the IEEE Security & Privacy
Magazine. 12(4):29-37 (DOI
Bookmark)
- (abstract of invited talk), Financial Cryptography 2013, LNCS
2013,
293-294 (DOI Bookmark)
- PeerShare: A System Secure Distribution of Sensitive Data
Among Social Contacts (with Marcin Nagy and Jörg Ott)
-
- CrowdShare: Secure Mobile Resource Sharing (with Alexandra Dimitrienko et al.)
-
- Intuitive security policy configuration in mobile devices
using context profiling (with Aditi Gupta, Markus Miettinen
and Marcin Nagy)
-
- Authenticated encryption primitives for size-constrained
trusted computing (with Jan-Erik Ekberg and Alexandra Afanasyeva)
-
- Practical Property-Based Attestation on Mobile Devices.
(with Kari Kostiainen and Jan-Erik Ekberg)
-
- Proceedings of TRUST 2011
(DOI
Bookmark), Pittsburgh, June 2011.
- Towards User-Friendly Credential Transfer on Open Credential
Platforms (with Kari Kostiainen and Alexandra Afanasyeva)
-
- Proceedings of ACNS 2011
(DOI
Bookmark), Nerja, Spain, June 2011.
- Using context-profiling to aid access control decisions in
mobile devices (with Aditi Gupta and Markus Miettinen)
-
- Vibrate-to-unlock: Mobile phone assisted user authentication
to multiple personal RFID tags (with Nitesh Saxena
et al.)
-
- Key Attestation from Trusted Execution Environments (with
Kari Kostiainen,
Alexandra Dmitrienko, Jan-Erik Ekberg and Ahmad-Reza Sadeghi)
-
- Security associations for wireless devices (with Kaisa
Nyberg)
-
-
In Stefanos Gritzalis, Tom Karygiannis, and Charalabos Skianis,
editors, Security and Privacy in Mobile and Wireless
Networking. Troubador Publishing Ltd, Leicester, UK,
2009. (pre-print)
- External Authenticated Non-Volatile Memory with Lifecycle Management for State Protection in Trusted Computing (with Jan-Erik Ekberg)
-
- Controlling Resource Hogs in Delay-Tolerant Networks (with
John Solis, Kari Kostiainen, Philip Ginzboorg and Jörg Ott)
-
- Computer Communications, 33:1 pages 2-10,
2010 (DOI bookmark)
-
- Standards for security associations in personal networks: a comparative
analysis (with Jani Suomalainen and Jukka Valkonen)
-
- Interational Journal of Security in Networks 4(1/2): 87-100, 2009
(DOI bookmark)
- Using Salience Differentials to Making Visual Cues
Noticeable (with Andreas Heiner)
-
- A Platform for OnBoard Credentials (with Jan-Erik Ekberg)
-
- Enabling Fairer Digital Rights Management with Trusted
Computing (with
Ahmad-Reza Sadeghi,
Christian Stüble, Marko
Wolf and Jan-Erik Ekberg)
-
- Security Associations in Personal Networks: A
Comparative Analysis (with Jani Suomalainen and Jukka
Valkonen)
-
- In the Proceedings of the
Fourth European Workshop on Security and Privacy in Ad hoc and Sensor
Networks, Cambridge, UK, July 2007. Volume 4572 of
Lecture Notes in Computer Science,
Springer. (Springerlink)
- Usability Analysis of Secure Pairing Methods (with
Ersin Uzun and Kristiina Karvonen)
-
- Ad Hoc Security Associations for Groups (with Jukka
Valkonen and Kaisa Nyberg)
-
- In the Proceedings of the
Third European Workshop on Security and Privacy in Ad hoc and Sensor
Networks, Hamburg, Germany, September 2006. Volume 4357 of
Lecture Notes in Computer Science,
Springer. (available in Springerlink.)
- Secure Device Pairing based on a Visual Channel (with Nitesh Saxena,
Jan-Erik Ekberg and Kari Kostiainen)
-
- Efficient Mutual Data Authentication Using Manually
Authenticated Strings (with Sven Laur and Kaisa Nyberg)
-
- Remote storage for mobile devices (with Jarkko Tolvanen, Jaakko
Lipasti and Tapio Suihko)
-
- Visitor management in Personal wireless networks (with Seamus
Moloney, Philip Ginzboorg, and Kari Kostiainen)
-
- Extending
Cellular Authentication as a Service (with Pekka
Laitinen et al.)
-
- Issues in Initializing Security
-
- On the usefulness of proof-of-possession (with Valtteri
Niemi and Pekka Laitinen)
-
- Man-in-the-middle in tunneled
authentication protocols (with Kaisa Nyberg and Valtteri Niemi)
-
- Defining authorization domains using virtual devices (with Sampo Sovio and Kaisa Nyberg)
-
- In the Proceedings of the 2003 Symposium on
Applications and the Internet Workshops (SAINT'03
Workshops), 2003. Available at IEEExplore
- Secure Vickrey Auctions without Threshold Trust. (with Helger Lipmaa and Valtteri Niemi).
-
- In Financial Cryptography 2002, Lecture Notes in Computer
Science, Volume 2357, pages 87-101, 2002. Springer-Verlag.
- Authentication and key generation for mobile IP using
GSM authentication and roaming (with Henry Haverinen
and Tuomas Määttänen)
-
- In Proceedings of the 2001 IEEE International Conference
on Communications (ICC 2001), Helsinki, Finland. Pages
2453-2457, vol. 8.
Available at IEEExplore
- SEMPER - Secure Electronic Marketplace for Europe
(edited by Gerard Lacoste et al), Springer, Lecture Notes in
Computer Science 1854, 2000
-
- Architecture -- Chapter 6 (with Birgit
Baum-Waidner et al)
- The Payment Framework -- Chapter 11 (with
Michael Steiner)
- Key Agreement in Ad-hoc Networks
(with Philip Ginzboorg)
-
-
in Computer
Communications Review, 23(17):1627-1637, November 2000.
(DOI Bookmark)
- A preliminary version was presented at the Nordsec '99 workshop in Nov. 1999. But there is
no formal proceedings.
- Authenticating Public Terminals
(with Michael
Steiner, Hervé
Debar, and
Michael Waidner)
-
- Computer
Networks and ISDN Systems, 31(8):861-870, May 1999.
(DOI Bookmark)
- Towards a Framework for Handling Disputes in Payment Systems
(with Michael Steiner and Els
van Herreweghen)
-
- Protecting the Computation Results of Free-roaming Agents
(with Ceki Gülcü and Günter Karjoth)
-
- Proceedings of the Second International Workshop
on Mobile Agents (MA '98), LNCS 1477,
pp. 195-207,
Sep. 1998. (DOI Bookmark)
- Personal Technologies, 2(2):92-99,
Dec. 1998.
(DOI Bookmark)
- Fairness in Electronic Commerce
-
- More on Optimistic Fair Exchange (with Victor Shoup and
Michael Waidner)
-
- A detailed report, Optimistic Fair Exchange of
Digital Signatures, describing the use of verifiable
encryption in fair exchange protocols is available as IBM Research Report RZ 2973, Nov. 1997.
An extended abstract with the same title appears in the proceedings of Eurocrypt '98. LNCS 1403, pp. 591-606.
- A detailed report, Asynchronous Protocols for
Optimistic Fair Exchange, describing an improved fair
exchange protocol is available as IBM Research Report RZ 2976, Nov. 1997.
An extended
abstract with the same title appears in
the Proceedings of the 1998 IEEE Symposium on Security
and Privacy, pp. 86-99 (DOI Bookmark).
- The jounal version appeared in
the IEEE Journal on Selected Areas in
Communications, 18(4):593-610, April 2000
(DOI Bookmark). The
pre-print version is here.
-
Design of a Generic Payment Service
(with Jose Abad-Peiro, Michael
Steiner, and Michael Waidner)
-
-
Electronic Payment Systems
(with Phil Janson, Michael
Steiner, and Michael Waidner)
-
- IBM Research Report RZ 2890, Dec. 1996.
- An edited version appeared in the IEEE Computer Magazine,
Sep. 1997, 30(9):28-35.
- A Japanese translation appeared in Nikkei Computer,
pp. 195-201, issue of March 30, 1998.
- An updated version appeared as a chapter in volume 53 of the series Advances in Computers published in 2000. (this is the final version submitted for publication.)
-
-
Server-Supported Signatures
(with Gene Tsudik and Michael Waidner)
-
- Proceedings of the Fourth European Symposium on
Research in Computer Security (ESORICS), LNCS 1146, pp.
131-143. Springer-Verlag,
Sep. 1996. (DOI Bookmark)
- A slightly
extended version appeared in the Journal of Computer Security, 5(1), pp 91-108, 1997.
-
-
Security Issues in Mobile Computing
-
- CS 690B - Research Proposal, April 1995.
-
Anonymity in a Mobile Computing Environment
-
- Proceedings of the Workshop on Mobile Computing
Systems and Applications, Santa Cruz,
Dec. 1994. (DOI
Bookmark)
In a previous life...
-
Parallel Algorithms for Constructing the Convex Hull in 2-Dimensions.
-
- Term Paper for the Computational Geometry course, Summer 1990
(for Prof. Anna Lubiw).
-
A Neural Network Simulator for the Connection Machine.
(with Ravi Shankar et al)
-
-
A Parallel Free-text Search System with Indexing.
(with Ophir Frieder and Sanjay Ranka)
-
-
A Parallel Implementation of the Hough Transform Method. (with Ravi Shankar)
-
- Term Paper for the Parallel Programming course, Fall 1988
(for Prof. E. E. Sibert).
- Proceedings of the 32nd Midwest Symposium on Circuits
and Systems, Page(s): 321 -324 vol.1,
Urbana-Champaign, August
1989. (DOI Bookmark)
Last modified: Sun, 21 Mar 2021 16:54:42 +0200
-->