Research Projects

  • image

    Movee: Visual Verifications through Liveness Analysis using Mobile Devices

    A system that verifies the authenticity of a video taken with a mobile device by performing a liveness analysis.

    Movee is a novel approach to video liveness analysis for mobile devices. It is based on measuring the consistency between the data from the accelerometer sensor and the inferred motion from the captured video. Contrary to existing algorithms, Movee has the unique strength of not depending on the audio track. Our experiments on real user data from cameras on handheld devices as well as wearable smart glasses have shown that Movee excels in both domains with 8% and 7% Equal Error Rate, respectively.

  • image

    Marco: Detecting fake reviews and campaigns in Yelp

    A novel system, Marco that exploits the unique combination of social, spatial and temporal information provided by Yelp, to detect deceptive reviews and venues.

    Marco increases the cost and complexity of attacks, by imposing a tradeoff on fraudsters, between their ability to impact venue ratings and their ability to remain undetected. Marco significantly outperforms state-of-the-art approaches, by achieving 94% accuracy in classifying reviews as fraudulent or genuine, and 95.8% accuracy in classifying venues as deceptive or legitimate. Marco successfully flagged 244 deceptive venues from our large dataset with 7,435 venues, 270,121 reviews and 195,417 users. Furthermore, Marco also evaluates the impact of Yelp events, organized for elite reviewers, on the hosting venues.

  • image

    SensCrypt: A Secure Protocol for Managing Low Power Fitness Trackers

    We reverse engineered the communication protocol, built attack tools to launch security and privacy attacks againstFitbit and Garmin, and built SensCrypt, a secure solution that protects fitness trackers.

    Our devised SensCrypt is a protocol for secure data storage and communication, for use by makers of affordable and lightweight personal trackers. We reverse engineered and identified security vulnerabilities in Fitbit Ultra and Gammon Forerunner 610, two popular and representative fitness tracker products. We introduce FitBite and GarMax, tools to launch efficient attacks against Fitbit and Garmin. We have built, an Arduino Uno based tracker platform, of similar capabilities but at a fraction of the cost of current solutions. On, SensCrypt imposes a negligible write overhead and significantly reduces the end-to-end sync overhead of Fitbit and Garmin.

  • image

    FoulPlay: A Study of Fraud in Google Play

    A system that identifies deceptive reviews, review campaigns and deceptive/malware apps in Google Play.

    Currently running project. Details will be provided after publication.

  • image

    ProfilR: privacy preserving Geosocial networks

    A framework that allows the construction of location centric profiles of present users, while ensuring the privacy and correctness of participants.

    Our devised, ProfilR is a framework for constructing location centric profiles (LCPs), aggregates built over the profiles of users that have visited discrete locations (i.e., venues). We propose to take first steps toward addressing the conflict between profit and privacy in geosocial networks. ProfilR endows users with strong privacy guarantees and providers with correctness assurances. In addition to a venue centric approach, we propose a decentralized solution for computing real time LCP snapshots over the profiles of colocated users. An Android implementation shows that PROFILR is efficient; the end-to-end overhead is small even under strong privacy and correctness assurances.

  • image

    iSafe: a mobile and social networking approach towards safe cities

    A privacy preserving solution for computing safety snapshots of co-located mobile devices as well as geosocial network users.

    iSafe is a privacy preserving algorithm for computing safety snapshots of co-located mobile devices as well as geosocial network users. We aim to enable the vision of smart and safe cities, by exploiting mobile and social networking technologies to securely and privately extract, model and embed real-time public safety information into quotidian user experiences. We present implementation details of iSafe, as both an Android application and a browser plugin, that visualizes safety levels of visited locations and browsed geosocial venues. We evaluate iSafe using crime and census data from the Miami-Dade (FL) county as well as data we collected from Yelp, a popular geosocial network.