@conference {570, title = {Making Blockchain Validators Honest}, booktitle = {2022 Fourth International Conference on Blockchain Computing and Applications (BCCA)}, year = {2022}, abstract = {

The importance of honesty among blockchain validators can not be overemphasized, especially as blockchain is used by many as an underlying technology for the development of various Industry 4.0 solutions. In the blockchain consensus process, validators validate the correctness of transactions and propose new blocks for addition to the blockchain. They are rewarded for this task with the blockchain native token (e.g., ETH on the Ethereum blockchain). This reward is often distributed among validators with respect to their staked amount. An increasing number of validators joining the network leads to a decreasing chance of a validator being chosen for the validation task and thus a reduction in the validation reward. This situation results in some form of competition among the validators, leading them to carry out various malicious actions to influence the blockchain validator selection protocol in order to be chosen. In this paper, we examine the competitive interactions between validators in a blockchain consensus process and propose a model using an infinitely repeated game model that ensures that the validators are deterred from behaving maliciously while also encouraging a self-policing notion due to the extra incentive mechanism of an improved reputation score when a validator can verifiably report malicious activities by others. Further, we discuss the factors that can incentivize or disincentivize a validator to either continue to behave honestly or switch to dishonest behavior.

}, doi = {10.1109/BCCA55292.2022.9921952}, url = {https://ieeexplore.ieee.org/abstract/document/9921952}, author = {Salau, Abiola and Dantu, Ram and Morozov, Kirill and Badruddoja, Syed and Upadhyay, Kritagya} } @conference {575, title = {Making Smart Contracts Predict and Scale}, booktitle = {2022 Fourth International Conference on Blockchain Computing and Applications (BCCA)}, year = {2022}, abstract = {

The machine learning algorithms can predict the events based on the trained models and datasets. However, a reliable prediction requires the model to be trusted and tamper-resistant. Blockchain technology provides trusted output with consensus-based transactions and an immutable distributed ledger. The machine learning algorithms can be trained on blockchain smart contracts to produce trusted models for reliable prediction. But most smart contracts in the blockchain do not support floating-point data type, limiting computations for classification, which can affect the prediction accuracy. In this work, we propose a novel method to produce floating-point equivalent probability estimation to classify labels on-chain with a Naive Bayes algorithm. We derive a mathematical model with Taylor series expansion to compute the ratio of the posterior probability of classes to classify labels using integers. Moreover, we implemented our solution in Ethereum blockchain smart-contract with the Solidity programming language, where we achieved a prediction accuracy comparable to the scikit-learn library in Python. Our derived method is platform-agnostic and can be supported in any blockchain network. Furthermore, machine learning and deep-learning algorithms can borrow the derived method.

}, doi = {10.1109/BCCA55292.2022.9922480}, author = {Badruddoja, Syed and Dantu, Ram and He, Yanyan and Thompson, Mark and Salau, Abiola and Upadhyay, Kritagya} } @conference {577, title = {Quantum Networks: Reset-and-Reuse can be a Game-changer for Entanglement via Distillation}, booktitle = {2022 IEEE International Conference on Quantum Computing and Engineering (QCE)}, year = {2022}, abstract = {

The future quantum network repeater is envisioned to primarily serve the role of creating entanglement between nodes and distilling those entanglements to an optimal level of performance. During our investigation, we implemented a multi-pass protocol for entanglement distillation and tested it on the IBM-Q environment, demonstrating successively improved results after multiple passes. We implemented two versions of multi-pass distillation, BBPSSW and DEJMPS, with a focus on optimizing the use of qubits, via the reset-and-reuse capability of the IBM implementation. The novel feature of reset-and-reuse can be a game-changer and can minimize the number of qubits required for large-scale applications. We also found that, though it is currently not possible to implement a criterion for continued distillation passes as a run-time feedback loop, the process can be studied through post-circuit data analysis. Our results also show that fidelity alone may guide us to discard some approaches that show success based on other metrics, such as entanglement success and success of transmitting a bit of data. The fidelity was experimentally found to be excessively low, for this complex process of multi-pass distillation.

}, doi = {10.1109/QCE53715.2022.00143}, author = {Germain, Julie and Dantu, Ram and Thompson, Mark and Dockendorf, Mark} } @conference {508, title = {Qubit Reset and Refresh: A Gamechanger for Random Number Generation}, booktitle = {Twelveth ACM Conference on Data and Application Security and Privacy (CODASPY )}, year = {2022}, abstract = {

Generation of random binary numbers for cryptographic use is often addressed using pseudorandom number generating functions in compilers and specialized cryptographic packages. Using the IBM{\textquoteright}s Qiskit reset functionality, we were able to implement a straight-forward in-line Python function that returns a list of quantum-generated random numbers, by creating and executing a circuit on IBM quantum systems. We successfully created a list of 1000 1024-bit binary random numbers as well as a list of 40,000 25-bit binary random numbers for randomness testing, using the NIST Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. The quantum-generated random data we tested showed very strong randomness, according to the NIST suite. Previously, IBM{\textquoteright}s quantum implementation required a single qubit for each bit of data generated in a circuit, making generation of large random numbers impractical. IBM{\textquoteright}s addition of the reset instruction eliminates this restriction and allows for the creation of functions that can generate a larger quantity of data-bit output, using only a small number of qubits.

}, keywords = {Qiskit, QRNG, Quantum Computing, Random Number Generator}, doi = {10.1145/3508398.3519364}, url = {https://dl.acm.org/doi/abs/10.1145/3508398.3519364}, author = {Germain, Julie and Dantu, Ram and Thompson, Mark} } @conference {572, title = {Smarter Contracts to Predict using Deep-Learning Algorithms}, booktitle = {2022 Fourth International Conference on Blockchain Computing and Applications (BCCA)}, year = {2022}, abstract = {

Deep learning techniques can predict cognitive intelligence from large datasets involving complex computations with activation functions. However, the prediction output needs verification for trust and reliability. Moreover, these algorithms suffer from the model{\textquoteright}s provenance to keep track of model updates and developments. Blockchain smart contracts provide a trustable ledger with consensus-based decisions that assure integrity and verifiability. In addition, the immutability feature of blockchain also supports the provenance of data that can help deep learning algorithms. Nevertheless, smart contract languages cannot predict due to the absence of floating-point operations required by activation functions of neural networks. In this paper, we derive a novel method using the Taylor series expansion to compute the floating-point equivalent output for activation functions. We train the deep learning model off-chain using a standard Python programming language. Moreover, we store models and predict on-chain with blockchain smart contracts to produce a trusted forecast. Our experiment and analysis achieved an accuracy (99\%) similar to popular Keras Python library models for the MNIST dataset. Furthermore, any blockchain platform can reproduce the activation function using our derived method. Last but not least, other deep learning algorithms can reuse the mathematical model to predict on-chain.

}, doi = {10.1109/BCCA55292.2022.9922240}, author = {Badruddoja, Syed and Dantu, Ram and He, Yanyan and Thompson, Mark and Salau, Abiola and Upadhyay, Kritagya} } @conference {503, title = {Towards a Threat Model and Security Analysis for Data Cooperatives}, booktitle = {19th International Conference on Security and Cryptography (SECRYPT 2022)}, year = {2022}, abstract = {

Data cooperative (called {\textquotedblleft}data coop{\textquotedblright} for short) is an emerging approach in the area of secure data management. It promises its users a better protection and control of their data, as compared to the traditional way of their handling by the data collectors (such as governments, big data companies, and others). However, for the success of data coops, existing challenges with respect to data management systems need to be adequately addressed. Especially, they concern terms of security and privacy, as well as the power imbalance between providers/owners and collectors of data. Designing a security and privacy model for a data coop requires a systematic threat modeling approach that identifies the security landscape, attack vectors, threats, and vulnerabilities, as well as the respective mitigation strategies. In this paper, we analyze the security of data cooperatives, identify potential security risks and threats, and suggest adequate countermeasures. We also discuss existing challenges that hinder the widespread adoption of data coops.\ 

}, keywords = {Cybersecurity, Data Cooperatives, Secure Data Management, Security and Privacy., Threat Model}, doi = {10.5220/0011328700003283}, author = {Salau, Abiola and Dantu, Ram and Morozov, Kirill and Upadhyay, Kritagya and Badruddoja, Syed} } @conference {565, title = {Trusted AI with Blockchain to Empower Metaverse}, booktitle = {2022 Fourth International Conference on Blockchain Computing and Applications (BCCA)}, year = {2022}, abstract = {

The digital experience emerging in the virtual world is a reality with the advent of the metaverse. Augmented reality(AR), virtual reality(VR), extended reality(XR), and artificial intelligence(AI) algorithms would pave the way for an immersive experience for the users in the virtual space. However, the explosion of these technologies broaches new challenges to threaten the success of metaverse due to security risks. The blockchain technology augmented with AI promises to deliver a trusted metaverse for everyone. Nevertheless, smart contracts fail to produce a cognitive prediction, dissuading users from confiding in the metaverse. We arm smart contracts with intelligence to predict using AI algorithms. Moreover, we deploy the smart contracts on the Ethereum blockchain platform and produce a prediction accuracy of 95\% compared to Python scikit-learn-based predictions. Our results show that the prediction delay can obstruct the growth of metaverse applications to accept blockchain technologies. Furthermore, the limitation of blockchain technology can make integration unreasonable. Therefore, we discuss possible scalability solutions that can be part of our future work to help more metaverse applications adopt blockchain solutions.

}, doi = {10.1109/BCCA55292.2022.9922027}, author = {Badruddoja, Syed and Dantu, Ram and He, Yanyan and Thompson, Mark and Salau, Abiola and Upadhyay, Kritagya} } @conference {522, title = {Can{\textquoteright}t Understand SLAs? Use the Smart Contract}, booktitle = {2021 Third IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)}, year = {2021}, publisher = {IEEE}, organization = {IEEE}, address = {Atlanta, GA, USA}, abstract = {

A Service Level Agreement (SLA) is a special kind of legal contract that binds a vendor to its customers where the vendor commits to provide certain services in exchange for certain payment from the customers. On the other hand, a Smart Contract is a contract that is a computer program that also binds multiple parties into given agreements but is a set of a precise rules and is self-enforceable and self-executable. Since almost all legal contracts are ambiguous by nature and are complex to read and understand, we perform a novel study on how we can replace the traditional vague legal contract with the smart contact and the effect of the ambiguity on the smart contract by performing a thorough analysis on SLAs by measuring their ambiguities in various aspects. We take several samples of real SLAs from six different popular broadband vendors. We use four random SLAs to train the machine learning model to classify and then detect ambiguous words in two unseen SLAs which were the SLAs of Ziply Fiber and Century Link. As different people form different interpretations while reading the ambiguous legal contracts, we generate various human interpretations from the machine detected ambiguous words and convert all those generated interpretations into Smart Contracts to perform testing in Ethereum-based Blockchain to identify the most ambiguous as well as accurate interpretation of the SLA. From our analysis and observation, we were able to find out the most ambiguous interpretation of SLAs and we concluded that the SLA of Ziply Fiber was more ambiguous in general compared to the SLA of Century Link. Moreover, our proposed approach to detect ambiguous terms and to translate an ambiguous legal contract to a smart legal contract using a formal language to measure the degree of ambiguity can be extrapolated and replicated to legal contracts from other types of industries as well.

}, keywords = {ambiguity, ambiguity index, blockchain, clauses, complexity, Ethereum, interpretations, machine learning, service level agreement, SLA, smart contract, smart legal contract}, isbn = {978-1-6654-1623-8}, doi = {10.1109/TPSISA52974.2021.00015}, url = {https://ieeexplore.ieee.org/abstract/document/9750250}, author = {Upadhyay, Kritagya and Dantu, Ram and He, Yanyan and Badruddoja, Syed and Salau, Abiola} } @conference {523, title = {A Collaborative and Adaptive Feedback System for Physical Exercises}, booktitle = {2021 IEEE 7th International Conference on Collaboration and Internet Computing (CIC)}, year = {2021}, publisher = {IEEE}, organization = {IEEE}, address = {Atlanta, GA, USA}, abstract = {

Maintaining motivation to meet physical exercise goals is a big challenge in virtual/home-based exercise guidance systems. Lack of motivation, long-maintained bad daily routines, and fear of injury are some of the reasons that cause this hesitation. This paper proposes a reinforcement learning-based virtual exercise assistant capable of providing encouragement and customized feedback on body movement form over time. Repeated arm curls were observed and tracked using single and dual-camera systems using the Posenet pose estimation library. To accumulate enough experience across individuals, the reinforcement learning model was collaboratively trained by subjects. The proposed system is tested on 36 subjects. Behavioral changes are apparent in 31 of the 36 subjects, with 31 subjects reducing movement errors over time and 15 subjects completely eliminating the errors. The system was analyzed for which types of feedback provided the highest expected value, and feedback directly related to the previous mistake provided the highest valued feedback ( p\<0.0133 ). The result showed that the Reinforcement Learning system provides meaningful feedback and positively impacts behavior progress.

}, keywords = {Distributed Machine Learning, Human-Computer Interaction, Pose Estimation, Reinforcement Learning}, isbn = {978-1-6654-1625-2}, doi = {10.1109/CIC52973.2021.00012}, url = {https://ieeexplore.ieee.org/abstract/document/9707166}, author = {Ranasinghe, Ishan and Yuan, Chengping and Dantu, Ram and Albert, Mark V.} } @conference {543, title = {Cyber-Physiotherapy: Rehabilitation to Training}, booktitle = {2021 IFIP/IEEE International Symposium on Integrated Network Management (IM)}, year = {2021}, publisher = {IEEE}, organization = {IEEE}, address = {Bordeaux, France}, abstract = {

Cutting-edge Human-Computer Interaction (HCI) technologies embedded with Machine Learning (ML) will cause a paradigm shift in various domains, including manufacturing and developing facilities and services for professional and personal use. ML implemented HCIs can help people overcome societal challenges brought about by the COVID-19 pandemic. We introduce a system for people to perform physical exercises at home. This system is intended to help a range of demographics, from non-critical physical therapy patients to experienced weightlifters. More specifically, we propose a method to assess the difficulty of an exercise for visual exercise tracking systems. Pose estimation tracks exercises and reinforcement learning provides autonomous feedback to the user (patient/athlete). This information is processed largely on the client side, allowing the application to run smoothly anywhere in the world.

}, keywords = {Fitts{\textquoteright}s law, Human-Computer Interaction, Index of Difficulty, Pose Estimation, Reinforcement Learning}, isbn = {978-3-903176-32-4}, url = {https://ieeexplore.ieee.org/abstract/document/9464036}, author = {Ranasinghe, Ishan and Dantu, Ram and Albert, Mark V. and Watts, Sam and Ocana, Ruben} } @conference {528, title = {Data Cooperatives for Neighborhood Watch}, booktitle = {2021 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)}, year = {2021}, publisher = {IEEE}, organization = {IEEE}, address = {Sydney, Australia}, abstract = {

The increasing proliferation of user data is moving the world from the era of {\textquoteright}big data{\textquoteright} to a new era of shared data, and some are considering data as a factor of production that is paving the way for a new business economy. In this paper, we propose a solution that uses blockchain technology as a platform for online neighborhood watch using a form of data cooperative among individuals or organizations in the sharing of data through a peer-to-peer mechanism. We prove the concept by implementing a distributed phishing data sharing system that will maintain a community ledger of reported phishing activities with a consensus-based approval of the phishing transaction and a novel reputation scoring system thereby adding reliability to the system and effectively tackling the phishing problem. The data cooperative provides a way for timely multi-party sharing of phishing data among anti-phishing organizations and users of the internet eliminating the current approach of each organization maintaining its database. Our results show that blockchain is effective in complementing the existing methods of phishing detection and serves as a platform for sharing phishing data with respect to scalability, cost, and memory consumption. Also, our results further show that transaction times on the Ropsten test net follow a Gamma distribution. Our approach can be extrapolated to other data sharing systems like medical data, spam calls, discussion forums, etc.

}, keywords = {blockchain, Cybersecurity, data cooperative, data sharing, distributed ledger, peer-to- peer, phishing, smart contract}, isbn = {978-1-6654-3578-9}, doi = {10.1109/ICBC51069.2021.9461056}, url = {https://ieeexplore.ieee.org/abstract/document/9461056}, author = {Salau, Abiola and Dantu, Ram and Upadhyay, Kritagya} } @conference {513, title = {Make Consumers Happy by Defuzzifying the Service Level Agreements}, booktitle = {2021 Third IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)}, year = {2021}, publisher = {IEEE}, organization = {IEEE}, address = {Atlanta, GA, USA}, abstract = {

A Service Level Agreement (SLA) is a special kind of legal contract that binds a vendor to its customers where the vendor commits to provide certain services in exchange for certain payments from the customers. However, when customers do not get the services that they have subscribed for, it becomes a laborious job for customers to contact or visit the company and claim the correct amount of compensation or service credits. On the other hand, a Smart Contract is a contract that is a computer program that also binds multiple parties into given agreements but is a set of precise rules and is self-enforceable and self-executable. In this paper, we have introduced a novel work where we use fuzzy logic inside the Ethereum-based smart contract for two significant objectives. The first objective is to make the claim of the compensation easier and faster for customers by translating the SLA into a smart contract. The second objective is to make the smart contract even smarter and intelligent by implementing fuzzy logic so that customers who have a hard time understanding the legal jargon and ambiguities of the legal contract and SLA to find out if the compensation amount they are getting when the service is poor is good enough. Since fuzzy logic models semantics of linguistic expressions by capturing vagueness in the fuzzy sets, it becomes easier to solve the problem of contractual ambiguities and expedite the process of claiming compensation when implemented in a Blockchain-based smart contract.

}, keywords = {ambiguity, blockchain, clauses, complexity, Ethereum, Fuzzy logic, interpretations, service level agreement, SLA, smart contract, smart legal contract}, isbn = {978-1-6654-1623-8}, doi = {10.1109/TPSISA52974.2021.00011}, url = {https://ieeexplore.ieee.org/abstract/document/9750258}, author = {Upadhyay, Kritagya and Dantu, Ram and He, Yanyan and Salau, Abiola and Badruddoja, Syed} } @conference {533, title = {Making Smart Contracts Smarter}, booktitle = {2021 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)}, year = {2021}, publisher = {IEEE}, organization = {IEEE}, address = {Sydney, Australia}, abstract = {

Blockchain technology develops static smart contracts for decentralized business transactions, lacks dynamic decision-making capabilities that limit the possibilities of ever-increasing demands of modern business applications. Artificial intelligence, a computational prediction platform provides intelligent predictions, actions, and recognition that lacks the ability to hold on to the integrity of the prediction result and requires the help of external authorities to secure the system. Blockchain-based AI prediction can cover the gaps of individual technologies and can mutually benefit from one another to develop a decentralized machine learning architecture that promises to yield better security, automation, and dynamism of the application. This paper proposes a Naive Bayes prediction algorithm to perform prediction with inside blockchain smart contracts that promises to open up more opportunities in the field of Blockchain-AI decentralized applications.

}, keywords = {artificial intelligence, blockchain, DApp, machine learning, Naive Bayes, smart contract}, isbn = {978-1-6654-3578-9}, doi = {10.1109/ICBC51069.2021.9461148}, url = {https://ieeexplore.ieee.org/abstract/document/9461148}, author = {Badruddoja, Syed and Dantu, Ram and He, Yanyan and Upadhayay, Kritagya and Thompson, Mark} } @conference {518, title = {Paradigm Shift from Paper Contracts to Smart Contracts}, booktitle = {2021 Third IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)}, year = {2021}, publisher = {IEEE}, organization = {IEEE}, address = {Atlanta, GA, USA}, abstract = {

The ambiguity and complexity of the traditional legal contracts have motivated the study and exploration of a better and advanced contract known as blockchain-based smart contracts. A smart contract is a self-executable contract where the terms of the agreement between the involved parties are directly written into the lines of code that resides in the distributed ledger technology known as the blockchain. Obtaining a better understanding of smart contracts to overcome the fundamental issues of traditional legal contracts is vital for the successful and faster dispute settlement process without the intervention of any third-party mediators like courts, banks, lawyers, etc. In this paper, we present a comprehensive overview of the key features of the paradigm shift from traditional paper contracts to smart contracts. In addition, we also discuss why smart contracts are necessary to be legally enforced and the crucial conditions that are required for them to be legally enforceable. Furthermore, we outline recent trends and emerging technologies such as Natural Language Processing, Machine Learning, and the Internet of Things that have been combined together with smart contracts.

}, keywords = {ambiguity, artificial intelligence, blockchain, electronic contract, enforceability, Ethereum, interpretations, smart contract, traditional legal contract}, isbn = {978-1-6654-1623-8}, doi = {10.1109/TPSISA52974.2021.00029}, url = {https://ieeexplore.ieee.org/abstract/document/9750226}, author = {Upadhyay, Kritagya and Dantu, Ram and He, Yanyan and Salau, Abiola and Badruddoja, Syed} } @conference {576, title = {Adaptive and Predictive SDN Control During DDoS Attacks}, booktitle = {2020 IEEE International Conference on Intelligence and Security Informatics (ISI)}, year = {2020}, abstract = {

While Distributed Denial of Service (DDoS) attacks continue to plague the Internet, Software Defined Networks (SDNs) offer the promise of configuration elasticity for all devices in the plant to mitigate these attacks and stabilize the network in real-time. Since it is difficult to distinguish between legitimate and attack traffic, we propose a closed-loop feedback control mechanism using a multi-loop proportional, integral (PI) controller and a model predictive controller (MPC) that will regulate the system characteristics with disturbance rejection. Results from our setup implemented in the SDN platform show that our dynamic and predictive control models provide for a graceful degradation of real-time services in the SDN environment in real-time.

}, doi = {10.1109/ISI49825.2020.9280542}, author = {Vempati, Jagannadh and Dantu, Ram and Badruddoja, Syed and Thompson, Mark} } @conference {538, title = {Integrating DOTS With Blockchain Can Secure Massive IoT Sensors}, booktitle = {2020 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW)}, year = {2020}, publisher = {IEEE}, organization = {IEEE}, address = {New Orleans, LA, USA}, abstract = {

This paper presents a novel approach to securing IoT devices by leveraging DDoS Open Threat Signaling (DOTS) architecture on a Blockchain framework. Like many areas of the information technology domain, IoT sensors are also prone to attacks but on a larger scale. There are millions of devices being connected to a central domain to provide different types of services. Since these low-powered IoT devices have constrained technical requirements with less computational capabilities, they lack the capacity to judge their behavior as benign or malignant. IoT relies heavily on the higher level of intelligent nodes to decide on their status. An IoT Controller/Edge server handles the registration and the limited management of devices. Since traditional security is unable to protect the IoT environment sufficiently, we present a Blockchain-based DDoS detection approach to secure and mitigate such attacks in the IoT environment. Our test setup includes dataset from four sensors over two months. These values were tested using a threshold calculation against the variation of temperature, humidity, pressure, and wind direction on that day to find out whether an IoT sensor is under a DDoS attack. Our results show how DOTS can help in detection of attack when mapped on IoT edge computing.

}, keywords = {blockchain, Cybersecurity, DDOS Protection, distributed ledger, Edge Computing, IoT, Smart Contracts}, isbn = {978-1-7281-7445-7}, doi = {10.1109/IPDPSW50202.2020.00156}, url = {https://ieeexplore.ieee.org/abstract/document/9150345}, author = {Badruddoja, Syed and Dantu, Ram and Widick, Logan and Zaccagni, Zachary and Upadhyay, Kritagya} } @conference {547, title = {Is your legal contract ambiguous? Convert to a smart legal contract}, booktitle = {2020 IEEE International Conference on Blockchain (Blockchain)}, year = {2020}, publisher = {IEEE}, organization = {IEEE}, abstract = {

A legal contract is something that is in spoken or in written form, which binds a party or multiple parties into given terms and conditions. On the other hand, a smart contract is also a contract which is a computer program that binds parties into given terms and conditions but unlike a legal contract, it is self-executable, efficient, and unambiguous. Almost all legal contracts are complex while reading because of its ambiguous nature. In this paper, we take a real-world ambiguous legal contact as a test contract, and generate various interpretations from it, convert all those interpretations into the smart legal contracts and identify the most ambiguous and accurate smart legal contract by performing various measurements such as transaction fees and ambiguity index for each interpretation. We came to the conclusion that the most ambiguous legal contract would be the contract with general interpretation as it was more complex when written in the smart contract and had many possible interpretations due to ambiguity than the rest of the interpretations.

}, author = {Upadhyay, Kritagya and Dantu, Ram and Zaccagni, Zachary and Badruddoja, Syed} } @conference {403, title = {Blockchain Based Authentication and Authorization Framework for Remote Collaboration Systems}, booktitle = {2019 IEEE 20th International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM)}, year = {2019}, month = {June}, abstract = {

Due to the advantages of blockchain technologies, including decentralization, immutability, transparency and security, people try to replace existing problematic architectures /frameworks with blockchain based ones. In this paper we propose a novel authentication and authorization framework based on blockchain technologies to control access to the resources of an IoT device. In this paper, we focus on devices such as the Cyber Handyman used in remote collaboration applications to develop our framework. We tested our smart contracts on the Ropsten test network. Our results showed that it can handle 25 service requests simultaneously.

}, keywords = {Access Control, authorization, blockchain, Digital Certificate, IoT, remote collaboration, Security}, doi = {10.1109/WoWMoM.2019.8792994}, author = {Widick, Logan and Ranasinghe, Ishan and Dantu, Ram and Jonnada, Srikanth} } @conference {397, title = {CMCAP: Ephemeral Sandboxes for Adaptive Access Control}, booktitle = {Proceedings of the 24th ACM Symposium on Access Control Models and Technologies}, year = {2019}, publisher = {ACM}, organization = {ACM}, address = {New York, NY, USA}, keywords = {adaptive access control, ephemeral sandboxes, information flow control, intrusion prevention, runtime containment}, isbn = {978-1-4503-6753-0}, doi = {10.1145/3322431.3325414}, url = {http://doi.acm.org/10.1145/3322431.3325414}, author = {Bucuti, Theogene and Dantu, Ram and Morozov, Kirill} } @article {415, title = {Detecting driver distraction using stimuli-response EEG analysis}, journal = {CoRR}, volume = {abs/1904.09100}, year = {2019}, url = {http://arxiv.org/abs/1904.09100}, author = {Bajwa, Garima and Fazeen, Mohamed and Dantu, Ram} } @conference {409, title = {Distributed Ledger for Spammers{\textquoteright} Resume}, booktitle = {2019 IEEE Conference on Communications and Network Security (CNS)}, year = {2019}, month = {June}, abstract = {

Unsolicited, and most likely spoofed, robot calls are not just an annoyance, but also carry a potential threat with the onset of automation, impersonation, and even voice manipulation technologies as malicious elements attempt to use deception to steal sensitive information or invoke action. Despite steps taken to protect consumers, the issue appears to be far from under control. In this paper, we propose a solution to use blockchain as a platform to share spam transactions through a peer-to-peer mechanism that will maintain a global database of reported spam transactions in order to identify and trace spam activity effectively. Storing spam transactions on a distributed ledger with consensus-based approval of transactions adds reliability to the data and can optimize the data points that will be available to spam detection algorithms in order to fight spam effectively. As this is peer to peer-based sharing, there is no need to rely on third-party providers for storing and sharing this data to the users. Every spam call received will be added as a detailed transaction on the blockchain to execute a smart contract that will calculate the trustworthiness of the caller. Call records are used to identify spam transactions while the blockchain ledgers store this data. We discuss the relevance and advantages of a distributed ledger to store these transactions. This paper does not aim at solving the spam problem with an optimized detection algorithm but evaluates the characteristics and performance of the blockchain as a distributed ledger and its relevance to serve as a platform for peer-to-peer spam detection mechanisms. We evaluate different blockchain metrics like transaction processing rates, gas costs and ledger sizes and discuss how they scale in order to store the spam reports data on the blockchain.

}, keywords = {blockchain, Peer-to-peer, Robocalls, smart contract, Spam detection}, doi = {10.1109/CNS.2019.8802789}, author = {Muttavarapu, Anudeep and Dantu, Ram and Thompson, Mark} } @conference {582, title = {Micro-Accreditation for Matching Employer E-Hire Needs}, booktitle = {2019 IEEE International Conference on Blockchain (Blockchain)}, year = {2019}, abstract = {

This paper presents a novel way to help match employers{\textquoteright} knowledge requirements with students{\textquoteright} knowledge earned using blockchain{\textquoteright}s smart contracts to assure credentials and track student records. This decentralized approach proposes using the micro-accreditation of topics from the CAE framework to courses and associated tasks, while introducing a revolutionary idea of a blockchain-based peer-reviewed rigor score assignment. Our work and result metrics were completed in Ethereum and connected test networks. We concluded this new approach is mostly efficient and scalable depending on the network load, with faster transaction times when the miners are properly incentivized. Future work will include further fine-tuning of the transaction algorithms to improve time, as well as an investigation into a better consensus model for peer review and rigor determination.

}, doi = {10.1109/Blockchain.2019.00054}, author = {Zaccagni, Zachary and Paul, Aditya and Dantu, Ram} } @conference {587, title = {Verifying OAuth Implementations Through Encrypted Network Analysis}, booktitle = {Proceedings of the 24th ACM Symposium on Access Control Models and Technologies}, year = {2019}, publisher = {Association for Computing Machinery}, organization = {Association for Computing Machinery}, address = {New York, NY, USA}, abstract = {

Verifying protocol implementations via application analysis can be cumbersome. Rapid development cycles of both the protocol and applications that use it can hinder up-to-date analysis. A better approach is to use formal models to characterize the applications platform and then verify the protocol through analysis of the network traffic tied to the models. To test this method, the popular protocol OAuth is considered. Currently, formal models of OAuth do not take into consideration the mobile environment, and implementation verification is largely based on code analysis. Our preliminary results are two fold; we sketch an extension to a formal model that incorporates the specifics of the Android platform and classify OAuth device types using machine learning on encrypted VPN traffic.

}, keywords = {Android, authorization, formal models, network analysis, oauth}, isbn = {9781450367530}, doi = {10.1145/3322431.3326449}, url = {https://doi.org/10.1145/3322431.3326449}, author = {Talkington, Josh and Dantu, Ram and Morozov, Kirill} } @conference {334, title = {Automatic Feedback Control for Graceful Degradation of Real-Time Services in the Face of an Attack}, booktitle = {2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC)}, year = {2018}, month = {Oct}, abstract = {

Distributed denial of service (DDoS) attacks continue to pose a serious threat to various businesses and consumers. With the growth in the number of devices connected to the internet, these attacks continue to grow in number. Despite the availability of security tools, the attacks continue to happen and are causing various businesses to sweat. These tools may take anywhere from a few hours to a few days to counter the attacks, which is unacceptable. In this paper, we put forth a novel feedback control mechanism to minimize the effect of volumetric attacks such as DDoS. During an attack, the feedback control model detects and reduces the impact of the attack by maintaining the service level agreements (SLA) of the network service. The controller makes intelligent decisions to ensure the quality of service (QoS) metrics are gracefully degraded by tuning the micro-firewall rules such as the committed information rate and burst size. A proportional Integral (PI) controller is used as a closed-loop feedback controller to maintain the stability of the network in spite of an attack. This proposed architecture is verified in a lab setup, and we observe that we are able to minimize the degradation of the real-time service so that the user{\textquoteright}s quality of experience (QoE) is preserved. We validate the proposed architecture with a model generated by using the system identification technique. Results from the setup show that the closed-loop feedback control model stabilizes the network in real-time.

}, keywords = {authorisation, automatic feedback control, closed loop systems, closed-loop feedback control model, Computer crime, computer network management, computer network security, DDoS, Distributed Denial of Service attacks, feedback control, Graceful Degradation, Internet, Mathematical model, network service, Packet loss, PI control, proportional Integral controller, QoE, QoS, quality of experience, quality of service, Real Time Services, real-time service, real-time systems, Resilient, service level agreements, service metrics, SLA, state space, Streaming media, System Identification, volumetric attacks}, doi = {10.1109/CIC.2018.00-37}, author = {Vempati, Jagannadh and Ram Dantu} } @article {370, title = {Bridging the Gap: Developing Innovative Minds Early On for Cybersecurity}, year = {2018}, author = {Thompson, Mark and Ram Dantu} } @conference {346, title = {Cyber Handyman and Nursing for Humanitarian Services and Disaster Relief}, booktitle = {2018 IEEE International Symposium on Technologies for Homeland Security (HST)}, year = {2018}, month = {Oct}, abstract = {

Calamities cause immense damage to the lives and properties; emergency management and humanitarian support have always been a challenge in the disaster-hit areas due to deficiency of skilled workforce and increase in demand for available experts. Not all the volunteers have the required technical expertise to handle those situations, utilizing the services of the remotely located experts to enhance the skills of the volunteers can help them to handle the situations efficiently. The existing communication mechanisms do not have the capabilities required for collaborating people over physical tasks, which is crucial during the emergency situations. In this paper, we present two novel remote collaboration systems, Cyber-Handyman and Cyber-Nurse using which the less-trained and inexperienced aid workers can enhance their capabilities with the help from remote experts. These units will be deployed in the disaster sites, and the remote experts access and control the sensors on it to guide the aid workers or the victims. The efficiency of the collaboration over physical tasks, which is vital during emergency situations, depends on the complexity of the protocols utilized and the efficiency of the collaboration system. We also propose a methodology to evaluate the protocol complexity and efficiency of the system. Our experiments and results show that with our collaboration system a remote helper can successfully guide the workers in performing a physical task with minimum difficulty.

}, keywords = {Collaboration, collaboration system, common grounding, Complexity theory, Entropy, Grounding, helper-worker collaboration, human-human collaboration, human-machine collaboration, protocol complexity theory, Protocols, remote collaboration, Senior citizens, Task analysis, voice over IP}, doi = {10.1109/THS.2018.8574176}, author = {Jonnada, Srikanth and Ram Dantu and Ranasinghe, Ishan} } @conference {322, title = {A Decentralized Marketplace Application on the Ethereum Blockchain}, booktitle = {IEEE 4th International Conference on Collaboration and Internet Computing (CIC)}, year = {2018}, month = {10/2018}, publisher = {IEEE}, organization = {IEEE}, address = {Philadelphia, PA, USA}, abstract = {

Modern centralized online marketplaces such as eBay offer an alternative option for consumers to both sell and purchase goods with relative ease. However, drawbacks to these marketplaces include the platform{\textquoteright}s ability to block merchants at their own whim, the fees paid to the platform when listing a product and when selling a product, and the lack of privacy of users{\textquoteright} data. In this paper, we propose an application that remedies all three of these drawbacks through use of the Ethereum blockchain platform. The application was developed using the Truffle development framework. The application{\textquoteright}s functions were contained within an Ethereum smart contract, which was then migrated to the Ethereum network. The user{\textquoteright}s input was read through a web interface and sent to the Ethereum network via the web3.js API. Statistics about the application were gathered on the Rinkeby test network. The application was shown to have an average transaction runtime of 3.8 seconds, and an average gas consumption of 4.6 wei. Contract creation times for the application were shown to be less than a second. A cost analysis of the application was then conducted. The gas consumption of the transactions needed to both buy and sell a product was converted into US dollars, and the gas cost of the application was then compared to the cost to use an online auction marketplace such as eBay as well as an in-person auction house such as Sotheby{\textquoteright}s. The results showed that selling on the application is cheaper than existing online options as well as existing in-person options. These tests showed that our application was successful in addressing the drawbacks of current auction marketplaces.

}, keywords = {API, application program interfaces, auction marketplaces, average gas consumption, blockchain, centralized online marketplaces, Computer science, contract creation times, cost analysis, Cryptocurrency, decentralized, decentralized marketplace application, e-commerce, eBay, electronic commerce, Ethereum, Ethereum blockchain platform, Ethereum network, Ethereum smart contract, gas cost, human factors, in-person options, Internet, marketplace, Measurement, online auction marketplace, online options, peer-to-peer computing, Rinkeby test network, security of data, smart contract, Truffle development framework, user data, user interfaces, Web interface}, doi = {10.1109/CIC.2018.00023}, author = {Ranganthan, Vishnu Prasad and Ram Dantu and Paul, Aditya and Mears, Paula and Morozov, Kirill} } @article {352, title = {Emerging Technologies Workshop I: The Case for AI}, year = {2018}, author = {Hurd, Bryan and Davis, Jeff and Ram Dantu} } @article {364, title = {The Future is Connected: How Can it be Cyber Secure?}, year = {2018}, author = {Davis, Jeff and Khalfan, Shaun and Tiene, Rick and Ram Dantu} } @article {300, title = {A novel heart-mobile interface for detection and classification of heart sounds}, journal = {Biomedical Signal Processing and Control}, volume = {45}, year = {2018}, pages = {313 - 324}, abstract = {

Abstract Diagnosis of heart disease requires that a medical practitioner investigate heart auscultations for irregular sounds, followed by echocardiography and electrocardiography tests. These expensive tests also require specialized technicians to operate. We present a low-cost, patient-centered device for the initial screening of the heart sounds that can be potentially used by the users on themselves. They can later share these readings with their healthcare providers. We have created an innovative mobile-health service platform for analyzing and classifying heart sounds. The presented system enables remote patient-monitoring by integrating advanced wireless communications with a customized low-cost stethoscope. This system also permits remote management of a patient{\textquoteright}s cardiac status while maximizing patient mobility. The smartphone application facilitates recording, processing, visualizing, listening to, and classification of heart sounds. We build our classification model using the Mel-Frequency Cepstral Coefficient and Hidden Markov Model. This application is tested in a hospital environment to collect live recordings from patients with positive results. The smartphone application correctly detected 92.68\% of abnormal heart conditions in clinical trials at \{UT\} Southwestern Hospital.

}, keywords = {Hidden Markov Model}, issn = {1746-8094}, doi = {https://doi.org/10.1016/j.bspc.2018.05.008}, url = {https://www.sciencedirect.com/science/article/pii/S1746809418301101}, author = {Thiyagaraja, Shanti and Ram Dantu and Shrestha, Pradhumna and Chitnis, Anurag and Thompson, Mark and Anumandla, Pruthvi and Sarma, Tom and Dantu, Siva} } @conference {310, title = {An OAuth-Based Authorization Framework for Access Control in Remote Collaboration Systems}, booktitle = {National Cyber Summit}, year = {2018}, month = {06/2018}, address = {Huntsville, Alabama, USA}, abstract = {

Advanced human computer interaction systems have made it possible for helpers (professionals) to remotely collaborate with workers (individuals seeking assistance from the professionals). For example, a professional can remotely help a worker fix automobiles or electronics, identify how much of what medication to take, or perform household repairs. We have presented a system, Collaborative Appliance for Remote-help (CARE) that allows for such collaborations. Our system allows a skilled professional or other helper to remotely access and control a worker{\textquoteright}s locally deployed resources over the Internet. These locally deployed resources may include cameras, microphones, speakers, processors, and memory. The remote helper then directs the worker to perform specific tasks to complete the job at hand. Like other Internet of Things (IoT) based systems, CARE is inputconstrained. That is, a worker cannot provide input via a touch screen or keyboard.

The resources are accessed over the Internet. Thus, security and privacy are big concerns. In this paper, we present the authorization and access control framework for the inputconstrained CARE system. This framework has been implemented using the OAuth 2.0 Authorization Framework and has been designed to meet the needs of resource owners who have no technical knowledge. We have shown that our proposed framework is very effective and consistent with the access control guidelines set by the National Institute of Standards and Technology (NIST).

}, author = {Jonnada, Srikanth and Ram Dantu and Shrestha, Pradhumna and Ranasinghe, Ishan and Widick, Logan} } @conference {382, title = {Performance Analysis of Elliptic Curves for Real-Time Video Encryption}, booktitle = {2018 National Cyber Summit (NCS)}, year = {2018}, month = {June}, abstract = {

The use of real-time video streaming is increasing day-by-day, and its security has become a serious issue now. Video encryption is a challenging task because of its large frame size. Video encryption can be done with symmetric key as well as asymmetric key encryption. Among different asymmetric key encryption technique, ECC performs better than other algorithms like RSA in terms of smaller key size and faster encryption and decryption operation. In this work, we have analyzed the performance of 18 different ECC curves and suggested some suitable curves for real-time video encryption.

}, keywords = {Delays, ECC, Elliptic curve cryptography, encryption, Jitter, real-time systems, Real-time video streaming, Security, Streaming media}, doi = {10.1109/NCS.2018.00015}, author = {Sen, Nilanjan and Ram Dantu and Vempati, Jagannadh and Thompson, Mark} } @conference {270, title = {Prediction of human error using eye movements patterns for unintentional insider threat detection}, booktitle = {2018 IEEE 4th International Conference on Identity, Security, and Behavior Analysis (ISBA)}, year = {2018}, month = {Jan}, abstract = {

Threats from the inside of an organization{\textquoteright}s perimeters are a significant problem since it is difficult to distinguish them from benign activities. Recent reports indicate that the accidental/unintentional incidents account for the majority ofall insider security incidents. Human error is a major factor in unintentional insider threat. In this paper, we propose a novel approach for unintentional insider threat (UIT) detection and mitigation based on eye movement patterns. We perform experiments to capture unique characteristics of a user{\textquoteright}s eye movements as they perform several computer-based activities in different scenarios. The goal is to evaluate the effectiveness of using eye movement patterns in determining a user{\textquoteright}s subjective mental workload which is one of the main contributing factors to human error. We extract eye movement and pupil features which allow us to reliably achieve this goal. We evaluate our proposed approach using several classifiers and examine how different subsets of features affect the performance. The results show about 82\% accuracy on average for users wearing eye glasses and an average accuracy of 84.5\% for users without eye glasses. Our results demonstrate that users{\textquoteright} eye movement patterns and pupil behaviors can reveal valuable clues about their subjective mental workload and could be used in developing effective tools for unintentional insider threat detection and mitigation in real-world environments.

}, keywords = {accidental/unintentional incidents, Companies, eye, eye glasses, eye movement patterns, eye movements patterns, Feature extraction, Gaze tracking, Glass, human error prediction, insider security incidents, pupil feature extraction, Security, security of data, subjective mental workload, Task analysis, UIT detection, unintentional insider threat detection, Visualization}, doi = {10.1109/ISBA.2018.8311479}, author = {Takabi, Hassan and Hashem, Yassir and Ram Dantu} } @article {388, title = {On the security of the Courtois-Finiasz-Sendrier signature}, year = {2018}, isbn = {23915455}, url = {https://www.degruyter.com/view/j/math.2018.16.issue-1/math-2018-0011/math-2018-0011.xml}, author = {Morozov, Kirill and Sarathi, Roy Partha and Rainer, Steinwandt and Rui, Xu} } @article {358, title = {Technologies Shaping Transportation of the Future and Smart Cities}, year = {2018}, abstract = {

Connected vehicles and smart cities are two massively transformational technologies. We are already seeing an impact with the investments in economy and society in the connected vehicles and cities. While the private-sector leads the connected car technology investments, the technological development and smart cities innovation is led by state and local governments.\ 

}, author = {Davis, Jeff and Johnson, Steve and LeVine, Minna and Ram Dantu and Rojas-Levi, Elizabeth} } @article {376, title = {True Matching of Employers{\textquoteright} Needs}, year = {2018}, address = {Miami, Florida}, author = {Ram Dantu and Paul, Aditya} } @conference {340, title = {Uninterrupted Video Surveillance in the Face of an Attack}, booktitle = {2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)}, year = {2018}, month = {Aug}, abstract = {

Distributed denial of service (DDoS) attacks continue to plague businesses and consumers alike, and due to an ever-growing digital landscape, these attacks are expected to grow in size and complexity. Current mitigation techniques ranging from hours to days are completely unacceptable given the cost and inconvenience these attacks place in our society. This paper puts forth three feedback control mechanisms to minimize the effects of DDoS attacks on real-time traffic. The first, called differentiated services code point (DSCP) Markdown, is a passive approach that uses micro firewall rules to lower the priority of out-of-profile packets while a second mechanism actively drops the out-of-profile packets based on rate and burst size parameters. The third technique uses parallel links when feedback is applied to stabilize the network after an attack has been detected. Results from all three techniques have shown to have a positive effect on real-time traffic. The first two approaches were able to stabilize network traffic in real-time, while the parallel links technique resulted in a slight delay. We validate the feedback mechanisms with our model that was generated using the system identification technique. Results show that the feedback architecture provides a fit accuracy with positive results.

}, keywords = {attack mitigation techniques, authorisation, autoregressive processes, burst size parameters, Computer crime, computer network security, DDoS, DDoS attacks, differentiated services code point markdown, DiffServ networks, distributed denial of service attack, DSCP, DSCP Markdown approach, feedback control, feedback mechanisms, Internet, IP networks, Jitter, Mathematical model, micro-firewall, out-of-profile packets, parallel links technique, QoS, quality of service, real-time services, real-time systems, Resilient, Streaming media, system identification technique, uninterrupted video surveillance, video surveillance}, doi = {10.1109/TrustCom/BigDataSE.2018.00121}, author = {Vempati, Jagannadh and Ram Dantu and Thompson, Mark} } @conference {281, title = {Feedback Control for Resiliency in Face of an Attack}, booktitle = {Proceedings of the 12th Annual Conference on Cyber and Information Security Research}, year = {2017}, publisher = {ACM}, organization = {ACM}, address = {New York, NY, USA}, abstract = {

Distributed Denial of Service(DDoS) attacks are inevitable. The existing defensive mechanisms are relatively outdated. In this paper, we present a passive mechanism to reduce the impact of an attack on the network. We designed and implemented a robust feedback architecture, to maintain the stability of the network despite attacks. During an attack, the controller of the feedback architecture detects the irregularities in the response time and the necessary changes are made to the configuration to maintain the network in steady state. In this approach first, we model the network using black-box system identification technique. Second, we validate the model with test data by conducting various experiments such as varying the network topology. Last, we test the model with the feedback architecture built in our lab environment. Results show that the feedback architecture provides an average model fit accuracy with positive results.

}, isbn = {978-1-4503-4855-3}, doi = {10.1145/3064814.3064815}, url = {http://doi.acm.org/10.1145/3064814.3064815}, author = {Vempati, Jagannadh and Thompson, Mark and Ram Dantu} } @conference {316, title = {Insider Threat Detection Based on Users{\textquoteright} Mouse Movements and Keystrokes Behavior}, booktitle = {Secure Knowledge Management Workshop}, year = {2017}, month = {10/2017}, abstract = {

Insider threat is considered as one of the most\  serious threats in cybersecurity and has been a prime security\  concern for government and industry. Traditional approaches\  can{\textquoteright}t provide efficient solutions, and the threat keeps raising.\  In this paper, we propose a new approach to insider threat\  detection and prediction based on the user{\textquoteright}s mouse movements\  and keystrokes behavior. We conduct human subject experiments\  with 30 participants and capture their mouse movements and\  keystroke dynamics as they perform several computer-based\  activities in both benign and malicious scenarios. We extract\  features and evaluate our approach using several classifiers and\  statistical analysis measures. The results show that participants\  performing malicious tasks showed faster speed and longer mouse\  movements, and long left click and keystroke duration than the\  benign tasks. Our results suggest that users{\textquoteright} mouse movements\  and keystrokes behavior can reveal valuable knowledge about\  their malicious behavior and can be used as indicators in the\  insider threat monitoring and detection frameworks.

}, author = {Hashem, Yassir and Takabi, Hassan and Ram Dantu} } @conference {269, title = {A Multi-Modal Neuro-Physiological Study of Malicious Insider Threats}, booktitle = {Proceedings of the 2017 International Workshop on Managing Insider Security Threats}, year = {2017}, publisher = {ACM}, organization = {ACM}, address = {New York, NY, USA}, keywords = {electroencephalogram (eeg), eye tracking, insider threat, neuroscience}, isbn = {978-1-4503-5177-5}, doi = {10.1145/3139923.3139930}, url = {http://doi.acm.org/10.1145/3139923.3139930}, author = {Hashem, Yassir and Takabi, Hassan and Ram Dantu and Nielsen, Rodney} } @conference {262, title = {Optimized and Secured Transmission and Retrieval of Vital Signs from Remote Devices}, booktitle = {2017 IEEE/ACM International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE)}, year = {2017}, month = {July}, abstract = {

Smartphones and other mobile platforms provide a low cost and easily accessible method of monitoring patient health, and aid healthcare professionals in early detection of disease. Immediate access to the gathered data is an essential factor in effective patient care. But the current processes used for patients{\textquoteright} vital data collection is slow and error prone. This undermines the advantages of remote monitoring that mobile platforms for health monitoring provide. In this paper, we propose to upload the patient health information to the Cloud. We investigate three different models to transfer data from the smartphone to the Cloud-perform all computations in the smartphone, perform all computations in the Cloud, and divide the computations between the smartphone and the Cloud. The second approach was found to be infeasible due to very high latency in data transfer with a delay of 2.84 seconds at an upload speed of 2500 KBytes per second. In order to protect the privacy of patients, it is required by law that the data gathered from remote monitoring by using mobile platforms must be kept private, and be secured before uploading to the Cloud. This paper explores the use of prominent public key encryption algorithms and their performance on a mobile device to securely transmit confidential electronic personal health information to the Cloud. We analyze performance of three common public key encryption schemes -RSA, Diffie-Hellman, and ECC. It is shown that 160 bit key size in ECC scheme provides the same level of security that a 1024 bit key size does in RSA and Diffie-Hellman. Further, the encryption and decryption time required by ECC is three times less than the other two schemes. Hence, ECC not only requires a smaller key size to provide the same level of security, but also faster encryption and decryption times as compared to the other two schemes. This makes ECC algorithms suitable to be implemented in resource constrained mobile platforms. We also compared ECC curves from three different standards - NIST, SECG, and Brainpool - to determine the optimum ECC curve, and key size to encrypt data in the mobile phone platform. It is shown that the Brainpool curve performed better than the other two standards when the key size is less than 521 bits. We also measured the latency of uploading encrypted data in a wide variety of WiFi and mobile networks.

}, keywords = {Brainpool curve, Cloud computing, confidential electronic personal health information, data transfer, decryption, Diffie-Hellman, Diseases, ECC algorithms, ECC curves, encryption, error prone, health care, healthcare professionals, Mobile communication, mobile device, mobile health, mobile networks, mobile phone platform, patient care, patient health information, patient health monitoring, patient vital data collection, Performance evaluation, public key cryptography, public key encryption algorithms, remote devices, remote monitoring, resource constrained mobile platforms, RSA, secured transmission, Security, servers, smart phones, smartphones, vital signs, WiFi}, doi = {10.1109/CHASE.2017.55}, author = {Thiyagaraja, Shanti and Ram Dantu and Shrestha, Pradhumna and Thompson, Mark and Smith, Christopher} } @article {261, title = {Real-Time Mobile Device-Assisted Chest Compression During Cardiopulmonary Resuscitation}, journal = {American Journal of Cardiology}, volume = {120}, year = {2017}, pages = {196 - 200}, isbn = {0002-9149}, url = {http://dx.doi.org/10.1016/j.amjcard.2017.04.007}, author = {Sarma, Satyam and Bucuti, Hakiza and Chitnis, Anurag and Klacman, Alex and Ram Dantu} } @article {286, title = {911 services and vital sign measurement utilizing mobile phone sensors and applications}, year = {2016}, month = {11/2016}, publisher = {University of North Texas}, address = {US}, abstract = {

Improved methods for utilizing 911 services, for implementing 911 dispatch protocols, and for measuring vital signs of a human, all by accessing mobile phone sensors and applications, are disclosed. Vital signs such as heart rate, breathing rate, breathing distress, and blood pressure can be measured using mobile phone sensors and applications. A method for differential estimation of blood pressure involves the synchronization of time between two mobile phones, locating an appropriate position for one cell phone and recording heart sounds, and recording video data from the finger tip of the subject using the other mobile phone.

}, keywords = {data, patient, rate, Remote, video}, issn = {US9485345B2}, url = {https://patents.google.com/patent/US9485345/en}, author = {Ram Dantu and Chandrasekaran, Vikram and Gupta, Neeraj} } @conference {263, title = {Automating ECU Identification for Vehicle Security}, booktitle = {2016 15th IEEE International Conference on Machine Learning and Applications (ICMLA)}, year = {2016}, month = {Dec}, abstract = {

The field of vehicular cybersecurity has received considerable media and research attention in the past few years. Given the increasingly connected aspect of consumer automobiles, along with the inherent danger of these machines, there has been a call for experienced security researchers to contribute towards the vehicle security domain. The proprietary nature of Controller Area Network (CAN) bus messages, however, creates a barrier of entry for those unfamiliar, due to the need to identify what the messages on a given vehicle{\textquoteright}s bus are broadcasting. This work aims to automate the process of correlating CAN bus messages with specific Electronic Control Unit (ECU) functions in a new vehicle, by creating a machine learning classifier that has been trained on a dataset of multiple vehicles from different manufacturers. The results show that accurate classification is possible, and that some ECUs that broadcast similar vehicle dynamics broadcast similar CAN messages.

}, keywords = {Acceleration, automobiles, automotive electronics, automotive security, Brakes, broadcasting, CAN bus, CAN bus messages, classification, consumer automobiles, control engineering computing, controller area network, controller area networks, ECU identification automation, electronic control unit, electronic engineering computing, embedded systems, learning (artificial intelligence), machine learning, machine learning classifier, pattern classification, Protocols, Security, security of data, Training, vehicle bus, vehicular ad hoc networks, vehicular cybersecurity, Wheels}, doi = {10.1109/ICMLA.2016.0111}, author = {Jaynes, Michael and Ram Dantu and Varriale, Roland and Evans, Nathaniel} } @article {273, title = {Inside the Mind of the Insider: Towards Insider Threat Detection Using Psychophysiological Signals}, journal = {Journal of Internet Services and Information Security}, volume = {6}, year = {2016}, month = {02}, pages = {20-36}, author = {Hashem, Yassir and Takabi, Hassan and GhasemiGol, Mohammad and Ram Dantu} } @article {94, title = {Neurokey: towards a new paradigm of cancelable biometrics-based key generation using electroencephalograms}, journal = {Computers \& Security}, year = {2016}, pages = {-}, abstract = {

\ Brain waves (Electroencephalograms, EEG) can provide conscious, continuous human authentication for the proposed system. The advantage of brainwave biometry is that it is nearly impossible to forge or duplicate as the neuronal activity of each person is unique even when they think about the same thing.

We propose exploiting the brain as a biometric physical unclonable function (PUF). A user{\textquoteright}s \{EEG\} signals can be used to generate a unique and repeatable key that is resistant to cryptanalysis and eavesdropping, even against an adversary who obtains all the information regarding the system. Another objective is to implement a simplistic approach of cancelable biometrics by altering one{\textquoteright}s thoughts.

Features for the first step, Subject Authentication, are obtained from each task using the energy bands obtained from Discrete Fourier Transform and Discrete Wavelet Transform. The second step constituting the Neurokey generation involves feature selection using normalized thresholds and segmentation window protocol.

We applied our methods to two datasets, the first based on five mental activities by seven subjects (325 samples) and the second based on three visually evoked tasks by 120 subjects (10,861 samples). These datasets were used to analyze the key generation process because they varied in the nature of data acquisition, environment, and activities. We determined the feasibility of our system using a smaller dataset first. We obtained a mean subject classification of 98.46\% and 91.05\% for Dataset I and Dataset {\.I}I\} respectively. After an appropriate choice of features, the mean half total error rate for generating Neurokeys was 3.05\% for Dataset I and 4.53\% for Dataset II, averaged over the subjects, tasks, and electrodes. A unique key was established for each subject and task, and the error rates were analyzed for the Neurokey generation protocol. \{NIST\} statistical suite of randomness tests were applied on all the sequences obtained from the Neurokey generation process.

A consistent, unique key for each subject can be obtained using \{EEG\} signals by collecting data from distinguishable cognitive activities. Moreover, the Neurokey can be changed easily by performing a different cognitive task, providing a means to change the biometrics in case of a compromise (cancelable).

}, keywords = {Authentication, biometrics, cryptographic keys, cryptography, electroencephalograms, key generation, Security}, issn = {0167-4048}, doi = {http://dx.doi.org/10.1016/j.cose.2016.06.001}, url = {http://www.sciencedirect.com/science/article/pii/S0167404816300669}, author = {Bajwa, Garima and Ram Dantu} } @conference {264, title = {Realizing Optimal Chest Compression Fraction During Cardiopulmonary Resuscitation}, booktitle = {2016 IEEE First International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE)}, year = {2016}, month = {June}, abstract = {

Cardiopulmonary Resuscitation (CPR) is usually preformed in complex situations with multiple parties with a wide range of capabilities. These situations require intermediate pauses for defibrillation, applying advanced airways, and switching CPR administrators. One of the biggest unknowns if chest compression fraction (CCF), which is the optimal fraction of time spent applying compressions. Using the American Heart Association (AHA) guidelines for CPR and rational actor models from game theory, we show the validity of the recommended CCF set by the by the AHA.

}, keywords = {airways, Cardiac arrest, cardiopulmonary resuscitation, cardiovascular system, Chest Compression Fraction, CPR, CPR administrator switching, defibrillation, defibrillators, game theory, Games, Guidelines, Heart, lung, Measurement, optimal chest compression fraction, pneumodynamics, rational actor models}, doi = {10.1109/CHASE.2016.41}, author = {Talkington, Josh and Ram Dantu} } @article {328, title = { Effective CPR Procedure With Real-Time Evaluation and Feedback Using Smartphones }, number = {US20150351647A1}, year = {2015}, month = {12/2015}, abstract = {

A method for performing CPR, comprising activating an application on one or more mobile phones having one or more sensors, placing one or more mobile phones on the finger of a subject to collect information about the subject, determining whether CPR is necessary based on the collected information about the subject, calibrating the sensors of the one or more mobile phones, placing the one or more mobile phones in a position on a hand of a user of the one or more mobile phones, administering chest compressions to the subject, activating a sensor of the one or more mobile phones, including an accelerometer sensor, to permit the application to capture information about the chest compression rate and displacement relating to movement of the chest of the subject, and transmitting the chest compression rate and displacement information of the subject to the emergency dispatcher using the mobile phone.

}, author = {Ram Dantu and Gupta, Neeraj and Dantu, Vishnu and Morgan, Zachary} } @article {230, title = {Fitts Law Extensions for Multiple Joint Movements}, volume = {96}, year = {2015}, pages = {e61}, doi = {10.1016/j.apmr.2015.08.205}, author = {Gupta, Neeraj and Ram Dantu and Dantu, Siva and Nana, Arvind} } @conference {88, title = {A framework for secured collaboration in mHealth}, booktitle = {Collaboration Technologies and Systems (CTS), 2015 International Conference on}, year = {2015}, month = {06/2015}, abstract = {

We have designed a novel framework of services, protocols and technologies to ensure the secure collaboration in M2M networks, specifically in mobile health. The promise of mobile health to reform preventive self-care opens new doors for remote monitoring to improve health care communication. With cardiopulmonary resuscitation (CPR) as an example, we classify our M2M elements into services, roles, human-computer protocols and technologies through which we require trust, anonymity, scalability, and active detachment. We simulate a scenario in which a patient needs CPR and through the use of widely available technologies (such as a smartphone and secure web sockets) we demonstrate a technological collaboration that facilitates secure emergency mobile health services.

}, keywords = {cardiology, cardiopulmonary resuscitation, Cardiopulmonary resuscitation(CPR), Collaboration, Computers, CPR, health care, health care communication, human computer interaction, human-computer protocol, M2M network, machine to machine(M2M), Medical services, mHealth, Mobile communication, mobile computing, mobile health, Protocols, remote monitoring, Scalability, secure collaboration, secure emergency mobile health services, secured collaboration, security of data, servers, smart phones, smartphone}, doi = {10.1109/CTS.2015.7210450}, author = {Widick, Logan and Talkington, Josh and Bajwa, Garima and Ram Dantu} } @conference {107, title = {An opportunistic encryption extension for the DNS protocol}, booktitle = {Intelligence and Security Informatics (ISI), 2015 IEEE International Conference on}, year = {2015}, month = {May}, abstract = {

Confidentiality for DNS transactions has been a low-priority concern in DNS security for a long time due to performance requirements for the functionality of DNS and the fact that data in the DNS is considered public. However, the information carried in DNS transactions, if collected and analyzed, can pose real threats to personal privacy. This makes DNS a good target for passive eavesdropping to collect data for many purposes some of which may be malicious. The protocol described in this document is intended to facilitate an opportunistic negotiation of encryption in the DNS to provide confidentiality for the last mile of DNS resolution. It defines procedures to discover encryption-aware servers and how to establish a relationship with them with minimum overhead.

}, keywords = {computer network security, cryptographic protocols, DNS protocol, DNS security, DNS transactions, encryption, Internet, opportunistic encryption extension, passive eavesdropping, performance requirements, personal privacy, pose real threats, Privacy, Protocols, Public key, servers}, doi = {10.1109/ISI.2015.7165976}, author = {Bucuti, Theogene and Ram Dantu} } @conference {233, title = {Pass-pic: A mobile user authentication}, booktitle = {Intelligence and Security Informatics (ISI), 2015 IEEE International Conference on}, year = {2015}, month = {May}, abstract = {

Conventional authentication methods utilizing alphanumeric username and passwords, PIN numbers, or any combination thereof have many weaknesses. On modern smart phones there are multiple ways users can authenticate. The traditional username password combination is used often as well as PIN passwords and pattern based passwords. The problem with these methods is that they are still vulnerable. A short password or to a much greater extent a PIN, or a pattern password can be defeated by various techniques such as smudge attacks, key loggers and so on. Our aim with Pass-Pic is to implement a picture based authentication system that is both more secure and easier for the user to both input and remember.

}, keywords = {alphanumeric username, Authentication, key loggers, Keyboards, message authentication, mobile authentication, Mobile communication, mobile user authentication, pass-pic, passwords, pattern based passwords, picture based authentication system, PIN numbers, Random access memory, Security, smart phones, smudge attacks, Vibrations}, doi = {10.1109/ISI.2015.7165977}, author = {Bajwa, Garima and Ram Dantu and Aldridge, Ryan} } @conference {271, title = {PhD Forum: A System Identification Approach to Monitoring Network Traffic Security}, booktitle = {2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing}, year = {2015}, month = {Nov}, abstract = {

Network security is a growing area of interest for cyber systems, especially given the increasing number of attacks on companies each year. Though there are a vast amount of tools already available, System Identification (SI) complements intrusion detection systems to help manage network traffic stability. SI is the science of building mathematical models of dynamic systems. This paper introduces the use of SI for modeling network traffic and utilizes a linear time invariant model to analyze performance of real connections and attack instances. We generated several ARX models where each represented a different threat state in the network. We utilized the KDD CUP 1999{\textquoteright}s DARPA dataset to analyze the performance when dealing with different attacks. Results show that the average model fit was 84.14\% when determining if the system was experiencing normal traffic. This value is promising because it shows how well the system is able to determine a network state in a given time when fed input.

}, keywords = {ARX, ARX model, autoregressive processes, Computational modeling, computer network security, Computer security, cyber system, dynamic system, Electronic mail, intrusion detection system, linear time invariant model, Mathematical model, Models, network traffic security, network traffic stability, Predictive models, Security, Silicon, System Identification, system identification approach, telecommunication traffic}, doi = {10.1109/CSCloud.2015.85}, author = {Mayo, Quentin and Bryce, Renee and Ram Dantu} } @article {231, title = {Quantifying Dynamic Cerebral Autoregulation using Electroencephalograms}, volume = {96}, year = {2015}, pages = {e69}, doi = {10.1016/j.apmr.2015.08.231}, author = {Bajwa, Garima and Ram Dantu and Nana, Arvind} } @conference {232, title = {Random anonymization of mobile sensor data: Modified Android framework}, booktitle = {Intelligence and Security Informatics (ISI), 2015 IEEE International Conference on}, year = {2015}, month = {May}, abstract = {

With the increasing ability to accurately classify activities of mobile users from what was once viewed as innocuous mobile sensor data, the risk of users compromising their privacy has risen exponentially. Currently, mobile owners cannot control how various applications handle the privacy of their sensor data, or even determine if a service provider is adversarial or trustworthy. To address these privacy concerns, third party applications have been designed to allow mobile users to have control over the data that is sent to service providers. However, these applications require users to set flags and parameters that place restrictions on the anonymized or real sensor data that is sent to the requestor. Therefore, in this paper, we introduce a new framework, RANDSOM, that moves the decision-making from the application level to the operating system level.

}, keywords = {Accelerometers, Android, anonymized, application level, Data models, data privacy, Hidden Markov models, Mobile communication, mobile computing, mobile sensor data, mobile users, modified Android framework, operating system level, pervasive, Privacy, privacy concerns, provider, random anonymization, RANDSOM, RANDSOM framework, sensor data privacy, service providers, smart phone, smart phones, telecommunication security, third party applications}, doi = {10.1109/ISI.2015.7165968}, author = {Claiborne, Cynthia and Ncube, Cathy and Ram Dantu} } @conference {268, title = {Towards Insider Threat Detection Using Psychophysiological Signals}, booktitle = {Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats}, year = {2015}, publisher = {ACM}, organization = {ACM}, address = {New York, NY, USA}, keywords = {brain computer interface, electroencephalograph, insider threat detection, physiological indicators}, isbn = {978-1-4503-3824-0}, doi = {10.1145/2808783.2808792}, url = {http://doi.acm.org/10.1145/2808783.2808792}, author = {Hashem, Yassir and Takabi, Hassan and GhasemiGol, Mohammad and Ram Dantu} } @conference {100, title = {Unintentional bugs to vulnerability mapping in Android applications}, booktitle = {Intelligence and Security Informatics (ISI), 2015 IEEE International Conference on}, year = {2015}, month = {May}, abstract = {

The intention of an Android application, determined by the source code analysis is used to identify potential maliciousness in that application (app). Similarly, it is possible to analyze the unintentional behaviors of an app to identify and reduce the window of vulnerabilities. Unintentional behaviors of an app can be any developmental loopholes such as software bugs overlooked by a developer or introduced by an adversary intentionally. FindBugsTM and Android Lint are a couple of tools that can detect such bugs easily. A software bug can cause many security vulnerabilities (known or unknown) and vice-versa, thus, creating a many-to-many mapping. In our approach, we construct a matrix of mapping between the bugs and the potential vulnerabilities. A software bug detection tool is used to identify a list of bugs and create an empirical list of the vulnerabilities in an app. The many-to-many mapping matrix is obtained by two approaches - severity mapping and probability mapping. These mappings can be used as tools to measure the unknown vulnerabilities and their strength. We believe our study is the first of its kind and it can enhance the security of Android apps in their development phase itself. Also, the reverse mapping matrix (vulnerabilities to bugs) could be used to improve the accuracy of malware detection in Android apps.

}, keywords = {Android (operating system), Android applications, Android Lint, Androids, bugs, Computer bugs, Conferences, development phase, developmental loopholes, FindBugsTM, Humanoid robots, Indexes, invasive software, malware detection, many-to-many mapping matrix, mapping, matrix algebra, probability, probability mapping, program debugging, reverse mapping matrix, Security, security vulnerabilities, severity mapping, Software, software bug detection tool, software bugs, software tools, source code (software), source code analysis, unintentional behavior analysis, unintentional bugs, vulnerability, vulnerability mapping}, doi = {10.1109/ISI.2015.7165966}, author = {Bajwa, Garima and Fazeen, Mohamed and Ram Dantu and Tanpure, Sonal} } @conference {67, title = {Another free app: Does it have the right intentions?}, booktitle = {Privacy, Security and Trust (PST), 2014 Twelfth Annual International Conference on}, year = {2014}, month = {July}, abstract = {

Security and privacy holds a great importance in mobile devices due to the escalated use of smart phone applications (app). This has made the user even more vulnerable to malicious attacks than ever before. We aim to address this problem by proposing a novel framework to identify potential Android malware apps by extracting the intention and their permission requests. First, we constructed a dataset consisting of 1,730 benign apps along with 273 malware samples. Then, both datasets were subjected to source code extraction. From there on, we followed a two phase approach to identify potential malware samples. In phase 1, we constructed a machine learning model to group benign apps into different clusters based on their operations known as the task-intention. Once we trained the model, it was used to identify the task-intention of an Android app. Further, in this phase, we only used the benign apps to construct the task-intentions and none of the malware signatures were involved. Therefore, our approach does not use machine learning models to identify malware apps. Then, for each task-intention group, we extracted the permission-requests of the apps and constructed the probability mass functions (PMF). We named the shape of this PMF as Intention-Shape or I-Shape. In phase 2, we used the permission-requests, task-intentions and I-Shapes to identify potential malware apps. We compared the permission-requests of an unknown app with its corresponding I-Shape to identify the potential malware apps. Using this approach, we obtained an accuracy of 89\% in detecting potential malware samples. The novelty of our work is to perform potential malware identification without training any models with malware signatures, and utilization of I-Shapes to identify such potential malware samples. Our approach can be utilized to identify the safety of an app before it is installed as it performs static code analysis. Further, it can be utilized in pre-screening or multi-layer security sys- ems. It is also highly useful in screening malware apps when launching in Android markets.

}, keywords = {Android app task-intention identification, Android malware apps, Androids, benign apps, clusters, Feature extraction, Humanoid robots, I-Shape, intention-shape, invasive software, learning (artificial intelligence), machine learning model, malicious attacks, Malware, Mathematical model, mobile computing, permission-requests, PMF, probability mass functions, Shape, smart phone applications, smart phones, source code (software), source code extraction, static code analysis, Unsupervised learning}, doi = {10.1109/PST.2014.6890950}, author = {Fazeen, Mohamed and Ram Dantu} } @conference {74, title = {Context-aware Multimedia Encryption in Mobile Platforms}, booktitle = {Proceedings of the 9th Annual Cyber and Information Security Research Conference}, year = {2014}, publisher = {ACM}, organization = {ACM}, address = {New York, NY, USA}, abstract = {

Voice over IP (VoIP) is a part of multimedia content and this communication is growing rapidly in portable devices due to its attractive features. Secure communication is critical as most of such communications are routed through public channels. Establishing secure VoIP communication is computationally expensive. Modern high strength encryption algorithms such as AES, RSA, Serpent, etc. need high computational power for encryption. On the mobile platform this is a significant factor due to its constrained power resources. In this work we are presenting a novel idea of encrypting VoIP speech data while conserving resources without compromising the security of the VoIP communication. First, the algorithm detects the content of the speech data and identifies its context. Then sensitive sections of the conversation are separated. In the last step, these sections are encrypted with a high strength cryptographic algorithm while other parts are encrypted with a less strength algorithm for better performance. In this way unnecessary encryption power is spared. This will conserve computational power while ensuring the security of sensitive information. Also, we discuss some of the crucial potential attack vectors and their defense mechanisms. Finally, we implemented a prototype to test our concept and we observed an average of 39\% reduction in computational time.

}, keywords = {Android, context-aware, encryption, speech recognition, VoIP}, isbn = {978-1-4503-2812-8}, doi = {10.1145/2602087.2602115}, url = {http://doi.acm.org/10.1145/2602087.2602115}, author = {Fazeen, Mohamed and Bajwa, Garima and Ram Dantu} } @article {98, title = {Effective CPR Procedure With Real Time Evaluation and Feedback Using Smartphones}, journal = {IEEE Journal of Translational Engineering in Health and Medicine}, volume = {2}, year = {2014}, pages = {1-11}, abstract = {

Timely cardio pulmonary resuscitation (CPR) can mean the difference between life and death. A trained person may not be available at emergency sites to give CPR. Normally, a 9-1-1 operator gives verbal instructions over the phone to a person giving CPR. In this paper, we discuss the use of smartphones to assist in administering CPR more efficiently and accurately. The two important CPR parameters are the frequency and depth of compressions. In this paper, we used smartphones to calculate these factors and to give real-time guidance to improve CPR. In addition, we used an application to measure oxygen saturation in blood. If blood oxygen saturation falls below an acceptable threshold, the person giving CPR can be asked to do mouth-to-mouth breathing. The 9-1-1 operator receives this information real time and can further guide the person giving CPR. Our experiments show accuracy \>90\% for compression frequency, depth, and oxygen saturation.

}, keywords = {Acceleration, Accelerometers, blood, blood oxygen saturation, cardio pulmonary resuscitation, cardiology, compression depth, compression frequency, CPR, CPR parameters, CPR procedure, depth of compression, Feedback, Frequency measurement, frequency of compression, medical computing, mouth-to-mouth breathing, Oxygen, oxygen saturation, pneumodynamics, real-time evaluation, real-time systems, smart phones, smartphones, verbal instructions}, issn = {2168-2372}, doi = {10.1109/JTEHM.2014.2327612}, author = {Gupta, Neeraj and Dantu, Vishnu and Ram Dantu} } @conference {216, title = {Smart phone monitoring of second heart sound split}, booktitle = {2014 36th Annual International Conference of the IEEE Engineering in Medicine and Biology Society}, year = {2014}, month = {Aug}, abstract = {

Heart Auscultation (listening to heart sounds) is the basic element of cardiac diagnosis. The interpretation of these sounds is a difficult skill to acquire. In this work we have developed an application to detect, monitor, and analyze the split in second heart sound (S2) using a smart phone. The application records the heartbeat using a stethoscope connected to the smart phone. The audio signal is converted into the frequency domain using Fast Fourier Transform to detect the first and second heart sounds (S1 and S2). S2 is extracted and fed into the Discrete Wavelet Transform (DWT) and then to Continuous Wavelet Transform (CWT) to detect the Aortic (A2) and the Pulmonic (P2) components, which are used to calculate the split in S2. With our application, users can continuously monitor their second heart sound irrespective of ages and check for a split in their hearts with a low-cost, easily available equipment.

}, keywords = {acoustic signal processing, aortic component, biomedical equipment, Biomedical monitoring, cardiac diagnosis, cardiology, continuous wavelet transform, Continuous wavelet transforms, discrete wavelet transform, discrete wavelet transforms, fast Fourier transform, fast Fourier transforms, frequency domain, Heart, heart auscultation, heartbeat recording, medical signal processing, Monitoring, patient diagnosis, patient monitoring, pulmonic component, second heart sound split, smart phone monitoring, smart phones, stethoscope}, doi = {10.1109/EMBC.2014.6944050}, author = {Thiyagaraja, Shanti and Vempati, Jagannadh and Ram Dantu and Sarma, Tom and Dantu, Siva} } @conference {92, title = {Tire-road friction estimation utilizing smartphones}, booktitle = {Information Reuse and Integration (IRI), 2014 IEEE 15th International Conference on}, year = {2014}, month = {08/2014}, abstract = {

Tire-road friction is an important parameter for a number of different safety features present in modern-day vehicles, and the knowledge of this friction may also prove useful to the driver of a vehicle while it is in motion. In particular, this information may help inform a driver of dangerous low-traction situations that he or she may need to be aware of. Furthermore, since a growing number of drivers have access to Bluetooth-enabled smartphones, it is worth exploring how these devices may be leveraged in concert with vehicular CAN-bus networks to provide valuable safety information.

}, keywords = {Acceleration, Bluetooth, bluetooth-enabled smart phones, CAN-bus, controller area networks, dangerous low-traction situations, driver information systems, Estimation, friction, graphical user interfaces, mobile computing, road safety, road vehicles, Roads, Safety, safety information, smart phones, tire-road friction estimation, traction, tyres, vehicle safety features, Vehicles, vehicular CAN-bus networks, vehicular safety, Wheels}, doi = {10.1109/IRI.2014.7051980}, author = {Jaynes, Michael and Ram Dantu} } @conference {235, title = {Android Sensor Data Anonymization}, booktitle = {Research in Attacks, Intrusions, and Defenses: 16th International Symposium, RAID 2013, Rodney Bay, St. Lucia, October 23-25, 2013, Proceedings}, year = {2013}, publisher = {Springer}, organization = {Springer}, author = {Claiborne, Cynthia and Fazeen, Mohamed and Ram Dantu} } @conference {87, title = {Cerebral Autoregulation Assessment Using Electroencephalograms}, booktitle = {Proceedings of the 8th International Conference on Body Area Networks}, year = {2013}, publisher = {ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering)}, organization = {ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering)}, address = {ICST, Brussels, Belgium, Belgium}, abstract = {

This paper presents the possibility of using Electroencephalograms (EEG) signals of an individual for quantitative interpretation of Cerebral Autoregulation (CA). EEG data was recorded during arm cuff inflation to induce dynamic changes in arterial blood pressure and then, Cerebral Blood Flow (CBF) was estimated from EEG using canonical hemodynamic response function (HRF). The assessment of CA was carried out by using power of the various frequency bands of EEG signal.

}, keywords = {Blood pressure, cerebral autoregulation, cerebral blood flow, electroencephalograms}, isbn = {978-1-936968-89-3}, doi = {10.4108/icst.bodynets.2013.253703}, url = {http://dx.doi.org/10.4108/icst.bodynets.2013.253703}, author = {Bajwa, Garima and Ram Dantu} } @article {15, title = {Cuffless Differential Blood Pressure Estimation Using Smart Phones}, journal = {IEEE Transactions on Biomedical Engineering}, volume = {60}, year = {2013}, pages = {1080 - 1089}, abstract = {

Smart phones today have become increasingly popular with the general public for their diverse functionalities such as navigation, social networking, and multimedia facilities. These phones are equipped with high-end processors, high-resolution cameras, and built-in sensors such as accelerometer, orientation-sensor, and light-sensor. According to comScore survey, 26.2\% of U.S. adults use smart phones in their daily lives. Motivated by this statistic and the diverse capability of smart phones, we focus on utilizing them for biomedical applications. We present a new application of the smart phone with its built-in camera and microphone replacing the traditional stethoscope and cuff-based measurement technique, to quantify vital signs such as heart rate and blood pressure. We propose two differential blood pressure estimating techniques using the heartbeat and pulse data. The first method uses two smart phones whereas the second method replaces one of the phones with a customized external microphone. We estimate the systolic and diastolic pressure in the two techniques by computing the pulse pressure and the stroke volume from the data recorded. By comparing the estimated blood pressure values with those measured using a commercial blood pressure meter, we obtained encouraging results of 95{\textendash}100\% accuracy.

}, keywords = {Blood pressure, cuffless, Estimation, finger pulse, Heart, Microphones, mobile camera, Mobile communication, mobile phone, Synchronization, Valves, vascular transit time}, doi = {10.1109/TBME.2012.2211078}, author = {Chandrasekaran, Vikram and Ram Dantu and Jonnada, Srikanth and Thiyagaraja, Shanti and Subbu, Kalyan} } @conference {84, title = {Evaluation of Respiration Quality Using Smart Phone}, booktitle = {Proceedings of the 6th International Conference on PErvasive Technologies Related to Assistive Environments}, year = {2013}, publisher = {ACM}, organization = {ACM}, address = {New York, NY, USA}, abstract = {

Breathing is one of the vital signs that are considered important from medical point of view. The quality of breathing is evaluated by considering several factors. In this paper we present the results of experiments that use a smart phone to evaluate some of the factors to determine the quality of breathing. The accelerometer in the smart phone is used to measure the breathing. We measure subjects with normal breathing, slow breathing, fast breathing and irregular breathing. Our results show that we can evaluate the rate of breathing using a smart phone with an accuracy ranging from 95\% to 100\%. We can also evaluate the regularity and the effort of breathing.

}, keywords = {911 calls, respiration quality, smart phones}, isbn = {978-1-4503-1973-7}, doi = {10.1145/2504335.2504364}, url = {http://doi.acm.org/10.1145/2504335.2504364}, author = {Gupta, Neeraj and Ram Dantu} } @conference {95, title = {Finger Blood Flow Monitoring Using Smart Phones}, booktitle = {Proceedings of the 8th International Conference on Body Area Networks}, year = {2013}, publisher = {ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering)}, organization = {ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering)}, address = {ICST, Brussels, Belgium, Belgium}, abstract = {

The use of smart phones in healthcare applications is growing steadily. The inbuilt sensors are used to estimate the value of physiological data from human body. With progressive innovation, smart phone based medical applications will continue to be developed at an exponential rate. In this paper, we show that a smart phone can be used to monitor the blood flow in finger, based on the pulse height obtained from the fingertips. This is achieved by using the camera lens and the flash light of the smart phone. The height of the pulse rises along with the surrounding temperature indicating that the blood flow increases when the temperature becomes warmer. This study shows that there is a potential to monitor regulation of body temperature using smart phone.

}, keywords = {finger blood flow, finger pulse, mobile health, smart phone}, isbn = {978-1-936968-89-3}, doi = {10.4108/icst.bodynets.2013.253704}, url = {http://dx.doi.org/10.4108/icst.bodynets.2013.253704}, author = {Thiyagaraja, Shanti and Ram Dantu} } @article {25, title = {LocateMe: Magnetic-fields-based Indoor Localization Using Smartphones}, journal = {ACM Trans. Intell. Syst. Technol.}, volume = {4}, year = {2013}, pages = {73:1{\textendash}73:27}, abstract = {

Fine-grained localization is extremely important to accurately locate a user indoors. Although innovative solutions have already been proposed, there is no solution that is universally accepted, easily implemented, user centric, and, most importantly, works in the absence of GSM coverage or WiFi availability. The advent of sensor rich smartphones has paved a way to develop a solution that can cater to these requirements.

By employing a smartphone{\textquoteright}s built-in magnetic field sensor, magnetic signatures were collected inside buildings. These signatures displayed a uniqueness in their patterns due to the presence of different kinds of pillars, doors, elevators, etc., that consist of ferromagnetic materials like steel or iron. We theoretically analyze the cause of this uniqueness and then present an indoor localization solution by classifying signatures based on their patterns. However, to account for user walking speed variations so as to provide an application usable to a variety of users, we follow a dynamic time-warping-based approach that is known to work on similar signals irrespective of their variations in the time axis.

Our approach resulted in localization distances of approximately 2m--6m with accuracies between 80--100\% implying that it is sufficient to walk short distances across hallways to be located by the smartphone. The implementation of the application on different smartphones yielded response times of less than five secs, thereby validating the feasibility of our approach and making it a viable solution.

}, keywords = {Indoor localization, Magnetic fields, smartphones, ubiquitous}, issn = {2157-6904}, doi = {10.1145/2508037.2508054}, url = {http://doi.acm.org/10.1145/2508037.2508054}, author = {Subbu, Kalyan and Gozick, Brandon and Ram Dantu} } @conference {217, title = {NFC Based Two-Pass Mobile Authentication}, booktitle = {Research in Attacks, Intrusions, and Defenses: 16th International Symposium, RAID 2013, Rodney Bay, St. Lucia, October 23-25, 2013, Proceedings}, year = {2013}, publisher = {Springer}, organization = {Springer}, author = {Vempati, Jagannadh and Bajwa, Garima and Ram Dantu} } @conference {97, title = {Quantifying Cognitive Impairment Due to Physical or Mental Stress}, booktitle = {Proceedings of the 6th International Conference on PErvasive Technologies Related to Assistive Environments}, year = {2013}, publisher = {ACM}, organization = {ACM}, address = {New York, NY, USA}, abstract = {

In this paper, we study impairment caused by physical stress and impairment caused by alcohol consumption. We first base line the EEG waves in a meditation state. Then we measure the EEG waves during the physical activities such as walking, climbing stairs and doing sit-ups. We also measure the effect on brain as a person spins while sitting in a revolving chair (simulating a mental stress). Finally, we measure the EEG waves after consumption of alcohol. Our study shows that EEG waves do capture the physical activities that cause impairment. The magnitude of EEG waves increases with increased intensity of stress as measured by physical exercise or alcohol consumption. The magnitude is highest for sit-ups as compared to other activities and the magnitude for sit-ups after alcohol is even higher when compared with magnitude before alcohol consumption. A higher magnitude means lower level of alertness. The results could be used to improve the care of elderly and plan the intensity of their physical activity.

}, keywords = {alcohol consumption, cognitive impairment, EEG waves, physical stress}, isbn = {978-1-4503-1973-7}, doi = {10.1145/2504335.2504384}, url = {http://doi.acm.org/10.1145/2504335.2504384}, author = {Gupta, Neeraj and Ram Dantu} } @booklet {234, title = {Self-Tracking via Brain-Mobile-Cloud Interface}, year = {2013}, abstract = {

Abnormalities in the brain are one of the leading causes of disability amongst people. There is a significant delay between monitoring the onset of these disorders and their treatments. This paper presents a brain-mobile-cloud interface (BMCI) to integrate the mobile platform, cloud computing technology and existing brain monitoring systems to remotely monitor the brain signals of an individual using their electroencephalograms (EEGs) in unconventional environments. Further, we discuss the potential of our proposed framework in applications like tracking mental activities, identifying distracted driving behavior and their corresponding changes in cerebral blood flow (CBF).

}, keywords = {Cerebral Blood Flow (CBF), Electroencephalography (EEG), Mobile cloud Interface, smart phone}, url = {http://www.aaai.org/ocs/index.php/SSS/SSS13/paper/view/5803}, author = {Bajwa, Garima and Ram Dantu and Fazeen, Mohamed and Joseph, Rajiv} } @article {82, title = {Socio-technical Aspects of Remote Media Control for a NG9-1-1 System}, journal = {Multimedia Tools Appl.}, volume = {62}, year = {2013}, pages = {733{\textendash}759}, abstract = {

9-1-1 emergency calls mostly involve distress situations that cause people to panic while trying to answer questions or follow instructions given by a dispatcher. To obtain precious information with the least user intervention and reduced stress on the user, there is a need for the dispatcher to have a better control and understanding of the condition or situation at the other end. The increasing growth of smartphones embedded with camera, speaker phone, GPS, microphone and various other sensors, extends their usage from merely making calls to life saving gadgets during critical situations. By integrating these sensor rich smartphones and the rapidly growing VoIP technology, we propose a VoIP based Next Generation 9-1-1 (NG9-1-1) system for remote media control. Specifically, we use Session Initiation Protocol (SIP) in the implementation of the system using a mobile and a PC client. The proposed system on the mobile client accounted for less than 25\% of CPU utilization even with video transmission. The average network utilization was about 10 and 72 kbps for audio and video, respectively. With these encouraging results, we believe the proposed remote media control system will facilitate information acquisition and decision making in emergency situations.

}, keywords = {Image transmission, Media control, NG9-1-1, PSAP, Remote, SIP, Voice quality, VoIP}, issn = {1380-7501}, doi = {10.1007/s11042-011-0875-1}, url = {http://dx.doi.org/10.1007/s11042-011-0875-1}, author = {Chandrasekaran, Vikram and Ram Dantu and Subbu, Kalyan} } @inbook {91, title = {Event Detection Based on Call Detail Records}, booktitle = {Behavior Computing: Modeling, Analysis, Mining and Decision}, year = {2012}, pages = {305{\textendash}316}, publisher = {Springer London}, organization = {Springer London}, address = {London}, isbn = {978-1-4471-2969-1}, doi = {10.1007/978-1-4471-2969-1_19}, url = {http://dx.doi.org/10.1007/978-1-4471-2969-1_19}, author = {Zhang, Huiqi and Ram Dantu}, editor = {Cao, Longbing and Yu, Philip} } @article {8, title = {Safe Driving Using Mobile Phones}, journal = {Trans. Intell. Transport. Sys.}, year = {2012}, abstract = {

As vehicle manufacturers continue to increase their emphasis on safety with advanced driver-assistance systems (ADASs), we propose a device that is not only already in abundance but portable enough as well to be one of the most effective multipurpose devices that are able to analyze and advise on safety conditions. Mobile smartphones today are equipped with numerous sensors that can help to aid in safety enhancements for drivers on the road. In this paper, we use the three-axis accelerometer of an Android-based smartphone to record and analyze various driver behaviors and external road conditions that could potentially be hazardous to the health of the driver, the neighboring public, and the automobile. Effective use of these data can educate a potentially dangerous driver on how to safely and efficiently operate a vehicle. With real-time analysis and auditory alerts of these factors, we can increase a driver{\textquoteright}s overall awareness to maximize safety.

}, keywords = {Accelerometer, mobile phone, road conditions, sensors, vehicle safety}, doi = {10.1109/TITS.2012.2187640}, url = {http://dx.doi.org/10.1109/TITS.2012.2187640}, author = {Fazeen, Mohamed and Gozick, Brandon and Ram Dantu and Bhukhiya, Moiz and Gonz{\'a}lez, Marta C.} } @article {226, title = {Security Issues in VoIP Telecommunication Networks}, journal = {Handbook on Securing Cyber-Physical Critical Infrastructure: Foundations and Challenges}, year = {2012}, pages = {763{\textendash}789}, abstract = {As VoIP telecommunication networks are becoming popular, more and more VoIP calls are being made to accomplish security critical activities, e.g., E911 services, phone banking. However, the security ramifications of using VoIP have not been fully recognized, and there exists a substantial gap in the understanding of the potential impact of VoIP exploits on the VoIP users. In this chapter, we describe the components and functionalities of non-P2P and P2P VoIP networks and discuss the potential attacks to them such as MITM, spoofing, wiretapping, pharming, etc. We also illustrate a mechanism of using small world network to improve call performance of a P2P VoIP system and evaluate it over the currently deployed OpenVoIP system.}, keywords = {P2P, Security, session initiation protocol, small world networks, telecommunications, voice over IP}, isbn = {978-0-12-415815-3}, doi = {https://doi.org/10.1016/B978-0-12-415815-3.00030-3}, url = {https://www.sciencedirect.com/science/article/pii/B9780124158153000303}, author = {Yang, Xiaohui and Ram Dantu and Wijesekera, Duminda} } @inbook {93, title = {Smart Phone: Predicting the Next Call}, booktitle = {Behavior Computing: Modeling, Analysis, Mining and Decision}, year = {2012}, pages = {317{\textendash}325}, publisher = {Springer London}, organization = {Springer London}, address = {London}, abstract = {

Prediction of incoming calls can be useful in many applications such as social networks, (personal, business) calendar and avoiding voice spam. Predicting incoming calls using just the context is a challenging task. We believe that this is a new area of research in context-aware ambient intelligence. In this paper, we propose a call prediction scheme and investigate prediction based on callers{\textquoteright} behavior and history. We present Holt-Winters method to predict calls from frequent and periodic callers. The Holt-Winters method shows high accuracy. Prediction and efficient scheduling of calls can improve the security, productivity and ultimately the quality of life.

}, isbn = {978-1-4471-2969-1}, doi = {10.1007/978-1-4471-2969-1_20}, url = {http://dx.doi.org/10.1007/978-1-4471-2969-1_20}, author = {Zhang, Huiqi and Ram Dantu}, editor = {Cao, Longbing and Yu, Philip} } @article {28, title = {Behavior-based Adaptive Call Predictor}, journal = {ACM Trans. Auton. Adapt. Syst.}, volume = {6}, year = {2011}, pages = {21:1{\textendash}21:28}, abstract = {

Predicting future calls can be the next advanced feature of the next-generation telecommunication networks as the service providers are looking to offer new services to their customers. Call prediction can be useful to many applications such as planning daily schedules, avoiding unwanted communications (e.g. voice spam), and resource planning in call centers. Predicting calls is a very challenging task. We believe that this is an emerging area of research in ambient intelligence where the electronic devices are sensitive and responsive to people{\textquoteright}s needs and behavior. In particular, we believe that the results of this research will lead to higher productivity and quality of life. In this article, we present a Call Predictor (CP) that offers two new advanced features for the next-generation phones namely {\textquotedblleft}Incoming Call Forecast{\textquotedblright} and {\textquotedblleft}Intelligent Address Book.{\textquotedblright} For the Incoming Call Forecast, the CP makes the next-24-hour incoming call prediction based on recent caller{\textquoteright}s behavior and reciprocity. For the Intelligent Address Book, the CP generates a list of most likely contacts/numbers to be dialed at any given time based on the user{\textquoteright}s behavior and reciprocity. The CP consists of two major components: Probability Estimator (PE) and Trend Detector (TD). The PE computes the probability of receiving/initiating a call based on the caller/user{\textquoteright}s calling behavior and reciprocity. We show that the recent trend of the caller/user{\textquoteright}s calling pattern has higher correlation to the future pattern than the pattern derived from the entire historical data. The TD detects the recent trend of the caller/user{\textquoteright}s calling pattern and computes the adequacy of historical data in terms of reversed time (time that runs towards the past) based on a trace distance. The recent behavior detection mechanism allows CP to adapt its computation in response to the new calling behaviors. Therefore, CP is adaptive to the recent behavior. For our analysis, we use the real-life call logs of 94 mobile phone users over nine months, which were collected by the Reality Mining Project group at MIT. The performance of the CP is validated for two months based on seven months of training data. The experimental results show that the CP performs reasonably well as an incoming call predictor (Incoming Call Forecast) with false positive rate of 8\%, false negative rate of 1\%, and error rate of 9\%, and as an outgoing call predictor (Intelligent Address Book) with the accuracy of 70\% when the list has five entries. The functionality of the CP can be useful in assisting its user in carrying out everyday life activities such as scheduling daily plans by using the Incoming Call Forecast, and saving time from searching for the phone number in a typically lengthy contact book by using the Intelligent Address Book. Furthermore, we describe other useful applications of CP besides its own aforementioned features including Call Firewall and Call Reminder.

}, keywords = {behavior, call logs, call matrix, convergence time, Prediction, trace distance}, issn = {1556-4665}, doi = {10.1145/2019583.2019588}, url = {http://doi.acm.org/10.1145/2019583.2019588}, author = {Phithakkitnukoon, Santi and Ram Dantu and Claxton, Rob and Eagle, Nathan} } @conference {101, title = {Current and Future Trends in Social Media}, booktitle = {2011 IEEE Third Int{\textquoteright}l Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third Int{\textquoteright}l Conference on Social Computing}, year = {2011}, abstract = {

Social networking has been the biggest cultural shift since the industrial revolution, attracting millions of people, creating an ever-expanding social web, and revolutionizing the way we communicate. Although many changes have occurred since the fledgling steps of social networking and what it has evolved into today, improvement is a never-ending cycle. Thus, in this paper, additional methods will be explored to advance social networking overall.

}, keywords = {Buildings, Electronic mail, Facebook, Media, Online Social Networks, Privacy, Social Media, Social Network Trends, Twitter}, doi = {10.1109/PASSAT/SocialCom.2011.125}, author = {Baatarjav, Enkh-Amgalan and Ram Dantu} } @conference {21, title = {Evaluation of gyroscope-embedded mobile phones}, booktitle = {Systems, Man, and Cybernetics (SMC), 2011 IEEE International Conference on}, year = {2011}, address = {Anchorage, AK}, abstract = {

Many mobile phone applications such as pedometers and navigation systems rely on orientation sensors that most smartphones are now equipped with. Unfortunately, these sensors rely on measured accelerometer and magnetic field data to determine the orientation. Thus, accelerations upon the phone which arise from everyday use alter orientation information. Similarly, external magnetic interferences from indoor/urban settings affect the heading calculation, resulting in inaccurate directional information. The inability to determine the orientation during everyday use inhibits many potential mobile applications development. In this work, we exploit the newly built-in gyroscope in the Nexus S smartphone to address the interference problems associated with the orientation sensor. We first perform drift error analysis and apply this to gyroscope calculations. We test simple as well as complex rotations seen in walking applications. We lastly test the gyroscope{\textquoteright}s resistance to described interferences. Experiments show angular calculations with percent error no larger than 6\% from actual rotated values. Further, we are able to determine the phone{\textquoteright}s orientation at any time, in magnetically-interfered areas, with the phone accelerating. With this accurate information we can virtually orient the phone to better use mobile-acquired data. This shows that the presence of a gyroscope in smartphones will certainly aid in numerous applications.

}, keywords = {Acceleration, Accelerometer, Accelerometers, Angular rotation, Gyroscope, Gyroscopes, Magnetic sensors, Mobile communication, Mobile handsets, mobile phone, Orientation sensor}, isbn = {978-1-4577-0652-3}, doi = {10.1109/ICSMC.2011.6083905}, author = {Barthold, Christopher and Subbu, Kalyan and Ram Dantu} } @article {13, title = {Identification of leaders, lurkers, associates and spammers in a social network: context-dependent and context-independent approaches}, journal = {Social Network Analysis and Mining}, volume = {1}, year = {2011}, pages = {241{\textendash}254}, abstract = {

In this paper, we present two methods for classification of different social network actors (individuals or organizations) such as leaders (e.g., news groups), lurkers, spammers and close associates. The first method is a two-stage process with a fuzzy-set theoretic (FST) approach to evaluation of the strengths of network links (or equivalently, actor-actor relationships) followed by a simple linear classifier to separate the actor classes. Since this method uses a lot of contextual information including actor profiles, actor-actor tweet and reply frequencies, it may be termed as a context-dependent approach. To handle the situation of limited availability of actor data for learning network link strengths, we also present a second method that performs actor classification by matching their short-term (say, roughly 25\ days) tweet patterns with the generic tweet patterns of the prototype actors of different classes. Since little contextual information is used here, this can be called a context-independent approach. Our experimentation with over 500 randomly sampled records from a twitter database consists of 441,234 actors, 2,045,804 links, 6,481,900 tweets, and 2,312,927 total reply messages indicates that, in the context-independent analysis, a multilayer perceptron outperforms on both on classification accuracy and a new F-measure for classification performance, the Bayes classifier and Random Forest classifiers. However, as expected, the context-dependent analysis using link strengths evaluated using the FST approach in conjunction with some actor information reveals strong clustering of actor data based on their types, and hence can be considered as a superior approach when data available for training the system is abundant.

}, keywords = {Context dependent and context independent data analysis, Fuzzy logic, MLP, Naive Bayesian classifier, Random Forest, Social networks, Twitter}, issn = {1869-5469}, doi = {10.1007/s13278-011-0017-9}, url = {http://dx.doi.org/10.1007/s13278-011-0017-9}, author = {Fazeen, Mohamed and Ram Dantu and Guturu, Parthasarathy} } @conference {36, title = {Indoor localization through dynamic time warping}, booktitle = {2011 IEEE International Conference on Systems, Man, and Cybernetics}, year = {2011}, month = {10/2011}, address = {Anchorage, AK}, abstract = {

Identifying and locating oneself in different hallways of high rise buildings forms the classic indoor localization problem. GPS does not work indoors and WiFi may not be omnipresent. This paper presents a novel approach to ambient magnetic fields based indoor localization. We present a system that classifies magnetic signatures using dynamic time warping. Specifically, by aligning similar magnetic signatures that differ in magnitude or time, we classify the signatures and infer the location irrepective of the person and his/her mode of commuting. A Nexus One smartphone was employed, utilizing its builtin magnetic field sensor to create a user friendly localization application solely on the phone. By using a variety of subjects including sighted, blindfolded and people using wheelchairs to handle the human speed variation problem, we evaluated the system across 26 and 15 hallways of two different buildings and obtained accuracies of 92.6\%, and 91.1\% respectively. With these encouraging results, we believe our proposed solution is user independent and caters to a wide range of hallways.

}, keywords = {Accuracy, Buildings, Databases, Human, Humans, Legged locomotion, Localization, Magnetometers, mobile phones, sensors, Wheelchairs}, doi = {10.1109/ICSMC.2011.6083906}, author = {Subbu, Kalyan and Gozick, Brandon and Ram Dantu} } @article {9, title = {Magnetic Maps for Indoor Navigation}, journal = {IEEE Transactions on Instrumentation and Measurement}, volume = {60}, year = {2011}, pages = {3883 - 3891}, abstract = {

Magnetic field fluctuations and anomalies inside buildings tend to have a great effect on the compass, which is one of the simplest navigation devices. Alternative navigation requires landmark identification, so those landmarks can be used as guideposts in assisting individuals. By employing a mobile phone with built\_in magnetometer, an extensive data set of 2000 measurements was collected. Using these fields, we identify landmarks and guideposts and create magnetic maps for multiple corridors of a floor in a building. Different phones are used at different sensitivity rates, which effectively portray similar results. Magnetic signatures are used for identifying locations and rooms and are independent of the person, the phone, and the sensitivity of the sensor being used. Magnetic field behavior is demonstrated and compared with theoretical distributions of these fields. The developed magnetic maps can complement existing visual maps for location tracking and navigation of autonomous robots indoors. These maps are particularly useful during limited visual feedback in poor lighting conditions. Moreover, building designers could include this landmark and guidepost information when developing the architecture of a building, which could in turn help people or robots navigate during disasters and emergency evacuations.

}, keywords = {Buildings, Magnetic field measurement, Magnetic field measurements, Magnetic fields, Magnetometers, Mobile handsets, mobile phones, Navigation, sensors, Uncertainty}, doi = {10.1109/TIM.2011.2147690}, author = {Gozick, Brandon and Subbu, Kalyan and Ram Dantu and Maeshiro, Tomyo} } @article {42, title = {Mobile Social Group Sizes and Scaling Ratio}, journal = {AI Soc.}, volume = {26}, year = {2011}, pages = {71{\textendash}85}, abstract = {

Social data mining has become an emerging area of research in information and communication technology fields. The scope of social data mining has expanded significantly in the recent years with the advance of telecommunication technologies and the rapidly increasing accessibility of computing resources and mobile devices. People increasingly engage in and rely on phone communications for both personal and business purposes. Hence, mobile phones become an indispensable part of life for many people. In this article, we perform social data mining on mobile social networking by presenting a simple but efficient method to define social closeness and social grouping, which are then used to identify social sizes and scaling ratio of close to {\textquotedblleft}8{\textquotedblright}. We conclude that social mobile network is a subset of the face-to-face social network, and both groupings are not necessary the same, hence the scaling ratios are distinct. Mobile social data mining.

}, issn = {0951-5666}, doi = {10.1007/s00146-009-0230-5}, url = {http://dx.doi.org/10.1007/s00146-009-0230-5}, author = {Phithakkitnukoon, Santi and Ram Dantu} } @article {282, title = {Socioscope: Human Relationship and Behavior Analysis in Social Networks}, journal = {IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans}, volume = {41}, year = {2011}, month = {Nov}, pages = {1122-1143}, abstract = {

In this paper, we propose a socioscope model for social-network and human-behavior analysis based on mobile-phone call-detail records. Because of the diversity and complexity of human social behavior, no one technique will detect every attribute that arises when humans engage in social behaviors. We use multiple probability and statistical methods for quantifying social groups, relationships, and communication patterns and for detecting human-behavior changes. We propose a new index to measure the level of reciprocity between users and their communication partners. This reciprocity index has application in homeland security, detection of unwanted calls (e.g., spam), telecommunication presence, and product marketing. For the validation of our results, we used real-life call logs of 81 users which contain approximately 500 000 h of data on users{\textquoteright} location, communication, and device-usage behavior collected over eight months at the Massachusetts Institute of Technology (MIT) by the Reality Mining Project group. Also, call logs of 20 users collected over six months by the University of North Texas (UNT) Network Security team are used. The MIT and UNT data sets contain approximately 5000 callers. The experimental results show that our model is effective.

}, keywords = {behavioural sciences computing, Change points, communication pattern, Data models, human relationship analysis, human social behavior, human-behavior change detection, Humans, IEEE, Massachusetts Institute of Technology, Mobile handsets, probability, Reality Mining Project group, reciprocity index, Social factors, social group, social groups, social network analysis, Social network services, social networking (online), Social networks, social relationship, social relationships, social sciences computing, socioscope, Statistical analysis, statistical method, University of North Texas}, issn = {1083-4427}, doi = {10.1109/TSMCA.2011.2113335}, author = {Zhang, Huiqi and Ram Dantu and Cangussu, Jo{\~a}o} } @article {52, title = {Towards Ubiquitous Computing with Call Prediction}, journal = {SIGMOBILE Mob. Comput. Commun. Rev.}, volume = {15}, year = {2011}, pages = {52{\textendash}64}, abstract = {

With the long-awaited era of the pervasive computing approaches, the handheld devices such as personal mobile phones begin to evolve into ubiquitous computing devices. At this early stage of the evolution, we propose a model of a call predictor based on the naive Bayesian classifier. As an incoming call predictor, our model makes use of the user{\^a}€™s call history to generate a list of numbers/contacts that are the most likely to be the callers within the next hour. On the other hand, when the user wants to make an outgoing call (e.g., user flips open the phone or unlocks the phone, etc.), the outgoing call predictor generates a list of number/contacts to be called. Our model has been evaluated with the real-life call logs and it shows a promising result in accuracy.

}, issn = {1559-1662}, doi = {10.1145/1978622.1978628}, url = {http://doi.acm.org/10.1145/1978622.1978628}, author = {Phithakkitnukoon, Santi and Ram Dantu} } @conference {75, title = {Unveiling Hidden Patterns to Find Social Relevance}, booktitle = {Privacy, Security, Risk and Trust (PASSAT) and 2011 IEEE Third Inernational Conference on Social Computing (SocialCom), 2011 IEEE Third International Conference on}, year = {2011}, month = {Oct}, abstract = {

Twitter is both a useful social networking device and an incredible marketing tool. However, it is also a venue for dangerous stalkers and a sub-world of internet users that most people would intuitively avoid if seeing them in real life. It would improve Twitter{\textquoteright}s safety to have filters available which would allow users to select an audience for their status updates without being forced into changing their profiles to a private setting. The hypothetical filter, or model, studied in this paper was based on two particular attributes: activity correlations and vocabulary similarities between users and followers. If implemented, this model would restrict the availability of status updates to an automatically generated group of socially relevant followers. The result of this study shows that both of the attributes can be used to define social relevance, however, it was found that activity patterns have better predictive capabilities than correlating vocabulary usage between users and followers.

}, keywords = {activity correlations, Correlation, dangerous stalkers, data privacy, Facebook, hidden patterns, Internet, Internet users, marketing tool, Online Social Networks, Polynomials, Privacy, social networking (online), social networking device, social relevance, Twitter, Twitter safety, Vocabulary, vocabulary similarities}, doi = {10.1109/PASSAT/SocialCom.2011.103}, author = {Baatarjav, Enkh-Amgalan and Ram Dantu} } @conference {57, title = {Are You My Friend?}, booktitle = {Proceedings of the 7th IEEE Conference on Consumer Communications and Networking Conference}, year = {2010}, publisher = {IEEE Press}, organization = {IEEE Press}, address = {Piscataway, NJ, USA}, abstract = {

With Twitters growing popularity, privacy has become a major concern for users wary of sensitive information falling in the wrong hands. A typical Twitter user carries hundreds of followers - people who have subscribed to users twitter feeds. Our goal is to target followers that a Twitter user deems safe. Therefore, selecting followers with a closer relationship could help decrease the risk of sensitive information being sent to unknown people. We propose a privacy management system that helps a Twitter user restrict information to only certain followers based on the strength of their social tie. This system would incorporate two tools: the Exclusivity meter and the Twitter Response Estimator. The Exclusivity Meter employs user{\textquoteright}s activity profile to guess similarities between users. Preliminary results have indicated that similarity in time and level of activity between user and follower does suggest a stronger social tie. The Twitter Response Estimator uses a measure of prestige to gauge the probability of response. When applied to a set of followers, the estimator separates real friends from recreational followers

}, keywords = {online social network, Privacy, Twitter}, isbn = {978-1-4244-5175-3}, url = {http://dl.acm.org/citation.cfm?id=1834217.1834342}, author = {Baatarjav, Enkh-Amgalan and Amin, Aliasgar and Ram Dantu and Gupta, Nikhil Kant} } @article {44, title = {ContextAlert: Context-aware alert mode for a mobile phone}, journal = {International Journal of Pervasive Computing and Communications}, volume = {6}, year = {2010}, month = {Sep}, pages = {1{\textendash}23}, abstract = {

Purpose {\textendash} Mobile computing research has been focused on developing technologies for handheld devices such as mobile phones, notebook computers, and mobile IP. Today, emphasis is increasing on context-aware computing, which aims to build the intelligence into mobile devices to sense and respond to the user{\textquoteright}s context. The purpose of this paper is to present a context-aware mobile computing model (ContextAlert) that senses the user{\textquoteright}s context and intelligently configures the mobile phone alert mode accordingly. Design/methodology/approach {\textendash} The paper proposes a three-step approach in designing the model based on the embedded sensor data (accelerometer, GPS antenna, and microphone) of a G1 Adriod phone. As adaptivity is essential for context-aware computing, within this model a new learning mechanism is presented to maintain a constant adaptivity rate for new learning while keeping the catastrophic forgetting problem minimal. Findings {\textendash} The model has been evaluated in many aspects using data collected from human subjects. The experiment results show that the proposed model performs well and yields a promising result. Originality/value {\textendash} This paper is distinguished from other previous papers by: first, using multiple sensors embeded in the mobile phone, which is more realistic for detecting the user{\textquoteright}s context than having various sensors attached to different parts of user{\textquoteright}s body; second, by being a novel model that uses sensed contextual information to provide a service that better synchronizes the user{\textquoteright}s daily life with a context-aware alert mode. With this service, the user can avoid the problems such as forgetting to switch to vibrate mode while in a meeting or a movie theater, and taking the risk of picking up a phone call while driving, and third, being an adaptive learning algorithm that maintains a constant adaptivity rate for new learning while keeping the catastrophic forgetting problem minimal.

}, issn = {1742-7371}, doi = {10.1108/17427371011084266}, author = {Phithakkitnukoon, Santi and Ram Dantu} } @conference {68, title = {Efficiency of Social Connection-based Routing in P2P VoIP Networks}, booktitle = {Proceedings of the 2Nd International Conference on COMmunication Systems and NETworks}, year = {2010}, publisher = {IEEE Press}, organization = {IEEE Press}, address = {Piscataway, NJ, USA}, keywords = {P2P routing, P2P VoIP systems, Social networks, social-network based routing}, isbn = {978-1-4244-5487-7}, url = {http://dl.acm.org/citation.cfm?id=1831443.1831488}, author = {Chandrasekaran, Vikram and Ram Dantu and Gupta, Neeraj and Yang, Xiaohui and Wijesekera, Duminda} } @inbook {54, title = {Email Shape Analysis}, booktitle = {Distributed Computing and Networking: 11th International Conference, ICDCN 2010, Kolkata, India, January 3-6, 2010. Proceedings}, year = {2010}, pages = {18{\textendash}29}, publisher = {Springer Berlin Heidelberg}, organization = {Springer Berlin Heidelberg}, address = {Berlin, Heidelberg}, abstract = {

Email has become an integral part of everyday life. Without a second thought we receive bills, bank statements, and sales promotions all to our inbox. Each email has hidden features that can be extracted. In this paper, we present a new mechanism to characterize an email without using content or context called Email Shape Analysis. We explore the applications of the email shape by carrying out a case study; botnet detection and two possible applications: spam filtering, and social-context based finger printing. Our in-depth analysis of botnet detection leads to very high accuracy of tracing templates and spam campaigns. However, when it comes to spam filtering we do not propose new method but rather a complementing method to the already high accuracy Bayesian spam filter. We also look at its ability to classify individual senders in personal email inbox{\textquoteright}s.

}, isbn = {978-3-642-11322-2}, doi = {10.1007/978-3-642-11322-2_7}, url = {http://dx.doi.org/10.1007/978-3-642-11322-2_7}, author = {Sroufe, Paul and Phithakkitnukoon, Santi and Ram Dantu and Cangussu, Jo{\~a}o}, editor = {Kant, Krishna and Pemmaraju, Sriram V. and Sivalingam, Krishna M. and Wu, Jie} } @article {72, title = {Experiences During a Collegiate Cyber Defense Competition}, journal = {Journal of Applied Security Research}, volume = {5}, year = {2010}, pages = {382{\textendash}396}, abstract = {

The objective of this article is to encourage schools to participate in the Collegiate Cyber Defense Competition (CCDC) and to ease their entry by providing information about the event and describing the experiences of both the student participants and the educators. This article focuses mainly on the recent experience of a University of North Texas student team at the Southwest Regional CCDC 2008 hosted by Del Mar College in Corpus Christi, Texas. It describes the entire process of participating in the CCDC, including announcements, team formation, task assignments, preparations, and actual team experience during the competition and provides suggestions on strategies for future competitions

}, keywords = {Cyber defense competition, network configurations, operating systems, servers}, author = {Sroufe, Paul and Tate, Steve and Ram Dantu and Cankaya, Ebru} } @conference {40, title = {Mobile Social Closeness and Communication Patterns}, booktitle = {Proceedings of the 7th IEEE Conference on Consumer Communications and Networking Conference}, year = {2010}, publisher = {IEEE Press}, organization = {IEEE Press}, address = {Piscataway, NJ, USA}, abstract = {

As mobile networks expand rapidly to facilitate the rising number of mobile phone population, more mobile social services are being developed and offered. To create an efficient social functionality, characteristics of mobile social network must be studied. Social closeness is one of the basic fundamentals of any kind of social networking. In this paper, closeness in mobile social network is the subject of the study, from which social grouping scheme is proposed and validated against the feedbacks of human subjects. Based on the proposed grouping scheme, a study of the impact of the mobile social closeness to the similarity in calling patterns and reciprocity is presented.

}, isbn = {978-1-4244-5175-3}, url = {http://dl.acm.org/citation.cfm?id=1834217.1834285}, author = {Phithakkitnukoon, Santi and Ram Dantu} } @article {63, title = {Next generation 9-1-1: Architecture and challenges in realizing an IP-multimedia-based emergency service}, journal = {Journal of Homeland Security and Emergency Management}, volume = {7}, year = {2010}, abstract = {

Next generation 9-1-1 (NG-9-1-1) services will enable the use of multimedia (voice, video, text messages, and data) for emergency communications. This will be made possible using a whole new architecture for emergency communications, one that is based on the internet protocol (IP) and open standards. VOIP based communication services vastly improve the effectiveness of relief during mass disasters, as was observed during Katrina. However, delivering the latest multimedia technology to Public Service Answering Points (PSAPs) presents both new opportunities and challenges. In this paper, we review how technology is evolving towards an NG-9-1-1 solution and underscore the challenges and issues that still require investigation.

}, author = {Gupta, Neeraj and Ram Dantu and Schulzrinne, Henning and Goulart, Anna and Magnussen, Walt} } @conference {27, title = {Predicting social ties in mobile phone networks}, booktitle = {2010 IEEE International Conference on Intelligence and Security Informatics (ISI)}, year = {2010}, month = {05/2010}, address = {Vancouver, BC, Canada}, abstract = {

A social network dynamically changes since the social relationships (social ties) change over time. The evolution of a social network mainly depends on the evolution of the social relationships. The social-tie strengths of person-to-person are different one another even though they are in the same group. In this paper we investigate the evolution of person-to-person social relationships, quantify and predict social tie strengths based on call-detail records of mobile phones. We propose an affinity model for quantifying social-tie strengths in which a reciprocity index is integrated to measure the level of reciprocity between users and their communication partners. Since human social relationships change over time, we map the call-log data to time series of the social-tie strengths by the affinity model. Then we use ARIMA model to predict social-tie strengths. For validation of our results, we used actual call logs of 81 users collected for a period of 8 months at MIT by the Reality Mining Project group and also used call logs of 20 users collected for a period of 6 months by UNT{\textquoteright}s Network Security team. These users have around 5000 communication partners. The experimental results show that our model is effective. We achieve prediction performance with accuracy of average 95.2\% for socially close and near members. Among other applications, this work is useful for homeland security, detection of unwanted calls (e.g., spam), and marketing.

}, keywords = {ARIMA, Prediction, reciprocity index, social groups, Social networks, social relationships, Social-tie strength}, isbn = {978-1-4244-6444-9}, doi = {10.1109/ISI.2010.5484780}, author = {Zhang, Huiqi and Ram Dantu} } @inbook {77, title = {Small World VoIP}, booktitle = {Mobile Computing, Applications, and Services: Second International ICST Conference, MobiCASE 2010, Santa Clara, CA, USA, October 25-28, 2010, Revised Selected Papers}, year = {2010}, pages = {137{\textendash}155}, publisher = {Springer Berlin Heidelberg}, organization = {Springer Berlin Heidelberg}, address = {Berlin, Heidelberg}, abstract = {

We present the analysis and design of a Small World VoIP system (SW-VoIP) which is geared towards customers that are communicating with their Small World of social contacts. We use the term Small World to refer to the Peer-to-Peer (P2P) network of a client and his contacts both incoming and outbound. We reconstruct the small world of a user by collecting calling patterns over a configurable period of time. We enable user mobility by using a stepwise social identity to an IP address binding propagation model. We propose an efficient algorithm to locate users by electing popular users and leveraging the users closeness. We also introduce a self-stabilized load balancing mechanism to optimize the system performance under heavy network traffic. We evaluate our SW-VoIP system performance by simulating the user{\textquoteright}s lookup process using real-world telephone logs. Our experimental results show that our SW-VoIP system offers a better performance in optimizing the required routing path and reducing the average lookup delay when compared to traditional, non small-world P2P VoIP systems.

}, keywords = {closeness, electing, mobility, optimize, Peer-to-peer, popular, small world, VoIP}, isbn = {978-3-642-29336-8}, doi = {10.1007/978-3-642-29336-8_8}, url = {http://dx.doi.org/10.1007/978-3-642-29336-8_8}, author = {Yang, Xiaohui and Stavrou, Angelos and Ram Dantu and Wijesekera, Duminda}, editor = {Gris, Martin and Yang, Guang} } @mastersthesis {236, title = {Socioscope: Human Relationship and Behavior Analysis in Mobile Social Networks}, year = {2010}, school = {University of North Texas}, type = {phd}, address = {Denton, TX, USA}, abstract = {

The widely used mobile phone, as well as its related technologies had opened opportunities for a complete change on how people interact and build relationship across geographic and time considerations. The convenience of instant communication by mobile phones that broke the barrier of space and time is evidently the key motivational point on why such technologies so important in people{\textquoteright}s life and daily activities. Mobile phones have become the most popular communication tools.

Mobile phone technology is apparently changing our relationship to each other in our work and lives. The impact of new technologies on people{\textquoteright}s lives in social spaces gives us the chance to rethink the possibilities of technologies in social interaction. Accordingly, mobile phones are basically changing social relations in ways that are intricate to measure with any precision.

In this dissertation I propose a socioscope model for social network, relationship and human behavior analysis based on mobile phone call detail records. Because of the diversities and complexities of human social behavior, one technique cannot detect different features of human social behaviors. Therefore I use multiple probability and statistical methods for quantifying social groups, relationships and communication patterns, for predicting social tie strengths and for detecting human behavior changes and unusual consumption events. I propose a new\ reciprocity index\ to measure the level of reciprocity between users and their communication partners. The experimental results show that this approach is effective. Among other applications, this work is useful for homeland security, detection of unwanted calls (e.g., spam), telecommunication presence, and marketing. In my future work I plan to analyze and study the social network dynamics and evolution.

}, isbn = {978-1-124-36491-9}, author = {Zhang, Huiqi and Ram Dantu} } @conference {237, title = {Socio-technical aspects of video phones}, booktitle = {2010 Second International Conference on COMmunication Systems and NETworks (COMSNETS 2010)}, year = {2010}, month = {Jan}, abstract = {

The widespread use of voice over Internet protocol has paved the way for video over Internet protocol. In the past, certain technical shortcomings have prevented the popularity of videophones in the market. With present-day technology, videophones have just about everything required for day-to-day functions. Under such circumstances, certain socio-technical aspects require attention so that videophones can become as widespread and as technically streamlined as a plain old telephone system (POTS) with its additional benefits. A frequently brushed-upon topic is optimum features in the video phone for day-to-day social interactions. We carried out several experiments on different kinds of codecs and video formats to address two issues: i) the size of a video screen and ii) perception of motion and distance. From the measurements, we observed that a small frame rate with low bandwidth is adequate and can result in satisfactory video quality. We also observed that H263 performs well for all the day-to-day social networking activities. Standing 4 feet from the camera can still give reasonably good video quality in the currently available codecs. We believe that socio-technical issues will emerge more clearly over the next several years and they are germane to deployment of PC-based soft phones as well as hard phones.

}, keywords = {Bandwidth, Cameras, Codecs, Computer science, Internet telephony, plain old telephone system, Protocols, social aspects of automation, Social factors, social interactions, social issues, Social network services, social networking activities, sociotechnical aspects, Streaming media, technical issues, video codecs, video coding, video phones, video quality, Videoconference, videophone quality, videophones, videotelephony, voice over Internet protocol}, doi = {10.1109/COMSNETS.2010.5431971}, author = {Chandrasekaran, Vikram and Dantu, Siva and Kadiyala, Priyanka and Ram Dantu and Phithakkitnukoon, Santi} } @article {228, title = {Spam Classification Based on E-Mail Path Analysis}, journal = {Pervasive Information Security and Privacy Developments: Trends and Advancements: Trends and Advancements}, year = {2010}, pages = {332}, author = {Palla, Srikanth and Ram Dantu and Cangussu, Jo{\~a}o} } @article {51, title = {A Testbed for Large Mobile Social Computing Experiments}, journal = {Int. J. Sen. Netw.}, volume = {8}, year = {2010}, pages = {89{\textendash}97}, abstract = {

We present a testbed for mobile social computing that can be used to perform research in security, privacy and context-awareness policies and mechanisms appropriate for a wide range of applications. We compare several mobile platforms and present the rational for our design choices and reasons we chose Android as the primary smartphone for the testbed. We also discuss some of the experiments that can be conducted using this testbed.

}, keywords = {context awareness, mobile communications, mobile computing, mobile devices, Privacy, Security, sensor information, sensors, smartphones, social computing, testbed, ubiquitous devices}, issn = {1748-1279}, doi = {10.1504/IJSNET.2010.034618}, url = {http://dx.doi.org/10.1504/IJSNET.2010.034618}, author = {Alazzawe, Ahmed and Alazzawe, Anis and Wijesekera, Duminda and Ram Dantu} } @conference {64, title = {Achieving Peer-to-peer Telecommunication Services Through Social Hashing}, booktitle = {Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference}, year = {2009}, publisher = {IEEE Press}, organization = {IEEE Press}, address = {Piscataway, NJ, USA}, abstract = {

Although peer-to-peer (P2P) Internet Telephony gains more and more market share, supporting traditional telephony related use cases is an indispensable requirement. However, communication services designed for this purpose are usually traditional circuit-based, and the centralized structure makes it nearly impossible for their deployments in a distributed, unsecure telecommunication environment. This paper proposes an approach for achieving various kinds of communication services on P2P voice over IP (VoIP) systems by building trust and executing supervision through social networks. We present a system architecture design for network topology maintenance and security assurance. Social protocols and social computing are used to study how P2P entities can be efficiently mapped to social networks, and how social functionalities can benefit communication services implementation. To demonstrate the approach feasibility, we exemplify this architecture in P2P VoIP emergency services by using gossiping and membership management techniques. We believe that our proposed approach will be able to support diverse services on P2P VoIP systems with the performance and security guaranteed to compete with centralized telecommunication systems.

}, isbn = {978-1-4244-2308-8}, url = {http://dl.acm.org/citation.cfm?id=1700527.1700582}, author = {Yang, Xiaohui and Ram Dantu and Wijesekera, Duminda} } @article {227, title = {An Architecture for IP-based Next Generation Radio Access Network}, journal = {Fourth-Generation Wireless Networks: Applications and Innovations: Applications and Innovations}, year = {2009}, pages = {61}, author = {Ram Dantu and Guturu, Parthasarathy} } @conference {35, title = {Are You a Safe Driver?}, booktitle = {2009 International Conference on Computational Science and Engineering}, year = {2009}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Washington, DC, USA}, abstract = {

As the world continues to enhance and strengthen its emergency services, mobile phones may be used to aid in safe driving practices and detection of emergencies. To our knowledge, no work has been reported in understanding vehicle motion using accelerometers/compass in cell phones. In this paper, we used the multiple sensors in a Google phone to classify safe versus unsafe driving. In particular, we used breaking distance, acceleration, and deceleration for detecting safe verses unsafe braking. Next, we calculated the displacement in the axis perpendicular to the trajectory of vehicle and used it to classify safe and unsafe lane changes. The direction of the phone with respect to the motion of the vehicle is important during calibration of the above measurements, so we used 2D and 3D rotation matrices for transforming device orientation. Future work includes calibration of braking distance, lane changes, and reliable transformation of phone orientation with respect to trajectory of the vehicle.

}, keywords = {Accelerometer, Android, driving, emergency, mobile phone, orientation, safe, unsafe}, isbn = {978-0-7695-3823-5}, doi = {10.1109/CSE.2009.331}, url = {http://dx.doi.org/10.1109/CSE.2009.331}, author = {Langle, Lonnie and Ram Dantu} } @conference {53, title = {BBN-based Privacy Management System for Facebook}, booktitle = {Proceedings of the 2009 IEEE International Conference on Intelligence and Security Informatics}, year = {2009}, publisher = {IEEE Press}, organization = {IEEE Press}, address = {Piscataway, NJ, USA}, abstract = {

Online social networking sites (SNSs) has changed our lifestyle and become a main medium of communication among young adults to stay in touch with their friends, to organize events, to make friends, to promote themselves, to date, etc. To create content rich environment, SNSs make their platform available for third-party developers. The developers can build their applications based on users{\textquoteright} social graph containing their personal and social information. Unfortunately, any information users posted on their profile can be harvested and used for unethical purposes due to Facebook{\textquoteright}s lack of application privacy configuration. In this paper we propose a privacy-management system for Facebook applications. The system can take advantage of the correlation between some profile features and network privacy settings, in this way it can automatically configure a users privacy settings. Our preliminary result show promising result.

}, isbn = {978-1-4244-4171-6}, url = {http://dl.acm.org/citation.cfm?id=1706428.1706467}, author = {Baatarjav, Enkh-Amgalan and Ram Dantu and Tang, Yan and Cangussu, Jo{\~a}o} } @conference {59, title = {Change Point Detection Based on Call Detail Records}, booktitle = {Proceedings of the 2009 IEEE International Conference on Intelligence and Security Informatics}, year = {2009}, publisher = {IEEE Press}, organization = {IEEE Press}, address = {Piscataway, NJ, USA}, abstract = {

In this paper we propose a method for combining wavelet denoising and sequential approach for detecting change points on mobile phone based on detailed call records. The Minmax method is used to estimate the thresholds of frequency and call duration for denoising. This work is useful to enhance homeland security, detecting unwanted calls (e.g., spam) and commercial purposes. For validation of our results, we randomly choose actual call logs of 20 users from 100 users collected at MIT by the Reality Mining Project group for a period of 8 months. Simulation data is also used to validate the results. The experimental results show that our model achieves good performance with high accuracy.

}, isbn = {978-1-4244-4171-6}, url = {http://dl.acm.org/citation.cfm?id=1706428.1706438}, author = {Zhang, Huiqi and Ram Dantu and Cangussu, Jo{\~a}o} } @conference {61, title = {Defense Against SPIT Using Community Signals}, booktitle = {Proceedings of the 2009 IEEE International Conference on Intelligence and Security Informatics}, year = {2009}, publisher = {IEEE Press}, organization = {IEEE Press}, address = {Piscataway, NJ, USA}, abstract = {

Internet telephony has recently gained popularity. Voice over IP (VoIP) has emerged as an alternative to the current public switched telephone network (PSTN) system due to its cost efficiency. Spam inherently becomes a problem in VoIP networks. In this paper, we present our ongoing research in defending VoIP networks against spam by presenting a new defense mechanism using community signals.

}, isbn = {978-1-4244-4171-6}, url = {http://dl.acm.org/citation.cfm?id=1706428.1706481}, author = {Phithakkitnukoon, Santi and Ram Dantu} } @conference {29, title = {Email Shape Analysis for Spam Botnet Detection}, booktitle = {Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference}, year = {2009}, publisher = {IEEE Press}, organization = {IEEE Press}, address = {Piscataway, NJ, USA}, abstract = {

Botnets have become the major sources of spamming, which generates massive unwanted traffic on networks. An effective detection mechanism can greatly mitigate the problem. In this paper, we present a novel botnet detection mechanism based on the email "shape" analysis that relies on neither content nor reputation analysis. Shape is our new way of characterizing an email by mimicking human visual inspection. A set of email shapes are derived and then used to generate a botnet signature. Our preliminary results show greater than 80\% classification accuracy (without considering email content or reputation analysis). This work investigates the discriminatory power of email shape, for which we believe will be a significant complement to other existing techniques such as a network behavior analysis.

}, isbn = {978-1-4244-2308-8}, url = {http://dl.acm.org/citation.cfm?id=1700527.1700792}, author = {Sroufe, Paul and Phithakkitnukoon, Santi and Ram Dantu and Cangussu, Jo{\~a}o} } @conference {69, title = {iKnow Where You Are}, booktitle = {Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 04}, year = {2009}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Washington, DC, USA}, isbn = {978-0-7695-3823-5}, doi = {10.1109/CSE.2009.55}, url = {http://dx.doi.org/10.1109/CSE.2009.55}, author = {Subbu, Kalyan and Xu, Ning and Ram Dantu} } @article {16, title = {Issues and challenges in securing VoIP}, journal = {Computers \& Security}, volume = {28}, year = {2009}, pages = {743-753}, abstract = {

Voice over the Internet protocol (VoIP) is being rapidly deployed, and the convergence of the voice and data worlds is introducing exciting opportunities. Lower cost and greater flexibility are the key factors luring enterprises to transition to VoIP. Some security problems may surface with the widespread deployment of VoIP. In this article, we discuss these security problems and propose a high-level security architecture that captures required features at each boundary-network-element in the VoIP infrastructure. We describe mechanisms to efficiently integrate information between distributed security components in the architecture.

}, keywords = {Feedback, Security solutions, Threats, VoIP attacks, VoIP security}, doi = {10.1016/j.cose.2009.05.003}, author = {Ram Dantu and Fahmy, Sonia and Schulzrinne, Henning and Cangussu, Jo{\~a}o} } @article {290, title = {Method and system for managing wireless bandwidth resources}, year = {2009}, month = {05/2009}, publisher = {Cisco Technology Inc}, chapter = {US7539499B2}, address = {US}, abstract = {

A method and system for managing wireless bandwidth resources include the capability to receive at a serving node a service request for a mobile unit and to communicate with a wireless network node to determine whether sufficient wireless bandwidth is available for the requested service. The method and system also include the capability to process the service request based on the availability of wireless bandwidth.

}, keywords = {data, mobile, node, service, unit}, url = {https://patents.google.com/patent/US7539499B2/en}, author = {Holur, Balaji and Ram Dantu and Derrick, Charles} } @article {285, title = {Method and system for providing wireless-specific services for a wireless access network}, year = {2009}, month = {12/2009}, publisher = {Cisco Technology Inc}, chapter = {US7639647B2}, address = {US}, abstract = {

A method and system for providing wireless-specific services for a wireless access network includes receiving at a call agent of a wireless access network a call origination for a mobile device. Whether the device is registered on the wireless access network is determined. If the mobile device is not registered, whether the mobile device is active is determined at a mobility control function (MCF). If the mobile device is active, the call is connected to the mobile device with a call agent based on a temporary line directory number (TLDN) assigned by the MCF and passed to the call agent in an extended session initiation protocol (SIP) message.

}, keywords = {agent, call, mcf, mobile, network}, url = {https://patents.google.com/patent/US7639647/en}, author = {Ram Dantu and Chiang, Shihlung and Yin, Haochih and Kachhla, Rasik} } @article {20, title = {Network risk management using attacker profiling}, journal = {Security and Communication Networks}, volume = {2}, year = {2009}, pages = {83{\textendash}96}, abstract = {

Risk management refers to the process of making decisions that minimize the effects of vulnerabilities on the network hosts. This can be a difficult task in the context of high-exploit probability and the difficult to identify new exploits and vulnerabilities. For many years, security engineers have performed risk analysis using economic models for the design and operation of risk-prone, technological systems using attack profiles. Based on the type of attacker identified, security administrators can formulate effective risk management policies for a network. We hypothesize that sequence of network actions by an attacker depends on the social behavior (e.g., skill level, tenacity, financial ability). We extended this and formulated a mechanism to estimate the risk level of critical resources that may be compromised based on attacker behavior. This estimation is accomplished using behavior based attack graphs representing all the possible attack paths to all the critical resources. The risk level is computed based on these graphs and are used as a measure of the vulnerability of the resource and forming an effective basis for a system administrator to perform suitable changes to network configuration. Copyright {\textcopyright} 2008 John Wiley \& Sons, Ltd.

}, keywords = {attack graphs, behavior, risk management}, issn = {1939-0122}, doi = {10.1002/sec.58}, url = {http://dx.doi.org/10.1002/sec.58}, author = {Ram Dantu and Kolan, Prakash and Cangussu, Jo{\~a}o} } @conference {83, title = {Opt-in Detection Based on Call Detail Records}, booktitle = {Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference}, year = {2009}, publisher = {IEEE Press}, organization = {IEEE Press}, address = {Las Vegas, NV, USA}, abstract = {

Opt-in phone calls or emails refer to promotional phone calls or emails that have been requested by the people receiving them. In this paper we propose a model based on dynamic sliding windows to detect opt-in phone calls based on mobile phone call detail records. This work is useful for detecting unwanted calls (e.g., spam) and commercial purposes. For validation of our results, we used actual call logs of 100 users collected at MIT by the Reality Mining Project group for a period of 8 months. The experimental results show that our model achieves good performance with 91\% accuracy.

}, isbn = {978-1-4244-2308-8}, url = {http://dl.acm.org/citation.cfm?id=1700527.1700690}, author = {Zhang, Huiqi and Ram Dantu} } @conference {78, title = {Penetration Testing for Spam Filters}, booktitle = {Proceedings of the 2009 33rd Annual IEEE International Computer Software and Applications Conference - Volume 02}, year = {2009}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Seattle, WA}, abstract = {

Despite all the advances on techniques to block spam e-mail messages we still receive them on a frequent basis. This is due mainly to the ability of the spammers to modify the message and pass the filters. Therefore a testing technique that could resemble the behavior of spammers would improve the number of scenarios tested and allow filters to be developed based on the potential changes made by the spammers. An approach based on Natural Language Processing (NLP) for the penetration of spam filters is proposed here. Preliminary results using SpamAssassin are provided indicating the feasibility of the proposed approach.

}, keywords = {mutation testing, penetration testing, spam filter}, isbn = {978-0-7695-3726-9}, doi = {10.1109/COMPSAC.2009.168}, url = {http://dx.doi.org/10.1109/COMPSAC.2009.168}, author = {Madhavan, Yugesh and Cangussu, Jo{\~a}o and Ram Dantu} } @conference {41, title = {Quantifying Reciprocity in Social Networks}, booktitle = {2009 International Conference on Computational Science and Engineering}, year = {2009}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Washington, DC, USA}, abstract = {

In this paper we propose a new reciprocity index for quantifying social relationships based on mobile phone call detail records and Twitter blogs. We use this reciprocity index to measure the level of reciprocity between users. This work is useful for detecting unwanted calls (e.g., spam) and product marketing. For validation of our results, we used actual call logs of 100 users collected at MIT by the Reality Mining Project group for a period of 8 months and Twitter blogs of 460 users collected by the Network Security team at UNT for a period of 12 months. The experimental results show that our model achieves results with high accuracy.

}, isbn = {978-0-7695-3823-5}, doi = {10.1109/CSE.2009.399}, url = {http://dx.doi.org/10.1109/CSE.2009.399}, author = {Zhang, Huiqi and Ram Dantu and Cangussu, Jo{\~a}o} } @conference {76, title = {A society-integrated testbed architecture for peer-to-peer telecommunications}, booktitle = {Testbeds and Research Infrastructures for the Development of Networks Communities and Workshops, 2009. TridentCom 2009. 5th International Conference on}, year = {2009}, month = {April}, abstract = {

Exploiting and deploying telecommunication services on Internet Telephony are imperative for a large market share. However, the distributed nature of peer-to-peer (P2P) network makes services implementation very difficult. In order to meet the research goals of achieving P2P telecommunication services through the union of social and computer networks, we present a society-integrated testbed architecture for P2P voice over IP (VoIP). By introducing an architecture that exploits and entailing social structure based connection establishment, the testbed presents an organic integration of social functionalities with good portability. The testbed also serves as a flexible tool suite that can be used to run experiments and obtain timely feedback based on the performance measurements.

}, keywords = {Computer architecture, computer network, computer networks, Computer science, Feedback, file organisation, Internet telephony, network traffic, P2P voice-over-IP, Peer to peer computing, peer-to-peer computing, peer-to-peer telecommunication service, portable social DHT function, Routing protocols, Social network services, society-integrated testbed architecture, software architecture, Telecommunication services, telecommunication traffic, Testing}, doi = {10.1109/TRIDENTCOM.2009.4976215}, author = {Yang, Xiaohui and Ram Dantu and Wijesekera, Duminda} } @conference {55, title = {A testbed for mobile social computing}, booktitle = {Testbeds and Research Infrastructures for the Development of Networks Communities and Workshops, 2009. TridentCom 2009. 5th International Conference on}, year = {2009}, month = {April}, abstract = {

We present a testbed for mobile social computing that can be used to perform research in security, privacy, and context-awareness policies and mechanisms appropriate for a wide range of applications. We compare several mobile platforms and present the rational for our design choices and reasons we chose Android as the primary smartphone for this testbed. We also discuss some of the possible experiments that can be conducted using the testbed.

}, keywords = {Acoustic sensors, Computer science, Computer security, context-awareness policy, data privacy, Feedback, Global Positioning System, mobile computing, mobile social computing, Performance evaluation, Privacy, privacy policy, security of data, security policy, Social network services, Testing}, doi = {10.1109/TRIDENTCOM.2009.4976250}, author = {Alazzawe, Ahmed and Alazzawe, Anis and Wijesekera, Duminda and Ram Dantu} } @article {65, title = {A Virtual Environment for Network Testing}, journal = {J. Netw. Comput. Appl.}, volume = {32}, year = {2009}, pages = {184{\textendash}214}, abstract = {

The testing of network-based solutions demands a series of tedious tasks such as the deployment of the solution at different nodes and the configuration of different topologies. The manual execution of these tasks is very time consuming and a configurable environment to facilitate these tasks and consequently improve testing performance is desired. In this paper a virtual network environment that can be easily re-configured is presented to address this problem. The environment has been evaluated by a series of case studies: one dealing with the deployment and containment of a worm propagation attack and one dealing with detecting a denial of service attack. Three smaller case studies have also been developed. The results are a clear indication of the flexibility and usefulness of the virtual network environment.

}, keywords = {Re-configuration, Software testing, Virtual network}, issn = {1084-8045}, doi = {10.1016/j.jnca.2008.03.008}, url = {http://dx.doi.org/10.1016/j.jnca.2008.03.008}, author = {Fagen, Wade and Cangussu, Jo{\~a}o and Ram Dantu} } @conference {238, title = {Adequacy of data for characterizing caller behavior}, booktitle = {Proceedings of KDD Inter. Workshop on Social Network Mining and Analysis (SNAKDD}, year = {2008}, author = {Phithakkitnukoon, Santi and Ram Dantu} } @conference {17, title = {Behavior analysis of spam botnets}, booktitle = {2008 3rd International Conference on Communication Systems Software and Middleware and Workshops (COMSWARE {\textquoteright}08)}, year = {2008}, abstract = {

Compromised computers, known as bots, are the major source of spamming and their detection helps greatly improve control of unwanted traffic. In this work we investigate the behavior patterns of spammers based on their underlying similarities in spamming. To our knowledge, no work has been reported on identifying spam botnets based on spammerspsila temporal characteristics. Our study shows that the relationship among spammers demonstrates highly clustering structures based on features such as content length, time of arrival, frequency of email, active time, inter-arrival time, and content type. Although the dimensions of the collected feature set is low, we perform principal component analysis (PCA) on feature set to identify the features which account for the maximum variance in the spamming patterns. Further, we calculate the proximity between different spammers and classify them into various groups. Each group represents similar proximity. Spammers in the same group inherit similar patterns of spamming a domain. For classification into Botnet groups, we use clustering algorithms such as Hierarchical and K-means.We identify Botnet spammers into a particular group with a precision of 90\%.

}, keywords = {behavior pattern analysis, Botnets, Classification algorithms, clustering algorithm, Clustering algorithms, Correlation, Electronic mail, feature set, Filtering, information filtering, invasive software, maximum variance, pattern classification, pattern clustering, PCA, principal component analysis, spam filtering, Time frequency analysis, unsolicited e-mail, unwanted traffic control}, doi = {10.1109/COMSWA.2008.4554418}, author = {Husna, Husain and Phithakkitnukoon, Santi and Palla, Srikanth and Ram Dantu} } @inbook {46, title = {Behavioral Entropy of a Cellular Phone User}, booktitle = {Social Computing, Behavioral Modeling, and Prediction}, year = {2008}, pages = {160{\textendash}167}, publisher = {Springer US}, organization = {Springer US}, address = {Boston, MA}, abstract = {

The increase of advanced service offered by cellular networks draws lots of interest from researchers to study the networks and phone user behavior. With the evolution of Voice over IP, cellular phone usage is expected to increase exponentially. In this paper, we analyze the behavior of cellular phone users and identify behavior signatures based on their calling patterns. We quantify and infer the relationship of a person{\textquoteright}s randomness levels using information entropy based on the location of the user, time of the call, inter-connected time, and duration of the call. We use real-life call logs of 94 mobile phone users collected at MIT by the Reality Mining Project group for a period of nine months. We are able to capture the user{\textquoteright}s calling behavior on various parameters and interesting relationship between randomness levels in individual{\textquoteright}s life and calling pattern using correlation coeffi- cients and factor analysis. This study extends our understanding of cellular phone user behavior and characterizes cellular phone users in forms of randomness level.

}, isbn = {978-0-387-77672-9}, doi = {10.1007/978-0-387-77672-9_18}, url = {http://dx.doi.org/10.1007/978-0-387-77672-9_18}, author = {Phithakkitnukoon, Santi and Husna, Husain and Ram Dantu}, editor = {Liu, Huan and Salerno, John J. and Young, Michael J.} } @conference {99, title = {Call Algebra}, booktitle = {2008 5th IEEE Consumer Communications and Networking Conference}, year = {2008}, month = {Jan}, abstract = {

In every day life, people communicate through a voice(e.g., VoIP) network with different social groups that range from known people such as family members, friends, and distant relatives to unknown people such as spammers, telemarketers, and phishers. We believe that there exists a human/social dynamics between individuals by the way calls are generated, handled and received. In this paper we present how this dynamics can be used for detecting and filtering unwanted calls. In this paper, we first enumerate the communication patterns between the called party (callee) and the calling parties (callers). Next, we discuss operations on caller-callee matrices constructed based on their communication patterns, and derive call-constructs that can be used for determining the legitimacy of the calls and the callers. Finally, we discuss how these communication patterns and operations can be grouped for solutions to few of the existing IP telephony problems. These solutions can complement the existing no-call-lists in voice networks.

}, keywords = {Algebra, call algebra, caller-callee matrices, communication pattern, Computer science, Context modeling, Filtering, Humans, Internet telephony, IP networks, IP telephony problem, matrix algebra, Mood, Peer to peer computing, social aspects of automation, social group, Social network services, voice-over-IP, VoIP network}, doi = {10.1109/ccnc08.2007.199}, author = {Kolan, Prakash and Ram Dantu} } @article {71, title = {Classification of phishers}, journal = {Journal of Homeland Security and Emergency Management}, volume = {5}, year = {2008}, abstract = {

Phishing attackers masquerade as genuine senders and try to steal consumers{\textquoteright} personal identity data and financial account credentials. In spite of aggressive efforts, technology companies have had limited success in restricting phishing attacks. Unfortunately the nature of phishing attacks changed over time from passive, such as password guessing and eavesdropping to active attacks, such as employing Trojans to intercept traffic and adopting social engineering techniques. No matter how many authentication techniques we develop, phishers always adapt. However, phishers cannot become part of the recipient{\textquoteright}s social network without consent. Though they can forge certain fields in an email header, phishers do not have access to the complete header. In this paper, we describe techniques for detecting phishers based on their traffic paths, traffic patterns, and on the receivers{\textquoteright} social network. Considering such issues, we based our solution on the trustworthiness of the relays participating in routing the emails. We examine the email{\textquoteright}s header rather than the content. We designed our classifier to perform the following analyses in four steps: i) DNS-header analysis, ii) Social network analysis, iii) Wantedness analysis, and iv) Proactive classification. We classify phishers into: i) Serial phishers, ii) Recent phishers, iii) Prospective phishers, and iv) Suspects. Finally, our classifier appends an alert level or label to the email{\textquoteright}s "subject" before adding the email to the inbox.

}, keywords = {application security, network security, phishing, spam}, author = {Ram Dantu and Palla, Srikanth and Cangussu, Jo{\~a}o} } @conference {50, title = {CPL: Enhancing Mobile Phone Functionality by Call Predicted List}, booktitle = {Proceedings of the OTM Confederated International Workshops and Posters on On the Move to Meaningful Internet Systems: 2008 Workshops: ADI, AWeSoMe, COMBEK, EI2N, IWSSA, MONET, OnToContent + QSI, ORM, PerSys, RDDS, SEMELS, and SWWS}, year = {2008}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Berlin, Heidelberg}, abstract = {

In this paper, we present a concept of a new advanced feature for a mobile phone that provides its user functionality for predicting future calls. The feature is envisaged as a Call Predicted List (CPL) which makes use of the user{\textquoteright}s call history to build a probabilistic model of calling behavior based on the caller{\textquoteright}s calling patterns and reciprocity. The calling behavior model is then used to generate a list of numbers/contacts that are the most likely to be callers in the next hour. The performance of the CPL is evaluated with the real-life call logs and it shows promising results in accuracy.

}, keywords = {Call prediction, Context-aware computing, mobile phone}, isbn = {978-3-540-88874-1}, doi = {10.1007/978-3-540-88875-8_80}, url = {http://dx.doi.org/10.1007/978-3-540-88875-8_80}, author = {Phithakkitnukoon, Santi and Ram Dantu} } @conference {38, title = {Discovery of Social Groups Using Call Detail Records}, booktitle = {On the Move to Meaningful Internet Systems: OTM 2008 Workshops}, year = {2008}, month = {11/2008}, publisher = {Springer Berlin Heidelberg}, organization = {Springer Berlin Heidelberg}, address = {Monterrey, Mexico}, abstract = {

In this paper we propose the affinity model for classifying social groups based on mobile phone call detail records. We use affinity to measure the similarity between probability distributions. Since phone calls are stochastic process, it makes more sense to use probability affinity to classify the social groups. This work is useful for enhancing homeland security, detecting unwanted calls (e.g., spam) and product marketing. For validation of our results, we used actual call logs of 100 users collected at MIT by the Reality Mining Project group for a period of 8 months. The experimental results show that our model achieves good performance with high accuracy.

}, isbn = {978-3-540-88875-8}, doi = {10.1007/978-3-540-88875-8_72}, url = {http://dx.doi.org/10.1007/978-3-540-88875-8_72}, author = {Zhang, Huiqi and Ram Dantu}, editor = {Meersman, Robert and Tari, Zahir and Herrero, Pilar} } @article {31, title = {Estimation of Defects Based on Defect Decay Model: ED^\{3\}M}, journal = {IEEE Transactions on Software Engineering}, volume = {34}, year = {2008}, pages = {336 - 356}, abstract = {

An accurate prediction of the number of defects in a software product during system testing contributes not only to the management of the system testing process but also to the estimation of the product{\textquoteright}s required maintenance. Here, a new approach called ED3M is presented that computes an estimate of the total number of defects in an ongoing testing process. ED3M is based on estimation theory. Unlike many existing approaches the technique presented here does not depend on historical data from previous projects or any assumptions about the requirements and/or testers{\textquoteright} productivity. It is a completely automated approach that relies only on the data collected during an ongoing testing process. This is a key advantage of the ED3M approach, as it makes it widely applicable in different testing environments. Here, the ED3M approach has been evaluated using five data sets from large industrial projects and two data sets from the literature. In addition, a performance analysis has been conducted using simulated data sets to explore its behavior using different models for the input data. The results are very promising; they indicate the ED3M approach provides accurate estimates with as fast or better convergence time in comparison to well-known alternative techniques, while only using defect data as the input.

}, keywords = {Costs, defect decay model, defect estimation, Defect prediction, estimation theory, Inspection, Metrics/Measurement, Phase estimation, Productivity, program testing, Programming, Software maintenance, software metrics, software product, Software systems, Software testing, Statistical methods, System testing, system testing process, Testing and Debugging}, doi = {10.1109/TSE.2008.23}, author = {Haider, Syed and Cangussu, Jo{\~a}o and Cooper, Kendra and Ram Dantu} } @conference {90, title = {Experiences in building a multi-university testbed for research in multimedia communications}, booktitle = {Parallel and Distributed Processing, 2008. IPDPS 2008. IEEE International Symposium on}, year = {2008}, month = {April}, abstract = {

The next generation Internet needs to support multimedia services such as voice/video over IP (VoIP) and IP-based television (IPTV) and media distribution. The goal of the project is to develop a testbed for understanding and analysis of vulnerabilities of IP-based multimedia networks. This is a collaborative project between University of North Texas, Columbia University, Purdue University, and University of California at Davis. This project was awarded in 2006 and in one year, we have developed a multi-university testbed with variety of PBX solutions including Asterisk, a multitude of voice and video IP phones, and multiple universities were connected through a secure VPN and Internet!. As with any endeavor, experiences and we have many unique issues, which sometimes cause setbacks. We have dealt with issues concerning interoperability between phones and servers, network address translation (NAT) connectivity issues, and many other collaboration issues concerning people and technology. An interworking of students from multiple universities, faculty, system administrators and support personnel has brought the testbed resources together for a working environment. In this paper we described our progress and experiences in more detail and how to fulfill our mission statement while supporting the various collaborative efforts involved with this project. In addition, we described the current research activities based on the testbed. Finally we described the next steps in the testbed development.

}, keywords = {Asterisk, Collaboration, Collaborative work, digital television, Internet telephony, IP-based television, IPTV, media distribution, Multimedia communication, Multimedia communications, multiuniversity testbed, Network address translation, network address translation connectivity issues, Network servers, next generation Internet, open systems, PBX solutions, phones-servers interoperability, private telephone exchanges, Testing, TV, video IP phones, video over IP, virtual private network, virtual private networks, voice over IP, Web and internet services}, doi = {10.1109/IPDPS.2008.4536392}, author = {Ram Dantu and Schulzrinne, Henning and Sroufe, Paul} } @inbook {12, title = {Group Recommendation System for Facebook}, booktitle = {On the Move to Meaningful Internet Systems: OTM 2008 Workshops, Monterrey, Mexico, November 9-14, 2008. Proceedings}, year = {2008}, pages = {211{\textendash}219}, publisher = {Springer Berlin Heidelberg}, organization = {Springer Berlin Heidelberg}, address = {Berlin, Heidelberg}, abstract = {

Online social networking has become a part of our everyday lives, and one of the popular online social network (SN) sites on the Internet is Facebook, where users communicate with their friends, join to groups, create groups, play games, and make friends around the world. Also, the vast number of groups are created for different causes and beliefs. However, overwhelming number of groups in one category causes difficulties for users to select a right group to join. To solve this problem, we introduce group recommendation system (GRS) using combination of hierarchical clustering technique and decision tree. We believe that Facebook SN groups can be identified based on their members{\textquoteright} profiles. Number of experiment results showed that GRS can make 73\% accurate recommendation.

}, keywords = {decision tree, recommendation system, Social network}, isbn = {978-3-540-88875-8}, doi = {10.1007/978-3-540-88875-8_41}, url = {http://dx.doi.org/10.1007/978-3-540-88875-8_41}, author = {Baatarjav, Enkh-Amgalan and Phithakkitnukoon, Santi and Ram Dantu}, editor = {Meersman, Robert and Tari, Zahir and Herrero, Pilar} } @article {26, title = {An Impatient Evolutionary Algorithm With Probabilistic Tabu Search for Unified Solution of Some NP-Hard Problems in Graph and Set Theory via Clique Finding}, journal = {IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics)}, volume = {38}, year = {2008}, pages = {645 - 666}, abstract = {

Many graph- and set-theoretic problems, because of their tremendous application potential and theoretical appeal, have been well investigated by the researchers in complexity theory and were found to be NP-hard. Since the combinatorial complexity of these problems does not permit exhaustive searches for optimal solutions, only near-optimal solutions can be explored using either various problem-specific heuristic strategies or metaheuristic global-optimization methods, such as simulated annealing, genetic algorithms, etc. In this paper, we propose a unified evolutionary algorithm (EA) to the problems of maximum clique finding, maximum independent set, minimum vertex cover, subgraph and double subgraph isomorphism, set packing, set partitioning, and set cover. In the proposed approach, we first map these problems onto the maximum clique-finding problem (MCP), which is later solved using an evolutionary strategy. The proposed impatient EA with probabilistic tabu search (IEA-PTS) for the MCP integrates the best features of earlier successful approaches with a number of new heuristics that we developed to yield a performance that advances the state of the art in EAs for the exploration of the maximum cliques in a graph. Results of experimentation with the 37 DIMACS benchmark graphs and comparative analyses with six state-of-the-art algorithms, including two from the smaller EA community and four from the larger metaheuristics community, indicate that the IEA-PTS outperforms the EAs with respect to a Pareto-lexicographic ranking criterion and offers competitive performance on some graph instances when individually compared to the other heuristic algorithms. It has also successfully set a new benchmark on one graph instance. On another benchmark suite called Benchmarks with Hidden Optimal Solutions, IEA-PTS ranks second, after a very recent algorithm called COVER, among its peers that have experimented with this suite.

}, keywords = {Algorithm design and analysis, Clique finding, combinatorial complexity, Complexity theory, computational complexity, evolutionary algorithm, evolutionary algorithms (EAs), evolutionary computation, genetic algorithm, Genetic algorithms, graph theory, Heuristic algorithms, maximum clique finding, metaheuristic global optimization method, NP-hard problem, NP-hard problems in set and graph theory, optimisation, Pareto analysis, Performance analysis, probabilistic tabu search, probability, search problems, set theory, simulated annealing}, doi = {10.1109/TSMCB.2008.915645}, author = {Guturu, Parthasarathy and Ram Dantu} } @conference {49, title = {Inferring Social Groups Using Call Logs}, booktitle = {On the Move to Meaningful Internet Systems: OTM 2008 Workshops}, year = {2008}, month = {11/2008}, pages = {200{\textendash}210}, publisher = {Springer Berlin Heidelberg}, organization = {Springer Berlin Heidelberg}, address = {Monterrey, Mexico}, abstract = {

Recent increase in population of mobile phone users makes it a valuable source of information for social network analysis. For a given call log, how much can we tell about the person{\textquoteright}s social group? Unnoticeably, phone user{\textquoteright}s calling personality and habit has been concealed in the call logs from which we believe that it can be extracted to infer its user{\textquoteright}s social group information. In this paper, we present an end-to-end system for inferring social networks based on {\textquotedblleft}only{\textquotedblright} call logs using kernel-based na{\"\i}ve Bayesian learning. We also introduce normalized mutual information for feature selection process. Our model is evaluated with real-life call logs where it performs at high accuracy rate of 81.82\%.

}, isbn = {978-3-540-88875-8}, doi = {10.1007/978-3-540-88875-8_40}, url = {http://dx.doi.org/10.1007/978-3-540-88875-8_40}, author = {Phithakkitnukoon, Santi and Ram Dantu}, editor = {Meersman, Robert and Tari, Zahir and Herrero, Pilar} } @article {291, title = {Method and system for providing supplementary services for a wireless access network}, year = {2008}, month = {10/2008}, publisher = {Cisco Technology Inc}, chapter = {US7444151B2}, address = {US}, abstract = {

A method and system for providing supplementary services for a wireless access network includes downloading supplementary service triggers from a call agent to a mobility control function (MCF) for a wireless access network. Wireless-specific signaling of the wireless access network is communicated to the MCF. The MCF detects events associated with a trigger based on the wireless-specific signaling. The call agent is informed of the events by the MCF through session initiating protocol (SIP) extensions.

}, keywords = {agent, call, mcf, network, wireless}, url = {https://patents.google.com/patent/US7444151/en}, author = {Ram Dantu and Chiang, Shihlung and Yin, Haochih and Kachhla, Rasik} } @article {289, title = {Method and system of control signaling for a wireless access network}, year = {2008}, month = {12/2008}, publisher = {Cisco Technology Inc}, address = {US}, abstract = {

A method and system of control signaling for a wireless access network includes receiving from a wireless access network a signaling message for a mobile device. The signaling message is in a wireless-specific format. The signaling message is converted to a native format of a call agent to generate a call agent message. The call agent message comprises wireless-specific information of the signaling message.

}, keywords = {agent, call, mcf, message, network}, issn = {US7471674B2}, url = {https://patents.google.com/patent/US7471674/en}, author = {Ram Dantu and Chiang, Shihlung and Yin, Haochih and Kachhla, Rasik} } @article {37, title = {Nuisance Level of a Voice Call}, journal = {ACM Trans. Multimedia Comput. Commun. Appl.}, volume = {5}, year = {2008}, pages = {6:1{\textendash}6:22}, abstract = {

In our everyday life, we communicate with many people such as family, friends, neighbors, and colleagues. We communicate with them using different communication media such as email, telephone calls, and face-to-face interactions. While email is not real-time and face-to-face communications require geographic proximity, voice and video communications are preferred over other modes of communication. However, real-time voice/video calls may create nuisance to the receiver. In this article, we describe a mathematical model for computing nuisance level of incoming voice/video calls. We computed the closeness and nuisance level using the calling patterns between the caller and the callee. To validate the nuisance model, we collected cell phone call records of real-life people at our university and computed the nuisance value for all voice calls. We validated the nuisance levels using the feedback from those real-life people. Such a nuisance model is useful for predicting unwanted voice and video sessions in an IP communication network.

}, keywords = {behavior, Multimedia communications, nuisance, presence, Security, tolerance, unwantedness}, issn = {1551-6857}, doi = {10.1145/1404880.1404886}, url = {http://doi.acm.org/10.1145/1404880.1404886}, author = {Kolan, Prakash and Ram Dantu and Cangussu, Jo{\~a}o} } @conference {30, title = {Privacy Management for Facebook}, booktitle = {4th International Conference on Information Systems Security (ICISS 2008)}, year = {2008}, month = {12/2008}, publisher = {Springer Berlin Heidelberg}, organization = {Springer Berlin Heidelberg}, address = {Hyderabad, India}, abstract = {

As more people adopt the Internet as a medium of communication, the Internet has developed into a virtual world and this has resulted in many online social networks (SN). MySpace and Facebook, two leading online SN sites, have a combined user base of 170 million as of 2008. SN sites started to offer developers open platforms that provide users{\textquoteright} profile information to the developers. Unfortunately, the applications can also be used to invade privacy and to harvest the users{\textquoteright} profile information without their acknowledgement. To address this vulnerability, we propose a privacy-management system that protects the accessibility of users{\textquoteright} profile. The system uses probabilistic approach based on information revelation of users. Our experimental result shows that the system can achieve high accuracy rate of 75\%.

}, keywords = {Facebook, Privacy, Privacy management, Social network}, doi = {10.1007/978-3-540-89862-7\_23}, author = {Baatarjav, Enkh-Amgalan and Ram Dantu and Phithakkitnukoon, Santi} } @conference {60, title = {Quantifying presence using calling patterns}, booktitle = {Communication Systems Software and Middleware and Workshops, 2008. COMSWARE 2008. 3rd International Conference on}, year = {2008}, month = {Jan}, abstract = {

Presence technology is going to be an integral part of the next generation of communication technology. It can eliminate telephone tag between two parties (caller and callee), which will increase productivity of the parties and reduce unnecessary bandwidth usage of unwanted calls. In this paper, we propose a Willingness Estimator that computes willingness level of a callee for receiving calls from a specified caller. By knowing the willingness value of the callee the caller can decide on proceeding with the call or not. The proposed Willingness Estimator is tested with real mobile user data, and these results are highly accurate. We measure willingness based on calling patterns (arrival time, location, day) of a caller to a callee and this could serve as one of the future presence based services. The results can be used in telecommunication networks such as PSTN, Cellular networks, and Voice over IP networks.

}, keywords = {cellular networks, Communications technology, Computer science, Computer security, Intrusion detection, Laboratories, Mobile handsets, mobile user data, Network servers, next generation communication, Next generation networking, presence technology, Productivity, PSTN, telecommunication networks, telephony, user calling pattern, voice over IP networks, willingness estimator}, doi = {10.1109/COMSWA.2008.4554403}, author = {Husna, Husain and Phithakkitnukoon, Santi and Baatarjav, Enkh-Amgalan and Ram Dantu} } @conference {56, title = {Quantifying the Presence of Phone Users}, booktitle = {2008 5th IEEE Consumer Communications and Networking Conference}, year = {2008}, month = {Jan}, abstract = {

Presence-enabled telephony services can reduce telephone tag and improve customer satisfaction. In this paper we proposed the Bayesian inference model to calculate the willingness level of the callee to accept calls. Before making a call, the caller may use the willingness calculator to find out whether the callee is available. Based on this level the user can make a decision whether to make a call. For validation of our results, we used actual call logs of 100 users collected at MIT by the Reality Mining Project group for a period of 8 months. We used time of the day, day of the week, talk-time and location for calculating the willingness level Our results show a good agreement between computed willingness level and the number of missed/rejected calls. This service can be included as part of the presence server. When deployed, this service can increase productivity, avoid unwanted calls and reduce the call traffic congestion. This service is beneficial to both subscribers and phone service providers. However, in order to make this service a reality, we need to take into account other factors such social closeness, proximity, multiplexity and reputation of the caller.

}, keywords = {Bayes methods, Bayesian inference model, Bayesian methods, call traffic congestion, Computer science, Context, customer satisfaction, Multimedia communication, Multimedia systems, Network servers, phone service provider, presence-enabled telephony service, Productivity, Roads, telecommunication congestion control, telecommunication traffic, telephony, willingness calculator}, doi = {10.1109/ccnc08.2007.206}, author = {Zhang, Huiqi and Ram Dantu} } @article {274, title = {Spam Classification Based on E-Mail Path Analysis}, journal = {International Journal of Information Security and Privacy (IJISP)}, volume = {2}, year = {2008}, month = {April}, pages = {46-69}, abstract = {

Email spam is the most effective form of online advertising. Unlike telephone marketing, email spamming does not require huge human or financial resources investment. Most existing spam filtering techniques concentrate on the emails{\^a}{\texteuro}{\texttrademark} content. However, most spammers obfuscate their emails{\^a}{\texteuro}{\texttrademark} content to circumvent content-based spam filters. An integrated solution for restricting spam emails is needed as content analyses alone might not provide a solution for filtering unsolicited emails. Here we present a new method for isolating unsolicited emails. Though spammers obfuscate their emails{\^a}{\texteuro}{\texttrademark} content, they do not have access to all the fields in the email header. Our classification method is based on the path an email traverses instead of content. Overall, our classifier produced fewer false positives when compared to current filters such as SpamAssassin. We achieved a precision of 98.65\% which compares well with the precisions achieved by SPF, DNSRBL blacklists.

}, doi = {doi:10.4018/jisp.2008040104}, url = {https://ideas.repec.org/a/igg/jisp00/v2y2008i2p46-69.html}, author = {Palla, Srikanth and Ram Dantu and Cangussu, Jo{\~a}o} } @conference {32, title = {Traffic Shaping of Spam Botnets}, booktitle = {2008 5th IEEE Consumer Communications and Networking Conference}, year = {2008}, month = {01/2008}, address = {Las Vegas, NV}, abstract = {

Compromised computers, known as bots, are the major source of spamming. Detecting them can help greatly improve control of unwanted traffic. In this paper, we develop a traffic control mechanism to detect and delay the traffic of suspicious senders and bots. By delaying spammer{\textquoteright}s traffic, it has been reported that 90\% of spam emails can be eliminated. In our proposed mechanism, we group spammers based on their behavior and transmission patterns. These patterns of spammers show high correlation between group members irrespective of geographic location, network ID, content, and kind of receivers. After identification of these botnet groups we applied traffic shaping techniques a pre-filtering analysis to avoid use of automated machines(bots) to spam a particular domain. Thus the source for majority of spam is blocked before reaching email servers. We also identify how randomly the botnets behave and how easy it is to capture a botnet behavior, based on Information theory. To our knowledge, there is no work reported on detecting and mitigating botnets based on their behavior and in particular transmission patterns.

}, keywords = {automated machine, compromised computer, E-mail server, Internet, prefiltering analysis, spam botnets, spammer traffic, spamming, suspicious senders, telecommunication network management, telecommunication traffic, traffic control mechanism, traffic shaping, unsolicited e-mail}, doi = {10.1109/ccnc08.2007.181}, author = {Husna, Husain and Phithakkitnukoon, Santi and Ram Dantu} } @article {43, title = {VoIP Security: Attacks and Solutions}, journal = {Information Security Journal: A Global Perspective}, volume = {17}, year = {2008}, pages = {114{\textendash}123}, abstract = {

Voice over IP (VoIP) technology is being extensively and rapidly deployed. Flexibility and cost efficiency are the key factors luring enterprises to transition to VoIP. Some security problems may surface with the widespread deployment of VoIP. This article presents an overview of VoIP systems and its security issues. First, we briefly describe basic VoIP architecture and its fundamental differences compared to PSTN. Next, basic VoIP protocols used for signaling and media transport, as well as defense mechanisms are described. Finally, current and potential VoIP attacks along with the approaches that have been adopted to counter the attacks are discussed.

}, keywords = {attack, defense mechanism, PSTN, Security, VoIP}, issn = {1939-3555}, doi = {10.1080/19393550802308618}, url = {http://dx.doi.org/10.1080/19393550802308618}, author = {Phithakkitnukoon, Santi and Ram Dantu and Baatarjav, Enkh-Amgalan} } @article {85, title = {An Architecture for Automatic and Adaptive Defense}, journal = {Journal of Information Privacy and Security}, volume = {3}, year = {2007}, pages = {37-58}, abstract = {

Network attacks have become so fast that human mitigation cannot cope with security requirements. In addition, attackers have become smarter by creating attacks which mutate themselves to prevent detection. Therefore, defense mechanisms must be automated to keep up with attack speed and adapted to seek out mutations. An architecture to support this trend in defense mechanisms is proposed here. The architecture is based upon three conceptual pillars. First is the use of a multi-feedback loop control to slow down an attack. Second, machine learning concepts are employed to properly distinguish between normal and abnormal e-attack traffic. And, third, trust and reputation levels are determined through social networks. A case study on the application of the proposed architecture to a worm propagation attack provides the initial evidence of the e-attack and applicability of the approach.

}, doi = {10.1080/15536548.2007.10855815}, url = {http://dx.doi.org/10.1080/15536548.2007.10855815}, author = {Ram Dantu and Cangussu, Jo{\~a}o} } @conference {58, title = {Automatic Calibration Using Receiver Operating Characteristics Curves}, booktitle = {2007 2nd International Conference on Communication Systems Software and Middleware}, year = {2007}, month = {Jan}, abstract = {

Application-level filters, such as e-mail and VoIP spam filters, that analyze dynamic behavior changes are replacing static signature-recognition filters. These application-level filters learn behavior and use that knowledge to filter unwanted requests. Because behavior of a service request{\textquoteright}s participating entities changes rapidly, filters must adapt quickly by using end user{\textquoteright}s preferences about receiving that service request message. Many adaptive filters learn from the participating entities{\textquoteright} behavior; however, none configure themselves automatically to an end user{\textquoteright}s changing tolerance levels. Also, filter administrators cannot manually change the threshold for each service request in real time. Traditional adaptive filters fail when administrators must optimize multiple filter thresholds manually and often. Thus, to improve a filter{\textquoteright}s learning, we must automate its threshold-update process. We propose an automatic threshold-calibration mechanism using Receiver Operating Characteristics (ROC) curves that updates the threshold based on an end user{\textquoteright}s feedback. To demonstrate the mechanism{\textquoteright}s real-time applicability, we integrated it in a Voice over IP (VoIP) spam filter that analyzes incoming Spam over IP Telephony (SPIT) calls. Using this mechanism, we observed good improvement in the VoIP spam filter{\textquoteright}s accuracy. Further, computing and updating the optimum threshold in realtime does not impede the filter{\textquoteright}s temporal performance because we update thresholds after each call{\textquoteright}s completion. Because we reach an optimum threshold for any initial setting, this mechanism works efficiently when we cannot predict end-user behavior. Furthermore, automatic calibration proves efficient when using multiple threshold values.

}, keywords = {adaptive filters, application-level filter learning, automatic threshold-calibration mechanism, behavior, calibration, Computer science, Computer worms, Electronic mail, end user feedback, Filtering, information filtering, information filters, Internet telephony, learning (artificial intelligence), Protocols, receiver operating characteristics curves, sensitivity analysis, service request message, telecommunication traffic, Threshold, tolerance, Viruses (medical)}, doi = {10.1109/COMSWA.2007.382484}, author = {Kolan, Prakash and Vaithilingam, Ram and Ram Dantu} } @conference {34, title = {Classification of Attributes and Behavior in Risk Management Using Bayesian Networks}, booktitle = {2007 IEEE International Conference on Intelligence and Security Informatics (ISI) }, year = {2007}, month = {05/2007}, address = {New Brunswick, NJ}, abstract = {

Security administration is an uphill task to implement in an enterprise network providing secured corporate services. With the slew of patches being released by network component vendors, system administrators require a barrage of tools for analyzing the risk due to vulnerabilities in those components. In addition, criticalities in patching some end hosts raises serious security issues about the network to which the end hosts are connected. In this context, it would be imperative to know the risk level of all critical resources keeping in view the everyday emerging new vulnerabilities. We hypothesize that sequence of network actions by attackers depends on their social and attack profile (behavioral resources such as skill level, time, and attitude). To estimate the types of attack behavior, we surveyed individuals for their ability and attack intent. Using the individuals{\textquoteright} responses, we determined their behavioral resources and classified them as having opportunist, hacker, or explorer behavior. The profile behavioral resources can be used for determining risk by an attacker having that profile. Thus, suitable vulnerability analysis and risk management strategies can be formulated to efficiently curtail the risk from different types of attackers.

}, keywords = {attack behaviour, attack graphs, attack intent, Bayesian network, behavior, belief networks, explorer behavior, hacker behavior, opportunist behavior, profile behavioral resource classification, risk management, Security, security administration, vulnerability analysis}, doi = {10.1109/ISI.2007.379536}, author = {Ram Dantu and Kolan, Prakash and Akl, Robert and Loper, Kall} } @article {14, title = {EAP Methods for Wireless Networks}, journal = {Comput. Stand. Interfaces}, volume = {29}, year = {2007}, pages = {289{\textendash}301}, keywords = {802.11, 802.16, EAP, Extensible authentication protocol, RFID, Security, WiMAX, Wireless LAN}, issn = {0920-5489}, doi = {10.1016/j.csi.2006.04.001}, url = {http://dx.doi.org/10.1016/j.csi.2006.04.001}, author = {Ram Dantu and Clothier, Gabriel and Atri, Anuj} } @article {18, title = {Fast Worm Containment Using Feedback Control}, journal = {IEEE Transactions on Dependable and Secure Computing}, volume = {4}, year = {2007}, pages = {119 - 136}, abstract = {

In a computer network, network security is accomplished using elements such as firewalls, hosts, servers, routers, intrusion detection systems, and honey pots. These network elements need to know the nature or anomaly of the worm a priori to detect the attack. Modern viruses such as Code Red, Sapphire, and Nimda spread quickly. Therefore, it is impractical if not impossible for human mediated responses to these fast-spreading viruses. Several epidemic studies show that automatic tracking of resource usage and control provides an effective method to contain the damage. In this paper, we propose a novel security architecture based on the control system theory. In particular, we describe a state-space feedback control model that detects and control the spread of these viruses or worms by measuring the velocity of the number of new connections an infected host makes. The mechanism{\textquoteright}s objective is to slow down a worm{\textquoteright}s spreading velocity by controlling (delaying) the number of new connections made by an infected host. A proportional and integral (PI) controller is used for a continuous control of the feedback loop. The approach proposed here has been verified in a laboratory setup, and we were able to contain the infection so that it affected less than 5 percent of the hosts. We have also implemented a protocol for exchanging control-specific information between the network elements. The results from the simulation and experimental setup combined with the sensitivity analysis demonstrate the applicability and accuracy of the approach.

}, keywords = {communication/networking and information technology, computer networks, Computer systems organization, control engineering computing, general, invasive software, network security, network-level security and protection, PI control, process control systems., proportional-integral controller, special-purpose and application-based systems, state feedback, state-space feedback control, state-space methods, telecommunication security, worm containment}, doi = {10.1109/TDSC.2007.1002}, author = {Ram Dantu and Cangussu, Jo{\~a}o and Patwardhan, Sudeep} } @conference {62, title = {Goliath: A Configurable Approach for Network Testing}, booktitle = {Testbeds and Research Infrastructure for the Development of Networks and Communities, 2007. TridentCom 2007. 3rd International Conference on}, year = {2007}, month = {May}, abstract = {

When testing a network environment and/or application many aspects need to be taken into consideration. For example, different software needs to be deployed at different nodes and different topologies may also need to be tested. The manual execution of these tasks are very time consuming and a configurable environment to facilitate these tasks and consequently improve testing performance is desired. In this paper a virtual network environment that can be easily reconfigured is presented to address this problem. Also presented is a case study with the results of deployment and containing a worm propagation attack.

}, keywords = {automated network testing, Computational modeling, computer networks, Computer science, Computer worms, Distributed computing, Goliath, Intrusion detection, network topologies, Network topology, Protocols, security of data, Software testing, System testing, telecommunication computing, telecommunication network topology, telecommunication security, virtual network environment, virtual private networks, worm propagation attack}, doi = {10.1109/TRIDENTCOM.2007.4444667}, author = {Fagen, Wade and Cangussu, Jo{\~a}o and Ram Dantu} } @article {47, title = {HIPAA: Securing Medical Networks}, journal = {Network Security}, volume = {2007}, year = {2007}, pages = {13{\textendash}16}, abstract = {

The Health Information Portability and Accountability Act of 1996 (HIPAA) imposes strict regulations on healthcare institutions and commercial vendors to indemnify clinical data against unscrupulous users. Security vulnerabilities concerning hospital information systems not only negatively impact patient healthcare, but may also represent a potential federal violation. For a comprehensive understanding of the security of a radiology communication network, a detailed survey of the Picture Archiving and Communication Systems (PACS) was compiled. In this paper, we present survey results and a set of recommendations for implementing PACS security.

}, issn = {1353-4858}, doi = {10.1016/S1353-4858(07)70055-7}, url = {http://dx.doi.org/10.1016/S1353-4858(07)70055-7}, author = {Ram Dantu and Oosterwijk, Herman and Kolan, Prakash and Husna, Husain} } @article {292, title = {Method and system for providing services for wireless data calls}, year = {2007}, month = {05/2007}, publisher = {Cisco Technology Inc}, address = {US}, abstract = {

A method and system for providing services for wireless data calls includes monitoring a wireless data call for a predefined event associated with a service for the wireless data call. The service is initiated for the wireless data call in response to detecting the predefined event for the data call. The predefined event may comprise a uniform resource locator (URL) match or change, excess use of transmission or time resources, a location change of a mobile device for the wireless data call, a network event, or a combination of any or all suitable events.

}, keywords = {call, data, network, service, wireless}, issn = {US7225238B1}, url = {https://patents.google.com/patent/US7225238/en}, author = {Ram Dantu and Patel, Pulin and Patel, Pravir and Garbuz, Alexander and Miernik, Jerzy and Patel, Achal and Holur, Balaji} } @conference {45, title = {Predicting Calls: New Service for an Intelligent Phone}, booktitle = {10th IFIP/IEEE International Conference on Management of Multimedia and Mobile Networks and Services, MMNS 2007}, year = {2007}, month = {11/2007}, address = { San Jos{\'e}, USA}, abstract = {

Predicting future calls can be the next advanced feature of the intelligent phone as the phone service providers are looking to offer new services to their customers. Call prediction can be useful to many applications such as planning daily schedule and attending unwanted communications (e.g. voice spam). Predicting calls is a very challenging task. We believe that this is a new area of research. In this paper, we propose a Call Predictor (CP) that computes the probability of receiving calls and makes call prediction based on caller{\textquoteright}s behavior and reciprocity. The proposed call predictor is tested with the actual call logs. The experimental results show that the call predictor performs reasonably well with false positive rate of 2.4416\%, false negative rate of 2.9191\%, and error rate of 5.3606\%.

}, keywords = {Arrival time, behavior, call matrix, Callee, Caller, Communications, Incoming calls, Inter-arrival time, Inter-arrival/departure time, Kernel density estimation, Outgoing calls, Probability density function (pdf), Receiving call probability, Reciprocity}, doi = {10.1007/978-3-540-75869-3\_3}, author = {Phithakkitnukoon, Santi and Ram Dantu} } @article {10, title = {Socio-technical Defense Against Voice Spamming}, journal = {ACM Trans. Auton. Adapt. Syst.}, volume = {2}, year = {2007}, abstract = {

Voice over IP (VoIP) is a key enabling technology for migration of circuit-switched PSTN (Public Switched Telephone Network) architectures to packet-based networks. One problem of the present VoIP networks is filtering spam calls referred to as SPIT (Spam over Internet Telephony). Unlike spam in e-mail systems, VoIP spam calls have to be identified in real time. Many of the techniques devised for e-mail spam detection rely upon content analysis, and in the case of VoIP, it is too late to analyze the content (voice) as the user would have already attended the call. Therefore, the real challenge is to block a spam call before the telephone rings. In addition, we believe it is imperative that spam filters integrate human behavioral aspects to gauge the legitimacy of voice calls. We know that, when it comes to receiving or rejecting a voice call, people use the social meaning of trust, reputation, friendship of the calling party and their own mood. In this article, we describe a multi-stage, adaptive spam filter based on presence (location, mood, time), trust, and reputation to detect spam in voice calls. In particular, we describe a closed-loop feedback control between different stages to decide whether an incoming call is spam. We further propose formalism for voice-specific trust and reputation analysis. We base this formal model on a human intuitive behavior for detecting spam based on the called party{\textquoteright}s direct and indirect relationships with the calling party. No VoIP corpus is available for testing the detection mechanism. Therefore, for verifying the detection accuracy, we used a laboratory setup of several soft-phones, real IP phones and a commercial-grade proxy server that receives and processes incoming calls. We experimentally validated the proposed filtering mechanisms by simulating spam calls and measured the filter{\textquoteright}s accuracy by applying the trust and reputation formalism. We observed that, while the filter blocks a second spam call from a spammer calling from the same end IP host and domain, the filter needs only a maximum of three calls{\textemdash}even in the case when spammer moves to a new host and domain. Finally, we present a detailed sensitivity analysis for examining the influence of parameters such as spam volume and network size on the filter{\textquoteright}s accuracy

}, keywords = {behavior, reputation, SIP (Session Initiation Protocol), SPIT (Spam over IP Telephony), tolerance, Trust}, issn = {1556-4665}, doi = {10.1145/1216895.1216897}, url = {http://doi.acm.org/10.1145/1216895.1216897}, author = {Kolan, Prakash and Ram Dantu} } @article {294, title = {System and method for packet level restoration of IP traffic using overhead signaling in a fiber optic ring network}, year = {2007}, month = {01/2007}, publisher = {Alcatel SA}, address = {US}, abstract = {

An apparatus and a method for forwarding data packets through a fiber optic ring network includes forwarding data packets on a packet by packet basis. A node on the fiber optic ring network decides on a packet by packet basis whether to transmit on the working or protection path. Because this decision is being made on a packet level, reservation of throughput resources no longer is made at a one to one ratio. Rather, protection path resources are reserved at a ratio significantly less than one to one. In one embodiment, no resources are reserved for path restoration or protection path routing. Rather, quality of service provisioning is used to resolve interference situations wherein instantaneous demand exceeds capacity. A node evaluates ring conditions in relation to the demand of traffic resources and the relative quality of service ratings to determine whether and how to forward a packet. Additionally, a node decides whether to use the working or protection path by considering the final destination on the fiber optic ring network, any identified ring conditions and, in some embodiments, quality of service. The ring conditions to which the inventive nodes respond include OSI layer 1, layer 2 and layer 3 conditions.

}, keywords = {fiber, network, node, optic, ring}, issn = {US7167443B1}, url = {https://patents.google.com/patent/US7167443/en}, author = {Ram Dantu and Ester, Gary and O{\textquoteright}Connell, Pete} } @article {196, title = {A Testbed for Research and Development for Securing IP Multimedia Communication Services}, year = {2007}, month = {06/2007}, publisher = {NSF CRI PI Meeting}, address = {Boston, MA}, author = {Ram Dantu} } @conference {86, title = {Unwanted SMTP Paths and Relays}, booktitle = {2007 2nd International Conference on Communication Systems Software and Middleware}, year = {2007}, month = {Jan}, abstract = {

Based on the social interactions of an email user, incoming email traffic can be divided into different categories such as, telemarketing, Opt-in family members and friends. Due to a lack of knowledge in the different categories, most of the existing spam filters are prone to high false positives and false negatives. Moreover, a majority of the spammers obfuscate their email content inorder to circumvent the content-based spam filters. However, they do not have access to all the fields in the email header. Our classification method is based on the path traversed by email (instead of content analysis) since we believe that spammers cannot forge all the fields in the email header. We based our classification on three kinds of analyses on the header: i) EndToEnd path analysis, which tries to establish the legitimacy of the path taken by an email and classifies them as either spam or non-spam; ii) Relay analysis, which verifies the trustworthiness of the relays participating in the relaying of emails; iii) Emails wantedness analysis, which measure the recipients wantedness of the senders emails. We use the IMAP message status flags such as, message has been read, deleted, answered, flagged, and draft as an implicit feed back from the user in Emails wantedness analysis. Finally we classify the incoming emails as i) socially close (such as, legitimate emails from family, and friends), ii) socially distinct emails from strangers, iii) spam emails (for example, emails from telemarketers, and spammers) and iv) opt-in emails. Based on the relation between spamminess of the path taken by spam emails and the unwantedness values of the spammers, we classify spammers as i) prospective spammers, ii) suspects, iii) recent spammers and iv) serial spammers. Overall, our method resulted in far less false positives compared to current filters like SpamAssassin. We achieved a precision of 98.65\% which is better than the precisions achieved by SPF and DNSBL blacklists.

}, keywords = {Computer science, content-based spam filters, Counterfeiting, Credit cards, email spam filters, emails wantedness analysis, end-to-end path analysis, Filters, IMAP message status flags, information filtering, information filters, Information security, Legislation, Multimedia communication, relay analysis, Relays, SMTP paths analysis, unsolicited e-mail, Unsolicited electronic mail, Web page design}, doi = {10.1109/COMSWA.2007.382440}, author = {Palla, Srikanth and Ram Dantu} } @article {176, title = {CISE and Global Implications}, year = {2006}, month = {06/2006}, publisher = {NSF Workshop on Computing Research Infrastructure}, address = {Snowbird, Utah}, author = {Ram Dantu} } @conference {239, title = {Detecting phishing in emails}, booktitle = {Proceedings of MIT Spam Conference}, year = {2006}, author = {Palla, Srikanth and Ram Dantu} } @article {79, title = {Dynamic resource management in QoS controlled networks}, journal = {Telecommunication Systems}, volume = {32}, year = {2006}, pages = {11{\textendash}30}, abstract = {

This paper addresses the problem of resource fragmentation (RF) in QoS controllednetworks. Resources are said to be fragmented when they are available in non-contiguousblocks and hence cannot be utilized by incoming calls with high resource demands. This paper shows the effect of resource fragmentation on QoS controlled networks and presents the Dynamic Resource Redistribution (DRR) algorithm to counteract RF. The DRR algorithm reduces the effects of RF by attempting to redistribute resources in different paths to make resources to incoming calls. A variety of simulation experiments were conducted to study the performance of the DRR algorithm on different network topologies with varying traffic characteristics. The DRR algorithm, when used, increased the number of calls accommodated in the network as well as the overall resource allocation in the network.

}, issn = {1572-9451}, doi = {10.1007/s11235-006-8200-4}, url = {http://dx.doi.org/10.1007/s11235-006-8200-4}, author = {Prasanna, Venkatesan and Mikler, Armin and Ram Dantu and Abbas, Kaja} } @article {175, title = {Future Threats}, year = {2006}, month = {09/2006}, publisher = {NSF Workshop on Future Topics for Cyber Trust}, author = {Ram Dantu} } @article {287, title = {Method and system for configuring wireless routers and networks}, year = {2006}, month = {04/2006}, publisher = {Cisco Technology Inc}, address = {US}, abstract = {

A method and system for configuring a wireless router and a wireless communications network includes establishing connectivity between a wireless router and at least one wireline router. Connectivity between the wireless router and a plurality of neighboring wireless routers is established through the wireline router. The wireless router is configured based on information exchanged with the neighboring wireless routers through the wireline router.

}, keywords = {parameters, router, state, step, wireless}, issn = {US7031266B1}, url = {https://patents.google.com/patent/US7031266/en}, author = {Patel, Pulin and Choksi, Ojas and Davidson, Kenneth and Ram Dantu} } @article {295, title = {Quality indicator and method for frame selection in wireless network}, year = {2006}, month = {07/2006}, publisher = {Cisco Technology Inc}, chapter = {US7079512B1}, address = {US}, abstract = {

A method and system for indicating quality of a radio frame transmitted over a wireless link includes receiving a radio frame from the wireless link. A power indicator for the radio frame is determined based on a power control trend of the wireless link. A quality indicator for the radio frame is generated based on the power indicator.

}, keywords = {frame, indicator, link, quality, radio}, url = {https://patents.google.com/patent/US7079512/en}, author = {Alam, Mahbubul and Ram Dantu and Holur, Balaji and Eyceoz, Tugay} } @article {179, title = {Securing IMS and VoIP}, year = {2006}, month = {06/2006}, publisher = {3rd Workshop on Voice over IP Security}, address = {Berlin, Germany}, author = {Ram Dantu} } @article {180, title = {Securing voice over IP}, journal = {IEEE Network}, volume = {20}, year = {2006}, month = {Sept}, pages = {4-5}, keywords = {Authentication, Fingerprint recognition, information filtering, information filters, Information security, Internet telephony, Markup languages, Protection, Protocols, Standardization}, issn = {0890-8044}, doi = {10.1109/MNET.2006.1705876}, author = {Ram Dantu and Ghosal, Dipak and Schulzrinne, Henning} } @conference {33, title = {Securing VoIP and PSTN from integrated signaling network vulnerabilities}, booktitle = {1st IEEE Workshop on VoIP Management and Security, 2006.}, year = {2006}, abstract = {

The liberalization of public switched telephone network (PSTN) and growing acceptance of SIGTRAN protocol suite have introduced new and yet to be trusted signaling entities. Thus security threats emerging from one network not only affects itself but other network also. We show how this integrated signaling environment can become a security threat to emerging VoIP and PSTN networks. We propose a security solution as a fix. Our proposal goes beyond "Gateway Screening" and "SS7 Gatekeeper" proposed by Telcordia and Verizon respectively to defend vulnerable SS7 network.

}, keywords = {Information security, Information systems, Internet telephony, IP networks, ISDN, National security, Protocols, Routing, Signal processing, Switching circuits}, doi = {10.1109/VOIPMS.2006.1638116}, author = {Sengar, Hemant and Ram Dantu and Wijesekera, Duminda} } @article {39, title = {SS7 over IP: signaling interworking vulnerabilities}, journal = {IEEE Network}, volume = {20}, year = {2006}, month = {Nov}, pages = {32-41}, abstract = {

Public telephony - the preferred choice for two-way voice communication over a long time - has enjoyed remarkable popularity for providing acceptable voice quality with negligible connection delays, perhaps due to its circuit-switched heritage. Recently, IP telephony, a packet-based telephone service that runs as an application over the IP protocol, has been gaining popularity. To provide seamless interconnectivity between these two competing services, the Internet Engineering Task Force (IETF) has designed a signaling interface commonly referred to as SIGTRAN. This seamless intersignaling provided by SIGTRAN facilitates any subscriber in one network to reach any other subscriber in the other network, passing through any heterogeneous maze of networks consisting of either of these. Unfortunately, the same intersignaling potentially can be exploited from either side to disrupt the services provided on the other side. We show how this can be done and propose a solution based on access control, signal screening, and detecting anomalous signaling. We argue that to be effective, the latter two should consider syntactic correctness, semantic validity of the signal content, and the appropriateness of a particular signal in the context of earlier exchanged messages

}, keywords = {anomalous signaling detection, circuit-switched heritage, Delay effects, Design engineering, IETF, Integrated circuit interconnections, Internet Engineering Task Force, Internet telephony, intersignaling, IP protocol, ISDN, packet-based telephone service, Protocols, public telephony, Routing, Signal detection, signal screening, signaling interworking, SIGTRAN, SS7 over IP, Switches, telecommunication signalling, two-way voice communication, Web and internet services}, issn = {0890-8044}, doi = {10.1109/MNET.2006.273119}, author = {Sengar, Hemant and Ram Dantu and Wijesekera, Duminda and Jajodia, Sushil} } @article {297, title = {System and method for transporting in/ain signaling over an internet protocol (IP) network}, year = {2006}, month = {02/2006}, publisher = {Alcatel USA Sourcing LP}, address = {US}, keywords = {ip, link, network, sctp, signaling}, issn = {US7006433B1}, url = {https://patents.google.com/patent/US7006433B1/en?oq=US7006433}, author = {Ram Dantu and Davis, Robert and George, Thomas} } @article {177, title = {A Testbed for Research and Development For Securing Multimedia Communication Services}, year = {2006}, month = {06/2006}, publisher = {NSF Workshop on Computing Research Infrastructure}, address = {Snowbird, Utah}, author = {Ram Dantu} } @article {178, title = {Top 3 challenges in VoIP Security and Management}, year = {2006}, month = {04/2006}, publisher = {1st IEEE International Workshop on VoIP Security and Management (VoIPMaSE)}, address = {Vancouver, BC, Canada}, author = {Ram Dantu} } @article {296, title = {Wireless router and method for processing traffic in a wireless communications network}, year = {2006}, month = {06/2006}, publisher = {Cisco Technology Inc}, address = {US}, abstract = {

A wireless communications network includes a wireless-specific router topology layer that connects cellular sites to a wireline topology. The wireless-specific router topology provides a distributed architecture in which call processing including call setup, resource preservation, air bandwidth allocation, switching, soft handoff, and micromobility is performed at the cell level. The wireless routers are technology independent to support various cellular technologies. The wireless router may include a first interface operable to communicate wireless packets for a call with a remote device and a second interface operable to communicate wireline packets for the call with the wireline network. A traffic controller is coupled to the first and second interfaces and operable to convert traffic between the wireless and wireline packets and to route packets to a destination mobile or wireline device. A selection and distribution unit is operable to select and distribute traffic to support soft handoff for calls in the wireless communications network.

}, keywords = {network, router, routers, traffic, wireless}, issn = {US7068624B1}, url = {https://patents.google.com/patent/US7068624B1/en}, author = {Ram Dantu and Patel, Pulin and Choksi, Ojas and Patel, Achal and Ali, Mohammad and Miernik, Jerzy and Holur, Balajl} } @conference {73, title = {An Architecture for Network Security Using Feedback Control}, booktitle = {Proceedings of the 2005 IEEE International Conference on Intelligence and Security Informatics}, year = {2005}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Atlanta, GA}, isbn = {3-540-25999-6, 978-3-540-25999-2}, doi = {10.1007/11427995_84}, url = {http://dx.doi.org/10.1007/11427995_84}, author = {Ram Dantu and Cangussu, Jo{\~a}o} } @article {186, title = {A Blueprint for Implementing Security in Radiology}, year = {2005}, month = {04/2005}, publisher = {AHRA Electronic Imaging Conference}, author = {Ram Dantu} } @conference {7, title = {Detecting Spam in VoIP Networks}, booktitle = {Proceedings of the Steps to Reducing Unwanted Traffic on the Internet Workshop}, year = {2005}, publisher = {USENIX Association}, organization = {USENIX Association}, address = {Berkeley, CA, USA}, abstract = {

Voice over IP (VoIP) is a key enabling technology for the migration of circuit-switched PSTN architectures to packetbased networks. The problem of spam in VoIP networks has to be solved in real time compared to e-mail systems. Many of the techniques devised for e-mail spam detection rely upon content analysis and in the case of VoIP it is too late to analyze the media after picking up the receiver. So we need to stop the spam calls before the telephone rings. From our observation, when it comes to receiving or rejecting a voice call people use social meaning of trust and reputation of the calling party. In this paper, we describe a multi-stage spam filter based on trust, and reputation for detecting the spam. In particular we used closed loop feedback between different stages in deciding if the incoming call is a spam or not. For verifying the concepts, we used a laboratory setup of several thousand soft-phones and a commercial grade proxy server. We verified our filtering mechanisms by simulating the spam calls and measured the accuracy of the filter. Results show that multistage feedback loop fares better than any single stage. Also, the larger the network size, the harder to detect a spam call. Further work includes understanding the behavior of different controlling parameters in trust and reputation calculations and deriving meaningful relationships between them.

}, url = {http://dl.acm.org/citation.cfm?id=1251282.1251287}, author = {Ram Dantu and Kolan, Prakash} } @article {185, title = {Hospital Network Security: A Blueprint for Implementing Security in Radiology}, year = {2005}, month = {06/2005}, publisher = {First Annual Internet Security Conference}, address = {Plano, Texas, USA}, author = {Ram Dantu} } @article {298, title = {Method and system of integrated rate control for a traffic flow across wireline and wireless networks}, year = {2005}, month = {06/2005}, publisher = {Cisco Technology Inc}, address = {US}, abstract = {

A method and system of integrated rate control for a traffic flow extending across wireline and wireless networks includes determining a power indicator for a wireless link of a traffic flow between a source and a mobile device. Delivery of a feedback message generated by the mobile device is shaped based on the power indicator for the wireless link to control the source transmit rate of the traffic flow.

}, keywords = {control, flow, power, rate, wireless}, issn = {US6904286B1}, url = {https://patents.google.com/patent/US6904286B1/en}, author = {Ram Dantu} } @article {184, title = {Panel: What do you mean security VoIP}, year = {2005}, month = {06/2005}, publisher = {IEEE ENTNET conference in conjunction with Supercom{\textquoteright}2005}, author = {Ram Dantu} } @conference {24, title = {Risk Management Using Behavior Based Bayesian Networks}, booktitle = {Proceedings of the 2005 IEEE International Conference on Intelligence and Security Informatics}, year = {2005}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Atlanta, GA}, abstract = {

Security administration is an uphill task to implement in an enterprise network providing secured corporate services. With the slew of patches being released by Microsoft, HP and other vendors, system administrators require a barrage of tools for analyzing the risk due to these vulnerabilities. In addition to this, criticalities in patching some end hosts (eg., in hospitals) raises serious security issues about the network to which the end hosts are connected. In this context, it would be imperative to know the risk level of all critical resources (e.g., Oracle Server in HR department) keeping in view the everyday emerging new vulnerabilities. We hypothesize that sequence of network actions by an attacker depends on the social behavior (e.g., skill level, tenacity, financial ability). We extended this and formulated a mechanism to estimate the risk level of critical resources that may be compromised based on attacker behavior. This estimation is accomplished using behavior based attack graphs. These graphs represent all the possible attack paths to all the critical resources. Based on these graphs, we calculate the risk level of a critical resource using Bayesian methodology and periodically update the subjective beliefs about the occurrence of an attack. Such a calculated risk level would be a measure of the vulnerability of the resource and it forms an effective basis for a system administrator to perform suitable changes to network configuration. Thus suitable vulnerability analysis and risk management strategies can be formulated to efficiently curtail the risk from different types of attackers (script kiddies, hackers, criminals and insiders).

}, isbn = {3-540-25999-6, 978-3-540-25999-2}, doi = {10.1007/11427995_10}, url = {http://dx.doi.org/10.1007/11427995_10}, author = {Ram Dantu and Kolan, Prakash} } @article {181, title = {Security and Privacy issues in Radiology}, year = {2005}, month = {09/2005}, publisher = {NSF Cyber Trust PI meeting}, author = {Ram Dantu} } @conference {81, title = {Sensitivity Analysis of an Attack Containment Model}, booktitle = {Proceedings of the 2005 IEEE International Conference on Intelligence and Security Informatics}, year = {2005}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Atlanta, GA}, abstract = {

A feedback control model has been previously proposed to regulate the number of connections at different levels of a network. This regulation is applied in the presence of a worm attack resulting in a slow down of the spreading worm allowing time to human reaction to properly eliminate the worm in the infected hosts. The feedback model constitutes of two queues, one for safe connections and another for suspected connections. The behavior of the proposed model is based on three input parameters to the model. These parameters are: (i) the portion of new connection requests to be sent to the suspect queue, (ii) the number of requests to be transferred from the suspect to the safe queue, and (iii) the time out value of the requests waiting in the suspect queue. The more we understand the effects of these parameters on the model, the better we can calibrate the model. Based on this necessity, a sensitivity analysis of the model is presented here. The analysis allows for the computation of the effects of changing parameters in the output of the model. In addition, the use of a sensitivity matrix permits the computations of not only changes in one parameter but also combined changes of these parameters. From the sensitivity analysis we have verified our assumption that the changes in the input parameters have no effect on the overall system stability. However, there will be a short period of instability before reaching a stable state.

}, isbn = {3-540-25999-6, 978-3-540-25999-2}, doi = {10.1007/11427995_11}, url = {http://dx.doi.org/10.1007/11427995_11}, author = {Ram Dantu and Cangussu, Jo{\~a}o and Turi, Janos} } @article {194, title = {Signaling System 7 (SS7) Message Transfer Part 2 (MTP2) - User Peer-to-Peer Adaptation Layer (M2PA)}, year = {2005}, author = {George, Tom and Bidulock, Brian and Ram Dantu and Schwarzbauer, Hanns and Morneault, Ken} } @article {183, title = {Technology and Policy in securing Voice over IP}, year = {2005}, month = {06/2005}, publisher = {2nd Workshop on Voice over IP Security}, address = {Washington, DC}, author = {Ram Dantu} } @article {193, title = {To Patch or Not to Patch}, year = {2005}, month = {04/2005}, pages = {48-49}, author = {Ram Dantu} } @article {192, title = {Top Ten Recommendations for PACS Security Implementation}, year = {2005}, month = {03/2005}, author = {Ram Dantu and Oosterwijk, Herman} } @conference {66, title = {Collaborative Vision Using Networked Sensors}, booktitle = {Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC{\textquoteright}04) Volume 2 - Volume 2}, year = {2004}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Washington, DC, USA}, abstract = {

Large numbers of sensors networked together form a powerful infrastructure for a wide variety of applications in health, military, home, manufacturing, and disaster areas. Networked video sensors over a geographical area can automatically detect the objects in that geographical area. However, real-time central processing of the large amount of data generated by the individual image sensors places significant demands on the bandwidth and the central processor. In this paper, we address this issue by introducing a novel concept of super-sensor that is based on selforganization and collaboration between several tens of sensors. As an example, we describe a histogram calculation that uses recursive doubling for global collaboration between sensors. We compare the performance of our networked super-sensor with conventional image processing algorithms run on a single processor

}, isbn = {0-7695-2108-8}, url = {http://dl.acm.org/citation.cfm?id=977403.978444}, author = {Ram Dantu and Joglekar, Sachin} } @conference {48, title = {Data centric modeling of environmental sensor networks}, booktitle = {Global Telecommunications Conference Workshops, 2004. GlobeCom Workshops 2004. IEEE}, year = {2004}, month = {Nov}, abstract = {

Meteorological and hydrological sensors deployed over several hundred kilometers of geographical area comprise an environmental sensor network. Large amounts of data need to be processed in minimal time and transmitted over the available low speed and low bandwidth links. This paper describes algorithms for optimal data collection and data fusion. An inductive model using exponential back-off policy is used to collect optimal amount of data. The data measurements for temperature, pH and specific conductance collected for a year from the sensors deployed at Lake Lewisville are used to test the inductive model. Energy savings of 90\% are achieved even with 1\% of degree of tolerance. The problem of data fusion is addressed by the introduction of a novel concept of a super-sensor, based on self-organization and collaboration among sensors. A histogram application is described that uses recursive doubling for global collaboration between sensors. The performance of the networked super-sensor in comparison to a centralized polling approach is analyzed for optimality on two different geographical areas.

}, keywords = {Bandwidth, biosensors, data centric modeling, data fusion, environmental sensor network, exponential back-off policy, Histograms, hydrological sensor, International collaboration, Lakes, meteorological, Meteorology, networked super-sensor, optimal data collection, sensor fusion, Sensor phenomena and characterization, Temperature measurement, temperature sensors, Testing}, doi = {10.1109/GLOCOMW.2004.1417621}, author = {Ram Dantu and Abbas, Kaja and O{\textquoteright}Neill, Marty and Mikler, Armin} } @article {187, title = {Differences between VoIP and Data Security}, year = {2004}, month = {09/2004}, publisher = {Internet2 workshop on VoIP}, address = {Austin, Texas, USA}, author = {Ram Dantu} } @conference {19, title = {Dynamic Control of Worm Propagation}, booktitle = {Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC{\textquoteright}04) Volume 2 - Volume 2}, year = {2004}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Washington, DC, USA}, isbn = {0-7695-2108-8}, url = {http://dl.acm.org/citation.cfm?id=977403.978411}, author = {Ram Dantu and Cangussu, Jo{\~a}o and Yelimeli, Arun} } @article {6, title = {Forwarding and Control Element Separation (ForCES) Framework}, year = {2004}, month = {04/2004}, publisher = {RFC Editor}, issn = {2070-1721}, author = {Yang, L and Ram Dantu and Anderson, Todd and Gopal, Ram} } @conference {11, title = {Risk Management Using Behavior Based Attack Graphs}, booktitle = {Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC{\textquoteright}04) Volume 2 - Volume 2}, year = {2004}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Washington, DC, USA}, abstract = {

Security administration is an uphill task to implement inan enterprise network providing secured corporateservices. With the slew of patches being released byMicrosoft, HP and other vendors, system administratorsrequire a barrage of tools for analyzing the risk due tothese vulnerabilities. In addition to this, criticalities inpatching some end hosts (eg., in hospitals) raises serioussecurity issues about the network to which the end hostsare connected. In this context, it would be imperative toknow the risk level of all critical resources (e.g., OracleServer in HR department) keeping in view the everydayemerging new vulnerabilities. We hypothesize thatsequence of network actions by an attacker depends onthe social behavior (e.g., skill level, tenacity, financialability). By verifying our hypothesis on hacker emailcommunications, we extended this methodology andcalculated risk level for a small network. Towards thisgoal, we formulated a mechanism to estimate the risklevel of critical resources that may be compromisedbased on attacker behavior. This estimation isaccomplished using behavior based attack graphs. Thesegraphs represent all the possible attack paths to all thecritical resources. Based on these graphs, we calculatethe risk level of a critical resource using Bayesianmethodology and periodically update the subjectivebeliefs about the occurrence of an attack Such acalculated risk level would be a measure of thevulnerability of the resource and it forms an effectivebasis for a system administrator to perform suitablechanges to network configuration. Thus suitablevulnerability analysis and risk management strategiescan be formulated to efficiently curtail the risk fromdifferent types of attacker (script kiddies, hackers,criminals and insiders).

}, isbn = {0-7695-2108-8}, url = {http://dl.acm.org/citation.cfm?id=977403.978389}, author = {Ram Dantu and Loper, Kall and Kolan, Prakash} } @article {188, title = {Survey on Hospital Network Security and Privacy}, year = {2004}, month = {08/2004}, publisher = {Barco Ltd}, author = {Ram Dantu and Oosterwijk, Herman} } @article {190, title = {VoIP: Are We Secured}, year = {2004}, month = {06/2004}, publisher = {VoIP: Are We Secured}, address = {Plano, TX, USA}, author = {Ram Dantu} } @article {189, title = {VoIP Security}, year = {2004}, month = {07/2004}, publisher = {Annual DFW Secret Service Agents Meeting}, address = {Dallas, Texas, USA}, author = {Ram Dantu} } @article {191, title = {VoIP Security}, year = {2004}, month = {05/2004}, publisher = {3rd Annual Dallas Wireless Security Conference}, address = {Dallas, Texas, USA}, author = {Ram Dantu} } @article {229, title = {Requirements for Separation of IP Control and Forwarding}, year = {2003}, month = {11/2003}, publisher = {RFC Editor}, abstract = {

This document introduces the Forwarding and Control Element\ Separation (ForCES) architecture and defines a set of associated\ terminology.\  This document also defines a set of architectural,\ modeling, and protocol\ requirements to logically separate the control\ and data forwarding planes of an IP (IPv4, IPv6, etc.) networking\ device.

}, author = {Anderson, Todd and Bowen, Ed and Ram Dantu and Doria, Avri and Gopal, Ram and Salim, Jamal and Khosravi, Hormuzd and Minhazuddin, Muneyb and Wasserman, Margaret} } @article {279, title = {Constraint-Based Label Switched Path Setup using Label Distribution Protocol}, year = {2002}, url = {https://tools.ietf.org/html/rfc3212}, author = {Andersson, Loa and Callon, Ross and Ram Dantu and Doolan, Paul and Feldman, Nancy and Fredette, Andre and Gray, Eric and Heinanen, Juha and Jamoussi, Bilel and Kilty, Timothy and Malis, Andrew and Girish, Muckai and Worster, Tom and Wu, Liwen} } @article {280, title = {Signaling System 7 (SS7) Message Transfer Part 2 (MTP2) - User Adaptation Layer}, year = {2002}, url = {https://tools.ietf.org/html/rfc3331}, author = {Morneault, Ken and Ram Dantu and Sidebottom, Greg and Bidulock, Brian and Heitz, Jacob} } @article {299, title = {System and method for packet level distributed routing in fiber optic rings}, year = {2001}, month = {03/2001}, publisher = {Alcatel USA Sourcing LP}, abstract = {

IP user traffic is transporting over a fiber optic ring network that includes a plurality of fiber optic ring network nodes. One (108) ring is for conducting the user traffic on a working path and the other ring (110) is for conducting the same user traffic on a protection path in the event of a failure in a communication link in the first ring on a protection path. A central node (300) is coupled to a plurality of nodes (312, 316, 320) to provide forwarding tables and updates to the nodes (312, 316, 320). As a result, IP traffic may be routed through the fiber optic ring network in a manner that provides fast switching from a working path to a protection path to minimize lost data packets whenever a communication link in the working path fails. Additionally, this capability is provided without requiring each node to have full IP routing capability. The forwarding tables (308) for the protection and working paths provide for path routes and forwarding for the packets on a packet by packet basis. Accordingly, a ring may serve as both a working path and a protection path according to the origin and destination of the data packets traveling thereon. Additionally, the central node (300) is adapted to generate multiple forwarding tables (308) to accommodate packet by packet forwarding in a network created to support virtual private networks. The forwarding tables (308) also are set up to support multicast transmissions of data packets.

}, issn = {EP1083696 (A2)}, url = {https://worldwide.espacenet.com/publicationDetails/biblio?FT=D\&date=20010314\&DB=\&locale=en_EP\&CC=EP\&NR=1083696A2\&KC=A2\&ND=4}, author = {Ram Dantu and O{\textquoteright}Connell, Pete} } @article {275, title = {Parallel algorithms for low-level vision on the homogeneous multiprocessor}, journal = {Computers \& Electrical Engineering}, volume = {20}, year = {1994}, pages = {51 - 60}, abstract = {

In this work, we present the parallel implementation of three low-level vision algorithms, namely smoothing, histogram generation and edge detection by using the Sobel operator on the Homogeneous Multiprocessor. These algorithms were run on the simulator specifically developed for the Homogeneous Multiprocessor and the simulation experiments were used to establish the performance of these algorithms on the proposed architecture.

}, keywords = {Computer architecture, image processing, MIMO architecture, Multiprocessing, pattern recognition, vision}, issn = {0045-7906}, doi = {https://doi.org/10.1016/0045-7906(94)90006-X}, url = {http://www.sciencedirect.com/science/article/pii/004579069490006X}, author = {Ram Dantu and Dimopoulos, Nikitas and Li, Kinfu and Patel, Rajni and Al-Khalili, Asim} } @article {276, title = {Depth perception using blurring and its application in VLSI wafer probing}, journal = {Machine Vision and Applications}, volume = {5}, year = {1992}, month = {12/1992}, pages = {35{\textendash}45}, abstract = {

In this paper, we present a technique for measuring the amount of blur of an edge and using this information to determine the distance of a micromanipulator probe from a wafer surface in very large scale integration (VLSI) wafer probing. In this application, a soft and reliable touch of the probe with a metal pad in the wafer is a sensitive operation. The wafer is focused and several images of the probe while approaching the wafer are analyzed. In our theory, the amount of blur is calculated from the height of the step edge and the slope of the intensity profile at the zero crossing. Hence, our formula is simple and easy to use. We estimate the distance of the probe from the surface of the wafer and obtain a robust measure, i.e., one which is valid even in the presence of significant noise in the images. In order to validate our methods, we have experimented with various VLSI patterns as backgrounds.

}, issn = {1432-1769}, doi = {10.1007/BF01213528}, url = {https://doi.org/10.1007/BF01213528}, author = {Ram Dantu and Dimopoulos, Nikitas and Patel, Rajni and Al-Khalili, Asim} } @booklet {283, title = {Vision Algorithms For VLSI Wafer Probing}, year = {1990}, abstract = {

This paper deals with an important problem encountered in automating VLSI wafer probing. In this automation, vision is used for accurately guiding and lowering a probe to make contact with the wafer. In this paper, we discuss various algorithms used in measurement of the distance of the micro-manipulator from the wafer surface. In particular, we describe algorithms for alignment of consecutive frames of the wafer, separation of probe and wafer regions, and getting a clean image of the probe by eliminating traces of the background patterns. We also describe a three-level procedure for obtaining the proximity of the probe from the wafer. These algorithms are verified with the experimental data.

}, doi = {10.1117/12.969934}, url = {https://doi.org/10.1117/12.969934}, author = {Ram Dantu and Patel, Rajni and Dimopoulos, Nikitas and Al-Khalili, Asim} } @article {277, title = {Micromanipulator vision for wafer probing}, journal = {IEEE Transactions on Semiconductor Manufacturing}, volume = {2}, year = {1989}, month = {08/1989}, pages = {114-117}, abstract = {

An overview is presented of a micromanipulator vision system for use in automating various functions during the testing of a wafer for semiconductor parameters and inspection of VLSI circuits. It is assumed that the wafer under test is not necessarily in its proper orientation. It is required that certain probes be lowered automatically onto certain pads to inject test vectors and to read the results for analysis. A methodology was developed for determining the position (especially the vertical distance from the target) of the tip of a probe, so that it can be guided accurately to its target pad. Standard image processing steps used for efficient feature extraction and registration of the target integrated circuit are outlined, and a method of obtaining the vertical distance of the tip of a probe from its target pad is presented. Two different criteria through which it can be established whether a probe is in contact with its target are given. The algorithm developed was tested for touch using different types of tips such as tungsten and tungsten carbide, and with NMOS and CMOS processes. Clean and accurate representations of the probes were extracted from integrated images in all the tests, and in all cases, touch was achieved without the surface being scratched

}, keywords = {Automatic testing, automating various functions, Circuit testing, CMOS processes, computer vision, computerised picture processing, efficient feature extraction, image processing steps, Inspection, inspection of VLSI circuits, Machine vision, micromanipulator vision system, Micromanipulators, NMOS ICs, overview, Probes, registration, Semiconductor device testing, System testing, Tungsten, vertical distance, Very large scale integration, VLSI, W tip, wafer probing, WC tip}, issn = {0894-6507}, doi = {10.1109/66.29680}, author = {Ram Dantu and Dimopoulos, Nikitas and Patel, Rajni and Al-Khalili, Asim} } @conference {284, title = {A micro-manipulator vision in IC Manufacturing}, booktitle = {Proceedings. 1988 IEEE International Conference on Robotics and Automation}, year = {1988}, month = {Apr}, abstract = {

An overview is presented of a micromanipulator vision system for use in automating various functions during the testing of a wafer for semiconducting parameters and inspection of VLSI circuits. Positioning the probe and touching a test pad are the chief concern of the work desired. A brief description of the experimental setup is given. The image processing techniques used in identifying and controlling the location of various components such as the probes and the test pads are discussed. The vision modules and an expert system using hierarchical plan generation to control the sequence of plans are included

}, keywords = {Automatic testing, Circuit testing, computer vision, computer vision module, computerised pattern recognition, expert system, expert systems, IC Manufacturing, image processing, industrial robots, Inspection, integrated circuit manufacture, integrated circuit testing, Machine vision, Manufacturing, micromanipulator vision, Micromanipulators, Probes, robots, Semiconductivity, Semiconductor device manufacture, Semiconductor device testing, System testing, test pads, VLSI, wafer testing}, doi = {10.1109/ROBOT.1988.12271}, author = {Ram Dantu and Dimopoulos, Nikitas and Patel, Rajni and Al-Khalili, Asim} }