NSF Award Search: Award # 1943351 - CAREER: A Holistic Context-based Approach for Security and Privacy in the Era of Ubiquitous Sensing and Computing

Award Abstract # 1943351

CAREER: A Holistic Context-based Approach for Security and Privacy in the Era of Ubiquitous Sensing and Computing

NSF Org:	CNS Division Of Computer and Network Systems
Recipient:	THE UNIVERSITY OF TEXAS AT SAN ANTONIO
Initial Amendment Date:	March 12, 2020
Latest Amendment Date:	April 18, 2023
Award Number:	1943351
Award Instrument:	Continuing Grant
Program Manager:	Karen Karavanic kkaravan@nsf.gov �(703)292-2594 CNS �Division Of Computer and Network Systems CSE �Direct For Computer & Info Scie & Enginr
Start Date:	June 1, 2020
End Date:	May 31, 2025�(Estimated)
Total Intended Award Amount:	$499,512.00
Total Awarded Amount to Date:	$395,839.00
Funds Obligated to Date:	FY 2020 = $93,218.00 FY 2021 = $101,816.00 FY 2022 = $98,344.00 FY 2023 = $102,461.00
History of Investigator:	Murtuza Jadliwala (Principal Investigator) murtuza.jadliwala@utsa.edu
Recipient Sponsored Research Office:	University of Texas at San Antonio 1 UTSA CIR SAN ANTONIO TX �US �78249-1644 (210)458-4340
Sponsor Congressional District:	20
Primary Place of Performance:	University of Texas at San Antonio TX �US �78249-1644
Primary Place of Performance Congressional District:	20
Unique Entity Identifier (UEI):	U44ZMVYU52U6
Parent UEI:	X5NKD2NFF2V3
NSF Program(s):	Secure &Trustworthy Cyberspace
Primary Program Source:	01002324DB�NSF RESEARCH & RELATED ACTIVIT 01002021DB�NSF RESEARCH & RELATED ACTIVIT 01002122DB�NSF RESEARCH & RELATED ACTIVIT 01002223DB�NSF RESEARCH & RELATED ACTIVIT
Program Reference Code(s):	025Z, 1045
Program Element Code(s):	806000
Award Agency Code:	4900
Fund Agency Code:	4900
Assistance Listing Number(s):	47.070

ABSTRACT

The phenomenal growth of ubiquitous sensing and computing devices such as smartphones, wearables and Internet-of-Things (IoT) enable exciting new applications that significantly improve the health, wellness, security and quality of life of our citizens. Sensors and actuators on-board these devices, however, can also be exploited to infer sensitive information about users or to compromise their safety and cyber security. Continued progress in sensor hardware, cloud and software (including, machine learning) technologies have caused new threats to emerge which current access control models and protection mechanisms are unable to address. One critical shortcoming of existing protection mechanisms is that they do not work across different types of sensors, applications and autonomous devices housing these sensors and applications. As applications on these devices operate in an isolated fashion, they are generally unaware of the holistic contextual information about users, often resulting in grave privacy threats. This project develops a new approach to expose and harness user context at multiple operational levels to protect against uncoordinated and unregulated sensing and actuation in mobile and IoT applications. The project's educational agenda is to develop a well-integrated and hands-on curriculum in mobile and IoT security and through community-focused educational summer camps, courses and training initiatives expose the curriculum to a diverse set of students and practitioners with varying skill-levels and backgrounds including San Antonio, TX area high school students, teachers, soldiers and veterans

The project plans to uncover new security and privacy risks in modern ubiquitous sensing and computing environments comprising of functionally heterogeneous and isolated sensors and applications and evaluate their feasibility in practical settings. To enable secure and privacy-preserving sensor access by applications, the project will design a novel framework that exposes and harnesses contextual information about users both at the device and network levels for achieving fine-grained and user-approved access control. The first design, called ConWare, will harness the exposed user context at the device level by defining user-approved access bindings between these contexts and the set of allowable sensing actions on that device within those contexts. The second design, called ConWareNet, will harness the exposed user context at the communication network level to regulate applications across an autonomous set of devices using similar user-approved bindings or policies. The project will also address the issue of preventing misuse of the exposed context and will design adaptation mechanisms for these frameworks to self-adjust in a dynamic sensing and actuation environment.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH

Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

Vinayaga-Sureshkanth, Nisha and Wijewickrama, Raveen and Maiti, Anindya and Jadliwala, Murtuza "An Investigative Study on the Privacy Implications of Mobile E-scooter Rental Apps" WiSec '22: Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks , 2022 https://doi.org/10.1145/3507657.3528551 Citation Details

Maiti, Anindya and Jadliwala, Murtuza "Smart Light-Based Information Leakage Attacks" GetMobile: Mobile Computing and Communications , v.24 , 2020 https://doi.org/10.1145/3417084.3417091 Citation Details

Maiti, Anindya and Jadliwala, Murtuza "Light Ears: Information Leakage via Smart Lights" Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies , v.3 , 2019 https://doi.org/10.1145/3351256 Citation Details

Wijewickrama, Raveen and Dohadwalla, Sameer Anis and Maiti, Anindya and Jadliwala, Murtuza and Narain, Sashank "SkinSense: Efficient vibration-based communications over human body using motion sensors" Internet of Things , v.23 , 2023 https://doi.org/10.1016/j.iot.2023.100835 Citation Details

Ramesh, Soundarya and Xiao, Rui and Maiti, Anindya and Lee, Jong Taek and Ramprasad, Harini and Kumar, Ananda and Jadliwala, Murtuza and Han, Jun. "Acoustics to the Rescue: Physical Key Inference Attack Revisited" 30th USENIX Security Symposium (USENIX Security 21) , 2021 Citation Details

Sabra, Mohd and Maiti, Anindya and Jadliwala, Murtuza "Background Buster: Peeking through Virtual Backgrounds in Online Video Calls" 2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) , 2022 https://doi.org/10.1109/DSN53405.2022.00058 Citation Details

Wijewickrama, Raveen and Maiti, Anindya and Jadliwala, Murtuza "Write to know: on the feasibility of wrist motion based user-authentication from handwriting" WiSec '21: Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks , 2021 https://doi.org/10.1145/3448300.3468290 Citation Details

Sabra, Mohd and Maiti, Anindya and Jadliwala, Murtuza "Zoom on the Keystrokes: Exploiting Video Calls for Keystroke Inference Attacks" Network and Distributed Systems Security (NDSS) Symposium 2021 , 2021 https://doi.org/10.14722/ndss.2021.23063 Citation Details

Kumari, Kavita and Rieger, Phillip and Fereidooni, Hossein and Jadliwala, Murtuza and Sadeghi, Ahmad-Reza "BayBFed: Bayesian Backdoor Defense for Federated Learning" 2023 IEEE Symposium on Security and Privacy (SP) , 2023 https://doi.org/10.1109/SP46215.2023.10179362 Citation Details

Please report errors in award information by writing to: awardsearch@nsf.gov.