PlaceRaider Presented at NDSS 2013

We introduce PlaceRaider, a proof-of-concept mobile malware that exploits a smartphone’s camera and onboard sensors to reconstruct rich, 3D models of the victim’s indoor space using only opportunistically taken photos. Attackers can use these models to engage in remote reconnaissance and virtual theft of the victims’ environment. We substantiate this threat through human subject studies. Our paper was presented at the 20th Annual Network & Distributed System Security Symposium (NDSS) 2013. For more details, see the PlaceRaider project page.

Posted in Privacy

FRSP Award: ‘Vision for Privacy’

Profs. David Crandall and Apu Kapadia have been awarded  $50K of seed funding through the Faculty Research Support Program (FRSP) for their project titled Vision for Privacy: Privacy-aware Crowd Sensing using Opportunistic ImageryA variety of powerful and potentially transformative `visual social sensing’ applications could be created by aggregating together data from cameras and sensors on smartphones and emerging technologies such as augmented reality glasses (e.g., by Google Project Glass). These applications, however,  raise major privacy concerns because of the large amount of potentially private data that could be captured. This project investigates techniques to provide guarantees on privacy in the context of such applications. For more details, see our project page.

Posted in Privacy

Cachet Presented at CoNEXT 2012

We propose Cachet, a peer-to-peer social-network architecture that provides strong security and privacy guarantees. We leverage cryptographic techniques to protect the confidentiality of data, and design a hybrid structured-unstructured overlay paradigm where social contacts  act as trusted caches to help reduce the cryptographic as well as the communication overhead in the network. We presented our paper on Cachet at the 8th ACM International Conference on Emerging Networking Experiments and Technologies (CoNEXT) 2012. For more details, see the Cachet project page.

Posted in Privacy

Welcome

IMG_7278.jpg IMG_7278 (1)

The Privacy Lab is led by Prof. Apu Kapadia in the School of Informatics and Computing at Indiana University. Our goal is to advance research in online privacy, mobile security, and peer-to-peer systems. For an overview of our research, see our Research Projects and Publications pages. Visit the People page to see the faces behind our research.

Posted in Privacy

PERM Presented at CCS 2012

Some users may misbehave under the cover of anonymity by, e.g., defacing webpages on Wikipedia or posting vulgar comments on YouTube. To prevent such abuse, we have explored various anonymous credential schemes to revoke access for misbehaving users while maintaining their anonymity. Our latest scheme, PERM, supports millions of user sessions and makes ‘reputation-based blacklisting’ practical for large-scale deployments. Our paper on PERM was presented at the 19th ACM Conference on Computer and Communications Security. For more details see the accountable anonymity project page.

Posted in Privacy