Posts in Security

A Signal Injection Attack Against Zero Involvement Pairing and Authentication for the Internet of Things

Zero Involvement Pairing and Authentication (ZIPA) is a technique for automatically provisioning large networks of Internet-of-Things (IoT) devices with no user involvement. Prior ZIPA work generally assumes that the environment used for pairing is sufficiently isolated from external, adversarial signals. In our DESTION 2024 paper (see Citation below), we present the first signal-injection attack capable of influencing ZIPA-based key generation, demonstrating that these assumptions can fail in realistic settings.

Read more ...


SingleAdv: Targeted Adversarial Attacks on Interpretable Deep Learning (IEEE TIFS 2024)

This paper was led by Elmurod Abdukhamidov and Mohammed Abuhamad (Hanyang University, Korea), with Hyoungshick Kim and Tamer Abuhmed as co-leads. I am one of the key leaders of this research project, contributing to the threat modeling and evaluation design. The work appeared in IEEE Transactions on Information Forensics and Security.

Read more ...