Manar Mohamed scite author profile

This paper illustrates the application of mobile and wireless technologies for estimating the severity of Parkinson Disease symptoms, and performing a personalized drug administration to PD patients. The measurements of patient finger pressures on the screen of a smart phone, translated into analogue voltage and digital bits, are taken by an Android App. The computations performed through Fast Fourier Transformations (FFT) and Reaction and Movement time, enable the calculation of the severity of the PD symptoms, which results in an appropriate drug administration for that patient, at the moment when the measurement of patient finger pressures is taken. The novelty of this research is twofold. It allows a high level of personalization in PD treatment and uses modern technologies to bring new solutions in the field of drug administration to PD patients.

show abstract

Dynamic Cognitive Game CAPTCHA Usability and Detection of Streaming-Based Farming

Mohamed¹,

Gao²,

Saxena³

et al. 2014

View full text Add to dashboard Cite

CAPTCHAs are a widely deployed mechanism to distinguish a legitimate human user from a computerized program trying to abuse online services. Attackers, however, have devised a clever and an economical way to bypass the security provided by CAPTCHAs by simply relaying CAPTCHA challenges to remote human-solvers. Most existing varieties of CAPTCHAs are completely vulnerable to such relay attacks, routinely executed in the wild. Dynamic Cognitive Game (DCG) CAPTCHAs are an upcoming CAPTCHA category which require the user to play a simple moving object matching game. Due to the dynamic and interactive nature of the underlying games, DCG CAPTCHAs may offer resistance to relay attacks. In this paper, we focus on a streaming-based DCG CAPTCHA relay attack whereby the game frames and responses are simply streamed between the attacker and a human-solver. We present a mechanism for detecting such a streaming-enabled game captcha farming based on realtime game statistics, such as play duration, mouse clicks and incorrect drags, fed to machine learning detection algorithms. To demonstrate the feasibility of our detection mechanism, we report on a three-dimensional study measuring: (1) the performance of legitimate DCG CAPTCHA users, (2) the performance of remote human-solvers in a DCG CAPTCHA streaming attack, and (3) the performance of gameplay behavioral features and machine learning classifiers in distinguishing human-solvers in a streaming attack from legitimate users. Our results show that it is possible to detect the streaming-based relay attack against many instances of DCG CAPTCHAs with a high overall accuracy (low false negatives and false positives). Broadly, DCG CAPTCHAs appear to be one of the first CAPTCHA schemes that enable reliable detection of relay attacks. Permission to freely reproduce all or part of this paper for noncommercial purposes is granted provided that copies bear this notice and the full citation on the first page. Reproduction for commercial purposes is strictly prohibited without the prior written consent of the Internet Society, the first-named author (for reproduction of an entire paper only), and the author's employer if the paper was prepared within the scope of employment.

show abstract

ZEMFA: Zero-Effort Multi-Factor Authentication based on Multi-Modal Gait Biometrics

Shrestha

Mohamed

Saxena

2019

View full text Add to dashboard Cite

Zero-interaction authentication (ZIA) refers to a form of user-transparent login mechanism using which a terminal (e.g., a desktop computer) can be unlocked by the mere proximity of an authentication token (e.g., a smartphone). Given its appealing usability, ZIA has already been deployed in many real-world applications. However, ZIA contains one major security weakness -unauthorized physical access to the token, e.g., during lunch-time or upon theft, allows the attacker to have unfettered access to the terminal. In this paper, we address this gaping vulnerability with ZIA systems by (un)locking the authentication token with the user's walking pattern as she approaches the terminal to access it. Since a user's walking or gait pattern is believed to be unique, only that user (no imposter) would be able to unlock the token to gain access to the terminal in a ZIA session. While walking-based biometrics schemes have been studied in prior literature for other application settings, our main novelty lies in the careful use of: (1) multiple sensors available on the current breed of devices (e.g., accelerometer, gyroscope and magnetometer), and (2) multiple devices carried by the user (in particular, an "in-pocket" smartphone and a "wrist-worn" smartwatch), that all capture unique facets of user's walking pattern. Our contributions are three-fold. First, we introduce, design and implement WUZIA ("Walk-Unlock ZIA"), a multi-modal walking biometrics approach tailored to enhance the security of ZIA systems (still with zero interaction). Second, we demonstrate that WUZIA offers a high degree of detection accuracy, based on multisensor and multi-device fusion. Third, we show that WUZIA can resist active attacks that attempt to mimic a user's walking pattern, especially when multiple devices are used. IntroductionZero-interaction authentication (ZIA) [8] represents a rapidly emerging paradigm, in which a verifier device authenticates a prover device in physical proximity of the verifier while requiring no interaction by the user of the prover device. The user, carrying the prover, usually just walks towards the verifier and the verifier gets unlocked automatically. In this approach, the prover and verifier devices pre-share a security association, and simply execute a challenge-response based protocol for the verifier to authenticate the prover.

show abstract

A three-way investigation of a game-CAPTCHA

Mohamed

Sachdeva

Georgescu

et al. 2014

View full text Add to dashboard Cite

Emerging-Image Motion CAPTCHAs: Vulnerabilities of Existing Designs, and Countermeasures

Gao¹,

Mohamed²,

Saxena³

et al. 2019

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Manar Mohamed

SMASheD: Sniffing and Manipulating Android Sensor Data for Offensive Purposes

Dynamic Cognitive Game CAPTCHA Usability and Detection of Streaming-Based Farming

ZEMFA: Zero-Effort Multi-Factor Authentication based on Multi-Modal Gait Biometrics

A three-way investigation of a game-CAPTCHA

Emerging-Image Motion CAPTCHAs: Vulnerabilities of Existing Designs, and Countermeasures

Contact Info

Product

Resources

About