Peer-reviewed Conference and Journal Papers
[P11]- BPSniff: Continuously Surveilling Private Blood Pressure Information in theMetaverse via Unrestricted Inbuilt Motion Sensors
[Zhengkun Ye, Ahmed Tanvir Mahdad, Yan Wang, Cong Shi, Yingying Chen, Nitesh Saxena]
2025 IEEE Symposium on Security and Privacy (S&P, Oakland) (IEEE S&P 2025)
[P10]- Breaching Security Keys without Root: FIDO2 Deception Attacks via Overlays exploiting Limited Display Authenticators
[Ahmed Tanvir Mahdad, Mohammed Jubur and Nitesh Saxena]
2024 ACM SIGSAC Conference on Computer and Communications Security (CCS 2024)
[P9]- SAFARI: Speech-Associated Facial Authentication for AR/VR Settings via Robust VIbration Signatures
[Tianfang Zhang, Quifan Ji, Zhengkun Ye, Md Mojibur Rahman Redoy Akanda, Ahmed Tanvir Mahdad, Cong Shi, Yan Wang, Nitesh Saxena, Yingying Chen]
2024 ACM SIGSAC Conference on Computer and Communications Security (CCS 2024)
[P8]- Mobile Login Bridge: Subverting 2FA and Passwordless Authentication via Android Debug Bridge
[Ahmed Tanvir Mahdad and Nitesh Saxena]
21st Annual International Conference on Privacy, Security, and Trust (PST 2024)
[P7]- Breaking Mobile Notification-based Authentication with Concurrent Attacks Outside of Mobile Devices
[Ahmed Tanvir Mahdad, Mohammed Jubur and Nitesh Saxena]
29th Annual International Conference on Mobile Computing and Networking (Mobicom 2023) [Acceptance Rate: 24.4%]
[P6]- Sound-based Two-factor Authentication: Vulnerabilities and Redesign
[Prakash Shrestha, Ahmed Tanvir Mahdad, and Nitesh Saxena]
ACM Transactions on Privacy and Security, Volume 27, Issue 1
[P5]- FaceReader: Unobtrusively Mining Vital Signs and Vital Sign Embedded Sensitive Info via AR/VR Motion Sensors
[Tianfang Zhang, Zhengkun Ye, Ahmed Tanvir Mahdad, Md Mojibur Rahman Redoy Akanda, Cong Shi, Yan Wang, Nitesh Saxena, Yingying Chen]
2023 ACM SIGSAC Conference on Computer and Communications Security (CCS 2023) [Acceptance Rate: 19.87%]
[P4]- EmoLeak: Smartphone Motions Reveals Emotions
[Ahmed Tanvir Mahdad, Cong Shi, Zhengkun Ye, Tianming Zhao, Yan Wang, Yingying Chen and Nitesh Saxena]
43rd IEEE International Conference on Distributed Computing Systems (ICDCS 2023) [Acceptance Rate: 18.9%]
[P3]- SoK: A Comprehensive Evaluation of 2FA-based Schemes in the Face of Active Concurrent Attacks from User Terminals
[Ahmed Tanvir Mahdad and Nitesh Saxena]
16th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2023) [Acceptance Rate: 25.37%]
[P2]- Defending against Thru-barrier Stealthy Voice Attacks via Cross-domain Sensing on Phoneme Sounds
[Cong Shi, Tianming Zhao, Wenjin Zhang, Ahmed Tanvir Mahdad , Zhengkun Ye, Yan Wang, Nitesh Saxena and Yingying Chen]
42nd IEEE International Conference on Distributed Computing Systems (ICDCS 2022) [Acceptance Rate: 19.9%]
[P1]- Analyzing the Security of OTP 2FA in the Face of Malicious Terminals
[Ahmed Tanvir Mahdad , Mohammed Jubur, Nitesh Saxena]
23rd International Conference on Information and Communication Security (ICICS 2021). [Acceptance Rate: 23.44%]
Preprints
[Arxiv1]- Earspy: Spying caller speech and identity through tiny vibrations of smartphone ear speakers
[Ahmed Tanvir Mahdad, Cong Shi, Zhengkun Ye, Tianming Zhao, Yan Wang, Yingying Chen and Nitesh Saxena]
arXiv preprint arXiv:2212.12151
Posters
[O2]- Poster: Unobtrusively Mining Vital Sign and Embedded Sensitive Info via AR/VR Motion Sensors
[Tianfang Zhang, Zhengkun Ye, Ahmed Tanvir Mahdad, Md Mojibur Rahman Redoy Akanda, Cong Shi, Nitesh Saxena, Yan Wang, Yingying Chen]
29th International Symposium on Theory, Algorithmic Foundations, and Protocol Design for Mobile Networks and Mobile Computing (MobiHoc 2023)
[O1]- Continuous Blood Pressure Monitoring Using Low-cost Motion Sensors on AR/VR Headsets
[Tianming Zhao, Zhengkun Ye, Tianfang Zhang, Cong Shi, Ahmed Tanvir Mahdad, Yan Wang, Yingying Chen, Nitesh Saxena]
20th ACM International Conference on Mobile Systems, Applications, and Services (MobiSys 2022)