[C13]- Harnessing Vital Sign Vibration Harmonics for Effortless and Inbuilt XR User Authentication
[Tianfang Zhang, Qiufan Ji, Md Mojibur Rahman Redoy Akanda, Zhengkun Ye, Ahmed Tanvir Mahdad, Cong Shi, Yan Wang, Nitesh Saxena, Yingying Chen]
Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security(CCS 2025)

[C12]- Encryption Struggles Persist: When Tech-Savvy Students Face Challenges with PGP in Thunderbird
[ Md Imanul Huq, Ahmed Tanvir Mahdad, Nitesh Saxena]
22nd Annual International Conference on Privacy, Security, and Trust (PST 2025)

[C11]- Broken Access: On the Challenges of Screen Reader Assisted Two-Factor and Passwordless Authentication
[Md Mojibur Rahman Redoy Akanda, Ahmed Tanvir Mahdad, Nitesh Saxena]
The 2025 ACM Web Conference (WWW 2025)

[C10]- BPSniff: Continuously Surveilling Private Blood Pressure Information in theMetaverse via Unrestricted Inbuilt Motion Sensors
[Zhengkun Ye, Ahmed Tanvir Mahdad, Yan Wang, Cong Shi, Yingying Chen, Nitesh Saxena]
2025 IEEE Symposium on Security and Privacy (S&P, Oakland) (IEEE S&P 2025)

[C9]- Breaching Security Keys without Root: FIDO2 Deception Attacks via Overlays exploiting Limited Display Authenticators
[Ahmed Tanvir Mahdad, Mohammed Jubur and Nitesh Saxena]
2024 ACM SIGSAC Conference on Computer and Communications Security (CCS 2024)

[C8]- SAFARI: Speech-Associated Facial Authentication for AR/VR Settings via Robust VIbration Signatures
[Tianfang Zhang, Quifan Ji, Zhengkun Ye, Md Mojibur Rahman Redoy Akanda, Ahmed Tanvir Mahdad, Cong Shi, Yan Wang, Nitesh Saxena, Yingying Chen]
2024 ACM SIGSAC Conference on Computer and Communications Security (CCS 2024)

[C7]- Mobile Login Bridge: Subverting 2FA and Passwordless Authentication via Android Debug Bridge
[Ahmed Tanvir Mahdad and Nitesh Saxena]
21st Annual International Conference on Privacy, Security, and Trust (PST 2024)

[C6]- Breaking Mobile Notification-based Authentication with Concurrent Attacks Outside of Mobile Devices
[Ahmed Tanvir Mahdad, Mohammed Jubur and Nitesh Saxena]
29th ​Annual International Conference on Mobile Computing and Networking (Mobicom 2023) [Acceptance Rate: 24.4%]

[C5]- FaceReader: Unobtrusively Mining Vital Signs and Vital Sign Embedded Sensitive Info via AR/VR Motion Sensors
[Tianfang Zhang, Zhengkun Ye, Ahmed Tanvir Mahdad, Md Mojibur Rahman Redoy Akanda, Cong Shi, Yan Wang, Nitesh Saxena, Yingying Chen]
2023 ACM SIGSAC Conference on Computer and Communications Security (CCS 2023) [Acceptance Rate: 19.87%]

[C4]- EmoLeak: Smartphone Motions Reveals Emotions
[Ahmed Tanvir Mahdad, Cong Shi, Zhengkun Ye, Tianming Zhao, Yan Wang, Yingying Chen and Nitesh Saxena]
43rd IEEE International Conference on Distributed Computing Systems (ICDCS 2023) [Acceptance Rate: 18.9%]

[C3]- SoK: A Comprehensive Evaluation of 2FA-based Schemes in the Face of Active Concurrent Attacks from User Terminals
[Ahmed Tanvir Mahdad and Nitesh Saxena]
16th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2023) [Acceptance Rate: 25.37%]

[C2]- Defending against Thru-barrier Stealthy Voice Attacks via Cross-domain Sensing on Phoneme Sounds
[Cong Shi, Tianming Zhao, Wenjin Zhang, Ahmed Tanvir Mahdad , Zhengkun Ye, Yan Wang, Nitesh Saxena and Yingying Chen]
42nd IEEE International Conference on Distributed Computing Systems (ICDCS 2022) [Acceptance Rate: 19.9%]

[C1]- Analyzing the Security of OTP 2FA in the Face of Malicious Terminals
[Ahmed Tanvir Mahdad , Mohammed Jubur, Nitesh Saxena]
23rd International Conference on Information and Communication Security (ICICS 2021). [Acceptance Rate: 23.44%]

[J1]- Sound-based Two-factor Authentication: Vulnerabilities and Redesign
[Prakash Shrestha, Ahmed Tanvir Mahdad, and Nitesh Saxena]
ACM Transactions on Privacy and Security, Volume 27, Issue 1

[Arxiv1]- Earspy: Spying caller speech and identity through tiny vibrations of smartphone ear speakers
[Ahmed Tanvir Mahdad, Cong Shi, Zhengkun Ye, Tianming Zhao, Yan Wang, Yingying Chen and Nitesh Saxena]
arXiv preprint arXiv:2212.12151