Research

Conference Proceedings and Journal Articles

  • J. Chen, U. Hengartner, H. Khan, and M. Mannan. Chaperone: Real-time Locking and Loss Prevention for Smartphones. Proc. of 29th USENIX Security Symposium, 2020.
  • H. Khan, J. Ceci, J. Stegman, A. J. Aviv, R. Dara, and R. Kuber. Widely Reused and Shared, Infrequently Updated, and Sometimes Inherited: A Holistic View of PIN Authentication in Digital Lives and Beyond.  Proc. of 36th Annual Computer Security Applications Conference (ACSAC), ACM, 2020.
  • H. Khan, U. Hengartner, and D. Vogel. Mimicry Attacks on Smartphone Keystroke Authentication.  ACM Transactions on Privacy and Security (TOPS), 23(1):2, ACM, 2020.
  • H. Khan, U. Hengartner, and D. Vogel. Augmented Reality-based Mimicry Attacks on Behaviour-Based Smartphone Authentication. Proc. of 16th Annual International Conference on Mobile Systems, Applications, and Services (MobiSys 2018), ACM, 2018.
  • H. Khan, U. Hengartner, and D. Vogel. Evaluating Attack and Defense Strategies for Smartphone PIN Shoulder Surfing. Proc. of SIGCHI Annual Conference on Human Factors in Computing Systems (CHI 2018), ACM, 2018.
  • K. Grindrod, H. Khan, U. Hengartner, S. Ong, A. G. Logan, D. Vogel, R. Gebotys, and J. Yang. Evaluating Authentication Options for Mobile Health Applications in Younger and Older Adults. PLoS One, 2018.
  • H. Khan, U. Hengartner, and D. Vogel. Targeted Mimicry Attacks on Touch Input Based Implicit Authentication Schemes. Proc. of 14th Annual International Conference on Mobile Systems, Applications, and Services (MobiSys 2016), ACM, 2016.
  • L. Agarwal, H. Khan, and U. Hengartner. Ask me Again but Don't Annoy me: Evaluating Re-authentication Strategies for Smartphones. Proc. of 12th Symposium On Usable Privacy and Security (SOUPS 2016), Usenix, 2016.
  • H. Khan, U. Hengartner, and D. Vogel. Usability and Security Perceptions of Implicit Authentication: Convenient, Secure, Sometimes Annoying. Proc. of 11th Symposium On Usable Privacy and Security (SOUPS 2015), Usenix, 2015.
  • H. Khan, A. Atwater, and U. Hengartner. A Comparative Evaluation of Implicit Authentication Schemes. Proc. of 17th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2014), Springer, 2014.
  • H. Khan, A. Atwater, and U. Hengartner. Itus: An Implicit Authentication Framework for Android. Proc. of 20th Annual International Conference on Mobile Computing and Networking (MobiCom 2014), ACM, 2014.
  • H. Khan and U. Hengartner. Towards Application-Centric Implicit Authentication on Smartphones. Proc. of 15th Workshop on Mobile Computing Systems and Applications (HotMobile 2014), ACM, 2014.
  • S. Ali, K. Wu, and H. Khan. Traffic Anomaly Detection in the Presence of P2P Traffic. Proc. of 39th IEEE Conference on Local Computer Networks (LCN 2014), IEEE, 2014.
  • M. Q. Ali, E. Al-Shaer, H. Khan, and S. A. Khayam. Automated Anomaly Detector Adaptation using Adaptive Threshold Tuning. ACM Transactions on Information and System Security (TISSEC), 15(4):17, ACM, 2013.
  • R. Narayanan, S. Kotha, G. Lin, A. Khan, S. Rizvi, W. Javed, H. Khan, and S. A. Khayam. Macroflows and Microflows: Enabling Rapid Network Innovation through a Split SDN Data Plane. In European Workshop on Software Defined Networking (EWSDN), IEEE, 2012.
  • H. Khan, M. Javed, S. A. Khayam, and F. Mirza. Designing a Cluster-based Covert Channel to Evade Disk Investigation and Forensics.Elsevier Computers & Security, 30(1):35-49, Elsevier, 2011.
  • S. Ali, H. Khan, M. Ahmad, and S. A. Khayam. Progressive Differential Thresholding for Network Anomaly Detection. Proc. of International Conference on Communications (ICC), IEEE, 2011.
  • H. Khan, F. Mirza, and S. A. Khayam. Determining Malicious Executable Distinguishing Attributes and Low-Complexity Detection. Springer Journal in Computer Virology, 7(2):95-105, Springer 2011.
  • I. U. Haq, S. Ali, H. Khan, and S. A. Khayam. What is the Impact of P2P Traffic on Anomaly Detection? Proc. of 13th International Symposium on Recent Advances in Intrusion Detection (RAID), Springer, 2010.
  • M. Q. Ali, H. Khan, A. Sajjad, and S. A. Khayam. On Achieving Good Operating Points on an ROC Plane using Stochastic Anomaly Score Prediction. Proc. of 16th ACM Conference on Computer and Communications Security (CCS), ACM, 2009.
  • H. Khan, Y. Javed, F. Mirza, and S. A. Khayam. Embedding a Covert Channel in Active Network Connections. Proc of Global Communications Conference (GlobeCom), IEEE, 2009.

Posters

  • H. Khan, K. Grindrod, U. Hengartner, and D. Vogel. Evaluating Smartphone Authentication Schemes with Older Adults. In 12th Symposium On Usable Privacy and Security (SOUPS 2016), Usenix, 2016.
  • A. Atwater, H. Khan, and U. Hengartner. Poster: When and How to Implicitly Authenticate Smartphone Users. In 21st ACM Conference on Computer and Communications Security (CCS), ACM, 2014.
  • F. Adamsky, H. Khan, M. Rajarajan, S. A. Khayam, and R. Jager. Poster: Destabilizing BitTorrent's Clusters to Attack High Bandwidth Leechers. In 18th ACM Conference on Computer and Communications Security (CCS), ACM, 2011.
  • H. Khan, M. Javed, F. Mirza, and S. A. Khayam. Evading Disk Investigation and Forensics using a Cluster-based Covert Channel. In 16th ACM Conference on Computer and Communications Security (CCS), ACM, 2009.