Research
Conference Proceedings and Journal Articles
- J. Ceci, J. Stegman, and H. Khan.
No Privacy in the Electronics Repair Industry.
Accepted to appear at the 44th IEEE Symposium on Security and Privacy, 2023.
- J. Stegman, P. J. Trottier, C. Hillier, H. Khan, and
M. Mannan.
"My Privacy for their Security": Employees' Privacy Perspectives and Expectations when using Enterprise Security Software.
Accepted to appear at the 32nd USENIX Security Symposium, 2023.
- S. Habib, H. Khan, A. Hamilton-Wright, and U. Hengartner.
Revisiting the Security of Biometric Authentication Systems Against Statistical Attacks.
Accepted to appear in ACM Transactions on Privacy and Security, 2022.
- J. Chen, U. Hengartner, and H. Khan.
Sharing without Scaring: Enabling Smartphones to Become Aware of Temporary Sharing.
Proc. of 18th USENIX Symposium on Usable Privacy and Security (SOUPS), 2022.
- J. Ceci, H. Khan, U. Hengartner, and D. Vogel.
Concerned but Ineffective: User Perceptions, Methods, and Challenges when Sanitizing Old Devices for Disposal.
Proc. of 17th USENIX Symposium on Usable Privacy and Security (SOUPS), 2021.
- J. Chen, U. Hengartner, H. Khan, and
M. Mannan.
Chaperone: Real-time Locking and Loss Prevention for Smartphones.
Proc. of 29th USENIX Security Symposium, 2020.
- H. Khan, J. Ceci, J. Stegman,
A. J. Aviv, R. Dara, and
R. Kuber.
Widely Reused and Shared, Infrequently Updated, and Sometimes Inherited: A Holistic View of PIN Authentication in Digital Lives and Beyond. Proc. of 36th
Annual Computer Security Applications Conference (ACSAC), ACM,
2020.
- H. Khan,
U. Hengartner, and
D. Vogel.
Mimicry Attacks on Smartphone Keystroke Authentication. ACM
Transactions on Privacy and Security (TOPS), 23(1):2, ACM,
2020.
- H. Khan,
U. Hengartner, and
D. Vogel.
Augmented Reality-based Mimicry Attacks on Behaviour-Based Smartphone Authentication.
Proc. of 16th Annual International Conference on Mobile Systems, Applications, and Services (MobiSys), ACM, 2018.
- H. Khan,
U. Hengartner, and
D. Vogel.
Evaluating Attack and Defense Strategies for Smartphone PIN Shoulder Surfing.
Proc. of SIGCHI Annual Conference on Human Factors in Computing Systems (CHI), ACM, 2018.
- K. Grindrod, H. Khan, U. Hengartner, S. Ong, A. G. Logan,
D. Vogel, R. Gebotys, and J. Yang.
Evaluating Authentication Options for Mobile Health Applications in Younger and Older Adults.
PLoS One, 2018.
- H. Khan,
U. Hengartner, and
D. Vogel.
Targeted Mimicry Attacks on Touch Input Based Implicit Authentication Schemes.
Proc. of 14th Annual International Conference on Mobile Systems, Applications,
and Services (MobiSys), ACM, 2016.
- L. Agarwal, H. Khan, and
U. Hengartner.
Ask me Again but Don't Annoy me: Evaluating Re-authentication
Strategies for Smartphones. Proc. of 12th Symposium On Usable Privacy
and Security (SOUPS), Usenix, 2016.
- H. Khan,
U. Hengartner, and
D. Vogel.
Usability and Security Perceptions of Implicit Authentication: Convenient,
Secure, Sometimes Annoying. Proc. of 11th Symposium On Usable Privacy
and Security (SOUPS 2015), Usenix, 2015.
- H. Khan,
A. Atwater, and
U. Hengartner.
A Comparative Evaluation of Implicit Authentication Schemes. Proc.
of 17th International Symposium on Research in Attacks, Intrusions and
Defenses (RAID), Springer, 2014.
- H. Khan,
A. Atwater, and
U. Hengartner.
Itus: An Implicit Authentication Framework for Android. Proc. of 20th
Annual International Conference on Mobile Computing and Networking (MobiCom), ACM, 2014.
- H. Khan and
U. Hengartner.
Towards Application-Centric Implicit Authentication on Smartphones.
Proc. of 15th Workshop on Mobile Computing Systems and Applications (HotMobile), ACM, 2014.
-
S. Ali,
K. Wu, and H. Khan.
Traffic Anomaly Detection in the Presence of P2P Traffic. Proc.
of 39th IEEE Conference on Local Computer Networks (LCN), IEEE, 2014.
- M. Q. Ali,
E. Al-Shaer, H. Khan, and
S. A. Khayam.
Automated Anomaly Detector Adaptation using Adaptive Threshold Tuning. ACM
Transactions on Information and System Security (TISSEC), 15(4):17, ACM,
2013.
- R. Narayanan, S. Kotha, G. Lin, A. Khan, S. Rizvi, W. Javed, H. Khan,
and
S. A. Khayam.
Macroflows and Microflows: Enabling Rapid Network Innovation through a
Split SDN Data Plane. In European Workshop on Software Defined
Networking (EWSDN), IEEE, 2012.
- H. Khan,
M. Javed,
S. A. Khayam, and
F. Mirza.
Designing a Cluster-based Covert Channel to Evade Disk Investigation and
Forensics.Elsevier Computers & Security, 30(1):35-49, Elsevier,
2011.
-
S. Ali, H. Khan, M. Ahmad, and
S. A. Khayam.
Progressive Differential Thresholding for Network Anomaly Detection. Proc.
of International Conference on Communications (ICC), IEEE, 2011.
- H. Khan,
F. Mirza, and
S. A. Khayam.
Determining Malicious Executable Distinguishing Attributes and Low-Complexity
Detection. Springer Journal in Computer Virology, 7(2):95-105,
Springer 2011.
- I. U. Haq,
S. Ali, H. Khan, and
S. A. Khayam.
What is the Impact of P2P Traffic on Anomaly Detection? Proc.
of 13th International Symposium on Recent Advances in Intrusion Detection
(RAID), Springer, 2010.
- M. Q. Ali, H. Khan, A. Sajjad, and
S. A. Khayam.
On Achieving Good Operating Points on an ROC Plane using Stochastic Anomaly
Score Prediction. Proc. of 16th ACM Conference on Computer and
Communications Security (CCS), ACM, 2009.
- H. Khan, Y. Javed,
F. Mirza, and
S. A. Khayam.
Embedding a Covert Channel in Active Network Connections. Proc
of Global Communications Conference (GlobeCom), IEEE, 2009.
Posters
- H. Khan, K. Grindrod,
U. Hengartner, and
D. Vogel.
Evaluating Smartphone Authentication Schemes with Older Adults.
In 12th Symposium On Usable Privacy
and Security (SOUPS), Usenix, 2016.
-
A. Atwater, H. Khan, and
U. Hengartner.
Poster: When and How to Implicitly Authenticate Smartphone Users. In
21st ACM Conference on Computer and Communications Security (CCS), ACM,
2014.
-
F. Adamsky, H. Khan,
M. Rajarajan,
S. A. Khayam, and R. Jager.
Poster: Destabilizing BitTorrent's Clusters to Attack High Bandwidth Leechers. In
18th ACM Conference on Computer and Communications Security (CCS), ACM,
2011.
- H. Khan,
M. Javed,
F. Mirza, and
S. A. Khayam.
Evading Disk Investigation and Forensics using a Cluster-based Covert
Channel. In 16th ACM Conference on Computer and Communications
Security (CCS), ACM, 2009.