The CaSPR Lab

The Cyber Security and PRivacy (CaSPR) lab was established in Miami in 2011 and is currently affiliated with the Knight Foundation School of Computing and Information Sciences at FIU. Our research addresses complex societal challenges, that include disinformation and censorship. We use diverse tools that include user studies, cryptography and AI to study online fraud, fake news and cyberabuse and develop effective defenses.

Publications

[IEEE TKDE] "Towards Deanonymization of Google Play Search Rank Fraud"
Mizanur Rahman, Nestor Hernandez, Duen Horng Chau, Bogdan Carbunar.
Accepted in the IEEE Transactions on Knowldge and Data Engineering, 2020. [pdf]

[Usenix Security] "Human Distinguishable Visual Key Fingerprints"
Mozhgan Azimpourkivi, Umut Topkara, Bogdan Carbunar.
Accepted in the 29th Usenix Security Symposium, Boston, August 2020. [pdf]

[ACM CCS] "The Art and Craft of Fraudulent App Promotion in Google Play"
Mizanur Rahman*, Nestor Hernandez*, Ruben Recabarren, Syed Ishtiaque Ahmed, Bogdan Carbunar. (* equally contributing authors).
In Proceedings of the 26th ACM Conference on Computer and Communications Security (CCS), London, November 2019. [pdf]

[PoPETS] "Tithonus: A Bitcoin Based Censorship Resilient System"
Ruben Recabarren, Bogdan Carbunar.
In Proceedings of the Privacy Enhancing Technologies Symposium (PoPETS), Stockholm, July 2019. [pdf]

[ACM CCS] "Fraud De-Anonymization for Fun and Profit"
Nestor Hernandez, Mizanur Rahman, Ruben Recabarren, Bogdan Carbunar.
In Proceedings of the 25th ACM Conference on Computer and Communications Security (CCS), October 2018. [pdf][acceptance rate = 16.6%]

[AAAI ICWSM] "AbuSniff: Automatic Detection and Defenses Against Abusive Facebook Friends"
Sajedul Talukder and Bogdan Carbunar.
In Proceedings of the 12th International AAAI Conference on Web and Social Media (ICWSM), Stanford, June 2018. [pdf][full paper acceptance rate = 16%]

[ACM Hypertext] "Search Rank Fraud De-Anonymization in Online Systems"
Mizanur Rahman, Nestor Hernandez, Bogdan Carbunar, Duen Horng Chau.
In Proceedings of the 29th ACM Conference on Hypertext and Social Media (HT), Baltimore, July 2018. [pdf]

2017

[ACSAC] "A Secure Mobile Authentication Alternative to Biometrics"
Mozhgan Azimpourkivi, Umut Topkara, Bogdan Carbunar.
In Proceedings of the ACM Annual Computer Security Applications Conference (ACSAC), Orlando, December 2017. [pdf] [project page]

[ACM Ubicomp and ACM IMWUT] "Camera Based Two Factor Authentication Through Mobile and Wearable Devices"
Mozhgan Azimpourkivi, Umut Topkara, Bogdan Carbunar.
In Proceedings of the ACM Joint Conference on Pervasive and Ubiquitous Computing (Ubicomp), Maui, September 2017 and
In Proceedings of ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies (IMWUT), Volume 1, Issue 3, September 2017. [pdf] [project page]
Some of the media coverage: [Slashdot] [The Register] [CyberScoop] [BleepingComputer] [The Verge] [ZDNet] [SDTimes] [PCMag] [SecurityIntelligence]

[IEEE TCSS] "A Longitudinal Study of Google Play"
Rahul Potharaju, Mizanur Rahman, Bogdan Carbunar.
IEEE Transactions on Computational Social Systems (TCSS), Volume 4, Issue 3, September 2017. [pdf]

[ACM WebSci] "Stateless Puzzles for Real Time Online Fraud Preemption"
Mizanur Rahman, Ruben Recabarren, Bogdan Carbunar, Dongwon Lee.
Proceedings of the ACM Web Science Conference (WebSci), Troy NY, June 2017. [pdf]

IEEE TMC "Video Liveness for Citizen Journalism: Attacks and Defenses"
Mahmudur Rahman, Mozhgan Azimpourkivi, Umut Topkara, Bogdan Carbunar.
IEEE Transactions on Mobile Computing (TMC), Volume 16, Issue 11, November 2017. [pdf]

[PoPETS] "Hardening Stratum, the Bitcoin Pool Mining Protocol"
Ruben Recabarren, Bogdan Carbunar.
Proceedings of the Privacy Enhancing Technologies Symposium (PoPETS), Issue 3, Minneapolis, July 2017. [pdf]

[IEEE TKDE] "Search Rank Fraud and Malware Detection in Google Play"
Mahmudur Rahman, Mizanur Rahman, Bogdan Carbunar, Duen Horng (Polo) Chau.
IEEE Transactions on Knowledge and Data Engineering (TKDE), Volume 29, Issue 6, June 2017. [pdf]

2016

[IEEE SECON] "GeoPal: Friend Spam Detection in Social Networks Using Private Location Proofs"
Bogdan Carbunar, Mizanur Rahman, Mozhgan Azimpourkivi, Debra Davis.
In Proceedings of IEEE International Conference on Sensing, Communication and Networking (SECON), London, June 2016. [pdf]

[SIAM SDM] "FairPlay: Fraud and Malware Detection in Google Play"
Mahmudur Rahman, Mizanur Rahman, Bogdan Carbunar, Duen Horng Chau.
In Proceedings of the SIAM International Conference on Data Mining (SDM), Miami, May 2016. [pdf]

[IEEE TMC] "Movee: Video Liveness Verification for Mobile Devices with Built-in Motion Sensors"
Mahmudur Rahman, Umut Topkara, Bogdan Carbunar.
IEEE Transactions on Mobile Computing (TMC), Volume 15, Number 5, May 2016 [pdf]

[IEEE TMC] "Secure Management of Low Power Fitness Trackers"
Mahmudur Rahman, Bogdan Carbunar, Umut Topkara.
IEEE Transactions on Mobile Computing (TMC), Volume 15, Number 2, February 2016. [pdf]

2015

[PATENT] "Caching Content"
Bogdan Carbunar, Michael Pearce, Venugopal Vasudevan, Loren J. Rittle, Michael Needham.
US 9,154,811, Issued October 2015.

[ACM CSUR] "In-Network Trajectory Privacy Preservation"
Mingming Guo, Xinyu Jin, Niki Pissinou, Sebastian Zanlogo, Bogdan Carbunar, S.S. Iyengar.
ACM Computing Surveys (CSUR), Volume 48, Issue 2, October 2015. [pdf]

[IEEE/ACM ASONAM] "A Longitudinal Study of the Google App Market"
Bogdan Carbunar, Rahul Potharaju.
In Proceedings of the IEEE/ACM International Conference on Advances in Social Network Analysis and Mining (ASONAM) [full paper acceptance rate=18%], Paris, August, 2015. [pdf]

[ACM WiSec] "Liveness Verifications for Citizen Journalism Videos"
Mahmudur Rahman, Mozhgan Azimpourkivi, Umut Topkara, Bogdan Carbunar.
In Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) [acceptance rate=19%], New York City, June, 2015. [pdf]

[Wiley SAM] "To Catch a Fake: Curbing Deceptive Yelp Ratings and Venues"
Mahmudur Rahman, Bogdan Carbunar, Jaime Ballesteros, Duen Horng (Polo) Chau.
Statistical Analysis and Data Mining, Volume 8, Issue 3, Wiley, Pang-Ning Tan and Arindam Banerjee, editors (invited), 2015. [Preliminary version]

[Springer Book Chapter] "Infiltrating Social Network Accounts: Accounts and Defenses"
Rahul Potharaju, Bogdan Carbunar, Mozhgan Azimpourkivi, Venugopal Vasudevan, S.S. Iyengar.
Book chapter in "Secure System Design and Trustable Computing", Springer International Publishing, Editors C.-H. Chang and M. Potkonjak. ISBN 978-3-319-14970-7, 2015.
2014

[PATENT] Method and apparatus for transferring content.
Bogdan Carbunar, Michael Pearce, Venugopal Vasudevan, Loren J. Rittle, Michael Needham.
US 8,925,022, Issued December 2014

[IEEE TPDS] "Towards Safe Cities: A Mobile and Social Networking Approach"
Jaime Ballestores, Bogdan Carbunar, Mahmudur Rahman, Naphtali Rishe, S.S. Iyengar.
IEEE Transactions on Parallel and Distributed Systems (TPDS), Volume 25, Issue 9, 2014. [pdf] [supplemental material]

[IEEE ICNP] "Concise Paper: SensCrypt: A Secure Protocol for Managing Low Power Fitness Trackers"
Mahmudur Rahman, Bogdan Carbunar, Umut Topkara.
In Proceedings of the 22nd IEEE International Conference on Network Protocols (ICNP), [acceptance rate=18.99\%], Raleigh, North Carolina, October 2014. [pdf] Media Coverage: [Nature News] [Pittsburgh Post-Gazette] [Security Ledger] [GigaOm] [L'Atelier] [Daily Mail] [Mocana]

[IEEE TMC] "Private Badges for GeoSocial Networks"
Bogdan Carbunar, Radu Sion, Rahul Potharaju, Moussa Ehsan.
IEEE Transactions on Mobile Computing (TMC), Volume 13, Issue 10, October 2014. [pdf]

[IEEE TIFS] "ProfilR: Toward Preserving Privacy and Functionality in GeoSocial Networks"
Bogdan Carbunar, Mahmudur Rahman, Jaime Ballesteros, Naphtali Rishe, Athanasios V. Vasilakos.
IEEE Transactions on Information Forensics and Security (TIFS), Volume 9, Issue 4, 2014. [pdf]

[SIAM SDM] Best Student Paper Award!
"Turning the Tide: Curbing Deceptive Yelp Behaviors"
Mahmudur Rahman, Bogdan Carbunar, Jaime Ballesteros, George Burri, Duen Horng (Polo) Chau.
In Proceedings of the SIAM International Conference on Data Mining (SDM) [acceptance rate=15.4\%], Philadelphia, April 2014. [pdf]

[REUNS] "GeoFit: Verifiable Fitness Challenges"
Ian Michael Terry, Anita Wu, Sebastian Ramirez, Alex Pissinou Makki, Leonardo Bobadilla, Niki Pissinou, S.S. Iyengar, Bogdan Carbunar.
In Proceedings of the First National Workshop for REU Research in Networking and Systems (REUNS), Philadelphia, October 2014.

2013

[IEEE Communications] "A Survey of Privacy Vulnerabilities and Defenses in GeoSocial Networks"
Bogdan Carbunar, Mahmudur Rahman, Niki Pissinou, Athanasios V. Vasilakos.
In the IEEE Communications Magazine, Volume 15, Issue 11, 2013. [pdf]

[ACSAC] "Seeing is Not Believing: Visual Verifications through Liveness Analysis using Mobile Devices"
Mahmudur Rahman, Umut Topkara, Bogdan Carbunar.
In Proceedings of the 29th Annual Computer Security Applications Conference (ACSAC) [acceptance rate=19%], New Orleans, December 2013. [pdf]

[HotPOST@ICDCS] [Best Paper Award !]
"Yelp Events: Building Bricks Without Clay?"
Jaime Ballesteros, Bogdan Carbunar, Mahmudur Rahman, Naphtali Rishe.
In Proceedings of the 5th International Workshop on Hot Topics in Peer-to-peer Computing and Online Social Networks (HotPOST), July 2013. [pdf]

[ACM TOMM][Nicholas D. Georganas Best Paper Award!] "A Framework for Network Aware Caching for Video on Demand Systems"
Bogdan Carbunar, Rahul Potharaju, Michael Pearce, Venugopal Vasudevan, Michael Needham.
ACM Transactions on Multimedia Computing, Communications and Applications (TOMM), Volume 9, Issue 4. [pdf]

2012

[IEEE HASP] "Continuous Remote Mobile Identity Management Using Biometric Integrated Touch-Display".
Tao Feng, Ziyi Liu, Bogdan Carbunar, Daining Boumber, Weidong Shi.
Proceedings of the IEEE Micro Workshop on Hardware and Architectural Support for Security and Privacy (HASP).
Vancouver, December 2012. [pdf]

[ACM GIS] "Private Location Centric Profiles for GeoSocial Networks".
Bogdan Carbunar, Mahmudur Rahman, Jaime Ballesteros, Naphtali Rishe.
In Proceedings of the 20th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems (GIS) - short paper.
Redondo Beach, CA, November 2012. [pdf]

[IEEE HST] "Continuous Mobile Authentication using Touchscreen Gestures".
Tao Feng, Ziyi Liu, Kyeong-An Kwon, Weidong Shi, Bogdan Carbunar, Yifei Jiang, Nhung Nguyen.
In Proceedings of the 12th IEEE Conference on Technologies for Homeland Security (HST), Waltham, MA, November 2012. [pdf]

[IEEE TKDE] "Toward Private Joins on Outsourced Data".
Bogdan Carbunar, Radu Sion.
IEEE Transactions on Knowledge and Data Engineering (TKDE), Volume 24, Number 8, 2012. [pdf]

[IEEE MASS] You Unlocked the Mt. Everest Badge on Foursquare! Countering Location Fraud in GeoSocial Networks.
Bogdan Carbunar, Rahul Potharaju.
To appear in the 9th IEEE International Conference on Mobile Ad hoc and Sensor Systems (MASS), Las Vegas, October 2012. [pdf]

[IEEE LCN] Safe Cities. A Participatory Sensing Approach.
Jaime Ballersteros, Mahmudur Rahman, Bogdan Carbunar, Naphtali Rishe.
To appear in the 37th IEEE Conference on Local Computer Networks (LCN) [acceptance rate=29%], Orlando, October 2012 [pdf]

[IEEE TIFS] "Tipping Pennies? Privately. Practical Anonymous Micropayments."
IEEE Transactions on Information Forensics and Security (TIFS), Volume 7, Issue 5, October 2012. [pdf] [technical report]

[ACNS] "The Shy Mayor: Private Badges in GeoSocial Networks".
Bogdan Carbunar, Radu Sion, Rahul Potharaju, Moussa Ehsan.
In Proceedings of the 10th International Conference on Applied Cryptography and Network Security (ACNS) [acceptance rate=17.1%], Singapore, June 2012 [pdf]

[IEEE WOWMOM] "Network Aware Caching for Video on Demand Systems".
Bogdan Carbunar, Rahul Potharaju, Michael Pearce, Venu Vasudevan.
In Proceedings of the 13th International Symposium on a World of Wireless, Mobile and Multimedia Networks (WOWMOM) [acceptance rate=22%], San Francisco, June 2012 [pdf]

[IEEE TPDS] "Payments for Outsourced Computations".
Bogdan Carbunar, Mahesh Tripunitara.
IEEE Transactions on Parallel and Distributed Systems (TPDS), Volume 23, Issue 2, 2012. [pdf] [technical report]

2011

[PATENT] Method and apparatus for synchronizing nodes.
Bogdan Carbunar, Shivajit Mohapatra, Michael Pearce, Loren J. Rittle, Venugopal Vasudevan.
US 8,073,014, Issued December 2011

[ACM GIS] "Private Geosocial Networking".
Bogdan Carbunar, Radu Sion.
In Proceedings of the 19th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems (GIS) - short paper. [pdf]

[TECH REPORT] "3 Clique Attacks in Online Social Networks".
Rahul Potharaju, Bogdan Carbunar, Cristina Nita-Rotaru.
CERIAS TR 2011-08. Unpublished manuscript. [pdf]

[IEEE GC] "Predictive Caching for Video on Demand CDNs.
Bogdan Carbunar, Michael Pearce, Venu Vasudevan, Michael Needham.
In Proceedings of the 54th IEEE Global Communications Conference (GLOBECOM) [pdf]

[IEEE TIFS] "Write Once Read Many Oblivious RAM".
Bogdan Carbunar, Radu Sion.
IEEE Transactions on Information Forensics and Security (TIFS), Volume 6, Issue 4, 2011. [pdf] [technical report]

[FC] "Outsourced Data Storage with Delegation"
Martin Franz, Peter Williams, Bogdan Carbunar, Radu Sion, Stefan Katzenbeisser, Miroslava Sotakova, Andreas Peter.
In Proceedings of the 15th Financial Cryptography and Data Security (FC), St. Lucia, March 2011 [pdf]

[PATENT] "Method and apparatus for dynamic, seamless security in communication protocols".
George Calcev, Bogdan Carbunar, Madjid Nakhjiri.
US 8,245,028, Issued March 2011

[JPDC] "Conditional E-Payments with Transferability".
Bogdan Carbunar, Larry Shi, Radu Sion.
Journal of Parallel and Distributed Computing (JPDC), Volume 71, Issue 1, January 2011

Projects

Search Rank Fraud

Online Fraud and Abuse Detection

Camera Based 2FA Authentication

Liveness Verifications for Mobile Data

Securing Fitness Trackers

Private GeoSocial Networks