Princeton University | Purdue University
.01

ABOUT

PERSONAL DETAILS
Research Interests: Internet of Things Information Security and Privacy Wearable Medical Devices Privacy-preserving Data Analytics

BIO

ABOUT ME

Arsalan Mosenia received the B.Sc. degree in Computer Engineering from Sharif University of Technology in 2012, and the M.A. and Ph.D. in Electrical Engineering from (Princeton University), in 2014 and 2016, respectively, under the supervision of Prof. Niraj K. Jha. Upon the completion of his Ph.D., he joined Profs. Mung Chiang's (Purdue University) and Prateek Mittal's (Princeton University) research groups as a postdoctoral research associate. During his Ph.D., he investigated several security and privacy challenges of different IoT-enabled systems, namely implantable and wearable medical devices, smartphones, and industrial/home automation systems. As a postdoctoral research associate, he is currently exploring potential security threats against Internet-connected vehicles. He is broadly interested in building novel IoT-enabled systems and investigating security, privacy, and resource-efficiency challenges associated with their design and development. He has served as the reviewer for several top-tier journals, including, but not limited to, IEEE Trans. Computers (TC), IEEE Trans. Information Forensics and Security (TIFS), IEEE Trans. Dependable and Secure Computing (TDSC), IEEE Trans. Biomedical Engineering (TBME), and IEEE Trans. on Circuits and Systems II (TCAS II).

FACTS

NUMBERS ABOUT ME

9
PUBLICATIONS
5
PATENTS
8000+
HOURS OF CODING
500K+
LINES OF CODE

.02

ACADEMIC BACKGROUND

  • EDUCATION
  • 2016
    2014
    Princeton, NJ

    Electrical Engineering - Ph.D.

    Princeton University

    Thesis: Addressing Security and Privacy Challenges in Internet of Things
  • 2014
    2012
    Princeton, NJ

    Electrical Engineering - M.A.

    Princeton University

    Publication: Energy-Efficient Long-term Continuous Personal Health Monitoring
  • 2016
    2014
    Tehran, Iran

    Computer Engineering - B.Sc.

    Sharif University of Technology

    Thesis: Motion Estimation and Structure Recovery with Adaptive Scale Kernel Consensus Estimator
  • ACADEMIC POSITIONS
  • Present
    2016
    West Lafayette, IN, USA

    Postdoctoral Research Associate

    EDGE Lab (Purdue University, Prof. Mung Chiang)

    Currently leading four projects and mentoring five undergraduate/graduate students
  • Present
    2016
    Princeton, NJ, USA

    Postdoctoral Research Associate

    INSPIRE Lab (Princeton University, Prof. Prateek Mittal)

    Currently leading four projects and mentoring five undergraduate/graduate students
  • 2016
    2012
    Princeton, NJ, USA

    Research Assistant

    FinFET and Embedded Security Lab (Prof. Niraj K. Jha)

    Conducted several research studies and mentored undergraduate/graduate students
  • 2012
    2011
    Tehran, Iran

    Research Assistant

    Image Processing Lab (Prof. Shohre Kasaei):

    Conducted two research studies on applied machine learning
.03

PUBLICATIONS

22 SEPT 2015

Physiological Information Leakage: A New Frontier in Health Information Security

IEEE Trans. Emerging Topics in Computing (TETC)

We propose a new class of information security attacks that exploit physiological information leakage, i.e., various forms of information that naturally leak from the human body, to compromise privacy. As an example, we demonstrate attacks that exploit acoustic leakage from the heart and lungs. The medical devices deployed within or on our bodies also add to natural sources of physiological information leakage, thereby increasing opportunities for attackers. Unlike previous attacks on medical devices, which target the wireless communication to/from them, we propose privacy attacks that exploit information leaked by the very operation of these devices or human body. [IEEE Xplore] [Preprint]

Journal Paper A. Mosenia, S. Sur-Kolay, A. Raghunathan, and N. K. Jha
26 OCT 2015

An Energy-efficient System for Long-term Continuous Personal Health Monitoring

IEEE Trans. Multi-Scale Computing Systems (TMSCS)

To enable energy-efficient continuous health monitoring, we propose schemes for sample aggregation, anomaly-driven transmission, and compressive sensing to reduce the overheads of wirelessly transmitting, storing, and encrypting/authenticating the data. We evaluate these techniques and demonstrate that they result in two to three orders-of-magnitude improvements in energy and storage requirements, and can help realize the potential of long-term continuous health monitoring. [Recognized as "Spotlight Paper" of the special issue] [IEEE Xplore] [Preprint]

Journal Paper A. Mosenia, M. Mozaffari-Kermani, S. Sur-Kolay, A. Raghunathan, and N. K. Jha
07 SEPT 2016

A Comprehensive Study of Security of Internet-of-Things

IEEE Trans. Emerging Topics in Computing (TETC)

In order to provide a guideline for those who want to investigate IoT security and contribute to its improvement, this survey attempts to provide a comprehensive list of vulnerabilities and countermeasures against them on the edge-side layer of IoT, which consists of three levels: (i) edge nodes, (ii) communication, and (iii) edge computing. To achieve this goal, we first briefly describe three widely-known IoT reference models and define security in the context of IoT. Second, we discuss the possible applications of IoT and potential motivations of the attackers who target this new paradigm. Third, we discuss different attacks and threats. Fourth, we describe possible countermeasures against these attacks. Finally, we introduce two emerging security challenges not yet explained in detail in previous literature. [IEEE Xplore] [Preprint]

Journal Paper A. Mosenia and N. K. Jha
27 OCT 2016

CABA: Continuous Authentication Based on BioAura

IEEE Trans. Computers (TC)

We describe CABA, a novel continuous authentication system that is inspired by and leverages the emergence of sensors for pervasive and continuous health monitoring. CABA authenticates users based on their BioAura, an ensemble of biomedical signal streams that can be collected continuously and non-invasively using wearable medical devices. While each such signal may not be highly discriminative by itself, we demonstrate that a collection of such signals, along with robust machine learning, can provide high accuracy levels. [Awarded "Selected Presenter Award" by NJ Tech. Council] [IEEE Xplore] [Preprint] [U.S. Patent: US 20170230360 A1]

Journal Paper Patent A. Mosenia , S. Sur-Kolay, A. Raghunathan, and N. K. Jha
28 DEC 2016

Addressing Security and Privacy Challenges in Internet of Things

Department of Electrical Engineering, Princeton University

Despite picturesque promises of IoT-enabled systems, the integration of smart things into the standard Internet introduces several security challenges because the majority of Internet technologies, communication protocols, and sensors were not designed to support IoT. Several recent research studies have demonstrated that launching security/privacy attacks against IoT-enabled systems, in particular wearable and implantable medical devices (IWMD)-based systems, may lead to catastrophic situations and life-threatening conditions. Therefore, security/privacy threats against IWMD-based systems need to be proactively studied and aggressively addressed. In this thesis, we tackle several domain-specific security/privacy challenges associated with design and development of such systems. [ProQuest] [Preprint]

Ph.D. Thesis A. Mosenia
img
03 MAR 2017

[New] Wearable Medical Sensor-based System Design: A Survey

IEEE Trans. Multi-Scale Computing Systems (TMSCS)

This article discusses various services, applications, and systems that have been developed based on WMSs and sheds light on their design goals and challenges. We first provide a brief history of WMSs and discuss how their market is growing. We then discuss the scope of applications of WMS-based systems. Next, we describe the architecture of a typical WMS-based system and the components that constitute such a system, and their limitations. Thereafter, we suggest a list of desirable design goals that WMS-based systems should satisfy. Finally, we discuss various research directions related to WMSs and how previous research studies have attempted to address the limitations of the components used in WMS-based systems and satisfy the desirable design goals. [IEEE Xplore] [Preprint]

Journal Paper A. Mosenia, S. Sur-Kolay, A. Raghunathan, and N. K. Jha
27 JUNE 2017

[New] Dedicated intelligent security attacks against sensor-triggered emergency responses

IEEE Trans. Multi-Scale Computing Systems (TMSCS)

In this paper, we introduce a new class of attacks against CPSs, called dedicated intelligent security attacks against sensor-triggered emergency responses (DISASTER). DISASTER targets safety mechanisms deployed in automation/monitoring CPSs and exploits design flaws and security weaknesses of such mechanisms to trigger emergency responses even in the absence of a real emergency. [IEEE Xplore] [Preprint]

Journal Paper A. Mosenia, S. Sur-Kolay, A. Raghunathan, and N. K. Jha
img
8 SEPT 2017

[New] PinMe: Tracking a Smartphone User around the World

IEEE Trans. Multi-Scale Computing Systems (TMSCS)

We describe PinMe, a novel user-location mechanism that exploits non-sensory/sensory data stored on the smartphone (e.g., the environment's air pressure and device's timezone) along with publicly-available auxiliary information (e.g., elevation maps) to estimate the user's location when all location services (e.g., GPS) are turned off. Unlike previously-proposed attacks, PinMe neither requires any prior knowledge about the user nor a training dataset on specific routes. We demonstrate that PinMe can accurately estimate the user's location during four activities (e.g., walking, traveling on a train, driving, and traveling on a plane). We also suggest several potential defenses against the proposed attack. [IEEE Xplore] [Preprint]

Journal Paper Patent Pending A. Mosenia, X. Dai, P. Mittal, and N. K. Jha
- - 2017

[New] OpenFog Security Requirements and Approaches

Fog World Congress

The emerging interconnection among mobile/IoT devices, Fog Nodes and Cloud Servers is creating a multi-tier pervasive communication-computing infrastructure that will one day embody billions of devices and span across elaborate hierarchies of administration and application domains. This novel infrastructure and its operation paradigms will give rise to new security challenges as well as new service opportunities. This paper provides an overview of the security landscape of OpenFog architecture as well as a survey of the functional requirements and the technical approaches currently being discussed in the OpenFog Security Workgroup. As a report of on-going work, this paper aims at stimulating further dialogue on OpenFog Security and fostering future development of novel technologies and practices. [Preprint]

Position Paper [Invited] B. A. Martin, F. Michaud, D. Banks, A. Mosenia, R. Zolfonoon, S. Irwan, S. Schrecker, J. K. Zao
- - 2017

[New] OpSecure: A Secure Optical Communication Channel for Implantable Medical Devices

IEEE Trans. Multi-Scale Computing Systems (TMSCS)

In this paper, we introduce OpSecure, a secure communication channel between an IMD and an external device, e.g., a smartphone. OpSecure enables an intrinsically user-perceptible unidirectional data transmission, suitable for physically-secure communication with minimal size and energy overheads.

Journal Paper Patent Pending A. Mosenia and N. K. Jha
- - 2017

[New] ProCMotive: Bringing Programability and Connectivity into Isolated Vehicles

ACM Int. Joint Conf. Pervasive and Ubiquitous Computing (Ubicomp)

Despite the existence of several novel vehicular applications in the literature, there still exists a significant gap between resources needed for a variety of vehicular (in particular, data-dominant, latency-sensitive, and computationally-heavy) applications and the capabilities of already-in-market vehicles. To address this gap, different smartphone-/Cloud-based approaches have been proposed that utilize the external computational/storage resources to enable new applications. However, their acceptance and application domain are still very limited due to programability, wireless connectivity, and performance limitations, along with several security/privacy concerns. In this paper, we present a novel architecture that can potentially enable rapid development of various vehicular applications while addressing shortcomings of smartphone-/Cloud-based approaches. The architecture is formed around a core component, called SmartCore, a privacy/security-friendly programmable dongle that brings general-purpose computational and storage resources to the vehicle and hosts in-vehicle applications. Based on the proposed architecture, we develop an application development framework for vehicles, that we call ProCMotive. [Preprint]

Conference Paper Patent Pending A. Mosenia, J. F. Bechara, T. Zhang, P. Mittal, M. Chiang
.04

TEACHING

  • Princeton University
  • 2016
    2016

    TEACHING ASSISTANT

    Information Security, Prof. Prateek Mittal

    This course offered a solid background to students who were willing to start their research in the area of information security. It covered several fundamental topics in information security, e.g., basic cryptology, privacy, and common security issues of different systems. As an invaluable experience, I learned how a research-oriented course can betaught in a very understandable and enjoyable manner. During this course, in addition to designing and grading weekly assignments, I mentored two graduate students and helped them with their research projects.
  • 2016
    2016

    TEACHING ASSISTANT

    Embedded Computing, Prof. Niraj Jha

    This course offered an introduction to embedded computing and covered several topics, including cyber-physical systems, Internet-connected embedded systems, reliability, availability, power/energy consumption, and security. During my office hours, I helped both undergraduate and graduate students with their course projects. Moreover, I supervised several stu dents and held additional one-on-one meetings to discuss their projects, novel ideas, and progress.
  • 2013
    2013

    TEACHING ASSISTANT

    Contemporary Logic Design, Prof. Sharad Malik

    This course provided an introduction to basic concepts in logic design that form the basis of computation and communication circuits. Serving as the TA for this course enabled me to understand the special needs of early-stage undergraduate students, and let me obtain essential experiences needed for managing large classes. I had the opportunity to collaborate with other TAs to prepare and grade weekly assignments and exams. Further, I was responsible for one session of weekly labs during the semester.
  • Sharif University of Technology
  • 2011
    2011

    TEACHING ASSISTANT

    Computer Architecture, Prof. Hossein Asadi

    This course discusses different schemes and rules that describe the functionality, organization, and implementation of computer systems. I, along with other three TAs, had the responsibility to design weekly assignments and three course projects and also manage weekly labs. Furthermore, I supervised ten three-member teams and helped them develop their own original ideas for the final project.
  • 2011
    2011

    TEACHING ASSISTANT

    Theory of Languages and Automata, Prof. Ali Movaghar

    This course presented introductory material on the theory of computation, including, but not limited to, fundamentals of formal languages, automata, and computability. The course was designed for both graduate/undergraduate students and had a large class size. I was responsible for supervising other TAs, designing midterm exams, and grading weekly assignments.
  • 2010
    2010

    TEACHING ASSISTANT

    Electrical Circuits, Prof. Jalili

    This course offered the essential knowledge for First-/second-year Electrical Engineering students, who needed to quickly learn the basic theory of electrical circuits. It provided a comprehensive introduction to design and analysis of electrical circuits. I was given the privilege to supervise other three TAs, design two midterms and the final exam, and present several lectures in the class.