BEGIN:VCALENDAR
METHOD:REQUEST
PRODID:Microsoft Exchange Server 2010
VERSION:2.0
BEGIN:VTIMEZONE
TZID:Eastern Standard Time
BEGIN:STANDARD
DTSTART:16010101T020000
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
RRULE:FREQ=YEARLY;INTERVAL=1;BYDAY=1SU;BYMONTH=11
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:16010101T020000
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
RRULE:FREQ=YEARLY;INTERVAL=1;BYDAY=2SU;BYMONTH=3
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
ORGANIZER;CN="Hunter, Tiffany":mailto:huntert1@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN=mahdad@tam
u.edu:mailto:mahdad@tamu.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Liu, Jundo
ng":mailto:liuj1@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Steinberg,
Eric":mailto:steinber@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Fox, Patri
ck":mailto:pfox@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Juedes, Da
vid":mailto:juedes@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Patterson,
James":mailto:pattersj@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Abukamail,
Nasseef":mailto:abukamai@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Allwine, D
aniel":mailto:allwined@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Bartone, C
hris":mailto:bartone@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Goble, Jam
es":mailto:goble@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Irwin, Den
nis":mailto:irwind@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Jadwisienc
zak, Wojciech":mailto:jadwisie@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Karanth, A
vinash":mailto:karanth@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Kaya, Sava
s":mailto:kaya@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Liu, Chang"
:mailto:liuc@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Mourning,
Chad":mailto:mourning@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Ostermann,
Shawn":mailto:osterman@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Rahman, Fa
iz":mailto:rahmanf@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Schlicher,
Jared":mailto:schliche@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Ugazio, Sa
brina":mailto:ugazio@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Vasiliadis
, Konstantinos":mailto:vassilia@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Welch, Lon
nie":mailto:welch@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Zhu, Jim":m
ailto:zhuj@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Wang, Zhew
ei":mailto:wangz1@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Lindner, P
atricia":mailto:lindnerp@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Ardrey, Gr
egory":mailto:gardrey@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Yadav, Ani
mesh":mailto:yadava@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Plis, Kevi
n":mailto:plis@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Oun, Ahmed"
:mailto:oun@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Mirzanezha
d, Majid":mailto:miirza@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Dolan, Joh
n":mailto:dolan@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Khalili, F
atemeh":mailto:khalili@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN=eecs_bscs@
listserv.ohio.edu:mailto:eecs_bscs@listserv.ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN=eecs_bsee@
listserv.ohio.edu:mailto:eecs_bsee@listserv.ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN=eecs_mscs@
listserv.ohio.edu:mailto:eecs_mscs@listserv.ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN=eecs_phd@l
istserv.ohio.edu:mailto:eecs_phd@listserv.ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN=eecs_msee@
listserv.ohio.edu:mailto:eecs_msee@listserv.ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Schultz, A
dam":mailto:schultza@ohio.edu
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Tirtom, Is
mail":mailto:itirtom@ohio.edu
DESCRIPTION;LANGUAGE=en-US:Title: New Frontiers in Authentication and Side-
Channels in Emerging Platforms: 2FA Attacks\, Sensor Exploits\, and AR/VR
Security\n\n\n\nAbstract: Emerging mobile platforms\, such as modern smart
phones and AR/VR devices\, bring new challenges in user verification\, dat
a protection\, and user privacy. In terms of user verification and data pr
otection\, it is important to analyze modern authentication systems that u
se emerging platforms (e.g.\, smartphones) and state-of-the-art protocols
(e.g.\, FIDO2) to implement Two-Factor Authentication (2FA) systems. To ad
dress this\, we developed a novel attack framework and evaluated these aut
hentication systems\, uncovering vulnerabilities in all of them. Moreover\
, to explore user privacy risks on these emerging platforms\, we analyzed
side-channel vulnerabilities exploiting built-in zero-permission motion se
nsors of smartphones and AR/VR devices\, revealing potential severe privac
y leaks. Additionally\, we leverage this side-channel information to devel
op potential defenses against known threats\, such as unwanted robocalls a
nd better AR/VR authentication systems.\n\n\n\nMy presentation focuses on
two key areas of my research. First\, I will present our designed attack f
ramework that uncovers practical vulnerabilities in 2FA systems\, revealin
g how attackers can bypass FIDO2 key-based and push notification authentic
ation mechanisms without compromising the possession-factor device. Next\,
I will discuss side-channel privacy risks associated with zero-permission
motion sensor data in smartphones and AR/VR devices\, highlighting how se
nsitive information (e.g.\, user's gender\, identity\, emotion\, and biolo
gical info such as vital signs and blood pressure) can be extracted. Final
ly\, I will outline future research directions aimed at strengthening auth
entication security and safeguarding privacy in various emerging platforms
.\n\n\n\nBio: Ahmed Tanvir Mahdad is a final-year Ph.D. student in the Com
puter Science and Engineering Department at Texas A&M University. He is cu
rrently conducting research under the supervision of Dr. Nitesh Saxena at
the SPIES Lab. His research focuses on exploring and mitigating security a
nd privacy issues in modern authentication systems and smart devices (e.g.
\, smartphones\, and AR/VR devices). Many of his works have been published
in top-tier security and systems conferences and journals\, including ACM
CCS\, IEEE S&P\, ACM Mobicom\, WWW\, IEEE ICDCS\, and ACM TOPS. Additiona
lly\, his research has been featured in various news media worldwide.\n\n_
__________________________________________________________________________
_____\nMicrosoft Teams Need help?