BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Joydeep Mitra

Joydeep Mitra contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
Cryptography and SecuritySoftware Engineeringcs.CYeess.SYProgramming LanguagesSystems and Control

Trust snapshot

Quick read

Trust 17 - UnverifiedVerification L1Unclaimed author
4works
0followers
6topics
4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Identity and collaboration

How to connect with this researcher

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Log in to claim

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

4 published item(s)

preprint2022arXiv

A Security & Privacy Analysis of US-based Contact Tracing Apps

With the onset of COVID-19, governments worldwide planned to develop and deploy contact tracing (CT) apps to help speed up the contact tracing process. However, experts raised concerns about the long-term privacy and security implications of using these apps. Consequently, several proposals were made to design privacy-preserving CT apps. To this end, Google and Apple developed the Google/Apple Exposure Notification (GAEN) framework to help public health authorities develop privacy-preserving CT apps. In the United States, 26 states used the GAEN framework to develop their CT apps. In this paper, we empirically evaluate the US-based GAEN apps to determine 1) the privileges they have, 2) if the apps comply with their defined privacy policies, and 3) if they contain known vulnerabilities that can be exploited to compromise privacy. The results show that all apps violate their stated privacy policy and contain several known vulnerabilities.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

A Sensitivity-based Approach for Optimal Siting of Distributed Energy Resources

This paper presents a sensitivity-based approach for the placement of distributed energy resources (DERs) in power systems. The approach is based on the fact that most planning studies utilize some form of optimization, and solutions to these optimization problems provide insights into the sensitivity of many system variables to operating conditions and constraints. However, most of the existing sensitivity-based planning criteria do not capture ranges of effectiveness of these solutions (i.e., ranges of the effectiveness of Lagrange multipliers). The proposed method detects the ranges of the effectiveness of Lagrange multipliers and uses them to determine optimal solution alternatives. Profiles for existing generation and loads, and transmission constraints are taken into consideration. The proposed method is used to determine the impacts of DERs at different locations, in the presence of a stochastic element (load variability). This method consists of sequentially calculating Lagrange multipliers of the dual solution of the optimization problem for various load buses for all load scenarios. Optimal sizes and sites of resources are jointly determined in a sequential manner based on the validity of active constraints. The effectiveness of the proposed method is demonstrated through several case studies on various test systems including the IEEE reliability test system (IEEE RTS), the IEEE 14, and 30 bus systems. In comparison with conventional sensitivity-based approaches (i.e., without considering ranges of validity of Lagrange multipliers), the proposed approach provides more accurate results for active constraints.

0 citations0 reviewsNo code linkedOpen access
preprint2019arXiv

BenchPress: Analyzing Android App Vulnerability Benchmark Suites

In recent years, various benchmark suites have been developed to evaluate the efficacy of Android security analysis tools. The choice of such benchmark suites used in tool evaluations is often based on the availability and popularity of suites and not on their characteristics and relevance. One of the reasons for such choices is the lack of information about the characteristics and relevance of benchmarks suites. In this context, we empirically evaluated four Android specific benchmark suites: DroidBench, Ghera, IccBench, and UBCBench. For each benchmark suite, we identified the APIs used by the suite that were discussed on Stack Overflow in the context of Android app development and measured the usage of these APIs in a sample of 227K real world apps (coverage). We also compared each pair of benchmark suites to identify the differences between them in terms of API usage. Finally, we identified security-related APIs used in real-world apps but not in any of the above benchmark suites to assess the opportunities to extend benchmark suites (gaps). The findings in this paper can help 1) Android security analysis tool developers choose benchmark suites that are best suited to evaluate their tools (informed by coverage and pairwise comparison) and 2) Android app vulnerability benchmark creators develop and extend benchmark suites (informed by gaps).

0 citations0 reviewsNo code linkedOpen access
preprint2019arXiv

SeMA: A Design Methodology for Building Secure Android Apps

UX (user experience) designers visually capture the UX of an app via storyboards. This method is also used in Android app development to conceptualize and design apps. Recently, security has become an integral part of Android app UX because mobile apps are used to perform critical activities such as banking, communication, and health. Therefore, securing user information is imperative in mobile apps. In this context, storyboarding tools offer limited capabilities to capture and reason about security requirements of an app. Consequently, security cannot be baked into the app at design time. Hence, vulnerabilities stemming from design flaws can often occur in apps. To address this concern, in this paper, we propose a storyboard based design methodology to enable the specification and verification of security properties of an Android app at design time.

0 citations0 reviewsNo code linkedOpen access