Selected Media Coverage

Few Selected Projects

• 

  A Framework to Defend Against Sockpuppet Connection Requests in Social Networks

  Executive Summary

  

  Connection relations in Online Social Networks (OSNs) have been used by attackers to access private and sensitive user data, post false or abusive information on the timelines and news feeds of victims, and scam and influence the perceptions of victims. The massive growth of social media usage has incentivized perpetrators to connect users through identity deception, which is often successful due to the lack of adequate verification of declared information. The goal of this project is to significantly expand the understanding of identity deception and abuse in online social networks, and design and build intervention mechanisms that would render these types of attacks unsuccessful. This project will involve users in creating a digital framework that can educate them about the sockpuppet attack and encourage them to carefully examine their connection invites before accepting or declining them, and stay away from accepting invitations from suspicious accounts. The study of online social network sockpuppet requests will help develop and validate, a new generation of sockpuppet prevention solutions. This has the potential to help protect millions of vulnerable OSN users from sexual predators, online fraudsters, scammers, adversaries, or even malicious hackers.

  This project will build a digital framework rooted in cognitive psychology, UX research, and machine learning methods to defend against sockpuppet connection requests in online social networks. In a first research thrust, the researchers will develop survey instruments and user studies to investigate the pending connection decisions, motivations, and behaviors in OSNs. The researchers will also develop an app platform, to collect detailed, ground truth behavior data from OSN users, and provide an evaluation environment for the proposed solutions against a control app. The findings from this research thrust will be utilized to develop the next thrust, where the researchers will implement a "spam connection" folder through a pending connection decision classifier. Finally, the researchers will integrate sockpuppet education and motivation to develop a novel Online Social Network Pending Connection Processing Interface (OSN-PCPI). This not only will enhance the understanding of just-in-time motivations and behaviors related to social network risks, but will also help sociologists gain deeper insights from underexplored social and spatial dimensions provided by social networks to test relevant theories.

  Funding Sources

  This project is supported by the following NSF grant.

  1. Award Abstract #2153482
     CRII: SaTC: A Framework to Defend Against Sockpuppet Connection Requests in Social Networks

  
  

  Resulting Publications

  1. Sajedul Talukder, Nestor Hernandez, Mozhgan Azimpourkivi and Bogdan Carbunar, “User Awareness and Defenses Against Sockpuppet Friend Invitations in Facebook”, In proceedings of the ACM/SIGAPP Symposium on Applied Computing (ACM SAC), Apr 2022. [pdf]
  
  



• 

  AbuSniff: Detection and defenses against abusive Facebook friends

  Executive Summary

  

  In our research, we sought to develop an automated social network abuse detection system which is able to reduce the attack surface of its users, by reducing the number of, or isolating friends predicted to be perceived as potential attack vectors. This presents a substantial challenge as adversaries leverage social network friend relationships to collect sensitive data from users and target them with abuse that includes fake news, cyberbullying, malware, and propaganda. We leverage these findings to develop AbuSniff (Abuse from Social Network Friends), a system that evaluates, predicts and protects users against perceived friend abuse by suggesting several personalized defensive actions for such friends. We began by developing the first ever mobile app questionnaire, that can detect perceived strangers and friend abusers. To replace the questionnaire, we then introduced mutual Facebook activity features that have statistically significant overall association with the AbuSniff decision and showed that they can train supervised learning algorithms to predict questionnaire responses using 10-fold cross validation. We trained our system with several supervised learning algorithms, including Random Forest (RF), Decision Trees (DT), SVM, PART, SimpleLogistic, MultiClassClassifier, K-Nearest Neighbors (KNN) and Naive Bayes and chose the best performing algorithm for predicting each of the questionnaire questions.

  Our approach provides a method to evaluate AbuSniff system through online experiments with participants recruited from the crowdsourcing site from 25 countries across 6 continents. Results showed that the questionnaire based AbuSniff was significantly more efficient than control in terms of participant willingness to unfriend, sandbox and restrict abusive friends. The predictive version of AbuSniff was highly accurate (F-Measure up-to 97.3%) in predicting strangers or abusive friends and participants agreed to take the AbuSniff suggested actions in 78% of the cases. When compared to a control app, AbuSniff significantly increased the participant self-reported willingness to reject invitations from strangers and abusers, their awareness of friend abuse implications and their perceived protection from friend abuse.

  Funding Sources

  This project was supported by three NSF grants.

  1. Award Abstract #1527153
     TWC: Small: Collaborative: Cracking Down Online Deception Ecosystems
  2. Award Abstract #1450619 EAGER: Digital Interventions for Reducing Social Networking Risks in Adolescents
  3. Award Abstract # 1526494 CSR: Small: Collaborative Research: Sensorprint: Hardware-Enforced Information Authentication for Mobile Systems

  
  

  Resulting Publications

  1. Sajedul Talukder, Bogdan Carbunar, “AbuSniff: Automatic Detection and Defenses Against Abusive Facebook Friends”, Proceedings of the 12th International Conference on Web and Social Media (ICWSM'18), June 2018. Link: ICWSM18/paper/view/17792. [pdf] [acceptance rate=16%]
  
  
  2. Sajedul Talukder, Bogdan Carbunar, “When Friend Becomes Abuser: Evidence of Friend Abuse in Facebook”, In proceedings of the 9th ACM Conference on Web Science (ACM WebSci'17), June 2017. doi: 10.1145/3091478.3098869. [pdf]
  
  
  3. Sajedul Talukder, “AbuSniff: An Automated Social Network Abuse Detection System”, In proceedings of the 35th Annual CCSC Eastern Conference, October 2019. [pdf]
  
  
  4. Sajedul Talukder, Bogdan Carbunar, “A Study of Friend Abuse Perception in Facebook”, ACM Transactions on Social Computing (TSC), 2019. [Under Review].

  
  

  Influence of the Work

  Our solution and results have been widely cited, that include some very prominent studies, including the following:

  1. Mohammadreza Rezvan, Saeedeh Shekarpour, Faisal Alshargi, Krishnaprasad Thirunarayan, Valerie L. Shalin, and Amit Sheth at University of Dayton, University of Leipzig, Germany and Wright State University cited our articles in their recent journal paper “Analyzing and learning the language for different types of harassment” (Public Library of Science (PLOS) ONE Journal), where they used our abusive language descriptors to develop a type-aware annotated corpus and lexicon.
  2. Meagan J. Brem, Gregory L. Stuart, Tara L. Cornelius, and Ryan C. Shorey at University of Tennessee, Grand Valley State University and University of Wisconsin-Milwaukee also cited our articles in their journal paper, “A longitudinal examination of alcohol problems and cyber, psychological, and physical dating abuse: The moderating role of emotion regulation” (Journal of Interpersonal Violence: 2), where they suggested to adopt our AbuSniff system to combat cyber dating abuse.
  3. Qiaozhi Wang, Hao Xue, Fengjun Li, Dongwon Lee, and Bo Luo. at University of Kansas and Pennsylvania State University also cited our articles in their journal paper, “#DontTweetThis: Scoring Private Information in Social Networks” (Proceedings on Privacy Enhancing Technologies, Volume 2019: Issue 4), where they used our solution that mitigates private information leak from within users’ friend networks to develop the first quantitative model for private information assessment.
  4. Elisabeth Eder and Ulrike Krieg-Holz at Alpen-Adria-Universitat Klagenfurt, Austria and Friedrich-Schiller-Universitat Jena, Germany also cited our articles in their conference paper, “At the Lower End of Language — Exploring the Vulgar and Obscene Side of German”, where they mentioned our paper, recommending the wider implementation of AbuSniff in data-driven acquisition and semantic scaling of a lexicon to capture the relative strength of obscenity in the German language.
  5. Somya Ranjan Sahoo and B. B. Gupta at National Institute of Technology, India also cited our articles in their conference paper, “Popularity-Based Detection of Malicious Content in Facebook Using Machine Learning Approach”, where they used AbuSniff's questionnaire-based supervised learning technique to implement malicious content and spammer detector in Facebook.

  We have also received email communications from researchers at Seoul National University from South Korea, who were impressed with our methodology and are using our method of built-in app to pre-classify and inform abusive friends in their ongoing (unpublished) work.

  Lastly, We have been in communication with the researchers from Facebook Research, who were impressed with my research and invited me in the Facebook headquarter to discuss our project.




• 

  FLock: Vulnerabilities and Defenses to Facebook Friend Spam

  Executive Summary

  

  In our research, we sought to develop defenses against social network friend spam. Friend relationship is the largest gateway for attackers in Facebook and Twitter to collect personal data from victim accounts that are befriended, and use it to infer other sensitive user information, perform profile cloning, sextorsion, identity theft, and spear phishing attacks. Attackers often send friend spam requests to social network users in the hope of being accepted as data and posts are often shared by default with user’s friends. We began by performing interview and online studies using our developed apps, that can send friend requests from synthetic fake accounts, which confirmed that Facebook users are highly vulnerable to friend spam. To solve this problem, we introduced FLock, a new design to view and process received friend invitations, that encourages users to investigate pending friends. We further introduced T-FLock, a FLock extension that further trains users to be aware of friend spam. To help determine user vulnerability to friend spam without requiring user interaction, we developed a classifier to predict user decisions on pending friend invites. To train and test our classifier, we used k-fold cross-validation for time series, where we train on the first k decisions of each user, and test on the rest of the invitations, k is between 1 and the maximum number of pending friends per participant. Even when trained with only 5 past user decisions, our decision predictor achieved an F1 score of 83.43%.

  Our approach provides a method using FLock and T-FLock to leverage the users as the first line of defense instead of forensically detecting friend spam, by involving them in the spam detection process, at the time when the spam attack takes place. In studies with 120 online participants, we found that when compared to a control Facebook-like interface, T-FLock and FLock significantly reduced the percentage of confirmed synthetic friends, increased the number of inspected synthetic friend profiles, and decreased the percentage of blind confirms. Our predictor can be used to detect fake accounts, and implement a spam invitation folder, similar in concept to spam e-mail folders, to help users better negotiate and regulate their relationship boundaries.

  Funding Sources

  This project was supported by three NSF grants.

  1. Award Abstract #1527153
     TWC: Small: Collaborative: Cracking Down Online Deception Ecosystems
  2. Award Abstract #1450619 EAGER: Digital Interventions for Reducing Social Networking Risks in Adolescents
  3. Award Abstract # 1526494 CSR: Small: Collaborative Research: Sensorprint: Hardware-Enforced Information Authentication for Mobile Systems.

  
  

  Resulting Publication

  1. Sajedul Talukder, Bogdan Carbunar, “FLock: Friend Lock for Strangers and Abusers to Reduce Social Networking Risks in Facebook”, 2020. [Under Review].



• 

  Attacks and Defenses in Mobile IP

  Executive Summary

  

  In our research, we sought to develop a method to model four well-known Mobile IP attacks, such as Denial-of-Service (DoS) attack, bombing attack, redirection attack and replay attack with Stochastic Game Petri Net (SGPN). The urging need for seamless connectivity in mobile environment has contributed to the rapid expansion of Mobile IP. Mobile Node that changes its IP address needs to update its care-of-address and send the binding update to the Corresponding Node. Binding updates are vulnerable to various attacks since Malicious Node can penetrate the route between Mobile Node and Corresponding Node. All of the attacks happen mostly during various phases of route optimization between the Mobile Node and Corresponding Node. We began by modeling the aforementioned attacks with SGPN. Next, we proposed mixed strategy based defense strategies for each of the aforementioned attacks and modeled them with SGPN. Finally, we calculated the Nash Equilibrium of the attacker-defender game and thereby obtained the steady state probability of the vulnerable attack states.

  Our approach provides a method for understanding and modeling the well-known Mobile IP attacks and their appropriate defense strategies. We propose mixed strategy based defense strategies for the given attacks and evaluate the models by calculating the steady state probability of the vulnerable attack states. For that, we proposed an algorithm to calculate the steady state probability from the Nash Equilibrium in the SGPN. We showed that, under the optimal strategy, an IDS needs to remain active 72.4%, 70%, 68.4% and 66.6% of the time to restrict the attacker’s success rate to 8.5%, 6.4%, 7.2% and 8.3% respectively for the aforementioned attacks, thus performing better than many of the state-of-the-art approach.

  Resulting Publication

  1. Sajedul Talukder, Md. Iftekharul Islam Sakib, Md. Faruk Hossen, Zahidur Rahim Talukder, Md. Shohrab Hossain, “Attacks and Defenses in Mobile IP: Modeling with Stochastic Game Petri Net”, In proceedings of the IEEE International Conference on Current Trends in Computer, Electrical, Electronics and Communication (ICCTCEEC'17), Sep 2017. IEEE Xplore Digital Library, doi: 10.1109/CTCEEC.2017.8455118. [pdf]

  
  

  Influence of the Work

  Our solution and results have been widely cited, that include some very prominent studies, including the following:

  1. Hosam El-Sofany, and Samir Abou El-Seoud at King Khalid University, Saudi Arabia and British University in Egypt cited our article in their recent journal paper “A Novel Model for Securing Mobile-based Systems against DDoS Attacks in Cloud Computing Environment” (International Journal of Interactive Mobile Technologies. 2019, Vol. 13 Issue 1), where they used our defense model to develop a model against Distributed Denial of Service (DDoS) attacks in mobile-based systems.
  2. Zahidur Talukder, Kazi Tasnim, and Md. Reza at Bangladesh University of Engineering and Technology also cited our article in their conference paper, “A Comparative Study of Various Methods of Phasor Measurement Unit Algorithms” (International Conference on Advances in Science, Engineering and Robotics Technology (ICASERT)), where they used our mobile IP based intrusion detection system to compare simulation models validation in various PMU algorithms.

  We have also received email communications from researchers at University of Texas, who were impressed with our methodology and are using our method to develop an efficient Intrusion Detection System (IDS) in their ongoing (unpublished) work.




• 

  USenSewer: GSM-Arduino Based Automated Sewerage Management

  Executive Summary

  

  In our research, we sought to develop a method to design an automated sewerage management system that uses Arduino microcontroller coupled with an ultrasonic sensor, an NRF module and a GSM module to automate the routine checkup and removal of sewerage blockage in the big cities. This presents a substantial challenge for the big cities as sewerage blockage removal is vital for the continuous wastewater flow. We began by developing a blockage detection system consisting of an Arduino Uno board coupled with an NRF module, an ultrasonic sensor and a servo motor along with its power supply which could be placed inside the drain. As the waste material piles up on the lifting platform and crosses a certain height, the ultrasonic sensor detects the waste obstruction and triggers the NRF module and the servo motor, which in turn activates the blockage removal system. During the blockage removal process, the servo motor drives the backup net to place vertically through the drain so that further waste doesn’t get onto the lifting platform. The blockage removal system consists of a GSM module and a DC motor, guided by a track which lifts the platform containing waste materials to ground level with the help of lifting thread and pours the wastage on a waste container placed outside the drain. Once the waste container is filled, the GSM module sends text message to the city corporation control center for the collection and removal of waste.

  Our approach provides a method for replacing the sewerage management system of cities having limited resources with an automated system. To the best of our knowledge, our method is the first attempt to use a microcontroller-based solution to design a fully automated sewerage management system. Our pilot study with the USenSewer prototype in a big city (Dhaka) has outperformed the state-of-the-art solutions, both in terms of cost and efficiency. Additionally, the system is very much scalable as we can use as many systems as needed without bothering the capacity of the control center.

  Resulting Publications

  1. Sajedul Talukder, Md. Iftekharul Islam Sakib, Zahidur Rahim Talukder, Upoma Das, Arnob Saha and Nur Sultan Nazar Bayev, “USenSewer: Ultrasonic Sensor and GSM-Arduino Based Automated Sewerage Management”, In proceedings of the IEEE International Conference on Current Trends in Computer, Electrical, Electronics and Communication (ICCTCEEC'17), Sep 2017. IEEE Xplore Digital Library, doi: 10.1109/CTCEEC.2017.8455169. [pdf]

  
  

  Influence of the Work

  Our solution and results have been widely cited, that include some very prominent studies, including the following:

  1. M. Gobinath, and S. Malathi at Panimalar Engineering College, India cited our article in their recent conference paper “Sewage Sludge Removal Method Through Arm-Axis by Machine Robot” (International Conference on Intelligent Systems Design and Applications), where they used our automated system to build a machine robot intended for sewage sludge removal.
  2. Javier Rocher, José Luis García-Navas, Oscar Romero and Jaime Lloret at Universitat Politècnica de València,Spain also cited our articles in their conference paper, “A WSN-based Monitoring System to Control Sewerage” (International Conference on Internet of Things: Systems, Management and Security (IOTSMS)), where their system for monitoring the water level and velocity in the sewerage was built upon our sensor-based sewerage detection system.
  3. Z. Talukder, K. Tasnim, and Md. Reza at Bangladesh University of Engineering and Technology also cited our article in their conference paper, “A Comparative Study of Various Methods of Phasor Measurement Unit Algorithms” (International Conference on Advances in Science, Engineering and Robotics Technology (ICASERT)), where they used our system to run a comparative study on the phasor measurement unit algorithms using dynamic power conditions.



• 

  DLMS: Digital Land Management System

  Executive Summary

  

  In our research, we sought to develop a model land management solution which offers a GPS based land surveying tool and an online land management system that encompasses an assortment of web based participatory services. Land management in third world countries presents a substantial challenge due the lack of technological resources and efficient infrastructure, thus requiring simple yet scalable digital innovations. We began by implementing the first ever GPS based land surveying tool that can be used for lower accuracy land surveying. Our tool was able to automatically generate land map directly from the GPS coordinate inputs that used geometric polygon overlay in Google Maps. Using this tool, we created a MySQL database of Dhaka city lands that also included the ownership information. Based on this database, we developed a highly scalable and large web application using Codeigniter PHP framework that offered superb speed, maintainability and agility. We designed a high load architecture that featured separate web, database and file servers along with task queues and DNS balancing. we also developed mobile clients using RESTful API for both the landowners and the land office employees.

  Our approach provides the landowners an easily accessible way to search land, buy/sell land, advertise/bid, update map, pay land tax, resolve dispute and generate land deed. We also performed a feasibility analysis and compared the results with the existing traditional system. Our results showed that the proposed system significantly improved the traditional system's productivity and service availability and highly reduced the need for manpower resources.

  Resulting Publications

  1. Sajedul Talukder, Md. Iftekharul Islam Sakib, Md. Mustafizur Rahman, “Digital Land Management System : A new initiative for Bangladesh”, In proceedings of the 1st IEEE International Conference on Electrical Engineering and Information & Communication Technology (ICEEICT'14), April 2014. IEEE Xplore Digital Library, doi: 10.1109/ICEEICT.2014.6919031. [pdf] [Best Paper Award]

  
  

  Influence of the Work

  Our solution and results have been widely cited and implemented, that include some very prominent studies, including the following:

  1. A. K. M. Zakaria, Rebeka Sultana, Md. Al Mamun, and Md. Menhajul Alam at Bangladesh Rural Development Academy and Bangladesh Police cited our articles in their recent journal paper “Land Ownership and Land Management System in Chars: A Study in Sariakandi Upazila under Bogura District of Bangladesh” (South Asian Journal of Social Studies and Economics, 1(2), 1-13), where they used our land management solution to develop a Land Information System (LIS) for the river island (char) lands.
  2. Shovon Niverd Pereira, Noshin Tasnim, M Shahir Rahman, Sanjida Nasreen Tumpa, Md. Mahboob Karim, Rabius Sunny Rizon, Nabila Shahnaz Khan, and Ruhul Ambia Remon at Military Institute of Science and Technology (MIST) also cited our articles in their conference paper, “Multi-Channel Approach Towards Digitizing the Land Management System of Bangladesh” (IEEE International WIE Conference on Electrical and Computer Engineering (WIECON-ECE)), where they suggested to adopt our AbuSniff system to combat cyber dating abuse.
  3. Our project has been adopted and implemented by Government of Bangladesh, as part of their vision 2021 plan. Project link from the Government of Bangladesh. Our paper can also be found in the government website.

Older Projects

• SaSa Multimedia Player

  A multilingual and multifunctional media player based on Java SE.

  (Java)

• Automation of Consular, Central Receipt and Diplomatic Bag Sections

  Automated the consular services, central receipt and diplomatic bag sections of MOFA, Bangladesh.

  Successfully implemented & tested software for govt. services.

  (C++, Java, Bootstrap, CodeIgniter, MySQL)

• Eboighar: A state-of-the-art e-commerce platform in Bangladesh

  Designed and developed a secure, fully transactional and customizable e-commerce platform.

  Eboighar currently has 10 million active users.

  (PHP, Bootstrap, CodeIgniter, PostgreSQL)

• Digital Diary

  A complete digital notebook solution.

  (C)