Showing 1–10 of 10 results for author: Wijewickrama, R

A Picture is Worth a Thousand Prompts? Efficacy of Iterative Human-Driven Prompt Refinement in Image Regeneration Tasks

Authors: Khoi Trinh, Scott Seidenberger, Raveen Wijewickrama, Murtuza Jadliwala, Anindya Maiti

Abstract: With AI-generated content becoming ubiquitous across the web, social media, and other digital platforms, it is vital to examine how such content are inspired and generated. The creation of AI-generated images often involves refining the input prompt iteratively to achieve desired visual outcomes. This study focuses on the relatively underexplored concept of image regeneration using AI, in which a… ▽ More With AI-generated content becoming ubiquitous across the web, social media, and other digital platforms, it is vital to examine how such content are inspired and generated. The creation of AI-generated images often involves refining the input prompt iteratively to achieve desired visual outcomes. This study focuses on the relatively underexplored concept of image regeneration using AI, in which a human operator attempts to closely recreate a specific target image by iteratively refining their prompt. Image regeneration is distinct from normal image generation, which lacks any predefined visual reference. A separate challenge lies in determining whether existing image similarity metrics (ISMs) can provide reliable, objective feedback in iterative workflows, given that we do not fully understand if subjective human judgments of similarity align with these metrics. Consequently, we must first validate their alignment with human perception before assessing their potential as a feedback mechanism in the iterative prompt refinement process. To address these research gaps, we present a structured user study evaluating how iterative prompt refinement affects the similarity of regenerated images relative to their targets, while also examining whether ISMs capture the same improvements perceived by human observers. Our findings suggest that incremental prompt adjustments substantially improve alignment, verified through both subjective evaluations and quantitative measures, underscoring the broader potential of iterative workflows to enhance generative AI content creation across various application domains. △ Less

Submitted 28 April, 2025; originally announced April 2025.

ScooterLab: A Programmable and Participatory Sensing Research Testbed using Micromobility Vehicles

Authors: Ubaidullah Khan, Raveen Wijewickrama, Buddhi Ashan M. K., A. H. M. Nazmus Sakib, Khoi Trinh, Christina Duthie, Nima Najafian, Ahmer Patel, R. N. Molina, Anindya Maiti, Sushil K. Prasad, Greg P. Griffin, Murtuza Jadliwala

Abstract: Micromobility vehicles, such as e-scooters, are increasingly popular in urban communities but present significant challenges in terms of road safety, user privacy, infrastructure planning, and civil engineering. Addressing these critical issues requires a large-scale and easily accessible research infrastructure to collect diverse mobility and contextual data from micromobility users in realistic… ▽ More Micromobility vehicles, such as e-scooters, are increasingly popular in urban communities but present significant challenges in terms of road safety, user privacy, infrastructure planning, and civil engineering. Addressing these critical issues requires a large-scale and easily accessible research infrastructure to collect diverse mobility and contextual data from micromobility users in realistic settings. To this end, we present ScooterLab, a community research testbed comprising a fleet of customizable battery-powered micromobility vehicles retrofitted with advanced sensing, communication, and control capabilities. ScooterLab enables interdisciplinary research at the intersection of computing, mobility, and urban planning by providing researchers with tools to design and deploy customized sensing experiments and access curated datasets. The testbed will enable advances in machine learning, privacy, and urban transportation research while promoting sustainable mobility. △ Less

Submitted 10 January, 2025; originally announced January 2025.

NinjaDoH: A Censorship-Resistant Moving Target DoH Server Using Hyperscalers and IPNS

Authors: Scott Seidenberger, Marc Beret, Raveen Wijewickrama, Murtuza Jadliwala, Anindya Maiti

Abstract: We introduce NinjaDoH, a novel DNS over HTTPS (DoH) protocol that leverages the InterPlanetary Name System (IPNS), along with public cloud infrastructure, to create a censorship-resistant moving target DoH service. NinjaDoH is specifically designed to evade traditional censorship methods that involve blocking DoH servers by IP addresses or domains by continually altering the server's network ident… ▽ More We introduce NinjaDoH, a novel DNS over HTTPS (DoH) protocol that leverages the InterPlanetary Name System (IPNS), along with public cloud infrastructure, to create a censorship-resistant moving target DoH service. NinjaDoH is specifically designed to evade traditional censorship methods that involve blocking DoH servers by IP addresses or domains by continually altering the server's network identifiers, significantly increasing the complexity of effectively censoring NinjaDoH traffic without disruption of other web traffic. We also present an analysis that quantifies the DNS query latency and financial costs of running our implementation of this protocol as a service. Further tests assess the ability of NinjaDoH to elude detection mechanisms, including both commercial firewall products and advanced machine learning-based detection systems. The results broadly support NinjaDoH's efficacy as a robust, moving target DNS solution that can ensure continuous and secure internet access in environments with heavy DNS-based censorship. △ Less

Submitted 4 November, 2024; originally announced November 2024.

Promptly Yours? A Human Subject Study on Prompt Inference in AI-Generated Art

Authors: Khoi Trinh, Joseph Spracklen, Raveen Wijewickrama, Bimal Viswanath, Murtuza Jadliwala, Anindya Maiti

Abstract: The emerging field of AI-generated art has witnessed the rise of prompt marketplaces, where creators can purchase, sell, or share prompts for generating unique artworks. These marketplaces often assert ownership over prompts, claiming them as intellectual property. This paper investigates whether concealed prompts sold on prompt marketplaces can be considered as secure intellectual property, given… ▽ More The emerging field of AI-generated art has witnessed the rise of prompt marketplaces, where creators can purchase, sell, or share prompts for generating unique artworks. These marketplaces often assert ownership over prompts, claiming them as intellectual property. This paper investigates whether concealed prompts sold on prompt marketplaces can be considered as secure intellectual property, given that humans and AI tools may be able to approximately infer the prompts based on publicly advertised sample images accompanying each prompt on sale. Specifically, our survey aims to assess (i) how accurately can humans infer the original prompt solely by examining an AI-generated image, with the goal of generating images similar to the original image, and (ii) the possibility of improving upon individual human and AI prompt inferences by crafting human-AI combined prompts with the help of a large language model. Although previous research has explored the use of AI and machine learning to infer (and also protect against) prompt inference, we are the first to include humans in the loop. Our findings indicate that while humans and human-AI collaborations can infer prompts and generate similar images with high accuracy, they are not as successful as using the original prompt. △ Less

Submitted 10 October, 2024; originally announced October 2024.

We Have a Package for You! A Comprehensive Analysis of Package Hallucinations by Code Generating LLMs

Authors: Joseph Spracklen, Raveen Wijewickrama, A H M Nazmus Sakib, Anindya Maiti, Bimal Viswanath, Murtuza Jadliwala

Abstract: The reliance of popular programming languages such as Python and JavaScript on centralized package repositories and open-source software, combined with the emergence of code-generating Large Language Models (LLMs), has created a new type of threat to the software supply chain: package hallucinations. These hallucinations, which arise from fact-conflicting errors when generating code using LLMs, re… ▽ More The reliance of popular programming languages such as Python and JavaScript on centralized package repositories and open-source software, combined with the emergence of code-generating Large Language Models (LLMs), has created a new type of threat to the software supply chain: package hallucinations. These hallucinations, which arise from fact-conflicting errors when generating code using LLMs, represent a novel form of package confusion attack that poses a critical threat to the integrity of the software supply chain. This paper conducts a rigorous and comprehensive evaluation of package hallucinations across different programming languages, settings, and parameters, exploring how a diverse set of models and configurations affect the likelihood of generating erroneous package recommendations and identifying the root causes of this phenomenon. Using 16 popular LLMs for code generation and two unique prompt datasets, we generate 576,000 code samples in two programming languages that we analyze for package hallucinations. Our findings reveal that that the average percentage of hallucinated packages is at least 5.2% for commercial models and 21.7% for open-source models, including a staggering 205,474 unique examples of hallucinated package names, further underscoring the severity and pervasiveness of this threat. To overcome this problem, we implement several hallucination mitigation strategies and show that they are able to significantly reduce the number of package hallucinations while maintaining code quality. Our experiments and findings highlight package hallucinations as a persistent and systemic phenomenon while using state-of-the-art LLMs for code generation, and a significant challenge which deserves the research community's urgent attention. △ Less

Submitted 2 March, 2025; v1 submitted 11 June, 2024; originally announced June 2024.

Comments: To appear in the 2025 USENIX Security Symposium. 22 pages, 14 figures, 8 tables. Edited from original version for submission to a different conference. No change to original results or findings

OverHear: Headphone based Multi-sensor Keystroke Inference

Authors: Raveen Wijewickrama, Maryam Abbasihafshejani, Anindya Maiti, Murtuza Jadliwala

Abstract: Headphones, traditionally limited to audio playback, have evolved to integrate sensors like high-definition microphones and accelerometers. While these advancements enhance user experience, they also introduce potential eavesdropping vulnerabilities, with keystroke inference being our concern in this work. To validate this threat, we developed OverHear, a keystroke inference framework that leverag… ▽ More Headphones, traditionally limited to audio playback, have evolved to integrate sensors like high-definition microphones and accelerometers. While these advancements enhance user experience, they also introduce potential eavesdropping vulnerabilities, with keystroke inference being our concern in this work. To validate this threat, we developed OverHear, a keystroke inference framework that leverages both acoustic and accelerometer data from headphones. The accelerometer data, while not sufficiently detailed for individual keystroke identification, aids in clustering key presses by hand position. Concurrently, the acoustic data undergoes analysis to extract Mel Frequency Cepstral Coefficients (MFCC), aiding in distinguishing between different keystrokes. These features feed into machine learning models for keystroke prediction, with results further refined via dictionary-based word prediction methods. In our experimental setup, we tested various keyboard types under different environmental conditions. We were able to achieve top-5 key prediction accuracy of around 80% for mechanical keyboards and around 60% for membrane keyboards with top-100 word prediction accuracies over 70% for all keyboard types. The results highlight the effectiveness and limitations of our approach in the context of real-world scenarios. △ Less

Submitted 3 November, 2023; originally announced November 2023.

TorMult: Introducing a Novel Tor Bandwidth Inflation Attack

Authors: Christoph Sendner, Jasper Stang, Alexandra Dmitrienko, Raveen Wijewickrama, Murtuza Jadliwala

Abstract: The Tor network is the most prominent system for providing anonymous communication to web users, with a daily user base of 2 million users. However, since its inception, it has been constantly targeted by various traffic fingerprinting and correlation attacks aiming at deanonymizing its users. A critical requirement for these attacks is to attract as much user traffic to adversarial relays as poss… ▽ More The Tor network is the most prominent system for providing anonymous communication to web users, with a daily user base of 2 million users. However, since its inception, it has been constantly targeted by various traffic fingerprinting and correlation attacks aiming at deanonymizing its users. A critical requirement for these attacks is to attract as much user traffic to adversarial relays as possible, which is typically accomplished by means of bandwidth inflation attacks. This paper proposes a new inflation attack vector in Tor, referred to as TorMult, which enables inflation of measured bandwidth. The underlying attack technique exploits resource sharing among Tor relay nodes and employs a cluster of attacker-controlled relays with coordinated resource allocation within the cluster to deceive bandwidth measurers into believing that each relay node in the cluster possesses ample resources. We propose two attack variants, C-TorMult and D-TorMult, and test both versions in a private Tor test network. Our evaluation demonstrates that an attacker can inflate the measured bandwidth by a factor close to n using C-TorMult and nearly half n*N using D-TorMult, where n is the size of the cluster hosted on one server and N is the number of servers. Furthermore, our theoretical analysis reveals that gaining control over half of the Tor network's traffic can be achieved by employing just 10 dedicated servers with a cluster size of 109 relays running the TorMult attack, each with a bandwidth of 100MB/s. The problem is further exacerbated by the fact that Tor not only allows resource sharing but, according to recent reports, even promotes it. △ Less

Submitted 17 July, 2023; originally announced July 2023.

SkinSense: Efficient Vibration-based Communications Over Human Body Using Motion Sensors

Authors: Raveen Wijewickrama, Sameer Anis Dohadwalla, Anindya Maiti, Murtuza Jadliwala, Sashank Narain

Abstract: Recent growth in popularity of mobile and wearable devices has re-ignited the need for reliable and stealthy communication side-channels to enable applications such as secret/PIN sharing, co-location proofs and user authentication. Existing short-range wireless radio technology such as Bluetooth/BLE and NFC, although mature and robust, is prone to eavesdropping, jamming and/or interference, and is… ▽ More Recent growth in popularity of mobile and wearable devices has re-ignited the need for reliable and stealthy communication side-channels to enable applications such as secret/PIN sharing, co-location proofs and user authentication. Existing short-range wireless radio technology such as Bluetooth/BLE and NFC, although mature and robust, is prone to eavesdropping, jamming and/or interference, and is not very useful as a covert communication side-channel. This paper designs and implements SkinSense, a vibration-based communication protocol which uses human body/skin as a communication medium to create a low-bandwidth and covert communication channel between user-held mobile and wearable devices. SkinSense employs a novel frequency modulation technique for encoding bits as vibration pulses and a spectrogram-based approach to decode the sensed motion data (corresponding to the encoded vibration pulses) to reconstruct the transmitted bits. SkinSense is comprehensively evaluated for a variety of operational parameters, hardware setups and communication settings by means of data collected from human subject participants. Results from these empirical evaluations demonstrate that SkinSense is able to achieve a stable bandwidth of upto 6.6 bps, with bit error rates below 0.1 in our custom hardware setup, and can be employed as a practical communication side-channel. △ Less

Submitted 7 February, 2023; originally announced March 2023.

Security and Privacy Challenges in Upcoming Intelligent Urban Micromobility Transportation Systems

Authors: Nisha Vinayaga-Sureshkanth, Raveen Wijewickrama, Anindya Maiti, Murtuza Jadliwala

Abstract: Micromobility vehicles are gaining popularity due to their portable nature, and their ability to serve short distance urban commutes better than traditional modes of transportation. Most of these vehicles, offered by various micromobility service providers around the world, are shareable and can be rented (by-the-minute) by riders, thus eliminating the need of owning and maintaining a personal veh… ▽ More Micromobility vehicles are gaining popularity due to their portable nature, and their ability to serve short distance urban commutes better than traditional modes of transportation. Most of these vehicles, offered by various micromobility service providers around the world, are shareable and can be rented (by-the-minute) by riders, thus eliminating the need of owning and maintaining a personal vehicle. However, the existing micromobility ecosystem comprising of vehicles, service providers, and their users, can be exploited as an attack surface by malicious entities - to compromise its security, safety and privacy. In this short position paper, we outline potential privacy and security challenges related to a very popular urban micromobility platform, specifically, dockless battery-powered e-scooters. △ Less

Submitted 5 January, 2020; originally announced January 2020.

Impact of E-Scooters on Pedestrian Safety: A Field Study Using Pedestrian Crowd-Sensing

Authors: Anindya Maiti, Nisha Vinayaga-Sureshkanth, Murtuza Jadliwala, Raveen Wijewickrama, Greg P. Griffin

Abstract: The popularity and proliferation of electric scooters (e-scooters) as a micromobility solution in our cities and urban communities has been rapidly rising. Rent-by-the-minute pricing and a healthy competition between micromobility service providers is also benefiting riders with low trip costs. However, an unprepared urban infrastructure, combined with uncertain operation policies and poor regulat… ▽ More The popularity and proliferation of electric scooters (e-scooters) as a micromobility solution in our cities and urban communities has been rapidly rising. Rent-by-the-minute pricing and a healthy competition between micromobility service providers is also benefiting riders with low trip costs. However, an unprepared urban infrastructure, combined with uncertain operation policies and poor regulation enforcement, has resulted in e-scooter riders encroaching public spaces meant for pedestrians, thus causing significant safety concerns both for themselves and the pedestrians. As a consequence, it has become critical to understand the current state of pedestrian safety in our urban communities vis-à-vis e-scooter services, identify factors that impact pedestrian safety due to such services, and determine how to support pedestrian safety going forward. Unfortunately, to date there have been no realistic, data-driven efforts within the research community that address these issues. In this work, we conduct a field study to empirically investigate crowd-sensed encounter data between e-scooters and pedestrian participants on two urban university campuses over a three-month period. We also analyze encounter statistics and mobility trends that could identify potentially unsafe spatio-temporal zones for pedestrians. This first-of-its-kind work provides a preliminary blueprint on how crowd-sensed micromobility data can enable safety-related studies in urban communities. △ Less

Submitted 22 July, 2020; v1 submitted 16 August, 2019; originally announced August 2019.