About

Riccardo Bettati is a Professor and Associate Department Head in the Department of Computer Science & Engineering at Texas A&M University. He holds a Ph.D. in Computer Science from the University of Illinois at Urbana-Champaign, obtained in 1994, and a DipInf. from the Swiss Federal Institute of Technology (ETH) in Zurich, Switzerland. His research interests encompass distributed real-time systems, scheduling algorithms, communication protocols, and issues related to anonymity and privacy, including computer-supported security education. Bettati has received several awards for his contributions, including the Chevron Faculty Fellowship Award, the Tenneco Meritorious Teaching Award, and the BP Amoco Faculty Award for Teaching Excellence. His work has significantly contributed to the fields of real-time systems and security, with numerous publications in reputable journals and conferences.

Research topics

• Computer Science
• Computer Security
• Artificial Intelligence
• Embedded system
• Computer network
• Algorithm
• Computer engineering
• Physics
• Human–computer interaction

Selected publications

• An Analysis of War Impact on Ukrainian Critical Infrastructure Through Network Measurements

  2023-06-26 · 8 citations

  articleOpen accessSenior author

  The ongoing Russia-Ukraine war has inflicted severe damage on both the geographical and the cyber landscape of Ukraine. The cyberspace of Ukraine continues to be degraded by deliberate physical and cyber warfare. Recent research shows that the degradation of the Ukrainian network correlated with the presence of Russian troops in the region and deliberate attempts of defacement attacks on certain Ukrainian websites. In this work, we examine the Ukrainian IP space by actively scanning for critical infrastructure on two protocols and observe the degradation caused by the war. We follow a measurement-based approach to map the timeline and characterize the impact by performing an analysis with a correlation of multiple datasets that include newsfeeds, disclosures from Ukrainian CERT, and NGOs. Furthermore, we correlate the data from our scans with the open datasets from Internet scanning services to discover misconfigured services and identify them using passive fingerprinting techniques. As a part of ethical considerations and responsible disclosure, we deliver our findings to the respective authorities in Ukraine through collaboration with an NGO to prevent further exploitation of misconfigured services.

  PublisherOA PDFDOI

• Toward a Multidimensional Analysis of the National Vulnerability Database

  IEEE Access · 2023-01-01 · 5 citations

  articleOpen access

  Bring-your-own-device policies, IoT devices, smart appliances are all contributing to increasing diversity of connected devices. It has become imperative to understand the vulnerabilities of these diverse devices (along with traditional compute devices) to appropriately secure their use. In this paper we conduct a detailed analysis of the vulnerabilities reported for the various hardware and software artifacts in the NIST National Vulnerability Database. We analyze the details of vulnerabilities covering the period 2011-2022. We broadly categorize the vulnerabilities into three product categories: networking, IoT, and computing devices. The data is further classified into application, OS, and hardware domains. We analyze the data across the aforementioned categories over four non-overlapping 3-year time periods. The analysis provides insights into salient trends in vulnerabilities across diverse products, and over time. Our work presents interesting findings based on the trends and persistence observed from the analyzed data. Our study points to insights that could lead to improved resource allocation for addressing security concerns.

  PublisherOA PDFDOI

• A Survey of Wearable Devices Pairing Based on Biometric Signals

  IEEE Access · 2023 · 16 citations

  Senior authorCorresponding
  • Computer Science
  • Computer Science
  • Artificial Intelligence

  With the rapid growth of wearable devices, more applications require direct communication between wearable devices. To secure the communication between wearable devices, various pairing protocols have been proposed to generate common keys for encrypting the communication. Since the wearable devices are attached to the same body, the devices can generate common keys based on the same context by utilizing onboard sensors to capture a common biometric signal such as body motion, gait, heartbeat, respiration, and EMG signals. The context-based pairing does not need prior information to generate common keys. As context-based pairing does not need any human involvement in the pairing process, the pairing also increase the usability of wearable devices. A wide range of context-based pairing approaches has been proposed with different sensors and different biometric signals. Given the increasing popularity of wearable devices and applications of wearable devices, we believe that it is necessary to have a comprehensive review and comparison on the context-based pairing approaches for future research on the pairing. In this paper, we compare context-based pairing approaches and review common techniques used in pairing based on various biometric signals.

  PublisherOA PDFDOI

• Breathe-to-Pair (B2P)

  2022 · 11 citations

  Senior authorCorresponding
  • Computer Science
  • Computer Science
  • Embedded system

  We propose Breathe-to-Pair (B2P), a protocol for pairing and shared-key generation for wearable devices that leverages the wearer's respiration activity to ensure that the devices are part of the same body-area network. We assume that the devices exploit different types of sensors to extract and process the respiration signal. We illustrate B2P for the case of two devices that use respiratory inductance plethysmography (RIP) and accelerometer sensors, respectively. Allowing for different types of sensors in pairing allows us to include wearable devices that use a variety of different sensors. In practice, this form of sensor variety creates a number of challenges that limit the ability of the shared-key establishment algorithm to generate matching keys. The two main obstacles are the lack of synchronization across the devices and the need for correct noise-induced mismatches between the generated key bit-strings.

  PublisherDOI

• On Account Association With Assistance From Mobile Networks

  IEEE Transactions on Dependable and Secure Computing · 2022-07-14

  articleSenior author

  In this paper, we draw attention to the problem of account association attacks designed to determine whether a target mobile phone number is associated with a particular online account. In the case of 4G/LTE, the adversary launches an account association attack by sending SMS messages to the target phone number and analyzing patterns in traffic related to the online account. We evaluate the proposed attacks in both a local 4G/LTE testbed and a major commercial 4G/LTE network. Our extensive experiments show that the proposed attacks can successfully identify account association with near-perfect accuracy. Our experiments also illustrate that the proposed attacks can be launched in a way that the victim receives no indication of being under attack.

  PublisherDOI

• Optimal Energy Efficient Design of Artificial Noise to Prevent Side-Channel Attacks

  2022-12-12 · 1 citations

  article

  How to prevent side-channel attacks (SCAs) has become an important problem for securing modern cryptographic devices. One of the widely used countermeasures to against power SCAs is the injection of random noise sequence into the raw leakage traces. However, the indiscriminate injection of random noise can lead to significant increases in energy consumption. In this paper, we propose an optimal energy efficient design for artificial noise to prevent side-channel attacks. We model the side-channel as a communication channel, which allows us to use channel capacity to measure the mutual information between the secret and the leakage traces. For a given energy budget in the noise generation, we obtain the optimal design of the artificial noise injection by solving the side-channel’s channel capacity minimization problem.

  PublisherDOI

• Breath to Pair (B2P): Respiration-Based Pairing Protocol for Wearable Devices

  arXiv (Cornell University) · 2021-07-24 · 1 citations

  preprintOpen accessSenior author

  We propose Breath to Pair (B2P), a protocol for pairing and shared-key generation for wearable devices that leverages the wearer's respiration activity to ensure that the devices are part of the same body-area network. We assume that the devices exploit different types of sensors to extract and process the respiration signal. We illustrate B2P for the case of two devices that use respiratory inductance plethysmography (RIP) and accelerometer sensors, respectively. Allowing for different types of sensors in pairing allows us to include wearable devices that use a variety of different sensors. In practice, this form of sensor variety creates a number of challenges that limit the ability of the shared-key establishment algorithm to generate matching keys. The two main obstacles are the lack of synchronization across the devices and the need for correct noise-induced mismatches between the generated key bit-strings. B2P addresses the synchronization challenge by utilizing Change Point Detection (CPD) to detect abrupt changes in the respiration signal and consider their occurrences as synchronizing points. Any potential mismatches are handled by optimal quantization and encoding of the respiration signal in order to maximize the error correction rate and minimize the message overheads. Extensive evaluation on a dataset collected from 30 volunteers demonstrates that our protocol can generate a secure 256-bit key every 2.85 seconds (around one breathing cycle). Particular attention is given to secure B2P against device impersonation attacks.

  PublisherOA PDFDOI

• Identifying Account Association with Assistance from Mobile Networks using Cross-Service Attacks

  2021-06-01 · 1 citations

  articleSenior author

  In this paper, we draw attention to the problem of cross-service attacks, that is, attacks that exploit information collected about users from one service to launch an attack on the same users on another service. With the increased deployment and use of what fundamentally are integrated-services networks, such as 4G/LTE networks and now 5G, we expect that cross-service attacks will become easier to stage and therefore more prevalent. As running example to illustrate the effectiveness and the potential impact of cross-service attacks we will use the problem of account association in 4G/LTE networks. Account association attacks aim at determining whether a target mobile phone number is associated with a particular online account. The the case of 4G/LTE, the adversary launches the account association attacks by sending SMS messages to the target phone number and analyzing patterns in traffic related to the online account. We evaluate the proposed attacks in both a local 4G/LTE testbed and a major commercial 4G/LTE network. Our extensive experiments show that the proposed attacks can successfully identify account association with close-to-zero false negative and false positive rates. Our experiments also illustrate that the proposed attacks can be launched in a way that the victim receives no indication of being under attack.

  PublisherDOI

• Efficient side-channel attacks beyond divide-and-conquer strategy

  Computer Networks · 2021 · 9 citations

  Senior authorCorresponding
  • Computer Science
  • Computer Science
  • Computer Security
  PublisherDOI

• Connect Id: Identifying Devices Before They Connect to the Network

  2021-06-14 · 1 citations

  article

  Increasingly, network smart devices are being deployed and operated over the network. The Mirai attack has shown that the vulnerabilities of these devices can be exploited to stage large-scale attacks. In this paper, we explore the potential for identifying a device before it connects to the network such that appropriate security postures can be taken based on the known characteristics of the device. We propose to identify a device by (1) Device Vendor (2) Device Operating System (3) Device Type. We propose to utilize several pieces of information available before a device is allowed to connect to the network, such as MAC address and DHCP packet information, to classify the device. We propose a number of algorithms to utilize this information to robustly identify the device on these 3 dimensions. We show that it is possible to effectively identify a device before it is allowed access on the network and thus inform the security policies governing the network.

  PublisherDOI

Frequent coauthors

• Wei Zhao

  64 shared

• Xinwen Fu

  University of Massachusetts Lowell

  31 shared

• Ye Zhu

  24 shared

• Shengquan Wang

  11 shared

• B. Graham

  Texas A&M University

  10 shared

• Soohyun Cho

  Rutgers, The State University of New Jersey

  9 shared

• Youngwoo Ahn

  Texas A&M University

  9 shared

• Chujun Li

  Sun Yat-sen University

  8 shared

Awards & honors

• Chevron Faculty Fellowship Award (2008-2009)
• Best Paper Award, EuroMicro Conference on Real-Time Systems…
• Tenneco Meritorious Teaching Award (2005)
• BP Amoco Faculty Award for Teaching Excellence (2002)
• Best Student Paper, National Aerospace and Electronics Confe…