Amir Houmansadr

Preprints

Throttling Web Agents Using Reasoning Gates
Abhinav Kumar, Jaechul Roh, Ali Naseh, Amir Houmansadr, Eugene Bagdasarian
arXiv:2509.01619, Sep 2025

Network-Level Prompt and Trait Leakage in Local Research Agents
Hyejun Jeong, Mohammadreze Teymoorianfard, Abhinav Kumar, Amir Houmansadr, Eugene Badasarian
arXiv:2508.20282, Aug 2025

Bob's Confetti: Phonetic Memorization Attacks in Music and Video Generation
Jaechul Roh, Zachary Novack, Yuefeng Peng, Niloofar Mireshghallah, Taylor Berg-Kirkpatrick, and Amir Houmansadr
arXiv:2507.17937, July 2025

R1dacted: Investigating Local Censorship in DeepSeek's R1 Language Model
Ali Naseh, Harsh Chaudhari, Jaechul Roh, Mingshi Wu, Alina Oprea, and Amir Houmansadr
arXiv:2505.12625, May 2025

OverThink: Slowdown Attacks on Reasoning LLMs
Abhinav Kumar, Jaechul Roh, Ali Naseh, Marzena Karpinska, Mohit Iyyer, Amir Houmansadr, Eugene Bagdasarian
arXiv:2502.02542, Feb 2025

CensorLab: A Testbed for Censorship Experimentation [ Project Webpage ]
Jade Sheffey, and Amir Houmansadr
arXiv:2412.16349, Dec 2024

Data Extraction Attacks in Retrieval-Augmented Generation via Backdoors
Yuefeng Peng, Junda Wang, Hong Yu, and Amir Houmansadr
arXiv:2411.01705, Nov 2024

MeanSparse: Post-Training Robustness Enhancement Through Mean-Centered Feature Sparsification
Sajjad Amini, Mohammadreza Teymoorianfard, Shiqing Ma, and Amir Houmansadr
arXiv:2406.05927, June 2024

SoK: Challenges and Opportunities in Federated Unlearning
Hyejun Jeong, Shiqing Ma, and Amir Houmansadr
arXiv:2403.02437, March 2024

Understanding (Un)Intended Memorization in Text-to-Image Generative Models
Ali Naseh, Jaechul Roh, and Amir Houmansadr
arXiv:2312.07550, Dec 2023

2026

Exploiting Leaderboards for Large-Scale Distribution of Malicious Models
Anshuman Suri, Harsh Chaudhari, Yuefeng Peng, Ali Naseh, Amir Houmansadr, and Alina Oprea
IEEE S&P (Oakland) 2026

2025

Multilingual and Multi-Accent Jailbreaking of Audio LLMs
Jaechul Roh, Virat Shejwalkar, and Amir Houmansadr
COLM 2025

Backdooring Bias (B^2) into Diffusion Models
Ali Naseh, Jaechul Roh, Eugene Bagdasaryan, and Amir Houmansadr
USENIX Security 2025

Exposing and Circumventing SNI-based QUIC Censorship of the Great Firewall of China [ artifacts ]
Ali Zohaib, Qiang Zao, Jackson Sippe, Abdulrahman Alaraj, Amir Houmansadr, Zakir Durumeric, Eric Wustrow
USENIX Security 2025

( USENIX Security Honorable Mention! )

I'll Shake Your Hand - What Happens After DNS Poisoning
Jade Sheffey, Ali Zohaib, Dayeon Kang, Zakir Durumeric, Amir Houmansadr, and Qiang Wu
FOCI 2025

Riddle Me This! Stealthy Membership Inference for Retrieval-Augmented Generation
Ali Naseh, Yuefeng Peng, Anshuman Suri, Harsh Chaudhari, Alina Oprea, and Amir Houmansadr
ACM CCS 2025

A Wall Behind A Wall: Emerging Regional Censorship in China [ artifacts ]
Mingshi Wu, Ali Zohaib, Zakir Durumeric, Amir Houmansadr, and Eric Wustrow
IEEE S&P (Oakland) 2025

Large Language Models Cannot Even Recognize Your Name
Dzung Pham, Peter Kairouz, Niloofar Mireshghallah, Eugene Bagdasarian and Amir Houmansadr
PrivaCI 2025

Towards Anonymous Chatbots with (Un)Trustworthy Browser Proxies
Dzung Pham, Jade Sheffey, Chau Minh Pham, and Amir Houmansadr
MadWeb 2025

Improving Private Random Forest Prediction using Matrix Representation
Arisa Tajima, Joie Wu, and Amir Houmansadr
AAAI 2025

Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China
Shencha Fan, Jackson Sippe, Sakamoto San, Jade Sheffey, David Fifield, Amir Houmansadr, Elson Wedwards, and Eric Wustrow
NDSS 2025

( FOCI 2025 Best Practical Paper Award! )

RAIFLE: Reconstruction Attacks on Interaction-based Federated Learning with Active Data Manipulation
Dzung Pham, Shreyas Kulkarni, and Amir Houmansadr
NDSS 2025

DIFFENCE: Fencing Membership Privacy With Diffusion Models
Yuefeng Peng, Ali Naseh, and Amir Houmansadr
NDSS 2025

2024

OSLO: One-Shot Label-Only Membership Inference Attacks
Yuefeng Peng, Jaechul Roh, Subhransu Maji, and Amir Houmansadr
NeurIPS 2024

PostMark: A Robust Blackbox Watermark for Large Language Models
Yapei Chang, Kalpesh Krishna, Amir Houmansadr, John Wieting, Mohit Iyyer
EMNLP 2024

Iteratively Prompting Multimodal LLMs to Reproduce Natural and AI-Generated Images
Ali Naseh, Katherine Thai, Mohit Iyyer, and Amir Houmansadr
COLM 2024

( Oral Spotlight Presentation )

Variational Inference in Similarity Spaces: A Bayesian Approach to Personalized Federated Learning
Pedro H. Barros, Fabricio Murai, Amir Houmansadr, Alejandro C. Frery, and Heitor S. Ramos
NeurIPS BDU 2024

Fake or Compromised? Making Sense of Malicious Clients in Federated Learning [ arxiv ]
Hamid Mozaffari, Sunav Choudhary, and Amir Houmansadr
ESORICS 2024

The Effect of Alter Ego Accounts on A/B Tests in Social Networks
Katherine Avery, Amir Houmansadr, and David Jensen
The Web 2024

Memory Triggers: Unveiling Memorization in Text-To-Image Generative Models through Word-Level Duplication
Ali Naseh, Jaechul Roh, and Amir Houmansadr
PPAI 2024

Optimal Obfuscation to Protect Client Privacy in Federated Learning
Bo Guan, Shuangqing Wei, Amir Houmansadr, Hossein Pishro-Nik, and Dennis Goeckel
CISS 2024

Fingerprinting Obfuscated Proxy Traffic with Encapsulated TLS Handshakes
Diwen Xue, Michalis Kallitsis, Amir Houmansadr, and Roya Ensafi
USENIX Security 2024

2023

The Perils of Learning From Unlabeled Data: Backdoor Attacks on Semi-supervised Learning
Virat Shejwalkar, Lingjuan Lyu, and Amir Houmansadr
ICCV 2023

Location Privacy Protection for UAVs in Package Delivery and IoT Data Collection
Saeede Enayati, Dennis Goeckel, Amir Houmansadr, and Hossein Pishro-Nik
IEEE Internet of Things Journal 2023

Stealing the Decoding Algorithms of Language Models [ arXiv ]
Ali Naseh, Kalpesh Krishna, Mohit Iyyer, Amir Houmansadr
ACM CCS 2023

( Distinguished Paper Award! )

Realistic Website Fingerprinting By Augmenting Network Traces
Alireza Bahramali, Ardavan Bozorgi, and Amir Houmansadr
ACM CCS 2023

Investigating Traffic Analysis Attacks on Apple iCloud Private Relay
Ali Zohaib, Jade Sheffey, and Amir Houmansadr
AsiaCCS 2023

Effectively Using Public Data in Privacy Preserving Machine Learning
Milad Nasr, Saeed Mahloujifar, Xinyu Tang, Prateek Mittal, and Amir Houmansadr
ICML 2023

On the Pitfalls of Security Evaluation of Robust Federated Learning
Momin Khan, Virat Shejwalkar, Amir Houmansadr, and Fatima Anwar
DLSP 2023

Where Have All the Paragraphs Gone? Detecting and Exposing Censorship in Chinese Translation
Mizhang Streisand, Eric Wustrow, and Amir Houmansadr
FOCI 2023

Automated Detection of IPv6 Privacy Leakage in Home Networks
Ali Zohaib, and Amir Houmansadr
FOCI 2023

How the Great Firewall of China Detects and Blocks Fully Encrypted Traffic
Mingshi Wu, Jackson Sippe, Danesh Sivakumar, Jack Burg, Peter Anderson, Xiaokang Wang, Kevin Bock, Amir Houmansadr, Dave Levin, Eric Wustrow
USENIX Security 2023

( The 2025 Caspar Bowden PET Award Runner Up! )

( 2024 Applied Networking Research Prize (ANRP)! )

( First Place at CSAW 2023 Applied Research Competition! )

( FOCI 2023 Best Practical Paper Award! )

Every Vote Counts: Ranking-Based Training of Federated Learning to Resist Poisoning Attacks [ arXiv ]
Hamid Mozaffari, Virat Shejwalkar, and Amir Houmansadr
USENIX Security 2023

2022

I Still Know What You Did Last Summer: Inferring Sensitive User Activities on Messaging Applications Through Traffic Analysis [ copy ]
Ardavan Bozorgi, Alireza Bahramali, Fateme Rezaei, Amirhossein Ghafari, Amir Houmansadr, Ramin Soltani, Dennis Goeckel, and Don Towsley
IEEE Transactions on Dependable and Secure Computing 2022

Security Analysis of SplitFed Learning
Momin Ahmad Khan, Virat Shejwalkar, Amir Houmansadr, and Fatima M. Anwar
AIChallengeIoT 2022

Superstring-Based Sequence Obfuscation to Thwart Pattern Matching Attacks
Bo Guan, Nazanin Takbiri, Dennis Goeckel, Amir Houmansadr, and Hossein Pishro-Nik
IEEE Internet of Things Journal 2022

Robust Indistinguishability
Amir Houmansadr, Monica Moniot, and Adam O'Neill
FCS 2022

Equity and Equality in Fair Federated Learning
Hamid Mozaffari, and Amir Houmansadr
ICML-RDMDE 2022

Improving Differentially Private Deep Learning using Adaptive Origin Selection
Milad Nasr, Saeed Mahloujifar, Xinyu Tang, Virat Shejwalkar, Amir Houmansadr, Prateek Mittal
TPDP 2022

Machine Learning with Differentially Private Labels: Mechanisms and Frameworks
Xinyu Tang, Milad Nasr, Saeed Mahloujifar, Virat Shejwalkar, Liwei Song, Amir Houmansadr, and Prateek Mittal
PETS 2022

Privacy-Preserving Path-Planning for UAVs
Saeede Enayati, Dennis Goeckel, Amir Houmansadr, and Hossein Pishro-Nik
ISNCC 2022

Constrained Obfuscation to Thwart Pattern Matching Attacks
Saeede Enayati, Dennis Goeckel, Amir Houmansadr, and Hossein Pishro-Nik
ISIT 2022

Robust Federated Learning By Training on Parameter Ranks
Hamid Mozaffari, Virat Shejwalkar, and Amir Houmansadr
FL-AAAI (Oral) 2022

Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Production Federated Learning [ arXiv ] [ code ]
Virat Shejwalkar, Amir Houmansadr, Peter Kairouz, and Daniel Ramage
IEEE S&P (Oakland) 2022

Mitigating Membership Inference Attacks by Self-Distillation Through a Novel Ensemble Architecture
Xinyu Tang, Saeed Mahloujifar, Liwei Song, Virat Shejwalkar, Milad Nasr, Amir Houmansadr, and Prateek Mittal
USENIX Security 2022

2021

Membership Inference Attacks Against NLP Classification Models
Virat Shejwalkar, Huseyin A Inan, Amir Houmansadr, and Robert Sim
NeurIPS PriML 2021

A Novel Self-Distillation Architecture to Defeat Membership Inference Attacks
Xinyu Tang, Saeed Mahloujifar, Liwei Song, Virat Shejwalkar, Milad Nasr, Amir Houmansadr, and Prateek Mittal
NeurIPS PriML 2021

Cronus: Robust and Heterogeneous Collaborative Learning with Black-Box Knowledge Transfer
Hongyan Chang, Virat Shejwalkar, Reza Shokri, and Amir Houmansadr
NeurIPS NFFL 2021

FINN: Fingerprinting Network Flows using Neural Networks
Fatemeh Rezaei, and Amir Houmansadr
ACSAC 2021

Robust Adversarial Attacks Against DNN-Based Wireless Communication Systems [ arXiv ]
Alireza Bahramali, Milad Nasr, Amir Houmansadr, Dennis Goeckel, and Don Towsley
ACM CCS 2021

Defeating DNN-Based Traffic Analysis Systems in Real-Time With Blind Adversarial Perturbations [ arXiv ]
Milad Nasr, Alireza Bahramali, and Amir Houmansadr
USENIX Security 2021

Manipulating the Byzantine: Optimizing Model Poisoning Attacks and Defenses for Federated Learning [ code ]
Virat Shejwalkar and Amir Houmansadr
NDSS 2021

Membership Privacy for Machine Learning Models Through Knowledge Transfer [ code ]
Virat Shejwalkar and Amir Houmansadr
AAAI 2021 (Acceptance rate: 21%)

Asymptotic Privacy Loss due to Time Series Matching of Dependent Users [ arXiv ]
Nazanin Takbiri, Minting Chen, Dennis Goeckel, Amir Houmansadr, and Hossein Pishro-Nik
IEEE Communications Letters 2021

2020

Towards Optimized Model Poisoning Attacks Against Federated Learning
Virat Shejwalkar and Amir Houmansadr
SpicyFL 2020

Machine Learning with Membership Privacy via Knowledge Transfer
Virat Shejwalkar and Amir Houmansadr
PPML 2020

How China Detects and Blocks Shadowsocks
Alice, Bob, Carol, Jan Beznazwy, and Amir Houmansadr
IMC 2020 (Acceptance rate: 25%)

( IMC’20 Best Paper Award Runner-Up! )

Blog Post, Talk

The Bitcoin Hunter: Detecting Bitcoin Traffic Over Encrypted Channels
Fatemeh Rezaei, Shahrzad Naseri, Amir Houmansadr, and Ittay Eyal
SecureComm 2020

Triplet Censors: Demystifying Great Firewall’s DNS Censorship Behavior
Anonymous, Arian Akhavan Niaki, Nguyen Phong Hoang, Phillipa Gill, and Amir Houmansadr
USENIX FOCI 2020

Leveraging Prior Knowledge Asymmetries in the Design of Location Privacy-Preserving Mechanisms
Nazanin Takbiri, Virat Shejwalkar, Amir Houmansadr, Dennis Goeckel, and Hossein Pishro-Nik
IEEE Wireless Communications Letters 2020

Sequence Obfuscation to Thwart Pattern Matching Attacks
Bo Guan, Nazanin Takbiri, Dennis Goeckel, Amir Houmansadr, and Hossein Pishro-Nik
ISIT 2020

Fundamental Limits of Covert Packet Insertion
Ramin Soltani, Dennis Goeckel, Don Towsley, and Amir Houmansadr
IEEE Transactions on Communications 2020

Privacy of Dependent Users Against Statistical Matching
Nazanin Takbiri, Amir Houmansadr, Dennis Goeckel, and Hossein Pishro-Nik
IEEE Transactions on Information Theory 2020

Heterogeneous Private Information Retrieval
Hamid Mozaffari and Amir Houmansadr
NDSS 2020 (Acceptance rate: 18%)

Practical Traffic Analysis Attacks on Secure Messaging Applications
Alireza Bahramali, Amir Houmansadr, Ramin Soltani, Dennis Goeckel, and Don Towsley
NDSS 2020 (Acceptance rate: 18%)

MassBrowser: Unblocking the Censored Web for the Masses, by the Masses
Milad Nasr, Hadi Zolfaghari, Amir Houmansadr, and Amirhossein Ghafari
NDSS 2020 (Acceptance rate: 18%)

Project Webpage , Technical Report

Fundamental Limits of Invisible Flow Fingerprinting
Ramin Soltani , Dennis Goeckel , Don Towsley , and Amir Houmansadr
IEEE Transactions on Information Forensics and Security 2020

2019

Revisiting Utility Metrics for Location Privacy-Preserving Mechanisms
Virat Shejwalkar, Amir Houmansadr, Hossein Pishro-Nik, and Dennis Goeckel
ACSAC 2019

Blocking-Resilient Communications in Information-Centric Networks using Router Redirection
Hamid Mozaffari, Amir Houmansadr, and Arun Venkataramani
ICEC 2019

Generalizable Deep Learning with Differential Privacy; Using Gradient Compression and De-noising
Milad Nasr, Reza Shokri, and Amir Houmansadr
TPDP 2019

On the Importance of Encrypted-SNI (ESNI) to Censorship Circumvention
Zimo Chai, Amirhossein Ghafari, and Amir Houmansadr
USENIX FOCI 2019

Asymptotic Limits of Privacy in Bayesian Time Series Matching
Nazanin Takbiri , Amir Houmansadr, Dennis Goeckel , and Hossein Pishro-Nik
CISS 2019

Comprehensive Privacy Analysis of Deep Learning: Stand-alone and Federated Learning under Passive and Active White-box Inference Attacks
Milad Nasr , Reza Shokri , and Amir Houmansadr
IEEE S&P (Oakland) 2019 (acceptance rate: 12%)

Asymptotic Loss in Privacy due to Dependency in Gaussian Traces
Nazanin Takbiri , Ramin Soltani , Dennis Goeckel , Amir Houmansadr, and Hossein Pishro-Nik
IEEE WCNC 2019

Enemy At the Gateways: Censorship-Resilient Proxy Distribution Using Game Theory
Milad Nasr, Sadegh Farhang, Amir Houmansadr, and Jens Grossklags
NDSS 2019 (Acceptance rate: 17% = 89/521)

Matching Anonymized and Obfuscated Time Series to Users' Profiles
Nazanin Takbiri , Amir Houmansadr, Dennis Goeckel , and Hossein Pishro-Nik
IEEE Transactions on Information Theory 65(2): 724-741, 2019

2018

Fundamental Limits of Covert Bit Insertion in Packets
Ramin Soltani , Dennis Goeckel , Don Towsley , and Amir Houmansadr
Allerton 2018

DeepCorr: Strong Flow Correlation Attacks on Tor Using Deep Learning
Milad Nasr, Alireza Bahramali, and Amir Houmansadr
ACM CCS 2018 (Acceptance rate: 16.6% = 134/809)

( CSAW’19 Applied Research Competition Finalist! )

Machine Learning with Membership Privacy using Adversarial Regularization
Milad Nasr, Reza Shokri , and Amir Houmansadr
ACM CCS 2018 (Acceptance rate: 16.6% = 134/809)

Belief-Space Planning for Automated Malware Defense
Justin Svegliato, Sam Witty, Amir Houmansadr, and Shlomo Zilberstein
AI4IoT 2018

Main-Memory Requirements of Big Data Applications on Commodity Server Platform
Hosein Mohammadi Makrani, Setareh Rafatirad, Amir Houmansadr, and Houman Homayoun
DBDM 2018

Privacy against Statistical Matching: Inter-User Correlation
Nazanin Takbiri , Amir Houmansadr, Dennis Goeckel , and Hossein Pishro-Nik
ISIT 2018

2017

Compressive Traffic Analysis: A New Paradigm for Scalable Traffic Analysis
Milad Nasr, Amir Houmansadr, and Arya Mazumdar
ACM CCS 2017

The Waterfall of Liberty: Decoy Routing Circumvention that Resists Routing Attacks
Milad Nasr, Hadi Zolfaghari, and Amir Houmansadr
ACM CCS 2017

Graphene: A New Protocol for Block Propagation Using Set Reconciliation [ arXiv version ]
Pinar Ozisik, Gavin Andresen, George Bissias, Amir Houmansadr and Brian N. Levine
CBT 2017

Towards Provably Invisible Network Flow Fingerprints
Ramin Soltani , Dennis Goeckel , Don Towsley , and Amir Houmansadr
Asilomar 2017

TagIt: Tagging Network Flows using Blind Fingerprints
Fatemeh Rezaei and Amir Houmansadr
PETS 2017

Achieving Perfect Location Privacy in Wireless Devices Using Anonymization
Zarrin Montazeri , Amir Houmansadr, and Hossein Pishro-Nik
IEEE Transactions on Information Forensics and Security 2017

Limits of Location Privacy under Anonymization and Obfuscation
Nazanin Takbiri , Amir Houmansadr, Dennis Goeckel , and Hossein Pishro-Nik
ISIT 2017

Fundamental Limits of Location Privacy Using Anonymization
Nazanin Takbiri , Amir Houmansadr, Dennis Goeckel , and Hossein Pishro-Nik
CISS 2017

SWEET: Serving the Web by Exploiting Email Tunnels
Amir Houmansadr, Wenxuan Zhou , Matthew Caesar , and Nikita Borisov
IEEE/ACM Transactions on Networking , January 2017

2016

Information Hiding in Communication Networks: Fundamentals, Mechanisms, Applications, and Countermeasures
Wojciech Mazurczyk, Steffen Wendzel, Sebastian Zander, Amir Houmansadr, and Krzysztof Szczypiorski
Wiley-IEEE Press , February 2016

( Available on Amazon )

Covert Communications on Renewal Packet Channels [ arXiv version ]
Ramin Soltani , Dennis Goeckel , Don Towsley , and Amir Houmansadr
Allerton 2016

GAME OF DECOYS: Optimal Decoy Routing Through Game Theory
Milad Nasr and Amir Houmansadr
ACM CCS 2016 (acceptance rate: 16% = 137/831)

Practical Censorship Evasion Leveraging Content Delivery Networks
Hadi Zolfaghari and Amir Houmansadr
ACM CCS 2016 (acceptance rate: 16% = 137/831)

Achieving Perfect Location Privacy in Markov Models Using Anonymization
Zarrin Montazeri , Amir Houmansadr, and Hossein Pishro-Nik
ISITA 2016

CovertCast: Using Live Streaming to Evade Internet Censorship
Richard McPherson , Amir Houmansadr, and Vitaly Shmatikov
PETS 2016

Defining Perfect Location Privacy Using Anonymization
Zarrin Montazeri , Amir Houmansadr, and Hossein Pishro-Nik
CISS 2016

2015

Know Your Achilles' Heel: Automatic Detection Of Network Critical Services
Ali Zand , Amir Houmansadr, Giovanni Vigna , Richard Kemmerer , and Christopher Kruegel
ACSAC 2015

CacheBrowser: Bypassing Chinese Censorship without Proxies Using Cached Content
John Holowczak and Amir Houmansadr
ACM CCS 2015 (acceptance rate: 19.8% = 128/646)

( Media: MIT Technology Review )

Covert Communications on Poisson Packet Channels [ arXiv version ]
Ramin Soltani , Dennis Goeckel , Don Towsley , and Amir Houmansadr
Allerton 2015

2014

CloudTransport: Using Cloud Storage for Censorship-Resistant Networking
Chad Brubaker, Amir Houmansadr, and Vitaly Shmatikov
PETS 2014 (acceptance rate: 18.6% = 16/86)

No Direction Home: The True Cost of Routing Around Decoys
Amir Houmansadr, Edmund L Wong , and Vitaly Shmatikov
NDSS 2014 (acceptance rate: 18.6%)

[-] Abstract: Decoy routing is a recently proposed approach for censorship circumvention. It relies on cooperating ISPs in the middle of the Internet to deploy the so called "decoy routers" that proxy network traffic from users in the censorship region. A recent study, published in an award-winning CCS 2012 paper [24], suggested that censors in highly connected countries like China can easily defeat decoy routing by selecting Internet routes that do not pass through the decoys. This attack is known as "routing around decoys" (RAD).
In this paper, we perform an in-depth analysis of the true costs of the RAD attack, based on actual Internet data. Our analysis takes into account not just the Internet topology, but also business relationships between ISPs, monetary and performance costs of different routes, etc. We demonstrate that even for the most vulnerable decoy placement assumed in the RAD study, the attack is likely to impose tremendous costs on the censoring ISPs. They will be forced to switch to much more costly routes and suffer from degradation in the quality of service.
We then demonstrate that a more strategic placement of decoys will further increase the censors' costs and render the RAD attack ineffective. We also show that the attack is even less feasible for censors in countries that are not as connected as China since they have many fewer routes to choose from.
The first lesson of our study is that defeating decoy routing by simply selecting alternative Internet routes is likely to be prohibitively expensive for the censors. The second, even more important lesson is that a fine-grained, data-driven approach is necessary for understanding the true costs of various route selection mechanisms. Analyses based solely on the graph topology of the Internet may lead to mistaken conclusions about the feasibility of decoy routing and other censorship circumvention techniques based on interdomain routing.

Non-Blind Watermarking of Network Flows
Amir Houmansadr, Negar Kiyavash , and Nikita Borisov
IEEE/ACM Transactions on Networking , August 2014

2013

Secloud: A Cloud-based Comprehensive and Lightweight Security Solution for Smartphones
Saman A. Zonouz , Amir Houmansadr, Robin Berthier , Nikita Borisov , and William Sanders
Journal of Computers & Security , September 2013

The Need for Flow Fingerprints to Link Correlated Network Flows
Amir Houmansadr and Nikita Borisov
PETS 2013 (acceptance rate: 18% = 13/69)

SWEET: Serving the Web by Exploiting Email Tunnels
Wenxuan Zhou , Amir Houmansadr, Matthew Caesar , and Nikita Borisov
HotPETs 2013

The Parrot is Dead: Observing Unobservable Network Communications
Amir Houmansadr, Chad Brubaker, and Vitaly Shmatikov
IEEE S&P (Oakland) 2013 (acceptance rate: 12% = 38/315)

( Best Practical Paper Award of the IEEE S&P)

BotMosaic: Collaborative Network Watermark for the Detection of IRC-Based Botnets
Amir Houmansadr and Nikita Borisov
Journal of Systems and Software, March 2013

I Want My Voice to Be Heard: IP Over Voice-over-IP for Unobservable Censorship Circumvention
Amir Houmansadr, Thomas Riedl , Nikita Borisov , and Andrew Singer
NDSS 2013 (acceptance rate: 18.8% = 47/250)

2012

CensorSpoofer: Asymmetric Communication using IP Spoofing for Censorship-Resistant Web Browsing
Qiyan Wang , Xun Gong , Giang Nguyen , Amir Houmansadr, and Nikita Borisov
CCS 2012 (acceptance rate: 18.9% = 80/423)

Multi-Flow Attacks Against Network Flow Watermarks: Analysis and Countermeasures
Negar Kiyavash , Amir Houmansadr, and Nikita Borisov
Computing Research Repository arXiv, arXiv:1203.1390v1 , 2012.

Design, Analysis, and Implementation of Effective Network flow Watermarking Schemes
Amir Houmansadr
Ph.D. Thesis , Department of Electrical and Computer Engineering, University of Illinois at Urbana-Champaign, August 2012

[-] Abstract: Linking network flows is an important problem in several security-related applications including intrusion detection and anonymity. The flows of interest in these applications are commonly relayed by several low-latency nodes, and each node adds an extra/different layer of encryption to the traffic payload. As a result, in such applications it is infeasible to link network flows by correlating their packet headers and payloads. Traffic analysis is a powerful tool in this scenario, as it correlates network flows based on their communication patterns, which are not changed due to encryption and low-latency communications. Traditional traffic analysis is performed in a passive manner; flow patterns are only observed and correlated among different flows to find flow relations. The patterns used more commonly for traffic analysis are packet timings, sizes, and counts. The main shortcoming of passive traffic analysis is not being scalable to large-size applications. For a network with n ingress flows and m egress flows passive traffic analysis needs to perform O(mn) flow correlations, and O(n) flows need to be communicated among traffic analysis entities. To overcome this limitation, recent research introduces an active form for traffic analysis, called flow watermarking. Flow watermarking works by first perturbing network flows and then observing network flows, looking for the specific perturbation patterns in order to link flows. This reduces the computational overhead to O(n) (from O(mn) for non-targeted passive analysis) and the communication overhead to O(1) (from O(n) in the case of non-targeted passive analysis), since the information used for flow linking, the watermark, is self-contained in each flow. In addition to being more scalable (in the case of non-targeted traffic analysis), active traffic analysis can provide lower false-positive rates than passive traffic analysis in linking network flows. This is because passive analysis works by correlating flow patterns that can be intrinsically correlated among non-linked flows, whereas active traffic analysis correlates artificial patterns that are tailored to be highly uncorrelated among non-linked flows. In this thesis we study the design, analysis, and implementation of network flow watermarks. Our research is motivated by two main issues with existing flow watermarks: i) previous flow watermarks are not efficient, meaning that they need very long network flows in order to successfully detect watermarked flows, and, ii) previous watermarks are not invisible, meaning that non-watermarking entities (e.g., users, attackers) can tell if a flow has been watermarked. In particular, we design an attack, called multi-flow attack, that works on several previously proposed flow watermarks. Our multi-flow attack is able to distinguish watermarked flows and remove the watermark by observing a handful of watermarked flows. We also design two new flow watermarking systems. We design RAINBOW, a non-blind network flow watermark. RAINBOW is able to perform very reliable traffic analysis by applying tiny perturbations to packet timings. We also design a blind flow watermark, SWIRL, that inserts watermarks that are flow-dependent. For both of the proposed schemes, we analyze their detection performance both theoretically and through experiments. We also evaluate watermark invisibility for both of the schemes. A flow watermark inserts a single bit of information on flows, carrying the message that these flows have been observed previously. However, in some applications more information needs to be piggybacked on network flows, giving information about the location they were observed, the entity who tagged them, etc. We call such tags composed of several bits of information flow fingerprints. We design a flow fingerprinting system, called Fancy, that is able to send tens of bits of information reliably using fairly short length of network flows. Finally, we introduce two new applications for network flow watermarking. The first application uses flow watermarks to detect botmasters and infected machines corresponding to a centralized botnet, i.e., an IRC botnet. We also propose to use our SWIRL watermark to mitigate a threat against the Tor anonymity system, the Tor congestion attack.

[-]
@PHDTHESIS{phd-houmansadr,
author = {Amir Houmansadr},
title = {{Design, Analysis, and Implementation of Effective Network flow Watermarking Schemes}},
month = {August},
year = {2012},
school = {{Department of Electrical and Computer Engineering, University of Illinois at Urbana-Champaign}}
}

EliMet: Security Metric Elicitation in Power Grid Critical Infrastructures by Observing System Administrators' Responsive Behavior
Saman A. Zonouz , Amir Houmansadr, and Parisa Haghani
DSN 2012 (acceptance rate: 17.3%)

[-] Abstract: To protect complex power-grid control networks, efficient security assessment techniques are required. However, efficiently making sure that calculated security measures match the expert knowledge is a challenging endeavor. In this paper, we present EIiMet, a framework that combines information from different sources and estimates the extent to which a control network meets its security objective. Initially, during an offline phase, a state-based model of the network is generated, and security-level of each state is measured using a generic and easy-to-compute metric. EliMet then passively observes system operators' online reactive behavior against security incidents, and accordingly refines the calculated security measure values. Finally, to make the values comply with the expert knowledge, EIiMet actively queries operators regarding those states for which sufficient information was not gained during the passive observation. Our experimental results show that EIiMet can optimally make use of prior knowledge as well as automated inference techniques to minimize human involvement and efficiently deduce the expert knowledge regarding individual states of that particular system.

[-]
@inproceedings{elimet,
title={{EliMet: Security Metric Elicitation in Power Grid Critical Infrastructures by Observing System Administrators' Responsive Behavior}},
author={Saman A.~Zonouz and Amir Houmansadr and Parisa Haghani},
booktitle={The $42^{nd}$ Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)},
year={2012}
}

2011

Nexat: A History-based Approach to Predict Attacker Actions
Casey Cipriano, Ali Zand , Amir Houmansadr, Christopher Kruegel , and Giovanni Vigna
ACSAC 2011 (acceptance rate: 20% = 39/195)

[-] Abstract: Computer networks are constantly being targeted by different attacks. Since not all attacks are created equal, it is of paramount importance for network administrators to be aware of the status of the network infrastructure, the relevance of each attack with respect to the goals of the organization under attack, and also the most likely next steps of the attackers. In particular, the last capability, attack prediction, is of the most importance and value to the network administrators, as it enables them to provision the required actions to stop the attack and/or minimize its damage to the network’s assets. Unfortunately, the existing approaches to attack prediction either provide limited useful information or are too complex to scale to the real-world scenarios.
In this paper, we present a novel approach to the prediction of the actions of the attackers. Our approach uses machine learning techniques to learn the historical behavior of attackers and then, at the run time, leverages this knowledge in order to produce an estimate of the likely future actions of the attackers. We implemented our approach in a prototype tool, called Nexat, and validated its accuracy leveraging a dataset from a hacking competition. The evaluations show that Nexat is able to predict the next steps of attackers with very high accuracy. In particular, Nexat achieves a 94% accuracy in predicting the next actions of the attackers in our prototype implementation. In addition, Nexat requires little computational resources and can be run in real-time for instant prediction of the attacks.

[-]
@inproceedings{nexat,
title={{Nexat: A History-based Approach to Predict Attacker Actions}},
author={Casey Cipriano and Ali Zand and Amir Houmansadr and Christopher Kruegel and Giovanni Vigna},
booktitle={The $27^{th}$ Annual Computer Security Applications Conference (ACSAC)},
year={2011}
}

Cirripede: Circumvention Infrastructure using Router Redirection with Plausible Deniability
Amir Houmansadr, Giang T. K. Nguyen , Matthew Caesar , and Nikita Borisov
CCS 2011 (acceptance rate: 14% = 60/429)

[-] Abstract: Many users face surveillance of their Internet communications and a significant fraction suffer from outright blocking of certain destinations. Anonymous communication systems allow users to conceal the destinations they communicate with, but do not hide the fact that the users are using them. The mere use of such systems may invite suspicion, or access to them may be blocked.
We therefore propose Cirripede, a system that can be used for unobservable communication with Internet destinations. Cirripede is designed to be deployed by ISPs; it intercepts connections from clients to innocent-looking destinations and redirects them to the true destination requested by the client. The communication is encoded in a way that is indistinguishable from normal communications to anyone without the master secret key, while public-key cryptography is used to eliminate the need for any secret information that must be shared with Cirripede users.
Cirripede is designed to work scalably with routers that handle large volumes of traffic while imposing minimal overhead on ISPs and not disrupting existing traffic. This allows Cirripede proxies to be strategically deployed at central locations, making access to Cirripede very difficult to block. We built a proof-of-concept implementation of Cirripede and performed a testbed evaluation of its performance properties.

[-]
@inproceedings{cirripede,
title={{Cirripede: Circumvention Infrastructure using Router Redirection with Plausible Deniability}},
author={Amir Houmansadr and Giang T.~K.~Nguyen and Matthew Caesar and Nikita Borisov},
booktitle={The $18^{th}$ ACM Conference on Computer and Communications Security (CCS)},
year={2011}
}

A Cloud-based Intrusion Detection and Response System for Mobile Phones
Amir Houmansadr, Saman A. Zonouz , and Robin Berthier
WRAITS 2011

[-] Abstract: As smart mobile phones, so called smartphones, are getting more complex and more powerful to efficiently provide more functionalities, concerns are increasing regarding security threats against the smartphone users. Since smartphones use the same software architecture as in PCs, they are vulnerable to similar classes of security risks such as viruses, trojans, and worms. In this paper, we propose a cloud-based smartphone-specific intrusion detection and response engine, which continuously performs an in-depth forensics analysis on the smartphone to detect any misbehavior. In case a misbehavior is detected, the proposed engine decides upon and takes optimal response actions to thwart the ongoing attacks. Despite the computational and storage resource limitations in smartphone devices, The engine can perform a complete and in-depth analysis on the smartphone, since all the investigations are carried out on an emulated device in a cloud environment.

[-]
@inproceedings{secloud-wraits,
title={{A Cloud-based Intrusion Detection and Response System for Smartphone Devices}},
author={Amir Houmansadr and Saman A.~Zonouz and Robin Berthier},
booktitle={The $5^{th}$ Workshop on Recent Advances in Intrusion-Tolerant Systems (WRAITS)},
year={2011}
}

CoCo: Coding-Based Covert Timing Channels for Network Flows
Amir Houmansadr and Nikita Borisov
IH 2011 (acceptance rate: 32% = 22/68)

[-] Abstract: In this paper, we propose CoCo, a novel framework for establishing covert timing channels. The CoCo covert channel modulates the covert message in the inter-packet delays of the network flows, while a coding algorithm is used to ensure the robustness of the covert message to different perturbations. The CoCo covert channel is adjustable: by adjusting certain parameters one can trade off different features of the covert channel, i.e., robustness, rate, and undetectability. By simulating the CoCo covert channel using different coding algorithms we show that CoCo improves the covert robustness as compared to the previous research, while being practically undetectable.

[-]
@inproceedings{coco,
title={{CoCo: Coding-Based Covert Timing Channels for Network Flows}},
author={Amir Houmansadr and Nikita Borisov},
booktitle={The $13^{th}$ Information Hiding Conference (IH)},
year={2011}
}

Stegobot: A Covert Social Network Botnet
Shishir Nagaraja , Amir Houmansadr, Pragya Agarwal, Vijit Kumar, Pratch Piyawongwisal, and Nikita Borisov
IH 2011 (acceptance rate: 32% = 22/68)
Media: [ New Scientist ] [ msnbc ] [ Times of India ] [ Security News Daily ] [ Think Digit ] [ Criminal Wisdom ] [ LaptopMag ] [ SiliconIndia ] [ CSL ] [ NetworkSolutionTips ] [...]

[-] Abstract: We propose Stegobot, a new generation botnet that communicates over probabilistically unobservable communication channels. It is designed to spread via social malware attacks and steal information from its victims. Unlike conventional botnets, Stegobot traffic does not introduce new communication endpoints between bots. Instead, it is based on a model of covert communication over a social-network overlay -- bot to botmaster communication takes place along the edges of a social network. Further, bots use image steganography to hide the presence of communication within image sharing behavior of user interaction. We show that it is possible to design such a botnet even with a less than optimal routing mechanism such as restricted flooding. We analyzed a real-world dataset of image sharing between members of an online social network. Analysis of Stegobot’s network throughput indicates that stealthy as it is, it is also functionally powerful -- capable of channeling fair quantities of sensitive data from its victims to the botmaster at tens of megabytes every month.

[-]
@inproceedings{stegobot,
title={{Stegobot: A Covert Social Network Botnet}},
author={Shishir Nagaraja and Amir Houmansadr and Pragya Agarwal and Vijit Kumar and Pratch Piyawongwisal and Nikita Borisov},
booktitle={The $13^{th}$ Information Hiding Conference (IH)},
year={2011}
}

Towards Improving Network Flow Watermarking Using the Repeat-Accumulate Codes
Amir Houmansadr and Nikita Borisov
ICASSP 2011

[-] Abstract: Network intruders try to hide their identity by relaying their traffic through a number of intermediate hosts, called stepping stones. Network flow watermarks have been used to detect such attacks by inserting a special timing pattern into one flow by means of artificial delays and detecting relayed flows by searching for the same pattern.
We study the application of coding schemes to improve the efficiency of network flow watermarks. In particular, we use the Repeat-Accumulate codes, a class of low complexity, high performance error-correcting codes, to improve the detection performance of a recent flow watermark, the RAINBOW. We show the effectiveness of the improved scheme, C-RAINBOW, through simulation and discuss design tradeoffs.

[-]
@inproceedings{icassp11,
title={{Towards Improving Network Flow Watermarking Using the Repeat-Accumulate Codes}},
author={Amir Houmansadr and Nikita Borisov},
booktitle={The $36^{th}$ IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)},
year={2011}
}

SWIRL: A Scalable Watermark to Detect Correlated Network Flows
Amir Houmansadr and Nikita Borisov
NDSS 2011 (acceptance rate: 20% = 28/139)

[-] Abstract: Flow watermarks are active traffic analysis techniques that help establish a causal connection between two network flows by content-independent manipulations, e.g., altering packet timings. Watermarks provide a much more scalable approach for flow correlation than passive traffic analysis. Previous designs of scalable watermarks, however, were subject to multi-flow attacks. They also introduced delays too large to be used in most environments.
We design SWIRL, a Scalable Watermark that is Invisible and Resilient to packet Losses. SWIRL is the first watermark that is practical to use for large-scale traffic analysis. SWIRL uses a flow-dependent approach to resist multi-flow attacks, marking each flow with a different pattern. SWIRL is robust to packet losses and network jitter, yet it introduces only small delays that are invisible to both benign users and determined adversaries. We analyze the performance of SWIRL both analytically and on the PlanetLab testbed, demonstrating very low error rates. We consider applications of SWIRL to stepping stone detection and linking anonymous communication. We also propose a novel application of watermarks to defend against congestion attacks on Tor.

[-]
@inproceedings{swirl,
title={{SWIRL: A Scalable Watermark to Detect Correlated Network Flows}},
author={Amir Houmansadr and Nikita Borisov},
booktitle={The $18^{th}$ Annual Network and Distributed System Security Symposium (NDSS)},
year={2011}
}

Before 2010

Multi-Flow Attack Resistant Watermarks for Network Flows
Amir Houmansadr, Negar Kiyavash , and Nikita Borisov
ICASSP 2009

[-] Abstract: In this work we present a Multi-flow Attack Resistant Interval Centroid Based Watermarking (MAR-ICBW) scheme for network flows. Our proposed scheme can withstand the newly introduced multi-flow watermarking attack that defeats the state-of-the-art interval-based network flow watermarking schemes. Multi-flow attack uses the dependent correlations among the flows marked with the same watermark to recover the secret parameters, and remove the watermark from a flow. The attack can be effective even if different flows are marked with different values of a watermark. MAR-ICBW survives the attack by virtue of randomizing the location of the embedded watermark across multiple flows and therefore, effectively removing the correlations between the flows. While we represent our counter measure to multi-flow attack in terms of an improved version of ICBW, the same methodology can be used to strengthen other interval-based flow watermarking schemes.

[-]
@inproceedings{icassp09,
title={{Multi-Flow Attack Resistant Watermarks for Network Flows}},
author={Amir Houmansadr and Negar Kiyavash and Nikita Borisov},
booktitle={The $34^{th}$ IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)},
year={2009}
}

RAINBOW: A Robust And Invisible Non-Blind Watermark for Network Flows
Amir Houmansadr, Negar Kiyavash , and Nikita Borisov
NDSS 2009 (acceptance rate: 11.7% = 20/171)

[-] Abstract: Linking network flows is an important problem in intrusion detection as well as anonymity. Passive traffic analysis can link flows but requires long periods of observation to reduce errors. Watermarking techniques allow for better precision and blind detection, but they do so by introducing significant delays to the traffic flow, enabling attacks that detect and remove the mark, while at the same time slowing down legitimate traffic. We propose a new, non-blind watermarking scheme called RAINBOW that is able to use delays hundreds of times smaller than existing watermarks by eliminating the interference caused by the flow in the blind case. As a result, our watermark is invisible to detection, as confirmed by experiments using information-theoretic detection tools.
We analyze the error rates of our scheme based on a mathematical model of network traffic and jitter. We also validate the analysis using an implementation running on PlanetLab. We find that our scheme generates orders of magnitudes lower rates of false errors than passive traffic analysis, while using only a few hundred observed packets. We also extend our scheme so that it is robust to packet drops and repacketization and show that flows can still be reliably linked, though at the cost of somewhat longer observation periods.

[-]
@inproceedings{RAINBOW,
title={{RAINBOW: A Robust And Invisible Non-Blind Watermark for Network Flows}},
author={Amir Houmansadr and Negar Kiyavash and Nikita Borisov},
booktitle={The $16^{th}$ Annual Network and Distributed System Security Symposium (NDSS)},
year={2009}
}

Multi-flow Attacks Against Network Flow Watermarking Schemes
Negar Kiyavash , Amir Houmansadr, and Nikita Borisov
USENIX Security 2008 (acceptance rate: 15.9% = 27/170)

[-] Abstract: We analyze several recent schemes for watermarking network flows based on splitting the flow into intervals. We show that this approach creates time dependent correlations that enable an attack that combines multiple watermarked flows. Such an attack can easily be mounted in nearly all applications of network flow watermarking, both in anonymous communication and stepping stone detection. The attack can be used to detect the presence of a watermark, recover the secret parameters, and remove the watermark from a flow. The attack can be effective even if different the watermarks in different flows carry different messages.
We analyze the efficacy of our attack using a probabilistic model and a Markov-modulated Poisson process (MMPP) model of interactive traffic. We also implement our attack and test it using both synthetic and real-world traces, showing that our attack is effective with as few as 10 watermarked flows. Finally, we propose a countermeasure that defeats the attack by using multiple watermark positions.

[-]
@inproceedings{mfa,
title={{Multi-flow Attacks Against Network Flow Watermarking Schemes}},
author={Negar Kiyavash and Amir Houmansadr and Nikita Borisov},
booktitle={The $17^{th}$ USENIX Security Symposium},
year={2008}
}

A Collusion-Resistant Video Watermarking Scheme
Amir Houmansadr and Shahrokh Ghaemmaghami
IH 2006

[-] Abstract: A video watermarking scheme is proposed in this paper using the concept of the secret sharing scheme. The owner’s mark is split into twin shares, where the shares are inserted into the video frames in the spatial domain in a simple manner. The detection algorithm uses a linear function applied to the twin shares to reconstruct the secret. This makes the watermarked video sequence robust against pirate attacks, such as frame averaging and frame swapping. Due to the compatibility of the exploited secret sharing scheme to geometrical distortions, the watermarking system is also robust to this kind of processing schemes. On account of insertion of various marks into different frames, which are linearly related, the watermarked sequence is robust to collusion attack that is a major concern in the field of video watermarking.

[-]
@inproceedings{ih06,
title={{A Collusion-Resistant Video Watermarking Scheme}},
author={Amir Houmansadr and Shahrokh Ghaemmaghami},
booktitle={The $8^{th}$ Information Hiding (IH)},
year={2006}
}

Robust Content-based Video Watermarking Exploiting Motion Entropy Masking Effect
Amir Houmansadr, Hamed Pirsiavash, and Shahrokh Ghaemmaghami
SIGMAP 2006

[-] Abstract: A major class of image and video watermarking algorithms, i.e. content-based watermarking, is based on the concept of Human Visual System (HVS) in order to adapt more efficiently to the local characteristics of the host signal. In this paper, a content-based video watermarking scheme is developed and the concept of entropy masking effect is employed to significantly improve the use of the HVS model. Entropy masking effect states that the human eye's sensitivity decreases in high entropy regions, i.e. regions with spatial or temporal complexity. The spatial entropy masking effect has been exploited in a number of previous works in order to enhance the robustness of image-adaptive watermarks. In the current research, we use the temporal entropy masking as well to achieve a higher performance in video watermarking. Experimental results show that more robust watermarked video sequences are produced considering temporal entropy masking effect, while the watermarks are still subjectively imperceptible. Robustness enhancement is a function of temporal and spatial complexity of the host video sequences.

[-]
@inproceedings{sigmap06,
title={{Robust Content-based Video Watermarking Exploiting Motion Entropy Masking Effect}},
author={Amir Houmansadr and Hamed Pirsiavash and Shahrokh Ghaemmaghami},
booktitle={The International Conference on Signal Processing and Multimedia Applications (SIGMAP)},
year={2006}
}

A Novel Video Watermarking Method Using Visual Cryptography
Amir Houmansadr and Shahrokh Ghaemmaghami
ICEIS 2006

[-] Abstract: In this paper we propose a novel approach to interstion of watermark in the video sequences. The proposed scheme is based on visual cryptography and performs temporal scrambling for watermark embedding. The watermark, which may be a visible logo, is frequently split and inserted into video frames. Watermark detection can be verified by the human eye. The inserted watermark is expected to resist collusion attack, which is a major concern in video watermarking. Experimental results show that the proposed method provides a high resilience against some non-hostile video processing schemes, such as geometrical distortions.

[-]
@inproceedings{iceis06,
title={{A Novel Video Watermarking Method Using Visual Cryptography}},
author={Amir Houmansadr and Shahrokh Ghaemmaghami},
booktitle={The IEEE International Conference on Engineering of Intelligent Systems (ICEIS)},
year={2006}
}

Entropy Video Watermarking Using HVS Models
Amir Houmansadr
M.Sc. Thesis , Electrical Engineering Department, Sharif University of Technology, 2005

[-]
@MASTERSTHESIS{msc-houmansadr,
author = {Amir Houmansadr},
title = {{Entropy Video Watermarking Using HVS Models}},
year = {2005},
school = {{Sharif University of Technology}}
}

Robustness Enhancement of Content Based Watermarks using Entropy Masking Effect
Amir Houmansadr and Shahrokh Ghaemmaghami
IWDW 2005

[-] Abstract: Image-Adaptive watermarking systems exploit visual models to adapt the watermark to local properties of the host image. This leads to a watermark power enhancement, hence an improved resilience against different attacks, while keeping the mark imperceptible. Visual models consider different properties of the human visual system, such as frequency sensitivity, luminance sensitivity and contrast masking. Entropy masking is another human visual system’s characteristic, which rarely has been addressed in visual models. In this paper we have utilized this masking effect to improve the robustness of Image-Adaptive watermarks while keeping their transparency. Experimental results show a significant amount of enhancement to the power of watermark. The work has been expanded to video watermarking, considering special properties of the entropy masking effect.

[-]
@inproceedings{iwdw05,
title={{Robustness Enhancement of Content Based Watermarks using Entropy Masking Effect}},
author={Amir Houmansadr and Shahrokh Ghaemmaghami},
booktitle={The International Workshop on Digital Watermarking (IWDW)},
year={2005}
}

A Digital Image Watermarking Scheme Based on Visual Secret Sharing
Amir Houmansadr and Shahrokh Ghaemmaghami
IST 2005

[-] Abstract: An image watermarking scheme based on the visual cryptography is proposed in this paper. The owner's mark which can be a visible logo is split into two share-images using a visual secret sharing scheme. One of the shares is embedded into the host image whereas the other is kept as the system’s secret-key to be used in the watermark detection process. In case the inserted watermark is a visible logo, the mark's existence can be verified just by the human's eye. Experimental results show that the proposed scheme is robust against major watermarking attacks.

[-]
@inproceedings{ist05,
title={{A Digital Image Watermarking Scheme Based on Visual Secret Sharing}},
author={Amir Houmansadr and Shahrokh Ghaemmaghami},
booktitle={The International Symposium on Telecommunications (IST)},
year={2005}
}

Synchronization Methods in PSK Modulation Amir Houmansadr
B.Sc. Thesis , Electrical Engineering Department, Sharif University of Technology, 2003

[-]
@mastersthesis{bsc-houmansadr,
document_type = {Bachelor's Thesis},
author = {Amir Houmansadr},
title={{Synchronization Methods in PSK Modulation}},
school = {{Sharif University of Technology}},
year= {2003},
type= {Bachelor Thesis}
}