Daisuke MASHIMA's profile

Daisuke MASHIMA

I am currently a Ph.D. candidate (ABD) in the College of Computing, Georgia Tech, working with Professor Mustaque Ahamad and am a member of Georgia Tech Information Security Center (GTISC). My research interest includes Network Security, especially Identity Management and Privacy in cyberspace. I was also a part of MedVault project, led by Professor Douglas Blough. I served (will serve) as a technical program committee member of ICIMP 2009, 2010, 2011, and 2012, and as a reviewer for IEEE Security & Privacy Magazine.

I am looking for a full-time position in information security area.
Please find my CV and research statement below.

My CV :

(Updated on Mar. 13, 2012)
My Research Statement :

(Updated on Mar. 13, 2012)
E-mail : d.mashima@gatech.edu
Office : Klaus Advanced Computing Building Room#3208

Research Summary

My research focus in my PhD study is information security and privacy and have expertise in these areas, including network security, system security, and applied cryptography. I specifically explored the thesis topic in EHR (Electronic Healthcare Record) sharing systems, so I am also familiar with recent Health IT technologies. One of the main contribution of my thesis work is to design and implement "User-centric Monitoring Agent," which aims at enabling users (data owners) to retain awareness and control over their own sensitive data stored, managed, consumed, and shared in the cyberspace, including identity credentials and electronic healthcare records, even after such data is released. (These ideas are published at ESORICS 2009 and ACM IHI 2012.) I believe the applicability of the system developed is not limited only to healthcare area, and am very interested in exploring the application in other areas.

Besides the work mentioned above, my broad research experience, mainly through summer research internships, includes: large-scale, dynamic data visualization (at AT&T Labs), anomaly detection schemes in e-commerce (with IntercontinentalExchange Inc.) and smart grid systems (at Fujitsu Lab of America), and privacy analysis in online social network (at Palo Alto Research Center). Through these projects, I obtained deep knowledge in information visualization, statistical data modeling and analysis, and a number of machine learning techniques. Outcome of these projects resulted in academic papers, including one in the top-tier journal in information visualization field.

Publications

Daisuke Mashima and Alvaro A. Cardenas, "Evaluating Electricity Theft Detectors in AMI Systems." Under submission.

Daisuke Mashima and Mustaque Ahamad, "Mitigating Insider Threats with Information Accountability in E-healthcare Systems." To appear at the 3rd USENIX Workshop on Health Security and Privacy (HealthSec 2012), Bellevue, WA, 2012.

Daisuke Mashima, Stephen Kobourov, and Yifan Hu, "Visualizing Dynamic Data with Maps." To appear in IEEE Transactions on Visualization and Computer Graphics (TVCG) Special Issue, 2012. [Journal Paper]

Daisuke Mashima and Mustaque Ahamad, "Enhancing Accountability of Electronic Health Record Usage via Patient-centric Monitoring." In Proc. of The 2nd ACM SIGHIT International Health Informatics Symposium (ACM IHI 2012), Miami, FL, 2012. [Acceptance Rate: 37%]

Daisuke Mashima, Elaine Shi, Richard Chow, Prateek Sarkar, Chris Li, and Dawn Song, "Privacy Settings from Contextual Attributes: A Case Study Using Google Buzz." In Proc. of 3rd IEEE International Workshop on SEcurity and SOCial Networking (SESOC 2011), Seattle, WA, 2011. [Acceptance Rate: 27%]

Daisuke Mashima, Stephen Kobourov, and Yifan Hu, "Visualizing Dynamic Data with Maps." In Proc. of The 4th IEEE Pacific Visualization Symposium (PacificVis 2011), Hong Kong, 2011. [Acceptance Rate: 32%]

Daisuke Mashima, David Bauer, Mustaque Ahamad, and Douglas M. Blough, "User-centric Identity Management Architecture Using Credential-holding Identity Agents." To appear in "Digital Identity and Access Management: Technologies and Frameworks" edited by Raj Sharman, Manish Gupta and Sanjukta Das-Smith, IGI Global. [Peer-reviewed Book Chapter] (A draft as of May, 2010 can be found here.)

Daisuke Mashima, Abhinav Srivastava, Jonathon Giffin, and Mustaque Ahamad, "Protecting E-healthcare Client Devices against Malware and Physical Theft." In Proc. of 1st USENIX Workshop on Health Security and Privacy (HealthSec '10), Washington, DC, 2010. [Position Paper, Acceptance Rate=49%]

Apurva Mohan, David Bauer, Douglas M. Blough, Mustaque Ahamad, Bhuvan Bamba, Ramkumar Krishnan, Ling Liu, Daisuke Mashima, and Balaji Palanisamy, "A Patient-centric, Attribute-based, Source-verifiable Framework for Health Record Sharing." Technical Report GIT-CERCS-09-11, 2009.

Daisuke Mashima and Mustaque Ahamad, "Using Identity Credential Usage Logs to Detect Anomalous Service Accesses." In Proc. of The 5th ACM Workshop on Digital Identity Management (DIM 2009), Chicago, IL, 2009. [Acceptance Rate=52%]

Daisuke Mashima, Mustaque Ahamad, and Swagath Kannan, "User-Centric Handling of Identity Agent Compromise." In Proc. of 14th European Symposium on Research in Computer Security (ESORICS 2009), Saint-Malo, France, 2009. [Acceptance Rate: 19%]

Daisuke Mashima and Mustaque Ahamad, "Towards A User-Centric Identity-Usage Monitoring System." In Proc. of The Third International Conference on Internet Monitoring and Protection (ICIMP 2008), Bucharest, Romania, 2008. [Acceptance Rate: 23%]

Daisuke Mashima, Tomoyoshi Hada, Junichiro Tanabe and Akihiro Shimizu, "HTTP Based Secure and Simple Authentication Method Using SAS," IPSJ, IPSJ SIGNotes Contents Computer Security No.16, 2002. (In Japanese)

Daisuke Mashima, Mitsuyoshi Shibuya, Tomoyoshi Hada and Akihiro Shimizu, "An Implementation of SAS Authentication on Mobile Terminal," IEICE, Office Information System Group, OFS-2001-49, 2001. (In Japanese)

Presentations / Talks

"Enhancing Accountability of Electronic Health Record Usage via Patient-centric Monitoring" at ACM IHI 2012, Miami, FL on January 28, 2012.

"MedVault: Health Professional Access to Source-Verifiable Patient-Centric PHR Repository" at Poster Session in USENIX Security '10, Washington, DC on August 12, 2010.

"Protecting E-healthcare Client Devices against Malware and Physical Theft" at USENIX HealthSec '10, Washington, DC on August 10, 2010.

"MedVault: Ensuring Security and Privacy for Medical Data" at CSL Dealer in PARC, Palo Alto, CA on July 7, 2010.

"Risk Scoring Engine to Detect Anomalous Service Accesses" at Georgia Tech Research and Innovation Conference (gtRIC) in Atlanta, GA on February 8, 2010.

"Using Identity Credential Usage Logs to Detect Anomalous Service Accesses" at The 5th ACM Workshop on Digital Identity Management (DIM 2009) in Chicago, IL on November 13, 2009.

"User-Centric Handling of Identity Agent Compromise" at 14th European Symposium on Research in Computer Security (ESORICS 2009) in Saint-Malo, France on September 21, 2009.

"Maps Daily - Visualizing Media Trends" at Summer Intern Talk Series at AT&T Labs in Florham Park, NJ on August 3, 2009.

"Handling Identity Agent Compromise in User-Centric Identity Management Systems" at Poster Session in 17th Usenix Security Symposium in San Jose, CA on July 30, 2008.

"Towards a User-Centric Identity-Usage Monitoring System" at The Third International Conference on Internet Monitoring and Protection (ICIMP 2008) in Bucharest, Romania on July 1, 2008.

"Developing Anomaly Detection Model for Security Auditing Service" at Seminar Series on Information Security and Systems for Healthcare Applications in Georgia Institute of Technology, Atlanta, GA, December 7, 2006.

Awards & Honors

USENIX Security 2010 Student Travel Grant (2010)

ACM CCS 2009 Student Travel Grant (2009)

Education

Ph.D. student, Computer Science
Georgia Institute of Technology, Atlanta, GA (08/2006 - 08/2012, expected)
Adviser: Prof. Mustaque Ahamad
Committee: Prof. Douglas M. Blough, Prof. Mark Braunstein, Prof. Wenke Lee, and Prof. Ling Liu
Major: Computer Security
Minor: Statistics

M.S., Engineering
Keio University, Japan, (04/1998 - 03/2000)
Thesis Title: "Performance Evaluation of Bootstrap Control Chart"
Adviser: Prof. Nobuo Shinozaki
Major:Administration Engineering
Minor: Statistics

B.E., Engineering
Keio University, Japan, (04/1994 - 03/1998)
Thesis Title: "Marketing of Beer based on Multivariate Analysis"
Adviser: Prof. Nobuo Shinozaki
Major: Administration Engineering
Minor: Statistics

Professional Experience

Fujitsu Lab of America, Sunnyvale, CA (05/2011 -08/2011) [Mentor: Dr. Alvaro Cardenas]

Worked on a topic related to Smartgrid security. The outcome of the project is currently under submission.

PARC, Palo Alto, CA (05/2010 -08/2010) [Mentor: Dr. Richard Chow, Dr. Elaine Shi, Dr. Prateek Sarkar]
- Analyzed changes in privacy-related configurations in Google Buzz online social network to see the characteristics of users who changed their privacy settings as well as influence from social network neighbors.

AT&T Labs., Florham Park, NJ (06/2009 -08/2009) [Mentor: Dr. Stephen Kobourov, Dr. Yifan Hu]
- Explored a way to visualize dynamic data, e.g., media trends, by using map metaphor and implemented a prototype system.

eBay Inc., San Jose, CA (05/2008 -08/2008) [Mentor: Dr. Li Liu]
- Analyzed data related to security, such as security incidents and fraud detected and results of network scans, and developed Security Metrics system by using Archer SmartSuite Framework. Overview of our project was presented at MetriCon3.0.

NTT Advanced Technology Co. Japan (04/2000 - 06/2004)
Position: Manager / Research Engineer, System Integration Division
- Developed onetime password authentication / VPN software for cell phones based on SAS onetime password algorithm. Our unprecedented products attracted many people's interest and were awarded the grand prix at "NetWorld+Interop 2001Tokyo" (2001-2003)
- Researched a secure network optimized for inter-school communication and developed an original VPN system which is based on SAS onetime password algorithm. (2001)
- Developed a secure groupware optimized for communication within regional communities which resulted in the establishment of a system that fulfilled both trustworthy user-authentication and contents protection. (2000)
- Developed a prototype of real-time communication system for all Internet users that succeeded in providing a system in which users of PCs and cell phones interface seamlessly. (2004)
- Researched the way to add security functions to CyberBook, a book-type multimedia document viewer developed by NTT, and succeeded in implementing a novel contents-protection function by using encryption and onetime password authentication algorithm. (2001)
- Took charge of management of the corporate network of NTT Advanced Technology Co., and contributed to the effective administration of the company. (2002-2003)
- Developed and maintained the web site of Ministry of Finance of Japan and earned high reliance of the customer. (2003-2004)
- Developed a system which provided cell phones with real-time traffic information and enabled the service provider to have more customers than any other its competitors. (2003)
- Collaborated with NTT researchers to improve NTT's data cleansing algorithm, a kind of natural language processing algorithm, and implemented a prototype system based on it. (2003-2004)
- Served as advisor of students of Kochi University of Technology, Japan and led them to success in their research, such as "The Password Input Interface Suitable for Primary School Children" and "The introduction of SAS Proxy network and its evaluation." (2000-2001)

Graduate School in Georgia Tech, Atlanta (08/2006 - present)
- Worked as a Research Assistant. Advisor : Prof. Mustaque Ahamad (01/2007 - present)
- Worked as a Teaching Assistant of Information Security Lab class. [CS6265 / Fall 2006]

Graduate School in Keio University, Japan (04/1998 - 03/2000)
- Worked as a Teaching Assistant of statistics classes and properly helped the students complete their tasks.
- Served as a network administrator of Keio University and succeeded in proactive management.

Technical Skills

Programming Language

Java, C, C++, Python, Perl, PHP, Visual Basic, Shell Script, Java Script, SQL, PL/SQL, HTML, XML, XSLT, and UML

Operating System
Solaris, Linux, AIX, and Windows 9x/NT/2000/XP

Database
Oracle, DB2, PostgreSQL, MySQL, and SQLServer

Web
IIS, Apache, OpenSSL, Jakarta Products(Tomcat, Turbine, Torque, Ant, JMeter), WebSphere, MovableType, Wiki, and Microsoft Web Application Stress Tool

Server Applications,
BIND, djbdns, VNC, samba, Squid, NTP, CVS and qmail

Security
OpenSSH, Zebedee, Hamachi, TCPWrapper, ipchains, iptables, Nessus, Nmap, chkrootkit, Snort, tcpdump, Kismet, NetStumbler, BackTrack, p0f, fl0p, MaxMind GeoIP, John the Ripper, Outpost Firewall, Wireshark(Ethereal), Archer SmartSuite Framework, Sentinel HASP, Bouncy Castle Java cryptography API, and Java Pairing Based Cryptography Library (jPBC)

Data Analysis Applications
S-PLUS, R, Statistica, MATLAB, Mathematica, SVM-Light, and LIBSVM