Technical Reports
2013
CMU-CyLab-13-005: Purpose Restrictions on Information Use
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Formal Methods
Author(s): Michael Carl Tschantz, Anupam Datta, and Jeannette M. Wing
Publication Date: June 3, 2013CMU-CyLab-13-004: Audit Games
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Business Risk Analysis and Economic Implications
Author(s): Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, and Arunesh Sinha
Publication Date: March 2, 2013CMU-CyLab-13-003: Privacy as Part of the App Decision-Making Process
Research Area(s): Mobility | Privacy Protection
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Patrick Gage Kelley, Lorrie Faith Cranor, and Norman Sadeh
Publication Date: February 6, 2013CMU-CyLab-13-002: Warning Design Guidelines
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Lujo Bauer, Cristian Bravo-Lillo, Lorrie Cranor, and Elli Fragkaki
Publication Date: February 5, 2013
2012
CMU-CyLab-12-022: QRishing: The Susceptibility of Smartphone Users to QR Code Phishing Attacks
Research Area(s): Mobility
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Timothy Vidas, Emmanuel Owusu, Shuai Wang, Cheng Zeng, Lorrie Cranor
Publication Date: November 5, 2012CMU-CyLab-12-020: Audit Mechanisms for Provable Risk Management and Accountable Data Governance
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Threat Analysis and Modeling
Author(s): Jeremiah Blocki, Nicolas Christin, Anupam Datta, and Arunesh Sinha
Publication Date: September 4, 2012CMU-CyLab-12-018: Traveling the Silk Road: A measurement analysis of a large anonymous online marketplace (Revised November 28, 2012)
Cross-Cutting Thrusts: Threat Analysis and Modeling
Author(s): Nicolas Christin
Publication Date: July 30, 2012CMU-CyLab-12-017: Design, Development and Automated Verification of an Integrity-Protected Hypervisor
Research Area(s): Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Formal Methods | Software Security
Author(s): Sagar Chaki, Amit Vasudevan, Limin Jia, Jonathan McCune, and Anupam Datta
Publication Date: July 16, 2012CMU-CyLab-12-016: Transparent Key Integrity (TKI): A Proposal for a Public-Key Validation Infrastructure (Revised November 26, 2012)
Research Area(s): Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Formal Methods | Software Security
Author(s): Tiffany Hyun-Jin Kim, Lin-Shung Huang, Adrian Perrig, Collin Jackson, and Virgil Gligor
Publication Date: July 20, 2012CMU-CyLab-12-015: Run-Time Enforcement of Information-Flow Properties on Android (Revised December 7, 2012)
Research Area(s): Mobility | Secure Home Computing
Cross-Cutting Thrusts: Formal Methods | Software Security
Author(s): Jassim Aljuraidan, Elli Fragkaki, Lujo Bauer, Limin Jia, Kazuhide Fukushima, Shinsaku Kiyomoto, and Yutaka Miyake
Publication Date: July 23, 2012CMU-CyLab-12-014: "It’s an app. It’s a hypervisor. It’s a hypapp.": Design and Implementation of an eXtensible and Modular Hypervisor Framework
Research Area(s): Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Formal Methods | Software Security
Author(s): Amit Vasudevan, Jonathan M. McCune, and James Newsome
Publication Date: June 26, 2012CMU-CyLab-12-013: Sanctuary Trail: Refuge from Internet DDoS Entrapment
Research Area(s): Next Generation Secure and Available Networks
Cross-Cutting Thrusts: Next Generation Threat Prediction and Response
Author(s): Hsu-Chun Hsiao, Tiffany Hyun-Jin Kim, Sangjae Yoo, Xin Zhang, Soo Bum Lee, Virgil Gligor, and Adrian Perrig
Publication Date: June 7, 2012CMU-CyLab-12-011: Auditing Rational Adversaries to Provably Manage Risks
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Business Risk Analysis and Economic Implications | Formal Methods | Next Generation Threat Prediction and Response
Author(s): Jeremiah Blocki, Nicolas Christin, Anupam Datta, and Arunesh Sinha
Publication Date: May 23, 2012CMU-CyLab-12-009: Enforcing More with Less: Formalizing Target-aware Run-time Monitors
Research Area(s): Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Formal Methods
Author(s): Yannis Mallios, Lujo Bauer, Dilsun Kaynar, and Jay Ligatti
Publication Date: May 3, 2012CMU-CyLab-12-008: What Do Online Behavioral Advertising Disclosures Communicate to Users? (Revised April 13, 2012)
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Pedro Giovanni Leon, Justin Cranshaw, Lorrie Faith Cranor, Jim Graves, Manoj Hastak, Blase Ur and Guzi Xu
Publication Date: April 2, 2012CMU-CyLab-12-007: Smart, Useful, Scary, Creepy: Perceptions of Online Behavioral Advertising (revised July 13, 2012)
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Blase Ur, Pedro G. Leon, Lorrie Faith Cranor, Richard Shay and Yang Wang
Publication Date: April 2, 2012CMU-CyLab-12-006: Towards Scalable Evaluation of Mobile Applications through Crowdsourcing and Automation
Author(s): Shahriyar Amini, Jialiu Lin, Jason Hong, Janne Lindqvist, Joy Zhang
Publication Date: February 29, 2012CMU-CyLab-12-005: Exploiting Privacy Policy Conflicts in Online Social Networks
Author(s): Akira Yamada, Tiffany Hyun-Jin Kim, and Adrian Perrig
Publication Date: February 23, 2012CMU-CyLab-12-003: A Comparative Study of Location-sharing Privacy Preferences in the U.S. and China
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Jialiu Lin, Michael Benisch, Norman Sadeh, Jianwei Niu, Jason Hong, Banghui Lu, Shaohui Guo
Publication Date: January 18, 2012CMU-CyLab-12-001: Parametric Verification of Address Space Separation
Research Area(s): Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Software Security | Formal Methods
Author(s): Jason Franklin, Sagar Chaki, Anupam Datta, Jonathan Mccune and Amit Vasudevan
Publication Date: January 5, 2012
2011
CMU-CyLab-11-023: Trustworthy Execution on Mobile Devices: What security properties can my mobile platform give me?
Research Area(s): Mobility | Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Threat Analysis and Modeling | Software Security
Author(s): Amit Vasudevan, Emmanuel Owusu, Zongwei Zhou, James Newsome, and Jonathan McCune
Publication Date: November 16, 2011CMU-CyLab-11-021: SafeSlinger: An Easy-to-use and Secure Approach for Human Trust Establishment (revised March 12, 2012)
Research Area(s): Privacy Protection | Mobility
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Michael Farb, Manish Burman, Gurtej Singh Chandok, Jon McCune, Adrian Perrig
Publication Date: December 22, 2011CMU-CyLab-11-020: Modeling and Enhancing Android’s Permission System (Revised April 25, 2012)
Research Area(s): Mobility
Cross-Cutting Thrusts: Software Security | Formal Methods
Author(s): Elli Fragkaki, Lujo Bauer, Limin Jia
Publication Date: November 30, 2011CMU-CyLab-11-019: FLoc: Dependable Link Access for Legitimate Traffic in Flooding Attacks
Research Area(s): Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Next Generation Threat Prediction and Response
Author(s): Soo Bum Lee, Virgil D. Gligor
Publication Date: November 23, 2011CMU-CyLab-11-018: DefAT: Dependable Connection Setup for Network Capabilities
Research Area(s): Next Generation Secure and Available Networks
Cross-Cutting Thrusts: Next Generation Threat Prediction and Response
Author(s): Soo Bum Lee, Virgil D. Gligor, Adrian Perrig
Publication Date: November 23, 2011CMU-CyLab-11-017: Why Johnny Can’t Opt Out: A Usability Evaluation of Tools to Limit Online Behavioral Advertising (Revised May 10, 2012)
Author(s): Pedro G. Leon, Blase Ur, Rebecca Balebako, Lorrie Faith Cranor, Richard Shay, and Yang Wang
Publication Date: October 31, 2011CMU-CyLab-11-016: Towards a Theory of Trust in Networks of Humans and Computers
Research Area(s): Next Generation Secure and Available Networks | Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Virgil Gligor and Jeannette M. Wing
Publication Date: September 8, 2011CMU-CyLab-11-015: I Know Where You Live: Analyzing Privacy Protection in Public Databases
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Manya Sleeper, Divya Sharma, and Lorrie Faith Cranor
Publication Date: October 3, 2011CMU-CyLab-11-014: RelationGrams: Tie-Strength Visualization for User-Controlled Online Identity Authentication
Research Area(s): Security of Cyber-Physical Systems
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Tiffany Hyun-Jin Kim, Akira Yamada, Jason Hong, Virgil Gligor, and Adrian Perrig
Publication Date: February 10, 2011CMU-CyLab-11-013: Who, when, where: Obfuscation preferences in location-sharing applications
Research Area(s): Mobility | Privacy Protection
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Jayant Venkatanathan, Jialiu Lin, Michael Benisch, Denzil Ferreira, Evangelos Karapanos, Vassilis Kostakos, Norman Sadeh and Eran Toch
Publication Date: June 30, 2011CMU-CyLab-11-012: Sweetening Android Lemon Markets: Measuring and Curbing Malware in Application Marketplaces (Revised June 8, 2012)
Research Area(s): Mobility
Cross-Cutting Thrusts: Threat Analysis and Modeling
Author(s): Timothy Vidas and Nicolas Christin
Publication Date: November 16, 2011CMU-CyLab-11-011: Don’t Bump, Shake on It: The Exploitation of a Popular Accelerometer-Based Smart Phone Exchange and Its Secure Replacement
Research Area(s): Secure Home Computing | Mobility
Cross-Cutting Thrusts: Software Security | Threat Analysis and Modeling | Usable Privacy and Security
Author(s): Ahren Studer, Timothy Passaro, Lujo Bauer
Publication Date: February 10, 2011CMU-CyLab-11-008: Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Patrick Gage Kelley, Saranga Komanduri, Michelle L. Mazurek, Rich Shay, Tim Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Julio Lopez
Publication Date: August 31, 2011CMU-CyLab-11-007: ShortMAC: Efficient Data-Plane Fault Localization
Research Area(s): Next Generation Secure and Available Networks
Cross-Cutting Thrusts: Cryptography
Author(s): Xin Zhang, Zongwei Zhou, Hsu-Chun Hsiao, Tiffany Kim, Patrick Tague, and Adrian Perrig
Publication Date: January 30, 2011CMU-CyLab-11-005: AdChoices? Compliance with Online Behavioral Advertising Notice and Choice Requirements (Revised October 7, 2011)
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Saranga Komanduri, Richard Shay, Greg Norcie, Blase Ur, Lorrie Faith Cranor
Publication Date: March 30, 2011CMU-CyLab-11-004: Ho-Po Key: Leveraging Physical Constraints on Human Motion to Authentically Exchange Information in a Group
Research Area(s): Mobility
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Ghita Mezzour, Ahren Studer, Michael Farb, Jason Lee, Jonathan McCune, Hsu-Chun Hsiao, Adrian Perrig
Publication Date: December 8, 2010CMU-CyLab-11-003: Regret Minimizing Audits: A Learning-theoretic Basis for Privacy Protection
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Business Risk Analysis and Economic Implications
Author(s): Jeremiah Blocki, Nicolas Christin, Anupam Datta, Arunesh Sinha
Publication Date: February 23, 2011CMU-CyLab-11-002: A Logical Method for Policy Enforcement over Evolving Audit Logs (Revised February 24, 2011)
Research Area(s): Trustworthy Computing Platforms and Devices | Privacy Protection
Cross-Cutting Thrusts: Formal Methods
Author(s): Deepak Garg, Limin Jia, Anupam Datta
Publication Date: February 9, 2011CMU-CyLab-11-001: A Survey of the Use of Adobe Flash Local Shared Objects to Respawn HTTP Cookies
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Aleecia McDonald, Lorrie Cranor
Publication Date: January 31, 2011
2010
CMU-CyLab-10-022: BitShred: Fast, Scalable Malware Triage
Research Area(s): Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Software Security
Author(s): Jiyong Jang, David Brumley, and Shobha Venkataraman
Publication Date: November 5, 2010CMU-CyLab-10-020: SCION: Scalability, Control, and Isolation On Next-Generation Networks (Revised March 11, 2011)
Research Area(s): Next Generation Secure and Available Networks
Author(s): Xin Zhang, Hsu-Chun Hsiao, Geoffrey Hasker, Haowen Chan, Adrian Perrig and David G. Andersen
Publication Date: December 28, 2010CMU-CyLab-10-019: Caché: Caching Location-Enhanced Content to Improve User Privacy
Research Area(s): Privacy Protection | Mobility
Author(s): Shahriyar Amini, Janne Lindqvist, Jason Hong, Jialiu Lin, Eran Toch, Norman Sadeh
Publication Date: December 10, 2010CMU-CyLab-10-018: Impact Analysis of BGP Sessions for Prioritization of Maintenance Operations
Research Area(s): Next Generation Secure and Available Networks
Author(s): Sihyung Lee, Kyriaki Levanti, Hyong S. Kim
Publication Date: October 8, 2010CMU-CyLab-10-017: When Are Users Comfortable Sharing Locations with Advertisers?
Research Area(s): Mobility | Privacy Protection
Author(s): Patrick Gage Kelley, Michael Benisch, Lorrie Faith Cranor, Norman Sadeh
Publication Date: October 18, 2010CMU-CyLab-10-016: A Diary Study of Password Usage in Daily Life
Research Area(s): Privacy Protection | Mobility
Author(s): Eiji Hayashi, Jason Hong
Publication Date: October 6, 2010CMU-CyLab-10-014: Token Attempt: The Misrepresentation of Website Privacy Policies through the Misuse of P3P Compact Policy Tokens
Research Area(s): Privacy Protection
Author(s): Pedro Giovanni Leon, Lorrie Faith Cranor, Aleecia M. McDonald, Robert McGuire
Publication Date: September 10, 2010CMU-CyLab-10-011: Dissecting One Click Frauds
Cross-Cutting Thrusts: Business Risk Analysis and Economic Implications
Author(s): Nicolas Christin, Sally Yanagihara, and Keisuke Kamataki
Publication Date: April 23, 2010CMU-CyLab-10-010: Are Security Experts Useful? Bayesian Nash Equilibria for Network Security Games with Limited Information
Cross-Cutting Thrusts: Business Risk Analysis and Economic Implications
Author(s): Benjamin Johnson, Jens Grossklags, Nicolas Christin, and John Chuang
Publication Date: April 23, 2010CMU-CyLab-10-008: Privacy Policy Specification and Audit in a Fixed-Point Logic - How to enforce HIPAA, GLBA and all that
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Formal Methods
Author(s): Henry DeYoung, Deepak Garg, Limin Jia, Dilsun Kaynar, Anupam Datta
Publication Date: May 11, 2010CMU-CyLab-10-007: Logical Specification of the GLBA and HIPAA Privacy Laws
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Formal Methods
Author(s): Henry DeYoung, Deepak Garg, Dilsun Kaynar, Anupam Datta
Publication Date: April 29, 2010CMU-CyLab-10-006: BitShred: Fast, Scalable Code Reuse Detection in Binary Code
Cross-Cutting Thrusts: Software Security
Author(s): Jiyong Jang, David Brumley
Publication Date: November 16, 2009CMU-CyLab-10-005: Scalable Parametric Verification of Secure Systems: How to Verify Reference Monitors without Worrying about Data Structure Size
Research Area(s): Trustworthy Computing Platforms and Devices
Author(s): Jason Franklin, Sagar Chaki, Anupam Datta, Arvind Sesahdri
Publication Date: March 5, 2010CMU-CyLab-10-004: Compositional System Security in the Presence of Interface-Confined Adversaries
Research Area(s): Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Software Security | Formal Methods
Author(s): Deepak Garg, Jason Franklin, Dilsun Kaynar, Anupam Datta
Publication Date: February 19, 2010CMU-CyLab-10-003: TwitterJacket: An automated activity and health monitoring solution for the elderly
Research Area(s): Mobility
Author(s): Shahriyar Amini, Priya Narasimhan
Publication Date: October 18, 2009CMU-CyLab-10-002: Efficient Directionless Weakest Preconditions (Revised July 14, 2010)
Research Area(s): Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Formal Methods
Author(s): Ivan Jager, David Brumley
Publication Date: February 2, 2010
2009
CMU-CyLab-09-016: Help Me Help You: Using Trustworthy Host-Based Information in the Network
Research Area(s): Next Generation Secure and Available Networks | Trustworthy Computing Platforms and Devices
Author(s): Bryan Parno, Zongwei Zhou, Adrian Perrig
Publication Date: November 18, 2009CMU-CyLab-09-015: An Empirical Study of How People Perceive Online Behavioral Advertising
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Aleecia M. McDonald and Lorrie Faith Cranor
Publication Date: November 10, 2009CMU-CyLab-09-014: Standardizing Privacy Notices: An Online Study of the Nutrition Label Approach
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Patrick Gage Kelley, Lucian Cesca, Joanna Bresee, Lorrie Faith Cranor
Publication Date: November 10, 2009CMU-CyLab-09-013: Access Control for Home Data Sharing: Attitudes, Needs and Practices
Research Area(s): Secure Home Computing
Author(s): Michelle L. Mazurek, J.P. Arsenault, Joanna Bresee, Nitin Gupta, Iulia Ion, Christina Johns, Daniel Lee, Yuan Liang, Jenny Olsen, Brandon Salmon, Richard Shay, Kami Vaniea, Lujo Bauer, Lorrie Faith Cranor, Gregory R. Ganger, Michael K. Reiter
Publication Date: October 21, 2009CMU-CyLab-09-011: Lockdown: A Safe and Practical Environment for Security Applications
Research Area(s): Secure Home Computing | Trustworthy Computing Platforms and Devices
Author(s): Amit Vasudevan, Bryan Parno, Ning Qu, Virgil Gligor, Adrian Perrig
Publication Date: July 14, 2009CMU-CyLab-09-010: Understanding People’s Place Naming Preferences in Location Sharing
Research Area(s): Mobility
Author(s): Jialiu Lin, Jason Hong, Norman Sadeh
Publication Date: June 29, 2009CMU-CyLab-09-009: Don’t Talk to Zombies: Mitigating DDoS Attacks via Attestation
Research Area(s): Trustworthy Computing Platforms and Devices
Author(s): Bryan Parno, Zongwei Zhou, Adrian Perrig
Publication Date: June 23, 2009CMU-CyLab-09-008: Differential Privacy for Probabilistic Systems
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Formal Methods
Author(s): Michael Carl Tschantz, Anupam Datta, Dilsun Kaynar
Publication Date: May 14, 2009CMU-CyLab-09-007: XTREC: Secure Real–time Instruction-level Control Flow Recording on Commodity Platforms
Author(s): Amit Vasudevan, Ning Qu, Adrian Perrig, Virgil Gligor
Publication Date: March 17, 2009CMU-CyLab-09-006: Effects of Access-Control Policy Conflict-Resolution Methods on Policy-Authoring Usability
Research Area(s): Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Robert W. Reeder, Lujo Bauer, Lorrie Faith Cranor, Michael K. Reiter, Kami Vaniea
Publication Date: March 17, 2009CMU-CyLab-09-005: xDomain: Cross-border Proofs of Access
Research Area(s): Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Formal Methods
Author(s): Lujo Bauer, Limin Jia, Michael K. Reiter, and David Swasey
Publication Date: March 17, 2009CMU-CyLab-09-004: When Information Improves Information Security
Cross-Cutting Thrusts: Business Risk Analysis and Economic Implications
Author(s): Jens Grossklags, Benjamin Johnson, Nicolas Christin
Publication Date: March 17, 2009CMU-CyLab-09-003: TrustVisor: Efficient TCB Reduction and Attestation (revised March 10, 2010)
Research Area(s): Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Cryptography
Author(s): Jonathan M. McCune, Ning Qu, Yanlin Li, Anupam Datta, Virgil D. Gligor, Adrian Perrig
Publication Date: March 9, 2009CMU-CyLab-09-002: School of Phish: A Real-Word Evaluation of Anti-Phishing Training
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Ponnurangam Kumaraguru, Justin Cranshaw, Alessandro Acquisti, Lorrie Cranor, Jason Hong, Mary Ann Blair, Theodore Pham
Publication Date: March 9, 2009CMU-CyLab-09-001: A Logic of Secure Systems and its Application to Trusted Computing
Research Area(s): Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Formal Methods
Author(s): Anupam Datta, Jason Franklin, Deepak Garg, Dilsun Kaynar
Publication Date: June 1, 2009
2008
CMU-CyLab-08-014: Low Latency and Congestion Broadcast Authentication in Fixed Topology Networks
Author(s): Haowen Chan, Adrian Perrig
Publication Date: December 22, 2008CMU-CyLab-08-013: Network Router Configuration Management
Author(s): Sihyung Lee, Tina Wong, Hyong S. Kim
Publication Date: October 14, 2008CMU-CyLab-08-012: ASPIER: An Automated Framework for Verifying Security Protocol Implementations
Author(s): Sagar Chaki, Anupam Datta
Publication Date: October 14, 2008CMU-CyLab-08-011: TACKing Together Efficient Authentication, Revocation, and Privacy in VANETs
Author(s): Ahren Studer, Fan Bai, Bhargav Bellur, Adrian Perrig
Publication Date: July 8, 2008CMU-CyLab-08-009: Towards Generating High Coverage Vulnerability-based Signatures with Protocol-level Constraint-guided Exploration
Author(s): Juan Caballero, Zhenkai Liang, Pongsin Poosankam, Dawn Song
Publication Date: June 24, 2008CMU-CyLab-08-009: Flexible, Extensible, and Efficient VANET Authentication Research Area
Author(s): Ahren Studer, Fan Bai, Bhargav Bellur, Adrian Perrig
Publication Date: July 8, 2008CMU-CyLab-08-008: Attacking, Repairing, and Verifying SecVisor: A Retrospective on the Security of a Hypervisor Research Area
Author(s): Jason Franklin, Arvind Seshadri, Ning Qu, Sagar Chaki, Anupam Datta
Publication Date: April 18, 2008CMU-CyLab-08-007: GAnGS: Gather, Authenticate ’n Group Securely
Research Area(s): Mobility
Author(s): Chia-Hsin Chen, Chung-Wei Chen, Cynthia Kuo, Yan-Hao Lai, Jonathan M. McCune, Ahren Studer, Adrian Perrig, Bo-Yin Yang, Tzong-Chen Wu
Publication Date: April 18, 2008CMU-CyLab-08-006: Anomaly Detection Amidst Constant Anomalies:Training IDS On Constantly Attacked Data
Author(s): M. Patrick Collins and Michael K. Reiter
Publication Date: April 9, 2008CMU-CyLab-08-005: A Quantitative Approach for Data Integrity
Author(s): James Newsome and Dawn Song
Publication Date: April 9, 2008CMU-CyLab-08-004: Detecting and Resolving Policy Misconfigurations in Access-Control Systems
Research Area(s): Trustworthy Computing Platforms and Devices
Author(s): Lujo Bauer, Scott Garriss, Michael K. Reiter
Publication Date: February 4, 2008CMU-CyLab-08-003: Towards a Theory of Secure Systems
Research Area(s): Trustworthy Computing Platforms and Devices
Cross-Cutting Thrusts: Formal Methods
Author(s): Deepak Garg, Jason Franklin, Dilsun Kaynar, Anupam Datta
Publication Date: February 4, 2008CMU-CyLab-08-002: Automated Verification of Security Protocol Implementations
Research Area(s): Next Generation Secure and Available Networks
Cross-Cutting Thrusts: Software Security
Author(s): Sagar Chaki and Anupam Datta
Publication Date: January 30, 2008CMU-CyLab-08-001: A Framework for Reasoning About the Human in the Loop
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Lorrie Cranor
Publication Date: January 24, 2008
2007
CMU-CyLab-07-019: Bounding Packet Dropping and Injection Attacks in Sensor Networks
Research Area(s): Next Generation Secure and Available Networks
Author(s): Xin Zhang, Haowen Chan, Abhishek Jain and Adrian Perrig
Publication Date: November 9, 2007CMU-CyLab-07-018: An Execution Infrastructure for TCB Minimization
Research Area(s): Trustworthy Computing Platforms and Devices
Author(s): Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter, Hiroshi Isozaki
Publication Date: December 18, 2007CMU-CyLab-07-017: Traffic Aggregation for Malware Detection
Research Area(s): Next Generation Secure and Available Networks
Author(s): Michael K. Reiter & Ting-Fang Yen
Publication Date: December 16, 2007CMU-CyLab-07-016: Countermeasures Against Government-Scale Monetary Forgery
Research Area(s): Privacy Protection
Author(s): Alessandro Acquisti, Nicolas Christin, Bryan Parno and Adrian Perrig
Publication Date: December 3, 2007CMU-CyLab-07-015: Hookfinder: Identifying and Understanding Malware Hooking Behaviors
Research Area(s): Next Generation Secure and Available Networks
Author(s): Heng Yin, Zhenkai Liang & Dawn Song
Publication Date: October 17, 2007CMU-CyLab-07-014: Rosetta: Extracting Protocol Semantics using Binary Analysis with Applications to Protocol Replay and NATRewriting
Research Area(s): Next Generation Secure and Available Networks
Author(s): Juan Caballero and Dawn Song
Publication Date: October 9, 2007CMU-CyLab-07-013: SNAPP: Stateless Network-Authenticated Path Pinning
Research Area(s): Next Generation Secure and Available Networks
Author(s): Bryan Parno, Adrian Perrig, David Andersen
Publication Date: September 19, 2007CMU-CyLab-07-012: Availability-Oriented Path Selection in Multi-Path Routing
Research Area(s): Next Generation Secure and Available Networks
Author(s): Xin Zhang, Adrian Perrig, and Hui Zhang
Publication Date: August 25, 2007CMU-CyLab-07-011: Mental Trapdoors for User Authentication on Small Mobile Devices
Research Area(s): Mobility
Author(s): Eiji Hayashi, Nicolas Christin, Rachna Dhamija, Adrian Perrig
Publication Date: August 12, 2007CMU-CyLab-07-010: PRISM: Enabling Personal Verification of Code Integrity, Untampered Execution, and Trusted I/O Legacy Systems or Human-on Verifiable Code Execution
Research Area(s): Trustworthy Computing Platforms and Devices
Author(s): Jason Franklin, Mark Luk, Arvind Seshadri, Adrian Perrig
Publication Date: February 3, 2007CMU-CyLab-07-009: NetPiler: Reducing Network Configuration Complexity through Policy Classification
Research Area(s): Next Generation Secure and Available Networks
Author(s): Sihyung Lee, Tina Wong, Hyong S. Kim
Publication Date: June 29, 2007CMU-CyLab-07-008: MetaMorphMagi: From Offline to Online Software Upgrades in Large-Scale IT Infrastructures
Research Area(s): Next Generation Secure and Available Networks
Author(s): Tudor Dumitras, Jiaqi Tan, Priya Narasimhan
Publication Date: June 20, 2007CMU-CyLab-07-007: Castor: Secure Code Updates using Symmetric Cryptosystems
Research Area(s): Next Generation Secure and Available Networks
Cross-Cutting Thrusts: Cryptography
Author(s): Donnie H. Kim, Rajeev Gandhi, Priya Narasimhan
Publication Date: May 31, 2007CMU-CyLab-07-006: Tradeoffs in Configuring Secure Data Dissemination in Sensor Networks: An Empirical Outlook
Research Area(s): Next Generation Secure and Available Networks
Author(s): Patrick E. Lanigan, Priya Narasimhan, Rajeev Gandhi
Publication Date: May 25, 2007CMU-CyLab-07-005: Comparing Access-Control Technologies: A Study of Keys and Smartphones
Research Area(s): Mobility | Trustworthy Computing Platforms and Devices
Author(s): Lujo Bauer, Lorrie Cranor, Robert W. Reeder, Michael K. Reiter, Kami Vaniea
Publication Date: February 28, 2007CMU-CyLab-07-004: Distributed Evasive Scan Techniques and Countermeasures
Research Area(s): Next Generation Secure and Available Networks
Author(s): Min Gyung Kang, Juan Caballero, Dawn Song
Publication Date: February 9, 2007CMU-CyLab-07-003: Teaching Johnny Not to Fall for Phish
Research Area(s): Privacy Protection | Next Generation Secure and Available Networks
Author(s): Ponnurangam Kumaraguru, Steve Sheng, Alessandro Acquisti, Lorrie Faith Cranor, Jason Hong
Publication Date: February 8, 2007CMU-CyLab-07-002: Would Diversity Really Increase the Robustness of the Routing Infrastructure against Software Defects?
Research Area(s): Next Generation Secure and Available Networks
Author(s): Juan Caballero, Theocharis Kampouris, Dawn Song, Jia Wang
Publication Date: February 6, 2007CMU-CyLab-07-001: Remote Detection of Virtual Machine Monitors with Fuzzy Benchmarking
Research Area(s): Trustworthy Computing Platforms and Devices
Author(s): Jason Franklin, Mark Luk, Jonathan M. McCune, Arvind Seshadri, Adrian Perrig, Leendert van Doorn
Publication Date: January 4, 2007
2006
CMU-CyLab-06-019: Beyond Output Voting: Detecting Compromised Replicas using Behavioral Distance
Cross-Cutting Thrusts: Next Generation Threat Prediction and Response
Author(s): Debin Gao, Michael K. Reiter, Dawn Song
Publication Date: December 2, 2006CMU-CyLab-06-018: Phinding Phish: An Evaluation of Anti-Phishing Toolbars
Research Area(s): Trustworthy Computing Platforms and Devices
Author(s): Lorrie Cranor, Serge Egelman, Jason Hong, and Yue Zhang
Publication Date: November 13, 2006CMU-CyLab-06-017: Protecting People from Phishing: The Design and Evaluation of an Embedded Training Email System
Research Area(s): Secure Home Computing | Trustworthy Computing Platforms and Devices
Author(s): Ponnurangam Kumaraguru, Yong Woo Rhee, Alessandro Acquisti, Lorrie Cranor, Jason Hong, Elizabeth Nunge
Publication Date: November 9, 2006CMU-CyLab-06-016: Lessons Learned from the Deployment of a Smartphone-Based Access-Control System
Research Area(s): Trustworthy Computing Platforms and Devices | Mobility
Author(s): Lujo Bauer, Lorrie Cranor, Michael K. Reiter, Kami Vaniea
Publication Date: October 18, 2006CMU-CyLab-06-015: Efficient proving for distributed access-control systems
Cross-Cutting Thrusts: Formal Methods
Author(s): Lujo Bauer, Scott Garriss, Michael K. Reiter
Publication Date: September 29, 2006CMU-CyLab-06-015: Efficient Proving for Practical Distributed Access-Control Systems (update)
Cross-Cutting Thrusts: Formal Methods
Author(s): Lujo Bauer, Scott Garriss, Michael K. Reiter
Publication Date: August 3, 2007CMU-CyLab-06-014: Forensic Analysis for Epidemic Attacks in Federated Networks
Research Area(s): Next Generation Secure and Available Networks
Cross-Cutting Thrusts: Next Generation Threat Prediction and Response
Author(s): Yinglian Xie, Vyas Sekar, Michael K. Reiter, Hui Zhang
Publication Date: August 31, 2006CMU-CyLab-06-013: End-to-End Consistency of Multi-Tier Operations Across Mixed Replicated and Unreplicated Components
Research Area(s): Next Generation Secure and Available Networks
Author(s): Priya Narasimhan and Aaron M. Paulos
Publication Date: July 20, 2006CMU-CyLab-06-012: Estimation of Available Bandwidth of a Remote Link or Path Segments
Research Area(s): Next Generation Secure and Available Networks
Author(s): Seung Yeob Nam, Sihyung Lee, Hyong S. Kim
Publication Date: July 2, 2006CMU-CyLab-06-011: Scanner Detection Based on Connection Attempt Success Ratio with Guaranteed False Positive and False Negative Probabilities
Research Area(s): Next Generation Secure and Available Networks
Author(s): Seung Yeob Nam and Hyong S. Kim
Publication Date: June 20, 2006CMU-CyLab-06-010: Secure Split Assignment Trajectory Sampling: A Malicious Router Detection System
Research Area(s): Next Generation Secure and Available Networks
Author(s): Franck Le, Sihyung Lee, Tina Wong, Hyong S. Kim, Darrell Newcomb
Publication Date: June 12, 2006CMU-CyLab-06-009: Secure Split Assignment Trajectory Sampling: A Malicious Router Detection System
Research Area(s): Next Generation Secure and Available Networks
Author(s): Sihyung Lee, Tina Wong, Hyong S. Kim
Publication Date: June 9, 2006CMU-CyLab-06-008: Minerals: Using Data Mining to Detect Router Misconfigurations
Research Area(s): Next Generation Secure and Available Networks
Author(s): Franck Le, Sihyung Lee, Tina Wong, Hyong S. Kim, Darrell Newcomb
Publication Date: May 23, 2006CMU-CyLab-06-006: Trinetra: Assistive Technologies for the Blind
Research Area(s): Mobility
Author(s): Patrick E. Lanigan, Aaron M. Paulos, Andrew W. Williams, Priya Narasimhan
Publication Date: May 1, 2006CMU-CyLab-06-005: FastPass: Providing First-Packet Delivery
Research Area(s): Trustworthy Computing Platforms and Devices
Author(s): Dan Wendlandt, David G. Andersen, Adrian Perrig
Publication Date: March 29, 2006CMU-CyLab-06-004: Fast Detection of Local Scanners Using Adaptive Methods
Research Area(s): Next Generation Secure and Available Networks
Author(s): Ahren Studer and Chenxi Wang
Publication Date: March 28, 2006CMU-CyLab-06-003: Dynamic Change Management for Minimal Impact on Dependability and Performance in Autonomic Service-Oriented Architectures
Research Area(s): Next Generation Secure and Available Networks
Author(s): Tudor Dumitras, Daniela Rosu, Asit Dan, Priya Narasimhan
Publication Date: March 17, 2006CMU-CyLab-06-002: Consumable Credentials in Logic-Based Access Control
Research Area(s): Next Generation Secure and Available Networks
Author(s): Lujo Bauer, Kevin D. Bowers, Frank Pfenning, and Michael K. Reiter
Publication Date: February 10, 2006CMU-CyLab-06-001: A Privacy Algorithm for 3D Human Body Scans
Research Area(s): Privacy Protection
Author(s): Joseph Laws and Yang Cai
Publication Date: February 1, 2006
2005
CMU-CyLab-05-007: Bump in the Ether: Mobile Phones as Proxies for Sensitive Input
Research Area(s): Mobility
Author(s): Jonathan M. McCune, Adrian Perrig, Michael K. Reiter
Publication Date: December 8, 2005CMU-CyLab-05-005: Empowering Ordinary Consumers to Securely Configure Their Mobile Devices and Wireless Networks
Research Area(s): Secure Home Computing | Mobility
Author(s): Cynthia Kuo, Vincent Goh, Adrian Tang, Adrian Perrig, Jesse Walker
Publication Date: December 7, 2005CMU-CyLab-05-004: Interleaving Semantic Web Reasoning and Service Discovery to Enforce Context-Sensitive Security and Privacy Policies
Research Area(s): Privacy Protection
Cross-Cutting Thrusts: Usable Privacy and Security
Author(s): Jinghai Rao and Norman Sadeh
Publication Date: December 5, 2005CMU-CyLab-05-003: Phoolproof Phishing Prevention
Research Area(s): Privacy Protection
Author(s): Bryan Parno, Cynthia Kuo, Adrian Perrig
Publication Date: December 3, 2005CMU-CyLab-05-001: Modeling Adoptability of Secure BGP Protocols
Cross-Cutting Thrusts: Software Security
Author(s): Haowen Chan, Debabrata Dash, Adrian Perrig, Hui Zhang
Publication Date: November 30, 2005