Nicolas Christin is an associate professor at Carnegie Mellon University, jointly appointed in the School of Computer Science and the Department of Engineering & Public Policy. He is affiliated with the Institute for Software Research and is a core faculty member in CyLab, the university-wide information security institute. He also has courtesy appointments in the Information Networking Institute and the Department of Electrical and Computer Engineering. Christin holds a Diplôme d'Ingénieur from l'École centrale de Lille, and M.S. and Ph.D. degrees in Computer Science from the University of Virginia. He was a researcher in the School of Information at the University of California, Berkeley, prior to joining Carnegie Mellon in 2005.
Studying Cybercrime for Prevention and Enforcement
2003 Ph.D., Computer Science, University of Virginia
2000 MS, Computer Science, University of Virginia
1999 Diplôme d'Ingénieur, École Centrale Lille, Franc
- AI and ML for security
- Applications of security and privacy
- authentication and passwords
- censorship resistance and measurement
- computer security
- information networking
- Measurement and analysis
- measurements of fraud, malware, spam
- ML and AI
- mobile and app security and privacy
- network security
- privacy engineering
- risk analysis and management
- security analytics
- security and privacy economics
- security of AI and ML
- security policy and regulation
- systems security
- threat analysis and modeling
- Usability and human behavior
- usable privacy and security
- web security
Why people (don’t) use password managers effectively
A recent study by a team of CyLab researchers, including Pearman, provides some insight into how ineffectively people may be using password managers, potentially nullifying the benefits the managers are meant to provide.
Security and privacy need to be easy
In 2005, Carnegie Mellon hosted a first-of-its-kind conference that brought together researchers from dozens of universities and companies around the world with one mission: make privacy and security tools easier to use. That conference, the Symposium On Usable Privacy and Security (SOUPS), is holding its 15th annual meeting next month. SOUPS, as well as the entire usable privacy and security field, have deep roots at CMU.
Christin says dark-web ecosystem undented by law enforcement efforts
CyLab’s Nicolas Christin takes a look at law enforcement officials’ struggle to deter new dark-web marketplaces from growing in the wake of major law enforcement busts.
2019 Dean’s Early Career Fellows
Three young faculty members have been granted the 2019 Dean’s Early Career Fellowship to enable their continued contributions to their respective fields.
Preventing exposure to malicious websites
A team of CyLab researchers have developed a mechanism that detects when users may be about to visit a malicious website.
As advertised? Exposing lies about VPN locations
A strange observation led a CyLab researcher to figure out how to detect when VPN services are lying about their location.
The Piper (CMU)
College of Engineering faculty awarded the IEEE Cybersecurity Award
At the IEEE Cybersecurity Development Conference, ECE/CyLab’s Lujo Bauer, EPP/CyLab’s Nicolas Christin, and EPP/CyLab’s Lorrie Cranor received the IEEE Cybersecurity Award for Practice for their research on how to make passwords easier for users but harder for hackers to guess.
CyLab study finds users may be over-confident in protections of private browsing
A team of researchers from the CyLab Usable Privacy and Security Lab analyzed 450 consenting users' browsing behaviors over a three-year period. Their study was presented at last month's Symposium on Usable Privacy and Security in Baltimore.
Christin quoted on the dangers of typosquatters
CyLab/EPP’s Nicholas Christin spoke with NBC News about criminals known as “typosquatters,” who use people’s common spelling mistakes (such as typing “.cm” instead of “.com”) to take them to fake websites, exposing them to cyber-attacks.
What happens when you deploy 2-factor authentication at a university?
“It’s not actually that horrible,” one survey respondent said about using a security feature called 2-factor authentication (2FA) to access their Carnegie Mellon account.