Authentication at Scale

Eric Grosse, Mayank Upadhyay

IEEE Security and Privacy, vol. 11 (2013), pp. 15-22

CAMP: Content-Agnostic Malware Protection

Moheeb Abu Rajab, Lucas Ballard, Noe Lutz, Panayiotis Mavrommatis, Niels Provos

Network and Distributed Systems Security Symposium (NDSS), Network and Distributed Systems Security Symposium (NDSS), USA (2013)

Crowd-Sourced Call Identification and Suppression

Daniel V. Klein, Dean K. Jackson

Federal Trade Commission Robocall Challenge (2013)

Design, Implementation and Verification of an eXtensible and Modular Hypervisor Framework

Amit Vasudevan, Sagar Chaki, Limin Jia, Jonathan McCune, James Newsome, Anupam Datta

IEEE Symposium on Security and Privacy (2013) (to appear)

Distributed Electronic Rights in JavaScript

Mark S. Miller, Tom Van Cutsem, Bill Tulloh

ESOP'13 22nd European Symposium on Programming, Springer (2013) (to appear)

S-links: Why distributed security policy requires secure introduction

Joseph Bonneau

Web 2.0 Security & Privacy 2013, IEEE

Trustworthy Proxies: Virtualizing Objects with Invariants

Tom Van Cutsem, Mark S. Miller

ECOOP 2013 (to appear)

Verifying Cloud Services: Present and Future

Sara Bouchenak, Gregory Chockler, Hana Chockler, Gabriela Gheorghe, Nuno Santos, Alexander Shraer

Operating Systems Review (2013) (to appear)

A taste of Capsicum: practical capabilities for UNIX

Robert N. M. Watson, Jonathan Anderson, Ben Laurie, Kris Kennaway

Communications of the ACM, vol. 55(3) (2012), pp. 97-104

Browser Exploits as a Service: The Monetization of Driveby Downloads

C. Grier, L. Ballard, J. Caballero, N. Chachra, C. Dietrich, K. Levchenko, P. Mavrommatis, D. McCoy, A. Nappa, A. Pitsillidis, N. Provos, Z. Rafique, M. Rajab, C. Rossow, K. Thomas, V. Paxson, S. Savage, G. Voelker

Proceedings of 19th ACM Conference on Computer and Communications Security (2012)

Cloud Data Protection for the Masses

Dawn Song, Elaine Shi, Ian Fischer, Umesh Shankar

Computer, vol. 45, no. 1 (2012), pp. 39-45

Contextual OTP: Mitigating Emerging Man-in-the-Middle Attacks with Wireless Hardware Tokens

Assaf Ben-David, Omer Berkman, Yossi Matias, Sarvar Patel, Cem Paya, Moti Yung

Applied Cryptography and Network Security - 10th International Conference, ACNS 2012, Springer, pp. 30-47

How well can congestion pricing neutralize denial of service attacks?

Ashish Vulimiri, Gul A. Agha, Philip Brighten Godfrey, Karthik Lakshminarayanan

Proceedings of the 12th ACM SIGMETRICS/PERFORMANCE joint international conference on Measurement and Modeling of Computer Systems, ACM, New York, NY, USA (2012), pp. 137-150

Let's Parse to Prevent Pwnage

Mike Samuel, Úlfar Erlingsson

USENIX workshop on Large-Scale Exploits and Emergent Threats, USENIX (2012)

Lockdown: Towards a Safe and Practical Architecture for Security Applications on Commodity Platforms

Amit Vasudevan, Bryan Parno, Ning Qu, Virgil D. Gligor, Adrian Perrig

TRUST 2012, Lecture Notes in Computer Science, pp. 21

Manufacturing Compromise: The Emergence of Exploit-as-a-Service

Chris Grier, Lucas Ballard, Juan Caballero, Neha Chachra, Christian J. Dietrich, Kirill Levchenko, Panayiotis Mavrommatis, Damon McCoy, Antonio Nappa, Andreas Pitsillidis, Niels Provos, M. Zubair Rafique, Moheeb Abu Rajab, Christian Rossow, Kurt Thomas, Vern Paxson, Stefan Savage, Geoffrey M. Voelker

Proceedings of 19th ACM Conference on Computer and Communications Security (2012)

Non-interactive CCA-Secure threshold cryptosystems with adaptive security: new framework and constructions

Benoit Libert, Moti Yung

Proceedings of the 9th international conference on Theory of Cryptography, Springer-Verlag, Berlin, Heidelberg (2012), pp. 75-93

Origin-Bound Certificates: A Fresh Approach to Strong Client Authentication for the Web

Michael Dietz, Alexei Czeskis, Dirk Balfanz, Dan Wallach

21st USENIX Security Symposium, The USENIX Association (2012), pp. 317-332

RFC6583 - Operational Neighbor Discovery Problems

Warren Kumari, Igor Gashinsky, Yahoo!, Joel Jaeggli, Zynga

IETF RFCs, Internet Engineering Task Force (2012)

Robust Trait Composition for JavaScript

Tom Van Cutsem, Mark S. Miller

Science of Computer Programming: Special Issue on Advances in Dynamic Languages (2012) (to appear)

Scalable group signatures with revocation

Benoit Libert, Thomas Peters, Moti Yung

Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques, Springer-Verlag, Berlin, Heidelberg (2012), pp. 609-627

Security and Testing

Kurt Rosenfeld

Introduction to Hardware Security and Trust, Springer (2012) (to appear)

The Dangers of Composing Anonymous Channels

Emilia Kasper, George Danezis

Information Hiding 2012 (to appear)

Vanity or Privacy? Social Media as a Facilitator of Privacy and Trust

Jessica Staddon

CSCW Workshop: Reconciling Privacy with Social Media (2012)

Address space randomization for mobile devices

Hristo Bojinov, Dan Boneh, Rich Cannings, Iliyan Malchev

WiSec '11 - Proceedings of the fourth ACM conference on wireless network security, ACM, New York, NY (2011)

App Isolation: Get the Security of Multiple Browsers with Just One

Eric Y. Chen, Jason Bau, Charles Reis, Adam Barth, Collin Jackson

18th ACM Conference on Computer and Communications Security, ACM (2011)

Automated Analysis of Security-Critical JavaScript APIs

Ankur Taly, Úlfar Erlingsson, John C. Mitchell, Mark S. Miller, Jasvir Nagra

IEEE Symposium on Security & Privacy (SP), IEEE (2011)

Distributed forensics and incident response in the enterprise

Michael Cohen, Darren Bilby, Germano Caronni

Journal of Digital Investigation, vol. 8 (2011), S101-S110

Fast Elliptic Curve Cryptography in OpenSSL

Emilia Kasper

Financial Cryptography and Data Security: FC 2011 Workshops, RLCPS and WECSR, Springer

Hardware Trojan Detection Solutions and Design-for-Trust Challenges

Kurt Rosenfeld

IEEE Computer (2011), pp. 64-72

Indirect Content Privacy Surveys: Measuring Privacy Without Asking About It

Alex Braunstein, Laura Granka, Jessica Staddon

Symposium on Usable Privacy and Security (SOUPS), ACM SIGCHI (2011)

Public vs. Publicized: Content Use Trends and Privacy Expectations

Jessica Staddon, Andrew Swerdlow

6th USENIX Workshop on Hot Topics in Security (HotSec '11), USENIX (2011)

Rootkits in your web application

Artur Janc

28C3: Chaos Communications Congress, Berlin, Germany (2011)

Security Challenges During VLSI Test

Kurt Rosenfeld

Proceedings of 2011 IEEE NEWCAS Conference, IEEE

Security-Aware SoC Test Access Mechanisms

Kurt Rosenfeld

Proceedings of the 2011 IEEE VLSI Test Symposium

ShellOS: Enabling fast detection and forensic analysis of code injection attacks

Kevin Snow, Srinivas Krishnan, Fabian Monrose, Niels Provos

USENIX Security Symposium (2011)

Third International Symposium on Engineering Secure Software and Systems, ESSoS 2011

Úlfar Erlingsson, Roel Wieringa, Nicola Zannone, editors.

Springer Verlag, Berlin / Heidelberg

Transparency and Choice: Protecting Consumer Privacy in an Online World

Alma Whitten, Sean Harvey, Ian Fette, Betsy Masiello, Jochen Eisinger, Jane Horvath

W3C Workshop on Web Tracking and User Privacy, W3C (2011), pp. 3

Automata Evaluation and Text Search Protocols with Simulation Based Security

Carmit Hazay, Rosario Gennaro, Jeffrey Sorensen

Google, Inc. (2010)

Dagstuhl Seminar 09141: Web Application Security (Abstracts collection)

Dan Boneh, Úlfar Erlingsson, Martin Johns, Benjamin Livshits

Dagstuhl Seminar Proceedings, Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik, Germany, Dagstuhl, Germany (2010)

Drac: An Architecture for Anonymous Low-Volume Communications

George Danezis, Claudia Diaz, Carmela Troncosco, Ben Laurie

PETS 2010 (to appear)

Engineering Privacy in an Age of Information Abundance

Betsy Masiello, Alma Whitten

Intelligent Privacy Management Symposium (2010)

Group Message Authentication

Bartosz Przydatek, Douglas Wikström

Security and Cryptography for Networks, SCN 2010, Springer Verlag, pp. 399-417

Improving users' security choices on home wireless networks

Justin T. Ho, David Dearman, Khai N. Truong

Proceedings of the Sixth Symposium on Usable Privacy and Security, ACM, New York, NY, USA (2010), 12:1-12:12

Large-Scale Automatic Classification of Phishing Pages

Colin Whittaker, Brian Ryner, Marria Nazif

NDSS '10 (2010)

Making Privacy a Fundamental Component of Web Resources

Thomas Duebendorfer, Christoph Renner, Tyrone Grandison, Michael Maximilien, Mark Weitzel

W3C Workshop on Privacy for Advanced Web APIs, W3C (2010), pp. 5

Practical Privacy Concerns in a Real World Browser

Ian Fette, Jochen Eisinger

W3C Workshop on Privacy for Advanced Web APIs, W3C (2010), pp. 4

Protecting Browsers from Extension Vulnerabilities

Adam Barth, Adrienne Porter Felt, Prateek Saxena, Aaron Boodman

Network and Distributed System Security Symposium (2010)

PseudoID: Enhancing Privacy in Federated Login

Arkajit Dey, Stephen Weis

Hot Topics in Privacy Enhancing Technologies (2010), pp. 95-107

Public-Key Encryption in the Bounded-Retrieval Model

Joel Alwen, Yevgeniy Dodis, Moni Naor, Gil Segev, Shabsi Walfish, Daniel Wichs

Advances in Cryptology - EUROCRYPT 2010, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, May 30 - June 3, 2010. Proceedings, Springer, pp. 113-134

Technology Companies are Best Positioned to Offer Health Record Trusts

Shirley Gaw, Umesh Shankar

HealthSec '10 Position Paper (2010)

The Nocebo Effect on the Web: An Analysis of Fake Anti-Virus Distribution

Moheeb Abu Rajab, Lucas Ballard, Panayiotis Marvrommatis, Niels Provos, Xin Zhao

Large-Scale Exploits and Emergent Threats, USENIX (2010)

Trustworthy Hardware: Identifying and Classifying Hardware Trojans

Kurt Rosenfeld

IEEE Design and Test of Computers (2010), pp. 39-46

Universally optimal privacy mechanisms for minimax agents

Mangesh Gupte, Mukund Sundararajan

Proc. ACM SIGMOD, ACM, Indianapolis, Indiana (2010), pp. 135-146

Using the Wave Protocol to Represent Individuals’ Health Records

Shirley Gaw, Umesh Shankar

HealthSec '10 Position Paper (2010)

Web Application Obfuscation

Eduardo Alberto Vela Nava

Syngress (2010), pp. 282

A New Randomness Extraction Paradigm for Hybrid Encryption

Eike Kiltz, Krzysztof Pietrzak, Martijn Stam, Moti Yung

EUROCRYPT '09: Proceedings of the 28th Annual International Conference on Advances in Cryptology, Springer-Verlag, Berlin, Heidelberg (2009), pp. 590-609

A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks

François-Xavier Standaert, Tal G. Malkin, Moti Yung

EUROCRYPT '09: Proceedings of the 28th Annual International Conference on Advances in Cryptology, Springer-Verlag, Berlin, Heidelberg (2009), pp. 443-461

Balancing Usability and Security in a Video CAPTCHA

Kurt Alfred Kluever, Richard Zanibbi

Proceedings of the 5th Symposium on Usable Privacy and Security (SOUPS '09), ACM Press (2009)

Browser Security: Lessons from Google Chrome

Charles Reis, Adam Barth, Carlos Pizano

ACM Queue, vol. 7, no. 5 (2009), pp. 3

Capacity of Steganographic Channels

Jeremiah Harmsen, William Pearlman

IEEE Transactions on Information Theory, vol. 55 (2009), pp. 1775-1792

Composability and On-Line Deniability of Authentication

Yevgeniy Dodis, Jonathan Katz, Adam Smith, Shabsi Walfish

Springer, pp. 146-162

Constructing Variable-Length PRPs and SPRPs from Fixed-Length PRPs

Debra L. Cook, Moti Yung, Angelos Keromytis

Information Security and Cryptology, Springer-Verlag, Berlin, Heidelberg (2009), pp. 157-180

E Unum Pluribus - Google Network Filtering Management

Paul (Tony) Watson, Peter Moody

LISA'09 23rd Large Installation System Administration Conference (2009)

Efficient Robust Private Set Intersection

Dana Dachman-Soled, Tal Malkin, Mariana Raykova, Moti Yung

ACNS '09: Proceedings of the 7th International Conference on Applied Cryptography and Network Security, Springer-Verlag, Berlin, Heidelberg (2009), pp. 125-142

Efficient Traceable Signatures in the Standard Model

Benoît Libert, Moti Yung

Pairing '09: Proceedings of the 3rd International Conference Palo Alto on Pairing-Based Cryptography, Springer-Verlag, Berlin, Heidelberg (2009), pp. 187-205

Efficient and secure authenticated key exchange using weak passwords

Jonathan Katz, Rafail Ostrovsky, Moti Yung

J. ACM, vol. 57 (2009), pp. 1-39

Elastic block ciphers: method, security and instantiations

Debra L. Cook, Moti Yung, Angelos D. Keromytis

Int. J. Inf. Secur., vol. 8 (2009), pp. 211-231

Expecting the Unexpected: Towards Robust Credential Infrastructure

Shouhuai Xu, Moti Yung

Financial Cryptography and Data Security, Springer-Verlag, Berlin, Heidelberg (2009), pp. 201-221

Firefox (In)Security Update Dynamics Exposed

Stefan Frei, Thomas Duebendorfer, Bernhard Plattner

ACM Sigcomm Comput. Commun. Rev., vol. 39 Issue 1 (2009), pp. 16-22

Generative usability: security and user centered design beyond the appliance

Luke Church, Alma Whitten

New Security Paradigms Workshop (2009)

Key Evolution Systems in Untrusted Update Environments

Benoît Libert, Jean-Jacques Quisquater, Moti Yung

Information Security and Cryptology, Springer-Verlag, Berlin, Heidelberg (2009), pp. 12-21

MAC Reforgeability

John Black, Martin Cochran

Fast Software Encryption, Springer (2009), pp. 345-362

On the Portability of Generalized Schnorr Proofs

Jan Camenisch, Aggelos Kiayias, Moti Yung

EUROCRYPT '09: Proceedings of the 28th Annual International Conference on Advances in Cryptology, Springer-Verlag, Berlin, Heidelberg (2009), pp. 425-442

Plinko: polling with a physical implementation of a noisy channel

Chris Alexander, Joel Reardon, Ian Goldberg

WPES '09: Proceedings of the 8th ACM workshop on Privacy in the electronic society, ACM, New York, NY, USA (2009), pp. 109-112

Privacy-Preserving Information Markets for Computing Statistical Data

Aggelos Kiayias, Bülent Yener, Moti Yung

Financial Cryptography and Data Security, Springer-Verlag, Berlin, Heidelberg (2009), pp. 32-50

Privacy-preserving indexing of documents on the network

Mayank Bawa, Roberto J. Bayardo, Rakesh Agrawal, Jaideep Vaidya

The VLDB Journal, vol. 18 (2009), pp. 837-856

Redirects to login pages are bad, or are they?

Eric Sachs

SOUPS '09: Proceedings of the 5th Symposium on Usable Privacy and Security, ACM, New York, NY, USA (2009), pp. 1-1

Secure EPC Gen2 Compliant Radio Frequency Identification

Mike Burmester, Breno Medeiros, Jorge Munilla, Alberto Peinado

ADHOC-NOW '09: Proceedings of the 8th International Conference on Ad-Hoc, Mobile and Wireless Networks, Springer-Verlag, Berlin, Heidelberg (2009), pp. 227-240

Secure Function Collection with Sublinear Storage

Maged H. Ibrahim, Aggelos Kiayias, Moti Yung, Hong-Sheng Zhou

ICALP '09: Proceedings of the 36th Internatilonal Collogquium on Automata, Languages and Programming, Springer-Verlag, Berlin, Heidelberg (2009), pp. 534-545

The Goals and Challenges of Click Fraud Penetration Testing Systems

Carmelo Kintana, David Turner, Jia-Yu Pan, Ahmed Metwally, Neil Daswani, Erika Chin, Andrew Bortz

International Symposium on Software Reliability Engineering, International Symposium on Software Reliability Engineering (2009)

The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure

Seung Geol Choi, Javier Herranz, Dennis Hofheinz, Jung Yeon Hwang, Eike Kiltz, Dong Hoon Lee, Moti Yung

Inf. Process. Lett., vol. 109 (2009), pp. 897-901

Why Silent Updates Boost Security

Thomas Duebendorfer, Stefan Frei

ETH Zurich (2009), pp. 1-9

xBook: Redesigning Privacy Control in Social Networking Platforms

Kapil Singh, Sumeer Bhola, Wenke Lee

18th Usenix Security Symposium, Usenix (2009)

(Under)mining Privacy in Social Networks

Monica Chew, Dirk Balfanz, Ben Laurie

W2SP 2008: Web 2.0 Security and Privacy 2008

A block cipher based pseudo random number generator secure against side-channel key recovery

Christophe Petit, François-Xavier Standaert, Olivier Pereira, Tal G. Malkin, Moti Yung

ASIACCS '08: Proceedings of the 2008 ACM symposium on Information, computer and communications security, ACM, New York, NY, USA, pp. 56-65

Access Control

Ben Laurie

Google, Inc. (2008)

All Your iFrames Point to Us

Niels Provos, Panayiotis Mavrommatis, Moheeb Rajab, Fabian Monrose

17th USENIX Security Symposium (2008)

Anonymous RFID authentication supporting constant cost key lookup against active adversaries

M. Burmester, B. De Medeiros, R. Motta

Int. J. Appl. Cryptol., vol. 1 (2008), pp. 79-90

Asynchronous Multi-Party Computation with Quadratic Communication

Martin Hirt, Jesper Buus Nielsen, Bartosz Przydatek

International Colloquium on Automata, Languages and Programming, ICALP 2008, Springer Verlag, pp. 473-485

Choose the Red Pill and the Blue Pill

Ben Laurie, Abe Singer

New Security Paradigms Workshop 2008

Competition and Fraud in Online Advertising Markets

Bob Mungamuru, Stephen A. Weis

Financial Cryptography (2008)

Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority

David Dagon, Chris Lee, Wenke Lee, Niels Provos

Proc. 15th Network and Distributed System Security Symposium (NDSS), Internet Society, San Diego, CA (2008)

Distributed divide-and-conquer techniques for effective DDoS attack defenses

Muthuprasanna Muthusrinivasan, Manimaran Govindarasu

IEEE International Conference on Distributed Computing Systems (ICDCS) (2008)

Does Physical Security of Cryptographic Devices Need a Formal Study? (Invited Talk)

François-Xavier Standaert, Tal G. Malkin, Moti Yung

ICITS '08: Proceedings of the 3rd international conference on Information Theoretic Security, Springer-Verlag, Berlin, Heidelberg (2008), pp. 70-70

Efficient Constructions of Composable Commitments and Zero-Knowledge Proofs

Yevgeniy Dodis, Victor Shoup, Shabsi Walfish

Proceedings of Advances in Cryptology - CRYPTO 2008, 28th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 17-21, 2008, pp. 515-535

Error-Tolerant Combiners for Oblivious Primitives

Bartosz Przydatek, Jürg Wullschleger

International Colloquium on Automata, Languages and Programming, ICALP 2008, Springer Verlag, pp. 461-472

Fair Traceable Multi-Group Signatures

Vicente Benjumea, Seung Geol Choi, Javier Lopez, Moti Yung

Financial Cryptography, Springer-Verlag, Berlin, Heidelberg (2008), pp. 231-246

Ghost Turns Zombie: Exploring the Life Cycle of Web-based Malware

Michalis Polychronakis, Panayiotis Mavrommatis, Niels Provos

Proceedings of the 1st USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET) (2008)

Insecure Context Switching: Innoculating regular expressions for survivability

Will Drewry, Tavis Ormandy

2nd USENIX Workshop on Offensive Technologies (WOOT '08) (2008)

Methods for Linear and Differential Cryptanalysis of Elastic Block Ciphers

Debra L. Cook, Moti Yung, Angelos D. Keromytis

ACISP '08: Proceedings of the 13th Australasian conference on Information Security and Privacy, Springer-Verlag, Berlin, Heidelberg (2008), pp. 187-202

On the Evolution of User Authentication: Non-bilateral Factors

Moti Yung

Information Security and Cryptology, Third SKLOIS Conference, Inscrypt 2007, Springer-Verlag, Berlin, Heidelberg (2008), pp. 5-10

Peeking Through the Cloud

Moheeb Abu Rajab, Fabian Monrose, Andreas Terzis, Niels Provos

6th Conference on Applied Cryptography and Network Security (2008)

Plan 9 Authentication in Linux

Ashwin Ganti

ACM SIGOPS OSR special issue on Research and Developments in the Linux Kernel, vol. 42, Issue 5 (July 2008) (2008)

Please Permit Me: Stateless Delegated Authorization in Mashups

Ragib Hasan, Marianne Winslett, Richard Conlan, Brian Slesinsky, Nandakumar Ramani

Proceedings of the Annual Computer Security Applications Conference, IEEE Press, Anaheim, CA (2008), pp. 173-182

Privacy Preserving Data Mining within Anonymous Credential Systems

Aggelos Kiayias, Shouhuai Xu, Moti Yung

SCN '08: Proceedings of the 6th international conference on Security and Cryptography for Networks, Springer-Verlag, Berlin, Heidelberg (2008), pp. 57-76

Provably Secure Grouping-Proofs for RFID Tags

Mike Burmester, Breno Medeiros, Rossana Motta

CARDIS '08: Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications, Springer-Verlag, Berlin, Heidelberg (2008), pp. 176-190

Public-key traitor tracing from efficient decoding and unbounded enrollment: extended abstract

Aggelos Kiayias, Moti Yung

DRM '08: Proceedings of the 8th ACM workshop on Digital rights management, ACM, New York, NY, USA (2008), pp. 9-18

Real Electronic Cash Versus Academic Electronic Cash Versus Paper Cash (Panel Report)

Jon Callas, Yvo Desmedt, Daniel Nagy, Akira Otsuka, Jean-Jacques Quisquater, Moti Yung

Financial Cryptography and Data Security, Springer-Verlag, Berlin, Heidelberg (2008), pp. 307-313

Securing Nonintrusive Web Encryption through Information Flow

Lantian Zheng, Andrew C. Myers

Proceedings of the 2008 workshop on programming languages and analysis for security

Security aspects of the Authentication used in Quantum Cryptography

Jörgen Cederlöf, Jan-Åke Larsson

IEEE Transactions on Information Theory, vol. 54 (2008), pp. 1735-1741

To Catch a Predator: A Natural Language Approach for Eliciting Protocol Interaction

Sam Small, Joshua Mason, Fabian Monrose, Niels Provos, Adam Stubblefield

17th USENIX Security Symposium (2008)

Understanding the Web browser threat

Stefan Frei, Thomas Duebendorfer, Gunter Ollmann, Martin May

ETH Zurich

Video CAPTCHAs: Usability vs. Security

Kurt Alfred Kluever, Richard Zanibbi

Proceedings of the IEEE Western New York Image Processing Workshop (WNYIP '08), IEEE Press (2008)

A Framework for Detection and Measurement of Phishing Attacks

Sujata Garera, Niels Provos, Monica Chew, Aviel D. Rubin

WORM'07, ACM, Alexandria, VA (2007)

An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments

Tavis Ormandy

CanSecWest 2007

Byzantine Attacks on Anonymity Systems

Nikita Borisov, George Danezis, Parisa Tabriz

Digital Privacy: Theory, Technologies, and Practices (2007)

Cyberassault on Estonia

Marc Donner

IEEE Security and Privacy, vol. 5, no. 4 (2007), pp. 4

Defining Strong Privacy for RFID

Ari Juels, Stephen A. Weis

Proc. 5th International Conf. on Pervasive Computing and Communications Workshops, IEEE (2007), pp. 342-347

Delegating Responsibility in Digital Systems: Horton's

Mark S. Miller, Jed Donnelley, Alan H. Karp

2nd USENIX Workshop on Hot Topics in Security, USENIX (2007), pp. 5

Denial of Service or Denial of Security? How Attacks can Compromize Anonymity

Nikita Borisov, George Danezis, Prateek Mittal, Parisa Tabriz

Conference on Computer and Communications Security, ACM, Alexandria, VA (2007)

Dynamic Pharming Attacks and Locked Same-Origin Policies for Web Browsers

Chris Karlof, Umesh Shankar, J. D. Tygar, David Wagner

Conference on Computer and Communications Security, ACM, Alexandria, VA (2007)

Flayer: Exposing Application Internals

Will Drewry, Tavis Ormandy

First USENIX Workshop on Offensive Technologies (WOOT '07), Online Proceedings, http://www.usenix.org/events/woot07/tech/ (2007)

Foundations of Security: What Every Programmer Needs to Know

Neil Daswani, Christoph Kern, Anita Kesavan

APress, New York (2007)

Memsherlock: An Automated Debugger for Unknown Memory Corruption Vulnerabilities

Emre C. Sezer, Peng Ning, ChongKyung Kil, Jun Xu

Conference on Computer and Communication Security, ACM, Alexandria, VA (2007)

Provable Data Possession at Untrusted Stores

Giuseppe Ateniese, Randal Burns, Reza Curtmola, Joseph Herring, Lea Kissner, Zachary Peterson, Dawn Song

Conference on Computer and Communications Security, ACM, Alexandria, VA (2007)

Selective Disclosure

Ben Laurie

Ben Laurie (2007)

The Ghost In The Browser: Analysis of Web-based Malware

Niels Provos, Dean McNamee, Panayiotis Mavrommatis, Ke Wang, Nagendra Modadugu

First Workshop on Hot Topics in Understanding Botnets (HotBots '07), Online Proceedings, http://www.usenix.org/events/hotbots07/tech/ (2007)

Tradeoffs in Retrofitting Security: An Experience Report

Mark S. Miller

Dynamic Languages Symposium, ACM (2007)

Virtual Honeypots: From Botnet Tracking to Intrusion Detection

Niels Provos, Thorsten Holz

Addison Wesley (2007)

A Method for Making Password-Based Key Exchange Resilient to Server Compromise

Craig Gentry, Philip MacKenzie, Zulfikar Ramzan

Advances in Cryptology - CRYPTO 2006, Springer, pp. 142-159

Cookies Along Trust-Boundaries (CAT): Accurate and Deployable Flood Protection

Martin Casado, Aditya Akella, Pei Cao, Niels Provos, Scott Shenker

In Proceedings of Steps To Reduce Unwated Traffic From The Internet (2006)

Flow-Cookies: Using Bandwidth Amplification to Defend Against DDoS Flooding Attacks

Martin Casado, Pei Cao, Aditya Akella, Niels Provos

Proceedings of the IEEE Workshop on QoS (2006)

Language Modeling and Encryption on Packet Switched Networks

Kevin S. McCurley

Advances in Cryptology: Proc. Eurocrypt 2006, Springer, St. Petersburg, pp. 359-372

Limits to Anti Phishing

Jeff Nelson, David Jeske

Proceedings of the W3c Security and Usability Workshop (2006), pp. 5

Packet vaccine: black-box exploit detection and signature generation

XiaoFeng Wang, Zhuowei Li, Jun Xu, Michael K. Reiter, Chongkyung Kil, Jong Youl Choi

Proc. 13th ACM Conference on Computer and Communications Security, ACM, Alexandria, VA (2006), pp. 37-46

Privacy-Enhancing Technologies

Stephen A. Weis

IEEE Security and Privacy, vol. 4 (2006), pp. 59

Resource Fairness and Composability of Cryptographic Protocols

Juan Garay, Philip MacKenzie, Manoj Prabhakaran, Ke Yang

Theory of Cryptography: Third Theory of Cryptography Conference, TCC 2006, Springer, pp. 404-428

Search Worms

Niels Provos, Joe McClain, Ke Wang

WORM '06: Proceedings of the 4th ACM workshop on Recurring malcode, ACM Press, Alexandria, Virginia, USA (2006), pp. 1-8

A Virtual Honeypot Framework

Niels Provos

USENIX Security Symposium (2004), pp. 1-14

Cygnus - An Approach for Large Scale Network Security Monitoring

Paul (Tony) Watson

Syscan 2004, Singapore

Improving Host Security with System Call Policies

Niels Provos

12th USENIX Security Symposium (2003)

Preventing Privilege Escalation

Niels Provos, Markus Friedl, Peter Honeyman

12th USENIX Security Symposium (2003)

Defending Against Statistical Steganalysis

Niels Provos

10th USENIX Security Symposium (2001)

Encrypting Virtual Memory

Niels Provos

9th USENIX Security Symposium (2000)

A Future-Adaptable Password Scheme

Niels Provos, David Mazi{\`e}res

USENIX Annual Technical Conference, FREENIX Track (1999)

Cryptography in OpenBSD: An Overview

Theo de Raadt, Niklas Hallqvist, Artur Grabowski, Angelos D. Keromytis, Niels Provos

USENIX Annual Technical Conference, FREENIX Track (1999)