Congratulations to Dr. Dave Tian, who graduated with his PhD. Dave is joining Purdue University as an Assistant Professor of Computer Science.
I am extremely honored to be named the Arnold and Lisa Goldberg Rising Star Associate Professor in Computer Science. Thank you to Arnold and Lisa Goldberg for generously endowing this professorship and supporting computer science at the University of Florida.
Our paper "LBM: A Security Framework for Peripherals within the Linux Kernel" was accepted for publication at the 2019 IEEE Symposium on Security and Privacy (Oakland).
Our papers "Digital Healthcare-Associated Infection Analysis of a Major Multi-Campus Hospital System" and "Practical Hidden Voice Attacks against Speech and Speaker Recognition Systems" were accepted for publication at the 2019 ISOC Symposium on Network and Distibuted Systems Security (NDSS).
I am honored to be named a University of Florida Term Professor.
Our paper "Mitigating Risk while Complying with Data Retention Laws" was accepted for publication at the 2018 ACM Conference on Computer and Communications Security (CCS).
Our paper "ATtention Spanned: Comprehensive Vulnerability Analysis of AT Commands within the Android Ecosystem" was accepted for publication at the 2018 USENIX Security Symposium. Read more about this work, which was widely covered by media outlets including Wired.
Congraulations to my PhD students Grant Hernandez and Dave Tian for winning first and second place at the SEC Academic Conference's poster competition.
Congraulations to my former PhD student, Adam Bates, who won an NSF CAREER award. Adam also received the ACM SIGSAC Doctoral Dissertation Runner-Up Award in October for his outstanding thesis.
Our papers "SOK: ``Plug and Pray'' Today -- Understanding USB Insecurity in Versions 1 through C" and "Sonar: Detecting SS7 Redirection Attacks With Audio-Based Distance Bounding" were accepted for publication at the 2018 IEEE Symposium on Security and Privacy.
I am delighted to be serving as technical program co-chair of ACM WiSec 2018. Please send your excellent work in securing wireless and mobile networks and applications to WiSec: the deadline for submissions is March 1, 2018.
Our paper "FirmUSB: Vetting USB Device Firmware using Domain Informed Symbolic Execution Storage Devices" was accepted for publication at the 2017 ACM Conference on Computer and Communications Security (CCS).
More NewsOur paper "Transparent Web Service Auditing via Network Provenance Functions" was accepted for publication at the 2017 World Wide Web Conference (WWW).
Our paper "ProvUSB: Block-level Provenance-Based Data Protection for USB Storage Devices" was accepted for publication at the 2016 ACM Conference on Computer and Communications Security (CCS).
Our paper "Making USB Great Again with USBFILTER" was accepted for publication at the 2016 USENIX Security Symposium.
Congratulations to my first two graduating PhD students, Benjamin Mood and Adam Bates. Adam will be Assistant Professor of Computer Science at the University of Illinois at Urbana-Champaign this fall, while Benjamin will be Assistant Professor of Computer Science at Point Loma Nazarene University.
Our paper "Sending Out an SMS: Characterizing the Security of the SMS Ecosystem with Public Gateways" was accepted for publication at the 2016 IEEE Symposium on Security and Privacy (the Oakland conference).
Our paper "Frigate: A Validated, Extensible, and Efficient Compiler and Interpreter for Secure Computation" was accepted for publication at the 1st IEEE European Symposium on Security and Privacy (Euro S&P 2016).
Our papers "Trustworthy Whole-System Provenance for the Linux Kernel" and "Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications in the Developing World" were accepted for publication at the 2015 USENIX Security Symposium.
Our papers "Securing SSL Certificate Verification through Dynamic Linking" and "Reuse It Or Lose It: More Efficient Secure Computation Through Reuse of Encrypted Values" were accepted for publication at the 2014 ACM Conference on Computer and Communication Security (CCS).
Our paper "Accountable Wiretapping -or- I know that they can hear you now" was accepted for publication in the Journal of Computer Security.
Our paper "Leveraging USB to Establish Host Identity Using Commodity Devices" was accepted for publication at the 2014 Symposium on Network and Distributed Systems Security (NDSS).
Our papers "Secure Outsourced Garbled Circuit Evaluation for Mobile Devices" and "PCF: A Portable Circuit Format For Scalable Two-Party Secure Computation" were accepted for publication at the 2013 USENIX Security Symposium.
Our papers, "Abusing Cloud-based Browsers for Fun and Profit" and "Hi-Fi: Collecting High-Fidelity Whole-System Provenance", were accepted for publication at the Annual Computer Security Applications Conference (ACSAC 2012).
Our paper, "Detecting Co-Residency with Active Traffic Analysis Techniques", was accepted for publication at the ACM Cloud Computing Workshop (CCSW'12).
I was invited to join the technical program committee of the 2012 European Symposium on Research in Computer Security (ESORICS).
I was invited to join the technical program committee of the 28th Annual Computer Security Applications Conference (ACSAC).
I have been invited to serve on the technical program committee for the 2012 USENIX Workshop on Hot Topics in Security (HotSec'12).
Our paper, "Memory-Efficient Garbled Circuit Generation for Mobile Devices", was accepted for publication at the International Conference on Financial Cryptography and Data Security (FC 2012).
Our paper, "Accountable Wiretapping -or- I Know They Can Hear You Now", was accepted for publication at the ISOC Network and Distributed System Security Symposium (NDSS 2012).
I have received an NSF Trustworthy Computing Small award as the principal investigator of the proposal "Protection Mechanisms for Portable Storage".
I was invited to join the technical program committee of the 2012 IEEE Symposium on Security and Privacy.
Our paper, "Host Identification via USB Fingerprinting", was accepted as a full paper at SADFE 2011.
I organized the first annual Computer Security Day at the Univesrity of Oregon. Photos from the 2011 Oregon Security Day are now available here.
I have received a DARPA award as a co-principal investigator of the proposal "Characterizing and Implementing Efficient Primitives for Privacy-Preserving Computation."
Our paper, "Scalable Web Content Attestation", was accepted for publication in IEEE Transactions on Computers.
I was invited to join the technical program committee of the 27th Annual Computer Security Applications Conference (ACSAC).
I will be speaking at the 2010 Northeast Exchange Forensics Exchange Workshop (NeFX 2010) in Washington, DC, on 13 September.
Our papers "Kells: A Protection Framework for Portable Data" and "Porscha: Policy Oriented Secure Content Handling in Android" were accepted for publication at ACSAC 2010.
I will be the Publicity Chair for ACSAC 2010, to be held this December in Austin, TX. Please consider submitting a paper, proposing a panel, giving a tutorial, and attending the conference! The call for participation is here.
Our paper, "OS Security Architectures Built on Smart Disks", was accepted for publication in IEEE Security and Privacy magazine.
I am a recipient of the Penn State Alumni Association Dissertation Award.
Our paper, "Towards a Secure and Efficient System for End-to-End Provenance", was accepted at TaPP'10.
I gave a talk on "Rootkit-Resistant Disks" for the Security Reading Group at the University of Toronto.
I gave a Digital Security Seminar talk at Carleton University in Ottawa on our work, "Rootkit-Resistant Disks".
I have been selected to be a member of the ACM SIGMETRICS shadow program committee.
Our paper, "Scalable Web-Based Attestation", was accepted for publication at ACSAC 2009.
Our paper, "A Survey of BGP Security Issues and Solutions", was accepted for publication in the journal Proceedings of the IEEE.
Our paper, "malnets: Large-Scale Malicious Networks via Compromised Wireless Access Points"", was accepted for publication in the journal Security and Communication Networks.
I received the Graduate Research Assistant Award from the Computer Science and Engineering Department.
I was awarded a Symantec Research Labs Graduate Fellowship.
I have been invited to serve on the program committee for the Fifth International Conference on Internet Monitoring and Protection (ICIMP 2010) to be held in Barcelona, Spain, in May 2010. A number of topics are in focus, including Internet performance and measurement, real-time system security, DRM, emergency networks, and others. Submissions are due on 10 December 2009. Further information may be found through the above link.
Our paper, "U Can't Touch This: Protections for Portable Storage", was accepted for publication at the International Workshop on Software Support for Portable Storage (IWSSPS 2009).
I have been invited to serve on the program committee for the Fifth International Conference on Availability, Reliability and Security (ARES 2010) to be held in Krakow, Poland, in February 2010. Submissions are due on 1 September 2009. Further information may be found through the above link.
I have been invited to serve on the program committee for the Fifth International Conference on Information Systems Security (ICISS 2009) to be held in Kolkata, India, in May 2009. Submissions are due on 15 July 2009. Further information may be found through the above link.
Our paper, "Leveraging dentity-based Cryptography for Node ID Assignment in Structured P2P Systems", was accepted for publication in IEEE Transactions on Parallel and Distributed Systems.
I won a travel grant to attend the 2008 ACM Conference on Computer and Communications Security in in Alexadria, VA.
I have been invited to serve on the program committee for the Fifth International Workshop on Security in Systems and Networks (SSN 2009) to be held in Rome, Italy in May 2009. Further information may be found through the above link.
Our paper, "Defending Against Attacks on Main Memory Persistence", was accepted for publication at ACSAC 2008.
Our paper, "Rootkit-Resistant Disks", was accepted for publication at CCS 2008.
I have been invited to serve on the program committee for the Fourth International Conference on Availability, Reliability and Security (ARES 2009) to be held in Fukuoka, Japan in March 2009. Further information may be found through the above link.
Our paper, "Systemic Issues in the Hart InterCivic and Premier Voting System: Reflections Following Project EVEREST", was accepted for publication at the 2008 USENIX/ACCURATE Electronic Voting Workshop.
I will be interning at Seagate Research in Pittsburgh, PA this summer.
I won a travel grant to attend the 2008 IEEE Symposium on Security and Privacy in Oakland, CA.
I have been invited to serve on the program committee for the 4th International Conference on Information Systems Security (ICISS 2008) to be held in Hyderabad, India, in December 2008.
I have been invited to serve on the program committee for the 38th IEEE/IFIP Conference on Dependable Systems and Networks (DSN 2008), Fast Abstracts Track. The conference will be held from 24-27 June 2008 in Anchorage, AK. The CFP for the Fast Abstracts track may be found here.
The Ohio Secretary of State has released the EVEREST election system report from the academic team, of which I was a participant. The report can be retrieved here. The team prepared the following statement about the report and its findings, and will make no other public statements at this time.
I have been invited to serve on the program committee for the 2nd IEEE International Workshop on Security in Software Engineering (IWSSE 2008). More information about the workshop will soon be available.
I have been invited to serve on the program committee for the 3rd International Workshop on Security (IWSEC 2008), to be held from 25-27 November 2008 in Kagawa, Japan. More information about the workshop is available by clicking the above link.
Our paper, "Realizing Massive-Scale Conditional Access Systems Through Attribute-Based Cryptosystems", was accepted for publication at NDSS 2008.
I gave a talk, "Non-Voltile Memory and Disks: Avenues for Policy Architectures", at CSAW 2007 in Fairfax, VA.
I won an Indo-US Science and Technology Forum (IUSSTF) travel award for my work with ICISS 2007.
I have been invited to serve on the program committee for the 2nd International Workshop on Secure Software Engineering (SecSE'08) to be held from 4-7 March 2007 in Barcelona, Spain. Please click the above link to see the call for papers.
I have been invited to serve on the program committee for the Third International Conference on Availability, Reliability and Security (ARES 2008), to be held from 4-7 March 2008 in Barcelona, Spain. Please see the call for papers for more information.
I have been named the submissions chair for the 2008 IEEE Symposium on Security and Privacy, to be held in Oakland, CA, USA in May 2008. Submissions are due November 9, 2007; see the CFP for more details. Please contact me if you have any difficulties submitting papers; more information about submissions will be available from the website.
I have been made a publicity co-chair for the First International Conference on Information Security and Assurance (ISA 2008). More information about submitting to this conference may be found here.
I gave a short talk, "Leveraging Non-Volatile Memory for Storage Security", at the USENIX Security Symposium's Works in Progress session in Boston, MA.
Our paper, "Non-Volatile Memory and Disks: Avenues for Policy Architectures", was accepted for publication at the 1st Computer Security Architecture Workshop (CSAW), to be held in conjunction with CCS 2007.
I have been invited to serve on the program committee for the 14th ACM Symposium on Communications and Computer Security (CCS 2007), Industry and Government Track.
Our short paper, "Towards Automatic Privilege Separation", was accepted for publication at ICISS 2007.
I have been invited to serve on the program committee for the First International Conference on Information Security and Assurance (ISA 2008), to be held in March 2007 in Busan, Korea. More information, including the call for papers, can be found at http://www.sersc.org/ISA2008/.
I won a student travel grant for the USENIX Security Symposium in Boston, MA.
I presented our paper, "Analysis of the IPv4 Address Delegation Structure", at ISCC'07 in Aveiro, Portugal.
I gave an invited talk, "Performance Optimizations in IPSec for iSCSI Storage Systems", at the SNIA Summer Storage Security Summit in Pittsburgh, PA.
Our paper, "Email Communities of Interest", has been accepted at CEAS 2007.
I have been invited to serve on the program committee for the 2007 Conference on Future Generation Communication and Networking (FGCN 2007), to be held in December 2007 in Jeju Island, Korea. More information, including the call for papers, can be found at http://www.sersc.org/FGCN2007/.
Our paper, "Analysis of the IPv4 Address Delegation Structure", has been accepted at ISCC'07.
Our paper, "Leveraging Identity-based Cryptography for Node ID Assignment in Structured P2P Systems", has been accepted at SSNDS'07.
I will be the Submission and Website Chair and will serve on the program committee for the Third International Conference on Information Systems Security (ICISS 2007) to be held in December in Delhi, India. The call for papers and more information can be found at http://siis.cse.psu.edu/iciss07.
I have been invited to serve on the program committee for the First IEEE International Workshop on Security in Software Engineering (IWSSE 2007) to be held in conjunction with the 31st COMPSAC in Beijing, China, in July 2007. The official call for papers is forthcoming and more information will soon be available.
I presented our paper, "Optimizing BGP Security by Exploiting Path Stability", at CCS'06.
I have been invited to serve on the program committee for the Second International Workshop on Security (IWSEC 2007), to be held in Nara, Japan, in October 2007. More information, including the call for papers, can be found at http://www.iwsec.org.
I will be serving on the program committee for the Third International Workshop on Security in Systems and Networks (SSN'07), to be held in Long Beach, CA, in March 2007, in conjunction with IEEE IPDPS 2007. More information, including the call for papers, can be found at http://www.cse.msu.edu/~lxiao/ssn07.
Our paper, "Design, implementation and evaluation of security in iSCSI-based network storage systems", was accepted at the StorageSS 2006 workshop.
Our paper, "Privacy Preserving Web-Based Email", was accepted at ICISS 2006.
Our paper, "Optimizing BGP Security by Exploiting Path Stability", was accepted at ACM CCS 2006.
I will be serving on the program committee for the Second International Conference on Availability, Reliability and Security (AReS 2007), to be held next April in Vienna, Austria. Submissions are due in September, and more information can be found here.
I will be instructing CSE 458, the senior undergraduate networking class, this summer in conjunction with Lisa Johansen.
I have been awarded a Pennsylvania State University Graduate Fellowship. Many thanks to Dr. McDaniel, my advisor, for nominating me, Dr. Narayanan, the graduate officer, for seconding the nomination, and Dr. Acharya, department head, for approving me as a nominee for CSE.