Kevin Butler, William Enck, Patrick Traynor, Jennifer Plasterr, and Patrick McDaniel. Privacy Preserving Web-Based Email. Algorithms, Architectures and Information Systems Security, Statistical Science and Interdisciplinary Research. World Scientific Computing, November 2008.
Brendan David-John, Kevin Butler, and Eakta Jain. Privacy-preserving Datasets of Eye-tracking Samples with Applications in XR. IEEE Transactions on Visualization and Computer Graphics, 29(5), pages 2774-2784, May 2023. 11 pages. Selected for presentation at IEEE VR 2023 conference.
Tuba Yavuz, Farhaan Fowze, Grant Hernandez, Ken (Yihang) Bai, Kevin Butler, and Dave (Jing) Tian. ENCIDER: Detecting Timing and Cache Side Channels in SGX Enclaves and Cryptograpihc APIs. IEEE Transactions on Dependable and Secure Computing, 20(2), pages 1577-1595, March/April 2023.
Weidong Zhu and Kevin Butler. NASA: NVM-Assisted Secure Deletion for Flash Memory. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (TCAD), July 2022 (early access). Accepted for presentation at the International Conference on Embedded Software (EMSOFT) 2022.
Brendan David-John, Diane Hosfelt, Kevin Butler, and Eakta Jain. A Privacy-Preserving Approach to Streaming Eye-Tracking Data. IEEE Transactions on Visualization and Computer Graphics, 27(5), pages 2555-2565, May 2021. Best paper nominee at IEEE VR 2021.
Farhaan Fowze, Dave Tian, Grant Hernandez, Kevin Butler, and Tuba Yavuz. ProXray: Protocol Model Learning and Guided Firmware Analysis. IEEE Transactions on Software Engineering, August 2019. Accepted for publication. Selected for Journal-First presentation at ICSE'20.
Grant Hernandez, Dave (Jing) Tian, Farhaan Fowze, Tuba Yavuz, Patrick Traynor, and Kevin Butler. Toward Automated Firmware Analysis in the IoT Era. IEEE Security and Privacy, 17(5), pages 38-46, Sept/Oct 2019.
Joseph Choi and Kevin Butler. Secure Multiparty Computation and Trusted Hardware: Examining Adoption Challenges and Opportunities. Security and Communication Networks, 2019, Article ID 1368905, 28 pages, April 2019.
Benjamin Mood and Kevin Butler. PAL: A Pseudo Assembly Language for Optimizing Secure Function Evaluation in Mobile Devices. Journal of Information Security and Applications, 40, pg. 78-91, Jun. 2018.
Patrick Traynor, Kevin Butler, Jasmine Bowers, and Bradley Reaves. FinTechSec: Addressing the Security Challenges of Digital Financial Services. IEEE Security and Privacy, 15(5), pg. 85-89, Sept./Oct. 2017.
Dave (Jing) Tian, Kevin R. B. Butler, Joseph Choi, Patrick D. McDaniel, and Padma Krishnaswamy. Securing ARP/NDP From the Ground Up. IEEE Transactions on Information Forensics and Security, 12(0), pg. 2131-2143, September 2017.
Adam Bates, Dave (Jing) Tian, Grant Hernandez, Thomas Moyer, Kevin R. B. Butler, and Trent Jaeger. Taming the Costs of Trustworthy Provenance through Policy Reduction. ACM Transactions on Internet Technology, 17(4), Article 34, September 2017.
Bradley Reaves, Jasmine Bowers, Nolen Scaife, Adam Bates, Arnav Bhartiya, Patrick Traynor, and Kevin Butler. Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications. ACM Transactions on Privacy and Security 20(3), Article 11, August 2017.
Bradley Reaves, Jasmine Bowers, Sigmund Albert Gorski III, Rahul Bobate, Raymond Cho, Hiranava Sas, Sharique Hussain, Hamza Karachiwala, Nolen Scaife, Byron Wright, Kevin Butler, William Enck, and Patrick Traynor. *droid: Assessment and Evaluation of Android Application Analysis Tools. ACM Computing Surveys, 49(3), Article 55, November 2016,.
Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler. Outsourcing Secure Two-Party Computation as a Black Box. Security and Communication Networks, 9(14), pg. 2261-2275, September 2016.
Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler. Secure Outsourced Garbled Circuit Evaluation for Mobile Devices. Journal of Computer Security, 24(2), pg. 137-180, 2016.
Adam Bates, Kevin Butler, Micah Sherr, Clay Shields, Patrick Traynor, and Dan Wallach. Accountable Wiretapping -or- I Know That They Can Hear You Now. Journal of Computer Security, 23(2), pg. 167-195, 2015.
Adam Bates, Benjamin Mood, Joe Pletcher, Hannah Pruse, Masoud Valafar, and Kevin Butler. On Detecting Co-resident Cloud Instances Using Network Flow Watermarking Techniques. International Journal of Information Security, 13(2), pg. 171-198, April 2014.
Thomas Moyer, Kevin Butler, Joshua Schiffman, Patrick McDaniel, and Trent Jaeger. Scalable Web Content Attestation. IEEE Transactions on Computers. 61(5) pg. 686-699, May 2012.
Kevin Butler, Stephen McLaughlin, Thomas Moyer, and Patrick McDaniel. New Security Architectures Based on Emerging Disk Functionality. IEEE Security and Privacy, 8(5), pg. 34-31, Sept./Oct. 2010.
Kevin Butler, Toni Farley, Patrick McDaniel, and Jennifer Rexford. A Survey of BGP Security Issues and Solutions. Proceedings of the IEEE, 98(1):100--122, January 2010.
Patrick Traynor, Kevin Butler, William Enck, Kevin Borders, and Patrick McDaniel. malnets: Large-Scale Malicious Networks via Compromised Wireless Access Points. Journal of Security and Communication Networks (SCN). 2009.
Kevin Butler, Sunam Ryu, Patrick Traynor, and Patrick McDaniel. Leveraging Identity-based Cryptography for Node ID Assignment in Structured P2P Systems. IEEE Transactions on Parallel and Distributed Systems (TPDS), 20(12):1803--1815, December 2009.
Patrick McDaniel, William Aiello, Kevin Butler, and John Ioannidis, Origin Authentication in Interdomain Routing. Computer Networks, 50(16), pg. 2953-2980, 14 November 2006.
Kevin Childs, Cassidy Gibson, Anna Crowder, Kevin Warren, Carson Stillman, Elissa M. Redmiles, Eakta Jain, Patrick Traynor, and Kevin R. B. Butler.
"I Had Sort of a Sense that I was Always Being Watched...Since I Was": Examining Interpersonal Discomfort From Continuous Location-Sharing Applications.
Proceedings of the 31st ACM Conference on Computer and Communications Security (CCS'24),
Salt Lake City, UT, USA, October 2024.
(Acceptance rate: 16.9%)
Nathaniel Bennett, Weidong Zhu, Benjamin Simon, Ryon Kennedy, William Enck, Patrick Traynor, and Kevin R. B. Butler.
RANsacked: A Domain-Informed Approach for Fuzzing LTE and 5G RAN-Core Interfaces.
Proceedings of the 31st ACM Conference on Computer and Communications Security (CCS'24),
Salt Lake City, UT, USA, October 2024.
(Acceptance rate: 16.9%)
Kevin Warren, Tyler Tucker, Anna Crowder, Daniel Olszewski, Allison Lu, Caroline Fedele, Magdalena Pasternak,
Seth Layton, Kevin Butler, Carrie Gates, and Patrick Traynor.
"Better Be Computer Or I'm Dumb": A Large-Scale Evaluation of Humans as Audio Deepfake Detectors.
Proceedings of the 31st AM Conference on Computer and Communications Security (CCS'24),
Salt Lake City, UT, USA, November 2024. Distinguished Paper Award.
(Acceptance rate: 16.9%)
Seth Layton, Tyler Tucker, Daniel Olszewski, Kevin Warren, Kevin Butler, and Patrick Traynor.
SoK: The Good, The Bad, and The Unbalanced: Measuring Structural Limitations of Current Deepfake Datasets.
Proceedings of the USENIX Security Symposium (Security'24),
Philadelphia, PA, USA, August 2024.
(Acceptance rate: 17.6%)
Weidong Zhu, Grant Hernandez, Washington Garcia, Dave (Jing) Tian, Sara Rampazzi, and Kevin Butler. Minding the Semantic Gap for Effective Storage-Based Ransomware Defense. Proceedings of the 38th International Conference on Massive Storage Systems and Technology (MSST'24), Santa Clara, CA, USA, June 2024.
Seaver Thorn, K. Virgil English, Kevin Butler, and William Enck. 5GAC-Analyzer: Identifying Over-Privilege Between 5G Core Network Functions. Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec'24), Seoul, Korea, May 2024.
K. Virgil English, Nathaniel Bennett, Seaver Thorn, Kevin Butler, William Enck, and Patrick Traynor. Examining Cryptography and Randomness Failures in Open-Source Cellular Cores. Proceedings of the ACM Conference on Data and Application Security and Privacy (CODASPY'24), Porto, Portugal, June 2024. Best paper award.
Jennifer Sheldon, Weidong Zhu, Adnan Abdullah, Sri Hrushikesh Varma Bhupathiraju, Takeshi Sugawara, Kevin Butler,
Md Jahidul Islam, and Sara Rampazzi.
AquaSonic: Acoustic Manipulation of Underwater Data Center Operations and Resource Management.
Proceedings of the IEEE Symposium on Security and Privacy (Oakland'24),
San Francisco, CA, USA, May 2024.
(Acceptance rate: 17.8%)
Caroline Fedele, Christopher Petersen, Tyler Lovelly, and Kevin Butler. Protecting Satellite Proximity Operations via Secure Multi-Party Computation. American Institute of Aeronautics and Astronautics (AIAA) SciTech Forum, Orlando, FL, USA, January 2024.
Daniel Olszewski, Allison Lu, Carson Stillman, Kevin Warren, Cole Kitroser, Alejandro Pascual, Divyajyoti, Kevin Butler, and Patrick Traynor. "Get in Researchers; We're Measuring Reproducibility": A Reproducibility Study of machine Learning Papers in Tier 1 Security Conferences". 30th ACM Conference on Computer and Communications Security (CCS'23), Copenhagen, Denmark, November 2023.
Kyungtae Kim, Sungwoo Kim, Kevin Butler, Antonio Bianchi, and Dave (Jing) Tian. Fuzz The Power: Dual-role State Guided Black-box Fuzzing for USB Power Delivery. 32nd USENIX Security Symposium (Security'23), Anaheim, CA, USA, August 2023.
Yazhou Tu, Liqun Shen, Md Imran Hossen, Sara Rampazzi, Kevin Butler, and Xiali Hei. Auditory Eyesight: Demystifying μs-Precision Keystroke Tracking Attacks on Unconstrained Keyboard Inputs. 32nd USENIX Security Symposium (Security'23), Anaheim, CA, USA, August 2023.
Christian Peeters, Tyler Tucker, Anushri Jain, Kevin Butler, and Patrick Traynor. LeopardSeal: Detecting Call Interception via Audio Rogue Base Stations. 21st ACM International Conference on Mobile Systems, Applications, and Services (MobiSys'23), Helsinki, Finland, June 2023.
Yan Long, Pirouz Naghavi, Blas Kojusner, Kevin Butler, Sara Rampazzi, and Kevin Fu. Side eye: Characterizing the Limits of POV Acoustic Eavesdropping from Smartphone Cameras with Rolling Shutters and Movable Lenses. 44th IEEE Symposium on Security and Privacy (Oakland'23), San Francisco, CA, USA, May 2023.
Tyler Tucker, Hunter Searle, Kevin Butler, and Patrick Traynor. Blue's Clues: Practical Discovery of Non-Discoverable Bluetooth Devices. 44th IEEE Symposium on Security and Privacy (Oakland'23), San Francisco, CA, USA, May 2023.
Washington Garcia, Pin-Yu Chen, Hamilton Scott Clouse, Somesh Jha, and Kevin Butler. Less is More: Dimension Reduction Finds On-Manifold Adversarial Examples in Hard-Label Attacks. IEEE Conference on Secure and Trustworthy Machine Learning (SatML 2023), Raleigh, NC, USA, February 2023.
Shantanu Ghosh, Zheng Feng, Kevin Butler, and Mattia Prosperi. DR-VIDAL: Doubly Robust Variational Information-theoretic Deep Adversarial Learning for Counterfactual Prediction and Treatment Effect Estimation. 2022 American Medical Informatics Association Annual Symposium (AMIA 2022), Washington, DC, USA, November 2022.
Daniel Olszewski, Weidong Zhu, Sandeep Sathyanarayana, Kevin Butler, and Patrick Traynor. HallMonitor: A Framework for Identifying Network Policy Violations in Software. 2022 IEEE Conference on Communications and Network Security (CNS 2022), Austin, TX, USA, October 2022.
Logan Blue, Kevin Warren, Hadi Abdullah, Cassidy Gibson, Luis Vargas, Jessica O'Dell, Kevin Butler, and Patrick Traynor. Who Are You (I Really Wanna Know)? 31st USENIX Security Symposium (Security'22), Boston, MA, USA, Aug 2022.
Cassidy Gibson, Vanessa Frost, Katie Platt, Washington Garcia, Luis Vargas, Sara Rampazzi, Vincent Bindschaedler, Patrick Traynor, and Kevin Butler. Analyzing the Monetization Ecosystem of Stalkerware. 22nd Privacy Enhancing Technologies Symposium (PETS 2022), Sydney, Australia, July 2022.
Washington Garcia, Hamilton Scott Clouse, and Kevin Butler. Disentangling Categorization in Multi-agent Emergent Communication. 2022 Conference of the North American Chapter of the Association for Computational Linguistics (NAACL 2022), Seattle, WA, USA, July 2022.
Brendan David-John, Kevin Butler, and Eakta Jain. For Your Eyes Only: Privacy-Preserving Eye-Tracking Datasets. 14th ACM Symposium on Eye Tracking Research and Applications (ETRA 2022), Seattle, WA, USA, June 2022.
Mounir Elbharabawy, Blas Kojusner, Mohammad Mannan, Kevin Butler, Byron Williams, and Amr Youssef. SAUSAGE: Security Analysis of Unix domain Socket Usage in Android. 7th IEEE European Symposium on Security and Privacy (Euro S\&P'22), Genoa, Italy, June 2022. Best paper finalist.
Kyungtae Kim, Taegyu Kim, Ertza Warriach, Byoungyoung Lee, Kevin Butler, Antonio Bianchi, and Dave (Jing) Tian. FuzzUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks. 43rd IEEE Symposium on Security and Privacy (Oakland'22), San Francisco, CA, USA, May 2022.
Grant Hernandez, Marius Muench, Dominik Maier, Alyssa Milburn, Shinjo Park, Tobias Scharnowski, Tyler Tucker, Patrick Traynor, and Kevin Butler.
FirmWire: Transparent Dynamic Analysis for Cellular Baseband Firmware.
2022 ISOC Network and Distributed System Security Symposium (NDSS'22),
San Diego, CA, USA, April 2022.
(acceptance rate = 16.2%)
Washington Garcia, Animesh Chhotaray, Joesph Choi, Suman Kalyan Adara, Kevin Butler, and Somesh Jha.
Brittle Features of Device Authentication.
11th ACM Conference on Data and Application Security and Privacy (CODASPY'21),
Virtual, April 2021.
(acceptance rate TBD)
Grant Hernandez, Dave (Jing) Tian, Anurag Vadav, Byron Williams, and Kevin Butler.
BigMAC: Fine-Grained Policy Analysis of Android Firmware.
29th USENIX Security Symposium (USENIX Security'20),
Boston, MA, USA, August 2020.
(acceptance rate=16.1%)
Joseph Choi, Dave (Jing) Tian, Grant Hernandez, Christopher Patton, Benjamin Mood, Thomas Shrimpton, Patrick Traynor, and Kevin Butler.
A Hybrid Approach to Secure Function Evaluation Using SGX.
14th ACM ASIA Conference on Computer and Communications Security (ASIACCS'19),
Auckland, New Zealand, July 2019.
(acceptance rate=17.0% for full papers)
Jasmine Bowers, Imani Sherman, Kevin Butler, and Patrick Traynor.
Characterizing Security and Privacy Practices in Emerging Digital Credit Applications.
12th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec'19), Miami, FL, USA, May 2019.
(acceptance rate=25.9%)
Dave (Jing) Tian, Grant Hernandez, Joseph Choi, Vanessa Frost, Peter Johnson, and Kevin Butler.
LBM: A Security Framework for Peripherals within the Linux Kernel.
40th IEEE Symposium on Security and Privacy (Oakland'19),
San Francisco, CA, USA, May 2019.
(acceptance rate=12.0%)
Dave (Jing) Tian, Joseph Choi, Grant Hernandez, Patrick Traynor, and Kevin Butler.
A Practical Intel SGX Setting for Linux Containers in the Cloud.
9th ACM Conference on Data and Application Security and Privacy (CODASPY'19),
Dallas, TX, USA, March 2019. Distinguished Poster Award (for poster accompanying full paper).
(acceptance rate=23.5%)
Luis Vargas, Gyan Hazarika, Rachel Culpepper, Kevin Butler, Thomas Shrimpton, Doug Szajda, and Patrick Traynor.
Mitigating Risk while Complying with Data Retention Laws.
25th ACM Conference on Computer and Communications Security (CCS'18),
Toronto, ON, Canada, October 2018.
(acceptance rate=16.6%)
Dave (Jing) Tian, Grant Hernandez, Joesph Choi, Vanessa Frost, Christie Ruales, Patrick Traynor, Hayawardh Vijaykumar, Lee Harrison, Amir Rahmati, Mike Grace, and Kevin Butler.
ATtention Spanned: Comprehensive Vulnerability Analysis of AT
Commands Within the Android Ecosystem.
27th USENIX Security Symposium (USENIX Security '18),
Baltimore, MD, August 2018.
(acceptance rate=19.1%)
Dave (Jing) Tian, Nolen Scaife, Deepak Kumar, Michael Bailey, Adam Bates, and Kevin Butler.
SoK: ``Plug & Pray'' Today -- Understanding USB Insecurity in Versions 1
through C.
39th IEEE Symposium on Security and Privacy (Oakland'18),
San Francisco, CA, May 2018.
(acceptance rate=11.5%)
Christian Peeters, Hadi Abdullah, Nolen Scaife, Jasmine Bowers, Patrick Traynor, Bradley Reaves, and Kevin Butler.
Sonar: Detecting SS7 Redirection Attacks Via Call Audio-Based Distance Bounding.
39th IEEE Symposium on Security and Privacy (Oakland'18),
San Francisco, CA, May 2018.
(acceptance rate=11.5%)
Grant Hernandez, Farhaan Fowze, Dave (Jing) Tian, Tuba Yavuz, and Kevin Butler.
FirmUSB: Vetting USB Device Firmware using Domain Informed Symbolic
Execution.
24th ACM Conference on Computer and Communications Security (CCS'17),
Dallas, TX, USA October 2017.
(acceptance rate=18.1%)
Robert Karam, Tamzidul Hoque, Kevin Butler, and Swarup Bhunia. Mixed-Granular Architectural Diversity for Device Security in the Internet of Things. Asian Hardware Oriented Security and Trust Symposium (AsianHOST 2017), Beijing, China, October 2017.
Tyler Ward, Joseph Choi, Kevin Butler, John M. Shea, Patrick Traynor, and Tan Wong. Privacy Preserving Localization Using a Distributed Particle Filtering Protocol. IEEE MILCOM, Baltimore, MD, October 2017.
Jasmine Bowers, Bradley Reaves, Imani N. Sherman, Patrick Traynor, and Kevin Butler.
Regulators, Mount Up! Analysis of Privacy Policies for Mobile Money Services.
13th Symposium on Usable Privacy and Security (SOUPS 2017),
Santa Clara, CA, July 2017.
(acceptance rate=26.5%)
Adam Bates, Wajih Ul Hassan, Kevin Butler, Alin Dobra, Brad Reaves,
Patrick Cable, Thomas Moyer, and Nabil Schear.
Transparent Web Service Auditing via Network Provenance Functions.
26th World Wide Web Conference (WWW 2017),
Perth, Australia, April 2017.
(acceptance rate=17.0%)
Sriharsha Etigowni, Dave (Jing) Tian, Grant Hernandez, Saman Zonouz, and
Kevin Butler.
CPAC: Securing Critical Infrastructure with Cyber-Physical Access
Control.
32nd Annual Computer Security Applications Conference (ACSAC 2016),
Los Angeles, CA, USA, December 2016.
(acceptance rate=22.8%)
Thomas Moyer, Patrick Cable, Karishma Chadha, Robert Cunningham, Nabil
Schear, Warren Smith, Adam Bates, Kevin Butler, Frank Capobianco, and
Trent Jaeger.
Leveraging Data Provenance to Enhance Cyber Resilience.
1st IEEE Cybersecurity Development Conference (SecDev 2016),
Boston, MA, USA, November 2016.
(acceptance rate=52.2%)
Dave (Jing) Tian, Adam Bates, Kevin Butler, and Raju Rangaswami.
ProvUSB: Block-level Provenance-Based Data Protection for USB Storage
Devices. 23rd ACM Conference on Computer and Communications
Security (CCS'16), Vienna, Austria, October 2016.
(acceptance rate=16.5%)
Dave (Jing) Tian, Nolen Scaife, Adam Bates, Kevin Butler, and Patrick
Traynor. Making USB Great Again with USBFILTER. 25th USENIX
Security Symposium (USENIX Security'16), Austin, TX, USA, August 2016.
(acceptance rate=15.5%)
Bradley Reaves, Logan Blue, Dave Tian, Patrick Traynor, and Kevin Butler.
Detecting SMS Spam in the Age of Legitimate Bulk Messaging.
9th ACM Conference on Security and Privacy in Wireless and Mobile
Networks (WiSec'16), Darmstadt, Germany, July 2016.
(acceptance rate=35.0%)
Nolen Scaife, Henry Carter, Patrick Traynor, and Kevin Butler. CryptoLock
(and Drop It): Stopping Ransomware Attacks on User Data. 36th
IEEE International Conference on Distributed Computing Systems (ICDCS
2016), Nara, Japan, June 2016.
(acceptance rate=17.6%)
Bradley Reaves, Dave Tian, Nolen Scaife, Logan Blue, Patrick Traynor, and
Kevin Butler. Sending out an SMS: Characterizing the Security of the SMS
Ecosystem with Public Gateways. 2016 IEEE Symposium on Security
and Privacy (Oakland'16), San Jose, CA, USA, May 2016.
(acceptance rate=13.3%)
Benjamin Mood, Debayan Gupta, Henry Carter, Kevin Butler, and Patrick
Traynor.
Frigate: A Validated, Extensible, and Efficient Compiler and Interpreter
for Secure Computation.
1st IEEE European Symposium on Security and Privacy (Euro S&P 2016),
Saarbrücken, Germany, March 2016.
(acceptance rate=17.3%)
Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler.
Outsourcing Secure Two-Party Computation as a Black Box.
14th International Conference on Cryptology and Network Security (CANS
2015),
Marrakesh, Morocco, December 2015.
(acceptance rate=52.9%)
Jing (Dave) Tian, Adam Bates, and Kevin Butler.
Defending Against Malicious USB Firmware with GoodUSB.
31st Annual Computer Security Applications Conference (ACSAC 2015),
Los Angeles, CA, USA, December 2015.
(acceptance rate=24.4%)
Adam Bates, Dave Tian, Kevin Butler, and Thomas Moyer.
Trustworthy Whole-System Provenance for the Linux Kernel.
24th USENIX Security Symposium (Security'15), Washington, DC, USA, August
2015.
(acceptance rate=15.7%)
Bradley Reaves, Nolen Scaife, Adam Bates, Patrick Traynor, and Kevin Butler.
Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking
Applications in the Developing World.
24th USENIX Security Symposium (Security'15), Washington, DC, USA, August
2015.
(acceptance rate=15.7%)
Ethan Shernan, Henry Carter, Dave Tian, Patrick Traynor, and Kevin Butler.
More Guidelines Than Rules: CSRF Vulnerabilities
from Noncompliant OAuth 2.0 Implementations Proceedings of the
International Conference on Detection of Intrusions and Malware, and
Vulnerability Assessment (DIMVA), Milan, Italy, July 2015.
(acceptance rate=22.7%)
Jing (Dave) Tian, Kevin Butler, Patrick McDaniel, and Padma Krishnaswamy.
Securing ARP from the Ground Up. 5th ACM Conference on Data and
Application Security and Privacy (CODASPY 2015), San Antonio, TX,
USA, March 2015.
(acceptance rate=33.3%)
Benjamin Mood, Debayan Gupta, Kevin Butler, and Joan Feigenbaum. Reuse It Or Lose It: More Efficient Secure
Computation Through Reuse of Encrypted Values. 21st ACM Conference
on Computer and Communications Security (CCS'14), Scottsdale, AZ, USA,
November 2014.
(acceptance rate=19.5%)
Adam Bates, Joe Pletcher, Tyler Nichols, Braden Hollembaek, Dave Tian,
Abdulrahman Alkhelaifi, and Kevin Butler. Securing SSL Certificate Verification
through Dynamic Linking. 21st ACM Conference on Computer and
Communications Security (CCS'14), Scottsdale, AZ, USA, November
2014.
(acceptance rate=19.5%)
Adam Bates, Joe Pletcher, Tyler Nichols, Braden Hollembaek, and Kevin
Butler. Forced Perspectives: Evaluating an SSL Trust Enhancement at
Scale. 2014 ACM Internet Measurement Conference (IMC'14), Vancouver,
BC, Canada, November 2014.
(acceptance rate=22.9%)
Adam Bates, Ryan Leonard, Hannah Pruse, Daniel Lowd, and Kevin Butler.
Leveraging USB to Establish Host Identity Using Commodity Devices.
21st ISOC Network and Distributed System Security Symposium
(NDSS'14), San Diego, CA, USA, February 2014.
(acceptance rate=18.6%)
Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler.
Secure Outsourced Garbled Circuit Evaluation for Mobile Devices.
22nd USENIX Security Symposium (Security'13), Washington, DC, USA, August
2013.
(acceptance rate=16.2%)
Benjamin Kreuter, abhi shelat, Benjamin Mood, and Kevin Butler.
PCF: A Portable Circuit Format For Scalable Two-Party Secure
Computation. 22nd USENIX Security Symposium (Security'13),
Washington, DC, USA, August 2013.
(acceptance rate=16.2%)
Adam Bates, Benjamin Mood, Masoud Valafar, and Kevin Butler. An
Infrastructure for Provenance-Based Access Control in Cloud Environments.
3rd ACM Conference on Data and Application Security and
Privacy (CODASPY 2013), San Antonio, TX, USA, February 2013.
(acceptance rate=31.8%)
Vasant Tendulkar, Joe Pletcher, Ashwin Shashidharan, Ryan Snyder, Kevin
Butler, and William Enck.
Abusing Cloud-based Browsers for Fun and Profit. 28th Annual
Computer Security Applications Conference (ACSAC 2012), Orlando, FL,
USA, December 2012.
(acceptance rate=19.0%)
Devin J. Pohly, Stephen McLaughlin, Patrick McDaniel, and Kevin Butler.
Hi-Fi: Collecting High-Fidelity Whole-System Provenance.
28th Annual Computer Security Applications
Conference (ACSAC 2012), Orlando, FL, USA, December 2012.
(acceptance rate=19.0%)
Benjamin Mood, Lara Letaw, and Kevin Butler.
Memory-Efficient Garbled Circuit Generation for Mobile Devices. 16th IFCA International Conference on Financial Cryptography and Data Security (FC'12). Bonaire, February 2012.
(acceptance rate=26.1%)
Adam Bates, Kevin Butler, Micah Sherr, Clay Shields, Patrick Traynor, and Dan Wallach.
Accountable Wiretapping -or- I Know That They Can Hear You Now. 19th ISOC
Network and Distributed System Security Symposium (NDSS 2012). San Diego, CA,
USA, February 2012.
(acceptance rate=17.8%)
Kevin Butler, Stephen McLaughlin, and Patrick McDaniel.
Kells: A Protection Framework for Portable Data. 26th Annual
Computer Security Applications Conference (ACSAC 2010). Austin, TX,
USA, December 2010.
(acceptance rate=16.3%)
Machigar Ongtang, Kevin Butler, and Patrick McDaniel.
Porscha: Policy Oriented Secure Content Handling in Android. 26th Annual
Computer Security Applications Conference (ACSAC 2010). Austin, TX,
USA, December 2010.
(acceptance rate=16.3%)
Thomas Moyer, Kevin Butler, Joshua Schiffman, Patrick McDaniel, and Trent
Jaeger. Scalable Asynchronous Web Content Attestation. 25th Annual
Computer Security Applications Conference (ACSAC 2009). Honolulu, HI,
USA, December 2009.
(acceptance rate=19.0%)
William Enck, Kevin Butler, Thomas Richardson, Patrick McDaniel, and Adam
Smith, Defending Against Attacks on Main Memory Persistence.
24th Annual Computer Security Applications Conference (ACSAC 2008),
Anaheim, CA, USA. December 2008.
(acceptance rate=24.3%)
Kevin Butler, Stephen McLaughlin, and Patrick McDaniel, Rootkit-Resistant Disks. 15th ACM Conference on Computer and Communications Security (CCS'08), Alexandria, VA, USA. November 2008.
(acceptance rate=18.1%)
Patrick Traynor, Kevin Butler, William Enck, and Patrick McDaniel, Realizing Massive-Scale Conditional Access Systems Through Attribute-Based Cryptosystems. 15th Annual Network and Distributed System Security Symposium (NDSS'08), San Diego, CA, USA. February 2008.
(acceptance rate=17.8%)
Dhananjay Bapat, Kevin Butler, and Patrick McDaniel, Towards Automatic Privilege Separation. Third International Conference on Information Systems Security (ICISS 2007), Delhi, India. December 2007.
(acceptance rate=25.0%)
Lisa Johansen, Kevin Butler, Michael Rowell, and Patrick McDaniel, Email
Communities of Interest. Fourth Conference on Email and Anti-Spam (CEAS 2007), Mountain View, CA, USA. August 2007.
(acceptance rate=19.0%)
Anusha Sriraman, Kevin Butler, Patrick McDaniel, and Padma Raghavan,
Analysis of the IPv4 Address Delegation Structure.
IEEE Symposium on Computers and Communications (ISCC'07), Aveiro, Portugal. July 2007.
(acceptance rate=40%)
Sunam Ryu, Kevin Butler, Patrick Traynor, and Patrick McDaniel, Leveraging
Identity-based Cryptography for Node ID Assignment in Structured P2P
Systems. 3rd IEEE International Symposium on Security in Networks and
Distributed Systems (SSNDS'07), Niagara Falls, ON, Canada. May 2007.
(acceptance rate=40%)
Kevin Butler, Patrick Traynor, William Enck, Jennifer Plasterr, and Patrick
McDaniel, Privacy Preserving Web-Based Email. 2nd International
Conference on Information Systems Security (ICISS 2006), Kolkata, India.
December 2006.
(acceptance rate=30.4%)
Kevin Butler, Patrick McDaniel, and William Aiello, Optimizing BGP Security
by Exploiting Path Stability. 13th ACM Conference on Computer and
Communications Security (CCS'06), Alexandria, VA, USA. November 2006.
(acceptance rate=14.8%)
Trent Jaeger, Kevin Butler, David King, Serge Hallyn, Joy Latten, and
Xiolan Zhang. Leveraging IPsec for Distributed Authorization.
2nd IEEE Communications Society/CreateNet International Conference on
Security and Privacy in Communication Networks (SecureComm'06),
Baltimore, MD, USA. August 2006.
(acceptance rate=25.4%)
Kevin Butler and Patrick McDaniel, Understanding Mutable Internet Pathogens,
or How I Learned to Stop Worrying and Love Parasitic Behavior. 1st
International Conference on Information Systems Security (ICISS 2005),
Kolkata, India. December 2005.
(Invited
paper)
Brendan David-John, Diane Hosfelt, Kevin Butler, and Eakta Jain. Let's SOUP Up XR: Collected thoughts from an IEEE VR workshop on privacy in mixed reality. 1st International Workshop on Security for XR and XR for Security (VR4Sec), in conjunction with SOUPS 2021, virtual event, August 2021.
Sushrut Shringarputale, Patrick McDaniel, Kevin Butler, and Thomas La Porta. Co-residency Attacks on Containers are Real. 2020 ACM Cloud Computing Security Workshop (CCSW'20), Orlando, FL, USA, November 2020.
Suman Adari, Washington Garcia, and Kevin Butler. Adversarial Video Captioning. 2019 Dependable and Secure Machine Learning Workshop (DSML’19), Portland, OR, USA, June 2019.
Siddhant Deshmukh, Henry Carter, Grant Hernandez, Patrick Traynor, and Kevin Butler. Efficient and Secure Template Blinding for Biometric Authentication. 2nd IEEE Workshop on Security and Privacy in the Cloud (SPC 2016), Philadelphia, PA, USA, October 2016.
Debayan Gupta, Benjamin Mood, Joan Feigenbaum, Kevin Butler and Patrick Traynor. Using Intel Software Guard Extensions for Efficient Two-Party Secure Function Evaluation. 2016 Workshop on Encrypted Computing and Applied Homomorphic Cryptography (WAHC’16), Barbados, February 2016.
Adam Bates, Kevin Butler, and Thomas Moyer. Take Only What You Need: Leveraging Mandatory Access Control Policy to Reduce Provenance Storage Costs. 7th International Workshop on Theory and Practice of Provenance (TaPP'15), Edinburgh, Scotland, July 2015.
Adam Bates, Kevin Butler, Andreas Haeberlen, Micah Sherr, and Wenchao Zhou. Let SDN Be Your Eyes: Secure Forensics in Data Center Networks. NDSS Workshop on Security of Emerging Network Technologies (SENT), San Diego, CA, USA, February 2014.
Matt Bishop, Carrie Gates, Steven Greenspan, Kevin Butler, and Emily Rine Butler. Forgive and Forget: Return to Obscurity. 2013 New Security Paradigms Workshop (NSPW), Banff, AB, Canada, September 2013.
Peter McKay, Bryan Clement, Sean Haverty, Elijah Newton, and Kevin Butler. Read My Lips: Towards Use of the Microsoft Kinect as a Visual-Only Automatic Speech Recognizer. 2013 Workshop on Home Usable Privacy and Security (HUPS), Newcastle, UK, July 2013.
Adam Bates, Benjamin Mood, Joe Pletcher, Hannah Pruse, Masoud Valafar, and
Kevin Butler. Detecting Co-Residency with Active Traffic Analysis Techniques. 4th ACM Cloud Computing Security Workshop (CCSW 2012), Raleigh, NC, USA, October 2012.
(acceptance rate=12.0% [full papers], 22.0%
[overall])
Lara Letaw, Joe Pletcher, and Kevin Butler. Host Identification via USB Fingerprinting. 6th IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE 2011), In conjunction with IEEE Security and Privacy Symposium, Oakland, CA, USA, May 2011.
(acceptance rate=34.8%)
Patrick McDaniel, Kevin Butler, Stephen McLaughlin, Radu Sion, Erez Zadok, and Marianne Winslett, Towards a Secure and Efficient System for End-to-End Provenance. 2nd USENIX Workshop on the Theory and Practice of Provenance (TaPP'10), San Jose, CA, USA, February 2010.
Kevin Butler and Petros Efstathopoulos, U Can’t Touch This: Block-Level Protection for Portable Storage. International Workshop on Software Support for Portable Storage (IWSSPS 2009), Grenoble, France, October 2009.
Kevin Butler, William Enck, Harri Hursti, Stephen McLaughlin, Patrick Traynor, and Patrick McDaniel, Systemic Issues in the Hart InterCivic and Premier Voting Systems: Reflections Following Project EVEREST. 2008 USENIX/ACCURATE Electronic Voting Technology Workshop (EVT'08), San Jose, CA, USA. July 2008.
Kevin Butler, Stephen McLaughlin, and Patrick McDaniel, Non-Volatile Memory and Disks: Avenues for Policy Architectures. 1st Computer Security Architecture Workshop (CSAW 2007), Alexandria, VA, USA. November 2007.
Shiva Chaitanya, Kevin Butler, Anand Sivasubramaniam, Patrick McDaniel, and Murali Vilayannur, Design, implementation and evaluation of security in iSCSI-based network storage systems. 2nd International Workshop on Storge Security and Survivability (StorageSS 2006), Alexandria, VA, USA. October 2006.
Kevin Butler and Patrick McDaniel, Testing Large Scale BGP Security in Replayable Network Environments. DETER Community Workshop on Cyber Security Experimentation and Test, Arlington, VA, USA. June 2006.
Kevin Butler, Sophie Qiu, and Patrick McDaniel, BGPRV: Retrieving and Processing BGP Data with Efficiency and Convenience. DETER Community Workshop on Cyber Security Experimentation and Test, Arlington, VA, USA. June 2006.
Patrick McDaniel, Kevin Butler, William Enck, Harri Hursti, Stephen McLaughlin, Patrick Traynor, Matt Blaze, Adam Aviv, Pavol Cerny, Sandy Clark, Eric Cronin, Gaurav Shah, Micah Sherr, Giovanni Vigna, Richard Kemmerer, David Balzarotti, Greg Banks, Marco Cova, Viktoria Felmetsger, William Robertson, Fredrik Valeur, Joseph Lorenzo Hall, and Laura Quilter, EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing. Public Report, Ohio Secretary of State, 2007.
Kevin Butler, 18th USENIX Security Symposium Conference Summaries. USENIX ;login Magazine, December 2009.
Kevin Butler, 16th USENIX Security Symposium Conference Summaries. USENIX ;login Magazine, December 2007.
Kevin Butler, 15th USENIX Security Symposium Conference Summaries. USENIX ;login Magazine, December 2006.
Kevin Butler, 14th USENIX Security Symposium Conference Summaries. USENIX ;login Magazine, December 2005.
Kevin Butler, Stephen McLaughlin, Thomas Moyer, Joshua Schiffman, Patrick McDaniel, and Trent Jaeger. Firma: Disk-Based Foundations for Trusted Operating Systems. Technical Report NAS-TR-0114-2009, Networking and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, May 2009.
Kevin Butler, Stephen McLaughlin, Thomas Moyer, Patrick McDaniel, and Trent Jaeger. SwitchBlade: Policy-Driven Disk Segmentation. Technical Report NAS-TR-0098-2008, Networking and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, November 2008.
Lisa Johansen, Kevin Butler, William Enck, Patrick Traynor, and Patrick McDaniel, Grains of SANs: Building Storage Area Networks from Memory Spots. Technical Report NAS-TR-0060-2006, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, January 2007.
Kevin Butler, Stephen McLaughlin, Patrick McDaniel, and Youngjae Kim. Autonomously Secure Disks. Technical Report NAS-TR-0072-2007, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, May 2007. (Updated September 2007.)
Luke St. Clair, Lisa Johansen, Kevin Butler, William Enck, Matthew Pirretti, Patrick Traynor, Patrick McDaniel, and Trent Jaeger, Password Exhaustion: Predicting the End of Password Usefulness. Technical Report NAS-TR-0030-2006, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, May 2006. (Updated January 2007.)