• Home
  • About
    • Patrick G Traynor photo

      Patrick G Traynor

      Security Research for Cellular, Mobile and the Internet

    • Email
    • Twitter
  • Research
  • Publications
  • Teaching
  • Vita

Publications

Books Chapters Journals Conference Workshop Talks Media Misc

Books

P. Traynor, P. McDaniel and T. La Porta, Security for Telecommunications Networks. Springer, Series: Advances in Information Security, August, 2008. ISBN: 978-0-387-72441-6. (Amazon)

Book Chapters

A. Harris, F. Park, S. Goodman and P. Traynor, Emerging Privacy and Security Concerns for Digital Wallet Deployment, Privacy in America: Interdisciplinary Perspectives, Scarecrow Press, July 2011, Editors: W. Aspray and P. Doty.

K. Butler, W. Enck, P. Traynor, J. Plasterr and P. McDaniel. Privacy Preserving Web-Based Email, Algorithms, Architectures and Information Systems Security, Statistical Science and Interdisciplinary Research, World Scientific Computing. November 2008. Editors: B. Bhattacharya, S. Sur-Kolay, S. Nandy and A. Bagchi.

Journals

P. Traynor, K. Butler, J. Bowers, B. Reaves. FinTechSec: Addressing the Security Challenges of Digital Financial Services, IEEE S&P Magazine, 15:5, p. 85-89, 2017. (pdf)

B. Reaves, J. Bowers, N. Scaife, A. Bates, A. Bharatiya, P. Traynor, and K. Butler. Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications in the Developing World, ACM Transactions on Privacy and Seurity (TOPS), 2017.

H. Carter and P. Traynor. OPFE: Outsourcing Computation for Private Function Evaluation, International Journal of Information and Computer Security (IJICS), 2017.

S. Heuser, B. Reaves, P. Kumar Pendyala, H. Carter, A. Dmitrienko, W. Enck, N. Kiyavash, A. Sadeghi, and P. Traynor. Phonion: Practical Protection of Metadata in Telephony Networks, Proceedings on Privacy Enhancing Technologies (PoPETs), 2017.

B. Reaves, J. Bowers, S. A. Gorski III, O. Anise, R. Bobhate, R. Cho, H. Das, S. Hussain, H. Karachiwala, N. Scaife, B. Wright, K. Butler, W. Enck, and P. Traynor. *droid: Assessment and Evaluation of Android Application Analysis Tools, ACM Computing Surveys (CSUR), 2016. (pdf)

C. Amrutkar, Y. Kim and P. Traynor, Detecting Mobile Malicious Webpages in Real Time, IEEE Transactions on Mobile Computing (TMC), To appear 2016.

H. Carter, B. Mood, P. Traynor and K. Butler, Outsourcing Secure Two-Party Computation as a Black Box, Journal of Security and Communication Networks (SCN), To Appear 2016.

H. Carter, B. Mood, P. Traynor, and K. Butler. Secure Outsourced Garbled Circuit Evaluation for Mobile Devices. Journal of Computer Security (JCS), 24(2):137-180, 2016.

A. Bates, K. Butler, M. Sherr, C. Shields, P. Traynor, and D. Wallach, Accountable Wiretapping -or- I Know They Can Hear You Now, Journal of Computer Security (JCS), 23(2):167-195, 2015.

H. Carter, C. Amrutkar, I. Dacosta and P. Traynor, For Your Phone Only: Custom Protocols for Efficient Secure Function Evaluation on Mobile Devices, Journal of Security and Communication Networks (SCN), 7(7), p. 1165–1176, 2014.

C. Amrutkar, P. Traynor and P. van Oorschot, An Empirical Evaluation of Security Indicators in Mobile Web Browsers, IEEE Transactions on Mobile Computing (TMC), 14(5):889-903, 2015.

A. Harris, S. Goodman, and P. Traynor. Privacy and Security Concerns Associated with Mobile Money Applications in Africa, Washington Journal of Law, Technology & Arts, 8(3), 2013.

I. Dacosta, S. Chakradeo, M. Ahamad, and P. Traynor. One-Time Cookies: Preventing Session Hijacking Attacks with Stateless Authentication Tokens, ACM Transactions on Internet Technology (TOIT), 12(1), 2012.

C. Shi, X. Luo, P. Traynor, M. Ammar, and E. Zegura. ARDEN: Anonymous netwoRking in Delay tolErant Networks, Journal of Ad Hoc Networks, 10(6):918-930, 2012.

P. Traynor, Characterizing the Security Implications of Third-Party EAS Over Cellular Text Messaging Services, IEEE Transactions on Mobile Computing (TMC), 11(6):983-994, 2012.

I. Dacosta, V. Balasubramaniyan, M. Ahamad and P. Traynor, Improving Authentication Performance of Distributed SIP Proxies, IEEE Transactions on Parallel and Distributed Systems (TPDS), 22(11):1804 - 1812, November 2011.

P. Traynor, C. Amrutkar, V. Rao, T. Jaeger, P. McDaniel and T. La Porta, From Mobile Phones to Responsible Devices, Journal of Security and Communication Networks (SCN), 4(6):719-726, June 2011.

M. Pirretti, P. Traynor, P. McDaniel and B. Waters, Secure Attribute-Based Systems, Journal of Computer Security (JCS), 18(5):799-837, 2010.

P. Traynor, K. Butler, W. Enck, K. Borders and P. McDaniel, malnets: Large-Scale Malicious Networks via Compromised Wireless Access Points, Journal of Security and Communication Networks (SCN), 3(2):102-113, 2010.

P. Traynor, Securing Cellular Infrastructure: Challenges and Opportunities, IEEE Security & Privacy Magazine, 7(4):77-79, July/August, 2009 (pdf)

K. Butler, S. Ryu, P. Traynor and P. McDaniel, Leveraging Identity-based Cryptography for Node ID Assignment in Structured P2P Systems, IEEE Transactions on Parallel and Distributed Systems (TPDS), 20(11):1-1, 2009. (pdf)

P. Traynor, W. Enck, P. McDaniel and T. La Porta, Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networks, IEEE/ACM Transactions on Networking (TON), 17(1):40-53, 2009. (pdf)

P. Traynor, M. Chien, S. Weaver, B. Hicks, P. McDaniel, Non-Invasive Methods for Host Certification, ACM Transactions on Information and System Security (TISSEC), 11(3):1-23, 2008. (pdf)

P. Traynor, W. Enck, P. McDaniel and T. La Porta, Exploiting Open Functionality in SMS-Capable Cellular Networks, Journal of Computer Security (JCS), 16(6):713-742, 2008. (pdf)

P. Traynor, R. Kumar, H. Choi, G. Cao, S. Zhu and T. La Porta, Efficient Hybrid Security Mechanisms for Heterogeneous Sensor Networks, IEEE Transactions on Mobile Computing (TMC), 6(6): 663-677, June 2007. (pdf)

Conferences

I. Sherman, J. Bowers, K. McNamara, J. Gilbert, J. Ruiz, and P. Traynor, Are You Going to Answer That? Measuring User Responses to Anti-Robocall Application Indicators, Proceedings of the ISOC Network & Distributed Systems Security Symposium (NDSS), 2020. (acceptance rate: 17.4%)

J. Choi, D. Tian, G. Hernandez, C. Patton, B. Mood, T. Shrimpton, P. Traynor, and K. Butler, A Hybrid Approach to Secure Function Evaluation Using SGX, ACM ASIA Conference on Computer and Communications Security (ASIACCS), 2019. (acceptance rate: 17.0% for full papers)

V. Frost, D. Tian, C. Ruales, P. Traynor, and K. Butler, Examining DES-based Cipher Suite Support within the TLS Ecosystem, ACM ASIA Conference on Computer and Communications Security (ASIACCS), 2019.
(acceptance rate: 22.0%)

D. Tian, J. Choi, G. Hernandez, P. Traynor, and K. Butler, A Practical Intel SGX Setting for Linux Containers in the Cloud, ACM Conference on Data and Application Security and Privacy (CODASPY), 2019. Distinguished Poster Award (for poster accompanying full paper). (acceptance rate: 23.5%)

N. Scaife, J. Bowers, C. Peeters, G. Hernandez, I. Sherman, L. Anthony, and P. Traynor, Kiss from a Rogue: Evaluating Detectability of Pay-at-the-Pump Card Skimmers, In Proceedings of the IEEE Symposium on Security and Privacy (S\&P), 2019. (acceptance rate: 12.0\%)

J. Bowers, I. Sherman, K. Butler, and P. Traynor, Characterizing Security and Privacy Practices in Emerging Digital Credit Applications, In Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2019. (acceptance rate: 25.6\%)

H. Abdullah, W. Garcia, C. Peeters, P. Traynor, K. Butler, and J. Wilson, Practical Hidden Voice Attacks against Speech and Speaker Recognition Systems, Proceedings of the ISOC Network & Distributed Systems Security Symposium (NDSS), 2019. (acceptance rate: 17.1%)

L. Vargas, L. Blue, V. Frost, C. Patton, N. Scaife, K. Butler, and P. Traynor Digital Healthcare-Associated Infection Analysis of a Major Multi-Campus Hospital System, Proceedings of the ISOC Network & Distributed Systems Security Symposium (NDSS), 2019. (acceptance rate: 17.1%)

D. Tian, J. Choi, G. Hernandez, P. Traynor, and K. Butler. A Practical Intel SGX Setting for Linux Containers in the Cloud, ACM Conference on Data and Application Security and Privacy (CODASPY), 2019. (acceptance rate=23.5%)

D. Wermke, N. Huaman, Y. Acar, B. Reaves, P. Traynor, S. Fahl, A Large Scale Investigation of Obfuscation Use in Google Play, Proceedings of the Annual Computer Security Applications Conference (ACSAC), 2018. (acceptance rate: 20.1%).

L. Vargas, G. Hazarika, R. Culpepper, K. Butler, T. Shrimpton, D. Szajda, P. Traynor, Mitigating Risk while Complying with Data Retention Laws, Proceedings of the ACM Conference on Computer and Communications Security (ACM CCS), 2018. (acceptance rate: 16.6%)

N. Scaife, C. Peeters, and P. Traynor, Fear the Reaper: Fast Detection of External-Access Card Skimmers, Proceedings of the USENIX Security Symposium (SECURITY), 2018. (acceptance rate: 19.0%)

G. Hernandez, D. Tian, J. Choi, V. Frost, C. Ruales, K. Butler, P. Traynor, H. Vijayakumar, L. Harrison, A. Rahmati, and M. Grace. ATtention Spanned: Comprehensive Vulnerability Analysis of AT Commands Within the Android Ecosystem, In Proceedings of the USENIX Security Symposium (SECURITY), 2018 (acceptance rate: 19.0%)

L. Blue, L. Vargas, and P. Traynor, Hello, Is It Me You’re Looking For? Differentiating Between Human and Electronic Speakers for Voice Interface Security, In Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2018. (acceptance rate: 25.6%)

L. Blue, H. Abdullah, L. Vargas, and P. Traynor, 2MA: Verifying Voice Commands via Two Microphone Authentication, In Proceedings of the ACM ASIA Conference on Information, Computer and Communications Security (ASIACCS), 2018. (acceptance rate: 20.0%)

N. Scaife, C. Peeters, C. Velez, H. Zhao, P. Traynor, and D. Arnold, The Cards Aren’t Alright: Detecting Counterfeit Gift Cards Using Encoding Jitter, In Proceedings of the IEEE Symposium on Security and Privacy (S&P), 2018 (Acceptance Rate: 10.4%). (pdf)’

C. Peeters, H. Abdullah, N. Scaife, J. Bowers, P. Traynor, B. Reaves, and K. Butler, Sonar: Detecting SS7 Redirection Attacks Via Call Audio-Based Distance Bounding, In Proceedings of the IEEE Symposium on Security and Privacy (S&P), 2018. (Acceptance Rate: 10.4%).

T. Ward, J. Choi, K. Butler, J. M. Shea, P. Traynor, and T. Wong, Privacy Preserving Localization Using a Distributed Particle Filtering Protocol, In IEEE MILCOM, 2017. (Acceptance Rate: 56%)

B. Reaves, L. Blue, H. Abdullah, L. Vargas, P. Traynor and T. Shrimpton. AuthentiCall: Efficient Identity and Content Authentication for Phone Calls, In Proceedings of the USENIX Security Symposium (SECURITY), 2017. (Acceptance Rate: 16.3%) (pdf)

J. Bowers, B. Reaves, I. Sherman, P. Traynor and K. Butler. Regulators, Mount Up! Analysis of Privacy Policies for Mobile Money Applications, In Proceedings of the USENIX Symposium on Usable Privacy and Security (SOUPS), 2017 (Acceptance Rate: 26.5%). (pdf)

B. Reaves, L. Blue and P. Traynor, AuthLoop: End-to-End Cryptographic Authentication for Telephony over Voice Channels, In Proceedings of the USENIX Security Symposium (SECURITY), 2016. (Acceptance Rate: 15.5%). (pdf)

D. Tian, N. Scaife, A. Bates, K. Butler and P. Traynor, Making USB Great Again with USBFILTER, In Proceedings of the USENIX Security Symposium (SECURITY), 2016. (Acceptance Rate: 15.5%). (pdf)

B. Reaves, D. Tian, L. Blue, P. Traynor and K. Butler. Detecting SMS Spam in the Age of Legitimate Bulk Messaging, In Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2016. (pdf)

N. Scaife, H. Carter, P. Traynor and K. Butler, CryptoLock (and Drop It): Stopping Ransomware Attacks on User Data, In IEEE International Conference on Distributed Computing Systems (ICDCS), 2016. (Acceptance Rate: 17.6%) (pdf)

B. Reaves, N. Scaife, D. Tian, L. Blue, P. Traynor and K. Butler, Sending out an SMS: Characterizing the Security of the SMS Ecosystem with Public Gateways, Proceedings of the IEEE Symposium on Security and Privacy (S&P), 2016 (acceptance rate: 13.0%).
(pdf)

B. Mood, D. Gupta, H. Carter, K. Butler and P. Traynor, Frigate: A Validated, Extensible, and Efficient Compiler and Interpreter for Secure Computation, Proceedings of the IEEE European Symposium on Security and Privacy (EuroS&P), 2016 (acceptance rate: 17.3%). (pdf)

H. Carter, B. Mood, P. Traynor and K. Butler, Outsourcing Secure Two-Party Computation as a Black Box, Proceedings of the International Conference on Cryptology and Network Security (CANS), 2015. (acceptance rate: 52.9%) (pdf)

N. Scaife, H. Carter and P. Traynor, OnionDNS: A Seizure-Resistant Top-Level Domain, Proceedings of IEEE Conference on Communications and Network Security (CNS), 2015. (acceptance rate: 28.1%) (pdf)

B. Reaves, N. Scaife, A. Bates, P. Traynor and K. Butler, Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications in the Developing World, Proceedings of the USENIX Security Symposium (SECURITY), 2015 (acceptance rate: 15.7%) (pdf)

B. Reaves, E. Shernan, A. Bates, H. Carter and P. Traynor, Boxed Out: Blocking Cellular Interconnect Bypass Fraud at the Network Edge Proceedings of the USENIX Security Symposium (SECURITY), 2015. (acceptance rate: 15.7%) (pdf)

D. Dewey, B. Reaves and P. Traynor, Uncovering Use-After-Free Conditions In Compiled Code, Proceedings of the International Conference on Availability, Reliability and Security (ARES), 2015. (acceptance rate: 22%) (pdf)

E. Shernan, H. Carter, D. Tian, P. Traynor, K. Butler, More Guidelines Than Rules: CSRF Vulnerabilities from Noncompliant OAuth 2.0 Implementations, Proceedings of the International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment (DIMVA), July 2015. (acceptance rate: 22.7%) (pdf)

H. Carter, C. Lever, P. Traynor, Whitewash: Outsourcing Garbled Circuit Generation for Mobile Devices, Proceedings of the Annual Computer Security Applications Conference (ACSAC), December 2014. (acceptance rate: 19.9%) (pdf)

H. Carter, B. Mood, P. Traynor and K. Butler. Secure Outsourced Garbled Circuit Evaluation for Mobile Devices, In Proceedings of the USENIX Security Symposium (SECURITY), 2013. (acceptance rate: 16.2%) (pdf)

C. Amrutkar, M. Hiltunen, T. Jim, K. Joshi, O. Spatscheck, P. Traynor and S. Venkataraman, Why is My Smartphone Slow? On The Fly Diagnosis of Poor Performance on the Mobile Internet, Proceedings of The 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2013 (acceptance rate: 19.6%) (pdf)

S. Chakradeo, B. Reaves, P. Traynor and W. Enck, MAST: Triage for Market-scale Mobile Malware Analysis, In Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2013. (acceptance rate: 15.0%) (pdf) (best paper)

C. Lever, M. Antonakakis, B. Reaves, P. Traynor and W Lee. The Core of the Matter: Analyzing Malicious Traffic in Cellular Carriers, In Proceedings of the ISOC Network & Distributed System Security Symposium (NDSS), 2013. (acceptance rate: 18.8%) (pdf)

C. Amrutkar, K. Singh, A. Verma and P. Traynor, VulnerableMe: Measuring Systemic Weaknesses in Mobile Browser Security, In Proceedings of the International Conference on Information Systems Security (ICISS), 2012. (acceptance rate: 25%) (pdf)

C. Amrutkar, P. Traynor and P. van Oorschot, Measuring SSL Indicators on Mobile Browsers: Extended Life, or End of the Road?, In Proceedings of the Information Security Conference (ISC), 2012. (acceptance rate: 32%) (pdf) (best student paper)

I. Dacosta, M. Ahamad and P. Traynor, Trust No One Else: Detecting MITM Attacks Against SSL/TLS Without Third-Parties, In Proceedings of the European Symposium on Research in Computer Security (ESORICS), 2012. (acceptance rate: 20.2%) (pdf)

A. Bates, K. Butler, M. Sherr, C. Shields, P. Traynor, and D. Wallach, Accountable Wiretapping -or- I Know They Can Hear You Now, In Proceedings of the ISOC Network & Distributed System Security Symposium (NDSS), 2012 (acceptance rate: 17.8%) (pdf)

Y. Nadji, J. Giffin and P. Traynor, Automated Remote Repair for Mobile Malware, Proceedings of the Annual Computer Security Applications Conference (ACSAC), December 2011. (acceptance rate: 18.5%) (pdf)

N. Nipane, I. Dacosta and P. Traynor “Mix-In-Place” Anonymous Networking Using Secure Function Evaluation, Proceedings of the Annual Computer Security Applications Conference (ACSAC), December 2011. (acceptance rate: 18.5%) (pdf)

P. Marquardt, A. Verma, H. Carter and P. Traynor, (sp)iPhone: Decoding Vibrations From Nearby Keyboards Using Mobile Phone Accelerometers, Proceedings of the ACM Conference on Computer and Communications Security (CCS), October, 2011. (acceptance rate: 13.9%) (pdf)

P. Marquardt, D. Dagon and P. Traynor, Impeding Individual User Profiling in Shopper Loyalty Programs, Proceedings of the International Conference on Financial Cryptography and Data Security (FC), February, 2011. (acceptance rate: 35.1%) (pdf)

D. Dewey and P. Traynor, No Loitering: Exploiting Lingering Vulnerabilities in Default COM Objects, Proceedings of the ISOC Network & Distributed System Security Symposium (NDSS), February, 2011. (acceptance rate: 20.1%) (pdf)

V. Balasubramaniyan, A. Poonawalla, M. Ahamad, M. Hunter and P. Traynor, PinDr0p: Using Single-Ended Audio Features to Determine Call Provenance, Proceedings of the ACM Conference on Computer and Communications Security (CCS), November 2010. (pdf) (acceptance rate: 17.2%)

P. Traynor, J. Schiffman, T. La Porta, P. McDaniel and A. Ghosh, Constructing Secure Localization Systems with Adjustable Granularity, Proceedings of the IEEE Global Communications Conference (GLOBECOM), December 2010 (acceptance rate: 35.6%)

P. Traynor, Characterizing the Security Implications of Third-Party EAS Over Cellular Text Messaging Services, Proceedings of the IEEE International Conference on Security and Privacy in Communication Networks (SecureComm), September 2010. (pdf) (acceptance rate: 25.0%)

K. Singh, S. Sangal, N. Jain, P. Traynor and W. Lee, Evaluating Bluetooth as a Medium for Botnet Command and Control, Proceedings of the International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment (DIMVA), 2010. (pdf) (acceptance rate: 30%)

I. Dacosta and P. Traynor, Proxychain: Developing a Robust and Efficient Authentication Infrastructure for Carrier-Scale VoIP Networks, Proceedings of the USENIX Annual Technical Conference (ATC), 2010. (pdf) (acceptance rate: 17.0%)

F. Park, C. Gangakhedkar and P. Traynor, Leveraging Cellular Infrastructure to Improve Fraud Prevention, Proceedings of the Annual Computer Security Applications Conference (ACSAC), December 2009. (pdf) (acceptance rate: 19.0%)

P. Traynor, M. Lin, M. Ongtang, V. Rao, T. Jaeger, T. La Porta and P. McDaniel, On Cellular Botnets: Measuring the Impact of Malicious Devices on a Cellular Network Core, Proceedings of the ACM Conference on Computer and Communications Security (CCS), November 2009. (pdf) (acceptance rate: 18.4%)

B. Dolan-Gavitt, A. Srivastava, P. Traynor and J. Giffin, Robust Signatures for Kernel Data Structures, Proceedings of the ACM Conference on Computer and Communications Security (CCS), November 2009. (pdf) (acceptance rate: 18.4%)

I. Dacosta, V. Balasubramaniyan, M. Ahamad and P. Traynor, Improving Authentication Performance of Distributed SIP Proxies, Proceedings of the Conference on Principles, Systems and Applications of IP Telecommunications (IPTComm), July, 2009. (pdf) (acceptance rate: 43%)

P. Traynor, K. Butler, W. Enck and P. McDaniel, Realizing Massive-Scale Conditional Access Systems Through Attribute-Based Cryptosystems, ISOC Network & Distributed System Security Symposium (NDSS), February, 2008. (pdf) (acceptance rate: 17.7%)

P. Traynor, P. McDaniel and T. La Porta, On Attack Causality in Internet-Connected Cellular Networks, USENIX Security Symposium (SECURITY), August, 2007. (pdf) (acceptance rate: 12.3%)

S. Ryu, K. Butler, P. Traynor and P. McDaniel, Leveraging Identity-based Cryptography for Node ID Assignment in Structured P2P Systems, IEEE International Symposium on Security in Networks and Distributed Systems (SSNDS), May, 2007. (acceptance rate: 40%)

L. St. Clair, L. Johansen, W. Enck, M. Pirretti, P. Traynor, P. McDaniel and T. Jaeger, Password Exhaustion: Predicting the End of Password Usefulness, International Conference on Information Systems Security (ICISS), December, 2006. (pdf) (Invited paper)

K. Butler, W. Enck, J. Plasterr, P. Traynor and P. McDaniel, Privacy-Preserving Web-Based Email, International Conference on Information Systems Security (ICISS), December, 2006. (pdf) (acceptance rate: 30.4%)

M. Pirretti, P. Traynor, P. McDaniel and B. Waters, Secure Attribute-Based Systems, Proceedings of the Thirteenth ACM Conference on Computer and Communications Security (CCS), November 2006. (pdf) (acceptance rate: 14.8%)

P. Traynor, W. Enck, P. McDaniel and T. La Porta, Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networks, Proceedings of the Twelfth Annual ACM International Conference on Mobile Computing and Networking (MobiCom), September 2006. (pdf) (acceptance rate: 11.7%)

P. Traynor, M. Chien, S. Weaver, B. Hicks, P. McDaniel, Non-Invasive Methods for Host Certification, Proceedings of the Second IEEE International Conference on Security and Privacy in Communication Networks (SecureComm), August 2006. (pdf) (acceptance rate: 25.4%)

P. Traynor, J. Shin, B. Madan, S. Phoha, T. La Porta, Efficient Group Mobility for Heterogeneous Sensor Networks, Proceedings of the IEEE Vehicular Technology Conference (VTC Fall), September 2006. (pdf) (acceptance rate: 58%)

P. Traynor, R. Kumar, H. Bin Saad, G. Cao and T. La Porta, LIGER: Implementing Efficient Hybrid Security Mechanisms for Heterogeneous Sensor Networks, Proceedings of the ACM/USENIX Fourth International Conference on Mobile Systems Applications and Services (MobiSys), June 2006. (pdf) (acceptance rate: 15.4%)

P. Traynor, G. Cao and T. La Porta, The Effects of Probabilistic Key Management on Secure Routing in Sensor Networks, Proceedings of the IEEE Wireless Communications and Networking Conference (WCNC), April 2006. (pdf) (acceptance rate: 38.8%)

P. Traynor, H. Choi, G. Cao, S. Zhu and T. La Porta, Establishing Pair-Wise Keys in Heterogeneous Sensor Networks, Proceedings of the 25th Annual IEEE Conference on Computer Communications (INFOCOM), April 2006. (pdf) (acceptance rate: 18%)

W. Enck, P. Traynor, P. McDaniel and T. La Porta, Exploiting Open Functionality in SMS-Capable Cellular Networks, Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS), November 2005. (pdf) (acceptance rate: 15%)

Workshops

D. Gupta, B. Mood, J. Feigenbaum, K. Butler and P. Traynor, Using Intel Software Guard Extensions for Efficient Two-Party Secure Function Evaluation, Proceedings of the Workshop on Encrypted Computing and Applied Homomorphic Cryptography (WAHC), 2016. (pdf)

C. Amrutkar and P. Traynor, Rethinking Permissions for Mobile Web Apps: Barriers and the Road Ahead, Proceedings of the ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), 2012.

N. Lawrence and P. Traynor, Under New Management: Practical Attacks on SNMPv3, Proceedings of the USENIX Workshop on Offensive Technologies (WOOT), 2012.

A. Harris, F. Park, S. Goodman and P. Traynor, Emerging Privacy Concerns for Digital Wallet Deployment, Proceedings of the Workshop on Making Privacy in America, December, 2009.

P. Traynor, Privacy and Security Concerns for Personal and Mobile Health Devices, Proceedings of the Workshop to Set A Research Agenda for Privacy and Security of Healthcare Technologies, October, 2009.

K. Butler, W. Enck, H. Hursti, S. McLaughlin, P. Traynor and P. McDaniel, Systemic Issues in the Hart InterCivic and Premier Voting System: Reflections Following Project EVEREST, Proceedings of the USENIX/ACCURATE Electronic Voting Technology (EVT) Workshop, July, 2008.

Technical Reports

P. Traynor, Characterizing the Limitations of Third-Party EAS Over Cellular Text Messaging Services, 3G Americas Whitepaper, September, 2008.

L. Johansen, K. Butler, W. Enck, P. Traynor, and P. McDaniel. Grains of SANs: Building Storage Area Networks from Memory Spots Technical Report NAS-TR-0060-2007, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, January 2007.

K. Butler, W. Enck, H. Hursti, S. McLaughlin, P. Traynor, and P. McDaniel. Systemic Issues in the Premier Voting System: Reflections Following Project EVEREST Technical Report NAS-TR-0087-2008, Networking and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, April 2008.

K. Butler, W. Enck, H. Hursti, S. McLaughlin, P. Traynor, and P. McDaniel. Systemic Issues in the Hart InterCivic System: Reflections Following Project EVEREST Technical Report NAS-TR-0088-2008, Networking and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, April 2008.

Invited Talks

Analyzing Malicious Traffic in Cellular Networks, GSM Association’s (GSMA) Mobile Malware Community Workshop, Mountain View, CA, July 2013.

Threats to Mobile Devices, US Federal Trade Commission (FTC), Washington D.C., June 2013.

Chasing Telephony Security: Where the Wild Things… Are?, University of Wisconsin Security Seminar, March 2013. Madison, WI.

The Core of the Matter: Analyzing Malicious Traffic in Cellular Carriers, Centre for Secure Information Technologies (CSIT), Queens University, Belfast, Northern Ireland, March 2013.

Chasing Telephony Security: Where the Wild Things… Are?, Stanford Security Seminar, March 2013. Stanford, CA.

Chasing Telephony Security: Where the Wild Things… Are?, University of California, Berkeley, Security Group, March 2013, Berkeley, CA.

Chasing Telephony Security: Where the Wild Things… Are?, Carnegie Mellon University CyLab Seminar, February 2013. Pittsburgh, PA.

Chasing Telephony Security: Where the Wild Things… Are?, University of Oregon Department of Computer Science Colloquium, November 2012. Eugene, OR.

Chasing Telephony Security: Where the Wild Things… Are?, University of Washington Department of Electrical Engineering, Network Security Lab (NSL): Invited Talk, November 2012. Seattle, WA.

Needles and Haystacks: Digging for Ground Truth on Mobile Malware, ZISC Workshop on Secure Mobile and Cloud Computing, ETH Zurich, Zurich, Switzerland, June 2012.

Advice from Early Career Faculty, CRA Career Mentoring Workshop, Invited Panelist, February 2012, Washington, D.C.

Research Challenges in Cellular and Mobile Network Security, US-China Software Workshop (Co-Sponsored by NSF and NSFC), September 2011, Beijing, China.

Mobile Security: Understanding Risks to Critical Infrastructure, US Department of State East African Workshop on Cyberspace Security, July 2011. Nairobi, Kenya.

Tomorrows Issues: Solving the Mobile Security Threat, Centre for Secure Information Technologies (CSIT), Queens University, Belfast, Northern Ireland, March 2011.

PinDr0p: Using Single-Ended Audio Features to Determine Call Provenance MITRE Corporation, Burlington, MA, March 2011.

Defeating Session Hijacking Attacks with Disposable Web Credentials Facebook, Palo Alto, CA, February 2011.

Understanding the Disruptive Potential of Malware in Cellular Networks Invited Talk: RSA Conference, San Francisco, CA, February 2011.

Voice Security - Now Just a False Sense of Security and Privacy Invited Panelist: Mobile Security Symposium, San Francisco, CA, February 2011.

Understanding the Disruptive Potential of Malware in Cellular Networks Invited Speaker, Concordia University, Montreal, QC, Canada, May 2010.

Characterizing the Impact of Rigidity on the Security of Cellular Networks Qualcomm Research, San Diego, CA, March 2010.

Privacy and Security Concerns for Personal and Mobile Health Devices Workshop to Set A Research Agenda for Privacy and Security of Healthcare Technologies, Indianapolis, Indiana, October 2009.

Considerations for EAS Over Cellular Text Messaging Services 3G Americas Webinar, Invited Speaker, July 2009.

The Evolving Mobile Landscape: Emerging Security Threats Mobile Security eConference, Invited Speaker, SC Magazine, June 2008.

Characterizing the Impact of Rigidity on the Security of Cellular Networks University of Washington, Seattle, WA, February 2009.

Characterizing the Impact of Rigidity on the Security of Cellular Networks Microsoft Research, Redmond, WA, February 2009.

Next Years Problems, Secure Computing (SC) Magazine Webinar, November

  1. (Audio)

Can you DoS me now? Security Issues in Cellular Networks Georgia Institute of Technology, Atlanta, GA, September 2008.

Characterizing the Impact of Rigidity on the Security of Cellular Networks Georgia Institute of Technology, Atlanta, GA, April 2008.

Characterizing the Impact of Rigidity on the Security of Cellular Networks AT&T Labs - Research, Florham Park, NJ, April 2008.

Characterizing the Impact of Rigidity on the Security of Cellular Networks The University of Arizona, Tucson, AZ, March 2008.

Cellular Networks Security Panel USENIX Security Symposium, Boston, MA, August 2007.

malnets:Large-Scale Malicious Networks via Compromised Access Points The Pennsylvania State University - ACM Club Invited Speaker, October 2006.

malnets: Large-Scale Malicious Networks via Compromised Access Points The University of Michigan, Ann Arbor, MI, October 2006.

Exploiting Open Functionality in SMS-Capable Cellular Networks The University of Michigan, Ann Arbor, MI, October 2006.

Exploiting Open Functionality in SMS-Capable Cellular Networks High Technology Crime Investigation Association (HTCIA), Pittsburgh, PA, September 2006.

Trends in Security: Critical Engineering in the Large Schlumberger Innovate IT! Workshop, MIT Media Labs, May 2006. (joint with Patrick McDaniel)

Exploiting Open Functionality in SMS-Capable Cellular Networks InfraGard Pittsburgh Chapter General Meeting, Pittsburgh, PA, March, 2006. (joint with Patrick McDaniel)

Exploiting Open Functionality in SMS-Capable Cellular Networks The University of Richmond, Richmond, VA, October 2005.

Media Coverage

The Threat in the Pocket, The Economist - (10/18/13)

Let’s Dump Anti-Virus and Move On, ComputerWorld

  • (10/14/13)

Android Threat Exaggerated, or is it? ITWeb

  • (10/10/13)

Google: Don’t Fear Android Malware, InformationWeek

  • (10/8/13)

Mobile malware prevalence expands, but privacy-abusing apps should be top of mind, SC Magazine - (6/27/13)

Mobile Web Browsers Full of Security Risks, Tech Professor Finds, WABE

  • NPR Atlanta</a> - (12/11/12)

Georgia Tech: mobile browsers fail safety test, Consumer Affairs - (12/06/12)

Blame Screen Size: Mobile Browsers Flunk Security Testsm InformationWeek

  • (12/06/12)

Ga. Tech researchers: Mobile Browsers need better HTTPS indicators, Network World - (12/05/12)

Study: Most mobile Web browsers unsafe UPI

  • (12/05/12)

Mobile browser woes can fool even experts: report, NBC News - (12/05/12)

3 hot security startups to watch, VentureBeat

  • (2/27/12)

Phone hack logs keystrokes from nearby computers, MSNBC.com

  • (10/21/11)

iPhone keylogger can snoop on desktop typing, New Scientist - (10/18/11)

iPhone Keylogger Can Snoop On Desktop Typing, Slashdot

  • (10/18/11)

Smart Phones Could Hear Your Password, Technology Review - (10/18/11)

Turning iPhone into spiPhone: Smartphones’ accelerometer can track strokes on nearby keyboards, PhysOrg.com

  • (10/18/11)

Bad vibrations: How smart phones could steal PC passwords, Government Computer News - (10/18/11)

Securo-boffins call for ‘self-aware’ defensive technologies, The Register (9/14/11)

Voice Phishing: System to Trace Telephone Call Paths Across Multiple Networks Developed, Science Daily - (10/9/10)

‘PinDr0p’ Tech Uses Unique Noise Fingerprints to Trace Calls, Popular Science - (10/6/10)

Voice-routing call fingerprint system fights vishing, The Register - (10/6/10)

To text or not to text during emergencies, Nextgov

  • (9/14/10)

‘Operation Chokehold’: Fake Steve Jobs Rallies iPhone Users to Cripple AT&T Network, ABC News - (12/16/09)

Researchers Set Their Sights on iPhones, Mobile Malware, PC World Magazine - (11/11/09)

Mobile botnets show their disruptive potential, NewScientist Magazine - (11/11/09)

Remote repair for infected phones in development, SC Magazine - (11/11/09)

iPhone worms, other smartphone malware in researchers’ sights, Network World - (11/11/09)

GT researchers work to secure cellphones, Atlanta Business Chronicle - (11/10/09)

Making Carriers Shoulder Smartphone Security, Slashdot

  • (11/10/09)

Georgia Tech to Lead Fight Against Cell Phone Hackers NBC 11 Atlanta - (7/14/09)

Safeguarding your mobile networks, SC Magazine - (6/16/09)

Four Free Cellphone Apps to Help Manage Your Money, SmartMoney Magazine - (5/27/09)

Technology’s limitations in alerting campus danger UWire Magazine - (2/10/09)

Compromise Allows Obama To Keep BlackBerry National Public Radio (NPR) - (1/23/09)

Questions abound as emergency alert flops: Virginia Tech’s text-message alert system failed when the sound of gunfire was heard on campus; officials scramble to understand why eSchool News - (11/17/08)

Study: Text alerts may fail in real emergency Diamondback Online - (10/14/08)

College alert systems unreliable, study says, Associated Press - (9/25/08)

Study: Campus alerts unreliable, Athens Banner Herald - (9/25/08)

3G Americas warns against text warning systems, The Register

  • (9/18/08)

3G Americas Highlights New Research Report on Use of Cellular Text Messaging for Emergency Alert Services, 3G Americas - (9/17/08)

Web Exclusive: From Messaging to Management Duty, Wireless Week - (5/1/08)

How Do You Intercept a Text Message? Turn your cell phone into a spy gadget, Slate Magazine - (3/7/07)

Jamming Cellphones with Text Messages, Slashdot

  • (10/5/2005)

Cell phone networks at risk? CNN

  • (10/5/2005)

Text Hackers Could Jam Cellphones, a Paper Says, The New York Times - (10/5/2005)

Miscellaneous

P. McDaniel, K. Butler, W. Enck, H. Hursti, S. McLaughlin, P. Traynor, M. Blaze, A. Aviv, P. Cerny, S. Clark, E. Cronin, G. Shah, M. Sherr, G. Vigna, R. Kemmerer, D. Balzarotti, G. Banks, M. Cova, V. Felmetsger, W. Robertson, F. Valeur, J. L. Hall and L. Quilter, EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing, Public Report, December 14, 2007.

USENIX Security Symposium Conference Summaries. USENIX ;login Magazine, December 2007.

USENIX Security Symposium Conference Summaries. USENIX ;login Magazine, December 2006.

Fine-Grained Secure Localization for 802.11 Networks Work in Progress Presentations, 15th USENIX Security Symposium, August 2006.

Fundamental Limitations of Sensor Network Security Work in Progress Presentations, ACM/USENIX Fourth International Conference on Mobile Systems Applications and Services (MobiSys), June 2006. (Award: Most Entertaining WIP)

Patrick Traynor, Heesook Choi, Guohong Cao and Thomas La Porta, Probabilistic Unbalanced Key Distribution and Its Effects on Distributed Sensor Networks, Poster Session at ACM Workshop on Wireless Security (WiSe), October 1, 2004.