Carnegie Mellon CyLab is a bold and visionary effort, which establishes public-private partnerships to develop new technologies for measurable, secure, available, trustworthy and sustainable computing and communications systems. CyLab is a world leader in both technological research and the education of professionals in information assurance, security technology, business and policy, as well as security awareness among cyber-citizens of all ages. Building on more than two decades of Carnegie Mellon leadership in Information Technology, CyLab is a university-wide initiative that involves over fifty faculty and one hundred graduate students from more than six different departments and schools. As a vital resource in the effort to address cyber vulnerabilities that threaten national and economic security, CyLab is closely affiliated with CERT® Coordination Center, a leading, internationally recognized center of internet security expertise.

Follow

Submissions from 2007

PDF

PRISM: Enabling Personal Verification of Code Integrity, Untampered Execution, and Trusted I/O on Legacy Systems or Human-Verifiable Code Execution, Jason Franklin, Mark Luk, Arvind Seshadri, and Adrian Perrig

PDF

Mental Trapdoors for User Authentication on Small Mobile Devices, Eiji Hayashi, Nicolas Christin, Rachna Dhamija, and Adrian Perrig

PDF

Distributed Evasive Scan Techniques and Countermeasures, Min G. Kang, Juan Caballero, and Dawn Song

PDF

Castor: Secure Code Updates using Symmetric Cryptosystems, Donnie H. Kim, Rajeev Gandhi, and Priya Narasimhan

PDF

Protecting People from Phishing: The Design and Evaluation of an Embedded Training Email System, Ponnurangam Kumaraguru, Yong Rhee, Alessandro Acquisti, Lorrie Faith Cranor, Jason Hong, and Elizabeth Nunge

PDF

Teaching Johnny Not to Fall for Phish, Ponnurangam Kumaraguru, Steve Sheng, Alessandro Acquisti, Lorrie Faith Cranor, and Jason Hong

PDF

Tradeoffs in Configuring Secure Data Dissemination in Sensor Networks: An Empirical Outlook, Patrick E. Lanigan, Priya Narasimhan, and Rajeev Gandhi

PDF

NetPiler: Reducing Network Configuration Complexity through Policy Classification, Sihyung Lee, Tina Wong, and Hyong S. Kim

PDF

An Execution Infrastructure for TCB Minimization, Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter, and Hiroshi Isozaki

PDF

SNAPP: Stateless Network-Authenticated Path Pinning, Bryan Parno, Adrian Perrig, and David G. Andersen

PDF

Traffic Aggregation for Malware Detection, Michael K. Reiter and Ting-Fang Yen

PDF

HookFinder: Identifying and Understanding Malware Hooking Behaviors, Heng Yin, Zhenkai Liang, and Dawn Song

PDF

Bounding Packet Dropping and Injection Attacks in Sensor Networks, Xin Zhang, Haowen Chang, Abhishek Jain, and Adrian Perrig

PDF

Availability-Oriented Path Selection in Multi-Path Routing, Xin Zhang, Adrian Perrig, and Hui Zhang

Submissions from 2006

PDF

Consumable Credentials in Logic-Based Access Control, Lujo Bauer, Kevin D. Bowers, Frank Pfenning, and Michael K. Reiter

PDF

Efficient Proving for Distributed Access-Control Systems, Lujo Bauer, Scott Garriss, and Michael K. Reiter

PDF

Dynamic Change Management for Minimal Impact on Dependability and Performance in Autonomic Service-Oriented Architectures, Tudor Dumitras, Daniela Rosu, Asit Dan, and Priya Narasimhan

PDF

Beyond Output Voting: Detecting Compromised Replicas using Behavioral Distance, Debin Gao, Michael K. Reiter, and Dawn Song

PDF

Trinetra: Assistive Technologies for the Blind, Patrick E. Lanigan, Aaron M. Paulos, Andrew W. Williams, and Priya Narasimhan

PDF

Secure Split Assignment Trajectory Sampling: A Malicious Router Detection System, Sihyung Lee, Tina Wong, and Hyong S. Kim

PDF

Characterization and Problem Detection of Routing Policy Configurations, Franck Le, Sihyung Lee, Tina Wong, Hyong S. Kim, and Darrell Newcomb

PDF

Minerals: Using Data Mining to Detect Router Misconfigurations, Franck Le, Sihyung Lee, Tina Wong, Hyong S. Kim, and Darrell Newcomb

PDF

Scanner Detection Based on Connection Attempt Success Ratio with Guaranteed False Positive and False Negative Probabilities, Seung Yeob Nam and Hyong S. Kim

PDF

Estimation of Available Bandwidth of a Remote Link or Path Segments, Seung Yeob Nam, Sihyung Lee, and Hyong S. Kim

PDF

End-to-End Consistency of Multi-Tier Operations Across Mixed Replicated and Unreplicated Components, Priya Narasimhan and Aaron M. Paulos

PDF

Fast Detection of Local Scanners Using Adaptive Methods, Ahren Studer and Chenxi Wang

PDF

FastPass: Providing First-Packet Delivery, Dan Wendlandt, David G. Andersen, and Adrian Perrig

PDF

Forensic Analysis for Epidemic Attacks in Federated Networks, Yinglian Xie, Vyas Sekar, Michael K. Reiter, and Hui Zhang

PDF

Phinding Phish: Evaluating Anti-Phishing Tools, Yue Zhang, Serge Egelman, Lorrie Cranor, and Jason Hong

Submissions from 2005

PDF

Empowering Ordinary Consumers to Securely Configure their Mobile Devices and Wireless Networks, Cynthia Kuo, Vincent Goh, Adrian Tang, Adrian Perrig, and Jesse Walker

PDF

Bump in the Ether: Mobile Phones as Proxies for Sensitive Input, Jonathan M. McCune, Adrian Perrig, and Michael K. Reiter

PDF

Phoolproof Phishing Prevention, Bryan Parno, Cynthia Kuo, and Adrian Perrig

PDF

Interleaving Semantic Web Reasoning and Service Discovery to Enforce Context-Sensitive Security and Privacy Policies, Jinhai Rao and Norman Sadeh