Key Resources:

• Resources for: Industry, Government, Faculty, Students & Staff
• TRUST Introduction (Powerpoint).
• Visitor parking, transportation, directions, lodging.
• Resources for TRUST researchers (presentation and poster templates, etc.).

Recent Trust Publications

Inductive Trace Properties Imply Computational Security, A. Roy, A. Datta, A. Derek, J. C. Mitchell

Privacy and Utility in Business Processes,

Transaction Generators: Rootkits for the Web, Collin Jackson, Dan Boneh, John C. Mitchell

Characterizing Bots’ Remote Control Behavior,

Link Privacy in Social Networks.,

Verifying the Safety of User Pointer Dereferences.,

Context-Sensitive Program Analysis as Database Queries,

Finding Security Vulnerabilities in Java Applications Using Static Analysis,

Finding Application Errors and Security Flaws Using PQL: a Program Query Language.,

Securing Web Applications Using Static and Dynamic Information Flow Tracking., M. Lam, M. Martin, B. Livshits, J. Whaley

Automatic Inference of Stationary Fields: a Generalization of Java's Final Fields,

Automatic generation of XSS and SQL injection attacks with goal-directed model checking.,

Space-Efficient Identity Based Encryption Without Pairings.,

Reducing Shoulder-surfing by Using Gaze-based Password Entry,

Protecting Browsers from DNS Rebinding Attacks.,

Under-constrained execution: making automatic code destruction easy and scalable, Dawson Engler, Daniel Dunbar

Attacking Path Explosion in Constraint-Based Test Generation, Cristian Cadar, Dawson Engler, Peter Boonstoppel

Perspectives: Improving SSH-style Host Authentication with Multi-path Network Probing, Dan Wendlandt, Dave Andersen, Adrian Perrig

Mind Your Manners: Socially Appropriate Wireless Key Establishment for Groups, Cynthia Kuo, Ahren Studer, Adrian Perrig

How Low Can You Go? Recommendations for Hardware-Supported Minimal TCB Code Execution, Jonathan M. McCune, Bryan Parno, Adrian Perrig, Mike Reiter, Arvind Seshadri

An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants, Jason Franklin, Vern Paxson, Stefan Savage, Adrian Perrig

SecVisor: A Tiny Hypervisor to Provide Lifetime Kernel Code Integrity for Commodity OSes, Arvind Seshadri, Mark Luk, Ning Qu, Adrian Perrig

Low-cost Manufacturing, Usability, and Security: An Analysis of Bluetooth Simple Pairing and Wi-Fi Protected Setup, Cynthia Kuo, Adrian Perrig, Jesse Walker

Tradeoffs in Byzantine-Fault-Tolerant State-Machine-Replication Protocol Design, Michael Merideth

Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications, David Brumley, Pongsin Poosankam, Dawn Song, Jiang Zheng

Introducing security in a chemical engineering design course using adaptive online learning, Kenneth Debelak, Larry Howard, Yuan Xue, Christina Lee, Janos Sztipanovits

Distributed Intrusion Detection System for Resource-Constrained Devices in Ad Hoc Networks, Adrian Lauf, William H. Robinson

A QoS policy configuration modeling language for publish/subscribe middleware platforms, Aniruddha Gokhale, Joe Hoffert, Douglas Schmidt

Model-based design of clinical information systems., Janos Laszlo Mathe, Jan Werner, Yonghwan Lee, Bradley Malin, Akos Ledeczi

Towards the security and privacy analysis of patient portals, Janos Laszlo Mathe, Sean Duncavage, Jan Werner, Akos Ledeczi, Bradley Malin, Janos Sztipanovits

Write markers for probabilistic quorum systems, Michael Merideth, Michael Reiter

Probabilistic opaque quorum systems, Michael Merideth, Michael Reiter

CareNet: An Integrated Wireless Sensor Networking Environment for Remote Healthcare, Shanshan Jiang, Yanchuan Cao, Sameer Iyengar, Philip Kuryloski, Roozbeh Jafari, Yuan Xue, Ruzena Bajcsy, Stephen Wicker

Minimum Disruption Service Composition and Recovery over Mobile Ad Hoc Networks, Shanshan Jiang, Yuan Xue, Douglas Schmidt

New Bounds on the Information-Theoretic Key Agreement of Multiple Terminals, Amin Aminzadeh Gohari, Venkatachalam Anantharam

Securing Frame Communication in Browsers, Adam Barth, Collin Jackson, John C. Mitchell

Automated Whitebox Fuzz Testing, Patrice Godefroid, Michael Levin, David A Molnar

Effective Testing via Symbolic Execution and Input Recombination, Daniel Dunbar, Cristian Cadar, Peter Pawlowski, Dawson Engler

Flicker: An Execution Infrastructure for TCB Minimization, Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael Reiter, Hiroshi Isozaki

Write Markers for Probabilistic Quorum Systems, Michael Merideth, Michael Reiter

Maelstrom: An Enterprise Continuity Protocol for Financial Data Centers, Ken Birman, Mahesh Balakrishnan, Tudor Marian, Hakim Weatherspoon

Power Consumption Monitoring - An Emerging Threat to Privacy, Mikhail Lisovich, Stephen Wicker

Detecting Data Leakage, Panagiotis Papadimitriou, Hector Garcia-Molina

Security Breach Notification Laws: A "Race-to-the-Top"?, Deirdre Mulligan

Experimental Platform for Model-Integrated Clinical Information Systems, Janos Laszlo Mathe, Jan Werner, Yonghwan Lee, Bradley Malin, Akos Ledeczi, John C. Mitchell, Janos Sztipanovits

A Testbed for Secure and Robust SCADA Systems, Annarita Giani, Gabor Karsai, Tanya Roosta, Aakash Shah, Bruno Sinopoli, Jon Wiley

Deploying Distributed Real-time Healthcare Applications on Wireless Body Sensor Networks, Allen Yang, Sameer Iyengar, Shanshan Jiang, Philip Kuryloski, Yanchuan Cao, Roozbeh Jafari, Yuan Xue, Ruzena Bajcsy, Stephen Wicker, S. Shankar Sastry

The Inherent Security of Routing Protocols in Ad-Hoc and Sensor Networks, Tanya Roosta, Sameer Pai, Phoebus Chen, S. Shankar Sastry, Stephen Wicker

A Distributed Intrusion Detection System for Resource-Constrained Devices in Ad Hoc Networks, Adrian Lauf, Richard A. Peters, William H. Robinson