2019
SDNSOC: Object Oriented SDN Framework
(PDF)
(BibTex)
Ankur Chowdhary, Dijiang Huang, Gail-Joon Ahn, Myong Kang, Anya Kim and Alexander Velazquez
Proceedings of the ACM International Workshop on Security in Software Defined Networks, Network Function Virtualization (SDN-NFV Sec), Richardson, Texas, March, 2019
ExSol: Collaboratively Assessing Cybersecurity Risks for Protecting Energy Delivery Systems
(PDF)
(BibTex)
Josephine Lamp, Carlos E. Rubio-Medrano, Ziming Zhao, and Gail-Joon Ahn
7th IEEE Workshop on Modeling and Simulation of Cyber-Physical Energy Systems (MSCPES) , co-located with the ACM/IEEE Cyber-Physical Systems and Internet-of-Things Week, Montreal, Canada, April 2019
Understanding and Detecting Private Interactions in Underground Forums
(PDF)
(BibTex)
Zhibo Sun, Carlos E. Rubio-Medrano, Ziming Zhao, Tiffany Bao, Adam Doupé, and Gail-Joon Ahn
Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy (CODASPY), Dallas , Texas, 2019
PhishFarm: A Scalable Framework for Measuring the Effectiveness of Evasion Techniques Against Browser Phishing Blacklists
(PDF)
(BibTex)
Adam Oest, Yeganeh Safaei, Adam Doupé, Gail-Joon Ahn, Brad Wardman, and Kevin Tyers
Proceedings of the 40th IEEE Symposium on Security and Privacy (Oakland), San Francisco, CA, May 2019
2018
REPT: Reverse Debugging of Failures in Deployed Software
(PDF)
(BibTex)
Weidong Cui, Xinyang Ge, Baris Kasikci, Ben Niu, Upamanyu Sharma, Ruoyu Wang, Insu Yun
Proceedings of the 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI), Carlsbad, CA, October, 2018
CacheLight: Defeating the CacheKit Attack
(PDF)
(BibTex)
Mauricio Gutierrez, Ziming Zhao, Adam Doupé, Yan Shoshitaishvili, and Gail-Joon Ahn
In Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security (ASHES), New York, NY, 2018
SeCore: Continuous Extrospection with High Visibility on Multi-core ARM Platforms
(PDF)
(BibTex)
Penghui Zhang, Bernard Ngabonziza, Haehyun Cho, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn
ACM Conference on Data and Applications Security and Privacy (CODASPY), Tempe, Arizona, 2018
Wi Not Calling: Practical Privacy and Availability Attacks in Wi-Fi Calling
(PDF)
(BibTex)
Jaejong Baek, Sukwha Kyung, Haehyun Cho, Ziming Zhao, Yan Shoshitaishvili, Adam Doupé, and Gail-Joon Ahn
Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC), San Juan, Puerto Rico, USA, 2018
Prime+Count: Novel Cross-world Covert Channels on ARM TrustZone
(PDF)
(BibTex)
Haehyun Cho, Penghui Zhang, Donguk Kim, Jinbum Park, Choong-Hoon Lee, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn
Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC), San Juan, Puerto Rico, USA, 2018
DexMonitor: Dynamically Analyzing and Monitoring Obfuscated Android Applications
(PDF)
(BibTex)
Haehyun Cho, Jeong Hyun Yi, and Gail-Joon Ahn
IEEE Access, Vol.6, pp.71229-71240, 2018
AIM-SDN: Attacking Information Mismanagement in SDN-datastores
(PDF)
(BibTex)
Vaibhav Hemant Dixit, Adam Doupé, Yan Shoshitaishvili, Ziming Zhao and Gail-Joon Ahn
25th ACM Conference on Computer and Communications Security (CCS), Toronto, Canada, 2018
vNIDS: Towards Elastic Security with Safe and Efficient Virtualization of Network Intrusion Detection Systems
(PDF)
(BibTex)
Hongda Li, Hongxin Hu, Guofei Gu, Gail-Joon Ahn and Fuqiang Zhang
25th ACM Conference on Computer and Communications Security (CCS), Toronto, Canada, 2018
The Danger of Missing Instructions: A Systematic Analysis of Security Requirements for MCPS
(PDF)
(BibTex)
Josephine Lamp, Carlos E. Rubio-Medrano, Ziming Zhao and Gail-Joon Ahn
3rd IEEE/ACM Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE), Washington, DC, USA, 2018
EDSGuard: Enforcing Network Security Requirements for Energy Delivery Systems
(PDF)
(BibTex)
Vu Coughlin, Carlos E. Rubio-Medrano, Ziming Zhao and Gail-Joon Ahn
IEEE International Conference on Communications, Control and Computing Technologies for Smart Grids (SMARTGRIDCOMM), Aalborg, Denmark, 2018
Inside a Phisher's Mind: Understanding the Anti-Phishing Ecosystem Through Phishing Kit Analysis
(PDF)
(BibTex)
Adam Oest, Yeganeh Safaei, Adam Doupé, Gail-Joon Ahn, Brad Wardman and Gary Warner
Symposium on Electronic Crime Research (eCrime), San Diego, CA, May, 2018
Challenges and Preparedness of SDN-based Firewalls
(PDF)
(BibTex)
Vaibhav Hemant Dixit, Sukwha Kyung, Ziming Zhao, Adam Doupé, Yan Shoshitaishvili, Gail-Joon Ahn
ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, in Conjunction with ACM CODASPY 2018 (SDN-NFV), Tempe, Arizona, 2018
RiskPol: A Risk Assessment Framework for Preventing Attribute-Forgery Attacks to ABAC Policies
(PDF)
(BibTex)
Carlos E. Rubio-Medrano, Ziming Zhao and Gail-Joon Ahn
3rd ACM Workshop on Attribute-based Access Control (ABAC), in Conjunction with CODASPY 2018 (ABAC), Tempe, Arizona, 2018
2017
BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments
(PDF)
(BibTex)
Aravind Machiry, Eric Gustafson, Chad Spensky, Chris Salls, Nick Stephens, Ruoyu Wang, Antonio Bianchi, Yung Ryn Choe, Christopher Kruegel, Giovanni Vigna
Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February, 2017
Piston: Uncooperative Remote Runtime Patching
(PDF)
(BibTex)
Christopher Salls, Yan Shoshitaishvili, Nick Stephens, Christopher Kruegel, Giovanni Vigna
Proceedings of the 33rd Annual Computer Security Applications Conference (ACSAC), San Juan, Puerto Rico, USA, December, 2017
Ramblr: Making Reassembly Great Again
(PDF)
(BibTex)
Ruoyu Wang, Yan Shoshitaishvili, Antonio Bianchi, Aravind Machiry, John Grosen, Paul Grosen, Christopher Kruegel, Giovanni Vigna
In Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February, 2017
How Shall We Play a Game?: A Game-theoretical Model for Cyber-warfare Games
(PDF)
(BibTex)
Tiffany Bao, Yan Shoshitaishvili, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna, David Brumley
Proceedings of 2017 IEEE 30th Computer Security Foundations Symposium (CSF), Santa Barbara, CA, August, 2017
OntoEDS: Protecting Energy Delivery Systems by Collaboratively Analyzing Security Requirements
(PDF)
(BibTex)
Josephine Lamp, Carlos E. Rubio-Medrano, Ziming Zhao and Gail-Joon Ahn
3rd IEEE International Conference on Collaboration and Internet Computing (IEEE CIC), San Jose, CA, October, 2017
Mutated Policies: Towards Proactive Attribute-based Defenses for Access Control
(PDF)
(BibTex)
Carlos E. Rubio-Medrano, Josephine Lamp, Adam Doupé, Ziming Zhao and Gail-Joon Ahn
2017 Workshop on Moving Target Defense, in conjuction with CCS 2017 (MTD), Dallas, TX, October, 2017
Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance
(PDF)
(BibTex)
Yan Shoshitaishvili, Michael Weissbacher, Lukas Dresel, Christopher Salls, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna
Proceedings of the 2017 ACM Conference on Computer and Communications Security (CCS), Dallas, TX, October, 2017
DIFUZE: Interface Aware Fuzzing for Kernel Drivers
(PDF)
(BibTex)
Jake Corina, Aravind Machiry, Christopher Salls, Yan Shoshitaishvili, Shuang Hao, Christopher Kruegel, Giovanni Vigna
Proceedings of the 2017 ACM Conference on Computer and Communications Security (CCS), Dallas, TX, October, 2017
Shell We Play A Game? CTF-as-a-service for Security Education
(PDF)
(BibTex)
Erik Trickel, Francesco Disperati, Eric Gustafson, Faezeh Kalantari, Mike Mabey, Naveen Tiwari, Yeganeh Safaei, Adam Doupé, Giovanni Vigna
USENIX Workshop on Advances in Security Education (ASE), Vancouver, BC, Canada, August, 2017
BootStomp: on the security of bootloaders in mobile devices
(PDF)
(BibTex)
Nilo Redini, Aravind Machiry, Dipanjan Das, Yanick Fratantonio, Antonio Bianchi, Eric Gustafson, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna
26th USENIX Security Symposium (USENIX Scurity), Vancouver, BC, Canada, August, 2017
Defining and Detecting Environment Discrimination in Android Apps
Yunfeng Hong, Yongjian Hu, Chun-Ming Lai, S. Felix Wu, Iulian Neamtiu, Patrick McDaniel, Paul Yu, Hasan Cam, and Gail-Joon Ahn
The 13th EAI International Conference on Security and Privacy in Communication Networks (SecureComm), October, 2017
HoneyProxy: Design and Implementation of Next-Generation Honeynet via SDN
(PDF)
Sukwha Kyung, Wonkyu Han, Naveen Tiwari, Vaibhav Dixit, Lakshmi Srinivas, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn
IEEE Conference on Communications and Network Security (CNS), Las Vagas, NV, October, 2017
Toward Standardization of Authenticated Caller ID Transmission
Huahong Tu, Adam Doupé, Ziming Zhao, and Gail-Joon Ahn
IEEE Communications Standards Magazine, September 2017 Issue IEEE Communications Society (Com Soc), September, 2017
Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits
(PDF)
(BibTex)
Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, David Brumley
IEEE Symposium on Security and Privacy (Oakland), San Jose, CA, 2017
A Game Theoretic Approach in Strategy Generation for Moving Target Defense in Web Applications
(PDF)
(BibTex)
Sailik Sengupta, Satya Gautam Vadlamudi, Subbarao Kambhampati, Adam Doupé, Marthony Taguinod, Ziming Zhao and Gail-Joon Ahn
16th International Conference on Antonomous Agents and Multiagent Sytems (AAMAS), São Paulo, Brazil, 2017
On the Safety and Efficiency of Virtual Firewall Elasticity Control
(PDF)
(BibTex)
Juan Deng, Hongda Li, Hongxin Hu, Kuang-Ching Wang, Gail-Joon Ahn, Ziming Zhao and Wonkyu Han
In Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, California, 2017
Deep Android Malware Detection
(PDF)
(BibTex)
Niall McLaughlin,Jesus Martinez del Rincon, BooJoong Kang, Suleiman Yerima, Paul Miller, Sakir Sezer,
Yeganeh Safaei, Erik Trickel, Ziming Zhao, Adam Doupé and Gail-Joon Ahn
ACM Conference on Data and Applications Security and Privacy (CODASPY), Scottsdale, Arizona, 2017
cyber grand shellphish
(Article)
2016
Driller: Augmenting Fuzzing Through Selective Symbolic Execution
(PDF)
(BibTex)
Nick Stephens, John Grosen, Christopher Salls, Andrew Dutcher, Ruoyu Wang, Jacopo Corbetta, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna
Proceedings of the Symposium on Network and Distributed System Security (NDSS), 2016
Toward Authenticated Caller ID Transmission: The Need for a Standardized Authentication Scheme in Q.731.3 Calling Line Identification Presentation
(PDF)
(BibTex)
Huahong Tu, Adam Doupé, Ziming Zhao, Gail-Joon Ahn
Proceedings of ITU Kaleidoscope 2016 - ICTs for a Sustainable World (ITU), 2016
TrustZone Explained: Architectural Features and Use Cases
(PDF)
(BibTex)
Bernard Ngabonziza, Daniel Martin, Anna Bailey, Haehyun Cho, Sarah Martin
2nd IEEE International Conference on Collaboration and Internet Computing (CIC), 2016
Towards Automated Threat Intelligence Fusion
(PDF)
(BibTex)
Ajay Modi, Zhibo Sun, Anupam Panwar, Tejas Khairnar, Ziming Zhao, Adam Doupé, Gail-Joon Ahn, Paul Black
IEEE International Conference on Collaboration and Internet Computing (CIC), 2016
dbling: Identifying Extensions Installed on Encrypted Web Thin Clients
(PDF)
(BibTex)
Mike Mabey, Adam Doupé, Ziming Zhao and Gail-Joon Ahn
16th Annual Digital Forensics Research Conference (DFRWS), 2016
Moving Target Defense For Web Applications Using Bayesian Stackelberg Games
(PDF)
(BibTex)
Satya Gautam Vadlamudi, Sailik Sengupta, Subbarao Kambhampati, Marthony Taguinod, Ziming Zhao, Adam Doupé and Gail-Joon Ahn
15th International Conference on Autonomous Agents and Multiagent Systems (AAMAS), Extended Abstract, Singapore, 2016
TRIPLEMON: A Multi-layer Security Framework for Mediating Inter-Process Communication on Android
(BibTex)
Yiming Jing, Gail-Joon Ahn, Hongxin Hu, Haehyun Cho, and Ziming Zhao
Journal of Computer Security (JCS), IOS Press, 2016
Target Fragmentation in Android Apps
(PDF)
(BibTex)
Patrick Mutchler, Yeganeh Safaei, Adam Doupé, John Mitchell
IEEE Computer Society Security and Privacy Workshops on Mobile Security Technologies (MoST), 2016
State-aware Network Access Management for Software-Defined Networks
(PDF)
(BibTex)
Wonkyu Han, Hongxin Hu, Ziming Zhao, Adam Doupé, Gail-Joon Ahn, Kuang-Ching Wang and Juan Deng
ACM Symposium on Access Control Models And Technologies (SACMAT), Shanghai, China, 2016
Behind Closed Doors: Measurement and Analysis of CryptoLocker Ransoms in Bitcoin
(PDF)
(BibTex)
Kevin Liao, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn
APWG Symposium on Electronic Crime Research (eCrime), 2016
SoK: Everyone Hates Robocalls: A Survey of Techniques against Telephony Spam
(PDF)
(BibTex)
Huahong Tu, Adam Doupé, Ziming Zhao, and Gail-Joon Ahn
Proceedings of the 37th IEEE Symposium on Security and Privacy (Oakland), 2016
SOK: (State of) The Art of War: Offensive Techniques in Binary Analysis
(PDF)
(BibTex)
Yan Shoshitaishvili, Ruoyu Wang, Christopher Salls, Nick Stephens, Mario Polino, Andrew Dutcher, John Grosen, Siji Feng, Christophe Hauser, Christopher Kruegel, Giovanni Vigna
Proceedings of the 37th IEEE Symposium on Security and Privacy (Oakland), 2016
Checking Intent-based Communication in Android with Intent Space Analysis
(PDF)
(BibTex)
Yiming Jing, Gail-Joon Ahn, Adam Doupé and Jeong Hyun Yi
ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2016
Towards a Moving Target Defense Approach for Attribute-based Access Control
(PDF)
(BibTex)
Carlos E. Rubio-Medrano, Josephine Lamp, Marthony Taguinod, Adam Doupé, Ziming Zhao and Gail-Joon Ahn
1st ACM Workshop on Attribute-based Access Control (ABAC), 2016
Going Native: Using a Large-Scale Analysis of Android Apps to Create a Practical Native-Code Sandboxing Policy
(PDF)
(BibTex)
Vitor Afonso, Antonio Bianchi, Yanick Fratantonio, Adam Doupé, Mario Polino, Paulo de Geus, Christopher Kruegel, and Giovanni Vigna
Proceedings of the Symposium on Network and Distributed System Security (NDSS), 2016
HoneyMix: Toward SDN-based Intelligent Honeynet
(PDF)
(BibTex)
Wonkyu Han, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn
ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization (SDN-NFV Sec), 2016
2015
Firmalice-Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware
(PDF)
(BibTex)
Yan Shoshitaishvili, R Wang, C Hauser, C Kruegel, G Vigna
Proceedings of the Symposium on Network and Distributed System Security (NDSS), 2015
VNGuard: An NFV/SDN Combination Framework for Provisioning and Managing Virtual Firewalls
(PDF)
(BibTex)
Juan Deng, Hongxin Hu, Hongda Li, Zhizhong Pan, Kuang-Ching Wang, Gail-Joon Ahn, Jun Bi and Younghee Park
IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN), 2015
AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing
(PDF)
(BibTex)
Khaled Riad, Yan Zhu, Hongxin Hu and Gail-Joon Ahn
1st IEEE International Conference on Collaboration and Internet Computing (CIC), 2015
ACTRA – A Case Study for Threat Information Sharing
actra-case-study-for-threat-information-sharing-wiscs2015
(BibTex)
Jon Haass, Gail-Joon Ahn and Frank Grimmelmann
2nd ACM Workshop on Information Sharing and Collaborative Security (WISCS), 2015
Achieving Security Assurance with Assertion-based Application Construction
(PDF)
(BibTex)
Carlos E. Rubio-Medrano, Gail-Joon Ahn and Karsten Sohr
EAI Endorsed Transactions (EAI), 2015
Mules, Seals, and Attacking Tools: Analyzing Twelve Online Marketplaces
(PDF)
(BibTex)
Ziming Zhao, Mukund Sankaran, Gail-Joon Ahn, Thomas J. Holt, Yiming Jing and Hongxin Hu
IEEE Security & Privacy Magazine, 2015
Toward a Moving Target Defense for Web Applications
(PDF)
(BibTex)
Marthony Taguinod, Adam Doupé, Ziming Zhao and Gail-Joon Ahn
16th IEEE International Conference on Information Reuse and Integration (IRI), 2015
How the elf ruined christmas
(PDF)
(BibTex)
Alessandro Di Federico, Amat Cama, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna
24th USENIX Security Symposium, 643-658 (USENIX), 2015
Federated Access Management for Collaborative Network Environments: Framework and Case Study
(PDF)
(BibTex)
Carlos E. Rubio-Medrano, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn
ACM Symposium on Access Control Models And Technologies (SACMAT), Vienna, Austria, June 1-3, 2015
A Large-Scale Study of Mobile Web App Security
(PDF)
(BibTex)
Patrick Mutchler, Adam Doupé, John Mitchell, Chris Kruegel and Giovanni Vigna
IEEE Computer Society Security and Privacy Workshops on Mobile Security Technologies (MoST), San Jose, CA, USA, May 21, 2015
Best Paper Award
Picture Gesture Authentication: Empirical Analysis, Automated Attacks, and Scheme Evaluation
(PDF)
(BibTex)
Ziming Zhao, Gail-Joon Ahn, and Hongxin Hu
ACM Transactions on Information and System Security (TISSEC), April 2015
Portrait of a Privacy Invasion
(PDF)
(BibTex)
Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna
Proceedings on Privacy Enhancing Technologies (PETS), April 2015
Towards Automated Risk Assessment and Mitigation of Mobile Applications
(PDF)
(BibTex)
Yiming Jing, Gail-Joon Ahn, Ziming Zhao and Hongxin Hu
IEEE Transactions on Dependable and Secure Computing (TDSC), February 2015
Utilizing Network Science and Honeynets for Software Induced Cyber Incident Analysis
(PDF)
(BibTex)
Napoleon C. Paxton, Dae-il Jang, Stephen Russel, Gail-Joon Ahn, Ira S. Moskowitz and Paul Hyden
48th Annual Hawaii International Conference on System Sciences (HICSS), Hawaii, USA, January 5-8, 2015
2014
Morpheus: Automatically Generating Heuristics to Detect Android Emulators
(PDF)
(BibTex)
Yiming Jing, Ziming Zhao, Gail-Joon Ahn and Hongxin Hu
Annual Computer Security Applications Conference (ACSAC), New Orleans, Louisiana, USA, December 8, 2014
Discovering and Analyzing Deviant Communities: Methods and Experiments
(PDF)
(BibTex)
Napoleon C. Paxton, Dae-il Jang, Ira S. Moskowitz, Gail-Joon Ahn, Stephen Russell and Myong Kang
IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), Miami, FL, USA, October 22–25, 2014
Achieving Security Assurance with Assertion-based Application Construction
(PDF)
(BibTex)
Carlos E. Rubio-Medrano, Gail-Joon Ahn and Karsten Sohr
IEEE International Workshop on Trusted Collaboration (TrustCol) In conjuction with IEEE CollaborateCom, Miami, FL, USA, October 22, 2014
Protecting Web-based Single Sign-on Protocols Against Relying Party Impersonation Attacks Through a Dedicated Bi-directional Authenticated Secure Channel
(PDF)
(BibTex)
Yinzhi Cao, Yan Shoshitaishvili, Kevin Borgolte, Christopher Kruegel, Giovanni Vigna, Yan Chen
International Workshop on Recent Advances in Intrusion Detection (RAID), Gothenburg, Sweden, September, 2014
FlowGuard: Building Robust Firewalls for Software-Defined Networks
(PDF)
(BibTex)
Hongxin Hu, Wonkyu Han, Gail-Joon Ahn and Ziming Zhao
ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (HotSDN), Chicago, IL, USA, August 22, 2014
Policy-driven security management for fog computing: Preliminary framework and a case study
(PDF)
(BibTex)
Clinton Dsouza, Gail-Joon Ahn and Marthony Taguinod
IEEE International Conference on Information Reuse and Integration (IRI), Redwood City, CA, USA, August 13, 2014
Ten Years of iCTF: The Good, The Bad, and The Ugly
(PDF)
(BibTex)
Giovanni Vigna, Kevin Borgolte, Jacopo Corbetta, Adam Doupé, Yanick Fratantonio, Luca Invernizzi, Dhilung Kirat, and Yan Shoshitaishvili
USENIX Summit on Gaming, Games and Gamification in Security Education (3GSE), August 18, 2014
Game Theoretic Analysis of Multiparty Access Control in Online Social Networks
(PDF)
(BibTex)
Hongxin Hu, Gail-Joon Ahn, Ziming Zhao and Dejun Yang
ACM Symposium on Access Control Models And Technologies (SACMAT), London, Ontario, Canada, June 25-27, 2014
LPM: Layered Policy Management for Software-Defined Networks
(PDF)
(BibTex)
Wonkyu Han, Hongxin Hu and Gail-Joon Ahn
IFIP WG 11.3 Working Conference on Database and Application Security (DBSec), Vienna, Austria, July, 2014
Pexy: The other side of exploit kits
(PDF)
(BibTex)
Giancarlo De Maio, Alexandros Kapravelos, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna
International conference on detection of intrusions and malware, and vulnerability assessment (DIMVA),Egham, London, UK, July, 2014
Do You Feel Lucky? A Large-Scale Analysis of Risk-Rewards Trade-Offs in Cyber Security
(PDF)
(BibTex)
Yan Shoshitaishvili, Luca Invernizzi, Adam Doupé, and Giovanni Vigna
ACM Symposium on Applied Computing (SAC), March 24, 2014
Towards a Reliable SDN Firewall
(PDF)
(BibTex)
Hongxin Hu, Gail-Joon Ahn, Wonkyu Han and Ziming Zhao
Open Networking Summit (ONS) Research Track, Santa Clara, CA, USA, March 3-5, 2014
RiskMon: Continuous and Automated Risk Assessment of Mobile Applications
(PDF)
(BibTex)
Yiming Jing, Gail-Joon Ahn, Ziming Zhao, and Hongxin Hu
ACM Conference on Data and Application Security and Privacy (CODASPY), San Antonio, TX, USA, March 3-5, 2014
Best Paper Award
Simulation-Based Validation for Smart Grid Environments: Framework and Experimental Results
(PDF)
(BibTex)
Wonkyu Han, Mike Mabey, Gail-Joon Ahn, and Tae Sung Kim
Advances in Intelligent and Soft Computing Series (AISC), Book Chapter, Springer, 2014
2013
De-obfuscation and Detection of Malicious PDF Files with High Accuracy
(PDF)
(BibTex)
Xun Lu, Jianwei Zhuge, Ruoyu Wang, Yinzhi Cao, Yan Chen
46th Hawaii International Conference on System Sciences (HICSS),Wailea, Maui, HI, January, 2013
Role-Based Cryptosystem: A New Cryptographic RBAC System Based on Role-Key Hierarchy
(PDF)
(BibTex)
Yan Zhu, Gail-Joon Ahn, Hongxin Hu, Di Ma and Shanbiao Wang
IEEE Transactions on Information Forensics & Security (TIFS), 2013
Revolver: An Automated Approach to the Detection of Evasive Web-based Malware
(PDF)
(BibTex)
Alexandros Kapravelos, Yan Shoshitaishvili, Marco Cova, Christopher Kruegel, Giovanni Vigna
USENIX Security Symposium (SECURITY), Washington, DC, August 14-16, 2013
Steal this movie-automatically bypassing DRM protection in streaming media services
(PDF)
(BibTex)
Ruoyu Wang, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna
Proceedings of the 22nd USENIX conference on Security (USENIX Security), Washington, DC, August 14-16, 2013
Collaboration in Multi-Cloud Applications: Framework and Security Issues
(PDF)
(BibTex)
Mukesh Singhal, Santosh Chandrasekhar, Ge Tingjian, Ravi Sandhu, Ram Krishnan, Gail-Joon Ahn and Elisa Bertino
IEEE Computer, 2013
Visualization-based policy analysis for SELinux: framework and user study
(PDF)
(BibTex)
Wenjuan Xu, Mohamed Shehab and Gail-Joon Ahn
International Journal of Information Security, June 2013
Towards Collaborative Forensics
(PDF)
(BibTex)
Mike Mabey and Gail-Joon Ahn
IInformation Reuse and Integration in Academia and Industry, 2013
Discovery and Resolution of Anomalies in Web Access Control Policies?
(PDF)
(BibTex)
Hongxin Hu, Gail-Joon Ahn and Ketan Kulkarni
IEEE Transactions on Dependable and Secure Computing (TDSC), October 2013
Multiparty Access Control for Online Social Networks: Model and Mechanisms
(PDF)
(BibTex)
Hongxin Hu, Gail-Joon Ahn and Jan Jorgensen
IEEE Transactions on Knowledge and Data Engineering (TKDE), March 2013
Dynamic Audit Services for Outsourced Storages in Clouds
(PDF)
(BibTex)
Yan Zhu, Gail-Joon Ahn, Hongxin Hu, Stephen S. Yau, Ho G. An, Changjun Hu
IEEE Transactions on Services Computing (TSC), March 2013
Design and Implementation of Access Control as a Service for IaaS Cloud
(PDF)
(BibTex)
Ruoyu Wu, Xinwen Zhang, Gail-Joon Ahn and Hongxin Hu
ASE SCIENCE Journal, 2013
Extensible Policy Framework for Heterogeneous Network Environments
(PDF)
(BibTex)
L. Teo, and Gail-Joon Ahn
International Journal of Information and Computer Security, Vol. 5, No. 4, December 2013
deDacota: Toward Preventing Server-Side XSS via Automatic Code and Data Separation
(PDF)
(BibTex)
Adam Doupé, Weidong Cui, Mariusz H. Jakubowski, Marcus Peinado, Christopher Kruegel, and Giovanni Vigna
ACM Conference on Computer and Communications Security (CCS), Berlin, Germany, November 4-8, 2013
Writing Groups in Computer Science Research Labs
(PDF)
(BibTex)
Adam Doupé and Janet L. Kayfetz
Frontiers in Education Conference (FIE), Oklahoma city, OK, USA, October 23-26, 2013
Supporting secure collaborations with attribute-based access control
(PDF)
(BibTex)
Carlos E. Rubio-Medrano, Clinton D'Souza and Gail-Joon Ahn
IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), Austin, TX, USA, October 20-23, 2013
Towards Comprehensive and Collaborative Forensics on Email Evidence
(PDF)
(BibTex)
Justin Paglierani, Mike Mabey and Gail-Joon Ahn
IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), Austin, TX, USA, October 20-23, 2013
Using Instruction Sequence Abstraction for Shellcode Detection and Attribution
(PDF)
(BibTex)
Ziming Zhao and Gail-Joon Ahn
IEEE Conference on Communications and Network Security (CNS), WA, D.C, USA, October 14-16, 2013
ACaaS: Access Control as a Service for IaaS Cloud
(PDF)
(BibTex)
Ruoyu Wu, Xinwen Zhang, Gail-Joon Ahn, Hadi Sharifi and Haying Xi
IEEE International Conference on Privacy, Security, Risk and Trust (PASSAT), WA, D.C, USA, September 08-14, 2013
Simulation-Based Validation for Smart Grid Environments
(PDF)
(BibTex)
Wonkyu Han, Mike Mabey and Gail-Joon Ahn
IEEE International Conference on Information Reuse and Integration (IRI), San Francisco, CA, USA, August 14-16, 2013
On the Security of Picture Gesture Authentication
(PDF)
(BibTex)
Ziming Zhao, Gail-Joon Ahn, Jeong-Jin Seo and Hongxin Hu
USENIX Security Symposium (SECURITY), WA, D.C, USA, August 14-16, 2013
Verifying Access Control Properties with Design by Contract
(PDF)
(BibTex)
Carlos Rubio-Medrano, Gail-Joon Ahn and Karsten Sohr
IEEE International Computer Software and Applications Conference (COMPSAC), Kyoto, Japan, July 22-26, 2013
Examining Social Dynamics and Malware Secrets to Mitigate Net-centric Attacks
Ziming Zhao and Gail-Joon Ahn
Hackers and Hacking: A Reference Handbook, ABC-CLIO. July 19, 2013
EARs in the Wild: Large-Scale Analysis of Execution After Redirect Vulnerabilities
(PDF)
(BibTex)
Pierre Payet, Adam Doupé, Christopher Kruegel, and Giovanni Vigna
ACM Symposium on Applied Computing (SAC), Coimbra, Portugal, March 18-22, 2013
2012
Policy-driven role-based access management for ad-hoc collaboration
(PDF)
(BibTex)
Gail-Joon Ahn, Jing Jin, Mohamed Shehab
Journal of Computer Security (JCS), IOS Press, March 2012
Access Control for Online Social Networks Third Party Applications
(PDF)
(BibTex)
Mohamed Shehab, Anna Squicciarini, Gail-Joon Ahn and Irini Kokkinou
Computers & Security (COSE), Elsevier Science, March 2012
Comprehensive Two-Level Analysis of Role-Based Delegation and Revocation Policies with UML and OCL
(PDF)
(BibTex)
Karsten Sohr, Mirco Kuhlmann, Martin Gogolla, Hongxin Hu and Gail-Joon Ahn
Information and Software Technology, Elsevier, December 2012
Cooperative Provable Data Possession for Integrity Verification in Multi-Cloud Storage
(PDF)
(BibTex)
Yan Zhu, Hongxin Hu, Gail-Joon Ahn, Mengyang Yu and Shimin Chen
IEEE Transactions on Parallel and Distributed Systems (TPDS), October 2012
Blacksheep: detecting compromised hosts in homogeneous crowds
(PDF)
(BibTex)
Antonio Bianchi, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna
Proceedings of the 2012 ACM conference on Computer and communications security (CCS), October 2012
Detecting and Resolving Firewall Policy Anomalies
(PDF)
(BibTex)
Hongxin Hu, Gail-Joon Ahn and Ketan Kulkarni
IEEE Transactions on Dependable and Secure Computing (TDSC), March 2012
Efficient Audit Service Outsourcing for Data Integrity in Clouds
(PDF)
(BibTex)
Yan Zhu, Hongxin Hu, Gail-Joon Ahn and Stephen S. Yau
Journal of Systems and Software), Elsevier, March 2012
Remote Attestation with Domain-based Integrity Model and Policy Analysis
(PDF)
(BibTex)
Wenjuan Xu, Xinwen Zhang, Hongxin Hu, Gail-Joon Ahn and Jean-Pierre Seifert
IEEE Transactions on Dependable and Secure Computing (TDSC), March 2012
Risk-Aware Mitigation for MANET Routing Attacks
(PDF)
(BibTex)
Ziming Zhao, Hongxin Hu, Gail-Joon Ahn and Ruoyu Wu
IEEE Transactions on Dependable and Secure Computing (TDSC), January 2012
Secure Collaborative Integrity Verification for Hybrid Cloud Environments
(PDF)
(BibTex)
Yan Zhu, Shanbiao Wang, Hongxin Hu, Gail-Joon Ahn and Di Ma
International Journal of Cooperative Information Systems, Vol. 21, No. 3, World Scientific Publishing, 2012
Towards HIPAA-Compliant Healthcare Systems in Cloud Computing
(PDF)
(BibTex)
Ruoy Wu, Gail-Joon Ahn and Hongxin Hu
International Journal of Computational Models and Algorithms in Medicine, Vol. 3, No. 2, IGI Global, January 2012
Enabling Collaborative Data Sharing in Google+
(PDF)
(BibTex)
Hongxin Hu, Gail-Joon Ahn and Jan Jorgensen
IEEE Global Communications Conference (GLOBECOM), Anaheim, CA, USA, December 3-7, 2012
Secure and Efficient Constructions of Hash, MAC and PRF for Mobile Devices
(PDF)
(BibTex)
Yan Zhu, Shanbiao Wang, Di Ma, Hongxin Hu and Gail-Joon Ahn
IEEE Global Communications Conference (GLOBECOM), Anaheim, CA, USA, December 3-7, 2012
Model-based Conformance Testing for Android
(PDF)
(BibTex)
Yiming Jing, Gail-Joon Ahn and Hongxin Hu
International Workshop on Security (IWSEC), Fukuoka, Japan, November 7-9, 2012
SocialImpact: Systematic Analysis of Underground Social Dynamics
(PDF)
(BibTex)
Ziming Zhao, Gail-Joon Ahn, Hongxin Hu and Deepinder Mahi
European Symposium on Research in Computer Security (ESORICS), Pisa, Italy, September 10-14, 2012
Enemy of the State: A State-Aware Black-Box Web Vulnerability Scanner
(PDF)
(BibTex)
Adam Doupé, Ludovico Cavedon, Christopher Kruegel, and Giovanni Vigna
USENIX Security Symposium (SECURITY), Bellevue, WA, USA, August 8-10, 2012
Outstanding Publication Award in Computer Science, UC Santa Barbara
Towards Temporal Access Control in Cloud Computing
(PDF)
(BibTex)
Yan Zhu, Hongxin Hu, Gail-Joon Ahn, Dijiang Huang and Shanbiao Wang
IEEE International Conference on Computer Communications (INFOCOM), Orlando, FL, USA, March 25-30, 2012
Comparison-Based Encryption for Fine-grained Access Control in Clouds
(PDF)
(BibTex)
Yan Zhu, Hongxin Hu, Gail-Joon Ahn and Mengyan Yu
ACM Conference on Data and Application Security and Privacy (CODASPY), San Antonio, TX, USA, February 7-9, 2012
Towards HIPAA-compliant Healthcare Systems
(PDF)
(BibTex)
Ruoyu Wu, Gail-Joon Ahn and Hongxin Hu
ACM SIGHIT International Health Informatics Symposium (IHI), Miami, FL, USA, January 28-30, 2012
2011
Assured Resource Sharing in Grid Environments
(PDF)
(BibTex)
Jing Jin and Gail-Joon Ahn
International Journal of Information and Computer Security (IJICS ), Vol.4, No. 3, May 2011
Security and Privacy in Social Networks
(PDF)
(BibTex)
Gail-Joon Ahn, Mohamed Shehab, and Anna Squicciarini
IEEE Internet Computing, Vol. 15, No. 3, 2011
Dynamic Audit Services for Outsourced Storages in Clouds
(PDF)
(BibTex)
Yan Zhu, Gail-Joon Ahn, Hongxin Hu, Stephen S. Yau, Ho G. An and Shimin Chen
IEEE Transactions on Services Computing (TSC), March 2011
Enhancing Directory Virtualization to Detect Insider Activity
(LINK)
(BibTex)
William Claycomb, Dongwan Shin, and Gail-Joon Ahn
Security and Communication Networks, Wiley, August 2011
Provably Secure Role-Based Encryption with Revocation Mechanism
(PDF)
(BibTex)
Yan Zhu, Hongxin Hu, Gail-Joon Ahn, Huaixi Wang and Shanbiao Wang
Journal of Computer Science and Technology, Springer, July 2011
Zero-knowledge Proofs of Retrievability
(PDF)
(BibTex)
Yan Zhu, Zexing Hu, Huaixi Wang, Gail-Joon Ahn and Hongxin Hu
Science China - Information Sciences, Springer, August 2011
Patient-centric Authorization Framework for Electronic Healthcare Services
(PDF)
(BibTex)
Jing Jin, Gail-Joon Ahn, Hongxin Hu, Michael Covington and Xinwen Zhang
Computers & Security (COSE), Elsevier, March 2011
Hit 'em Where it Hurts: A Live Security Exercise on Cyber Situational Awareness
(PDF)
(BibTex)
Adam Doupé, Manuel Egele, Benjamin Caillat, Gianluca Stringhini, Gorkem Yakin, Ali Zand, Ludovico Cavedon, and Giovanni Vigna
Annual Computer Security Applications Conference (ACSAC), Orlando, FL, USA, December 5-9, 2011
Detecting and Resolving Privacy Conflicts for Collaborative Data Sharing in Online Social Networks
(PDF)
(BibTex)
Hongxin Hu, Gail-Joon Ahn and Jan Jorgensen
Annual Computer Security Applications Conference (ACSAC), Orlando, FL, USA, December 5-9, 2011
Examining Social Dynamics for Countering Botnet Attacks
(PDF)
(BibTex)
Ziming Zhao, Gail-Joon Ahn and Hongxin Hu
IEEE Global Communications Conference (GLOBECOM), Houston, TX, USA, December 5-9, 2011
Fear the EAR: Discovering and Mitigating Execution After Redirect Vulnerabilities
(PDF) (BibTex)
Adam Doupé, Bryce Boe, Christopher Kruegel, and Giovanni Vigna
ACM Conference on Computer and Communications Security (CCS), Chicago, IL, USA, October 17-21, 2011
Ontology-based Policy Anomaly Management for Autonomic Computing
(PDF)
(BibTex)
Hongxin Hu, Gail-Joon Ahn and Ketan Kulkarni
IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), Orlando, FL, USA, October 15-18, 2011
Collaborative Integrity Verification in Hybrid Clouds
(PDF)
(BibTex)
Yan Zhu, Hongxin Hu, Gail-Joon Ahn, Yujing Han and Shimin Chen
IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), Orlando, FL, USA, October 15-18, 2011
Automatic Extraction of Secrets from Malware
(PDF)
(BibTex)
Ziming Zhao, Gail-Joon Ahn and Hongxin Hu
Working Conference on Reverse Engineering (WCRE), Limerick, Ireland, October 17-20, 2011
Towards Collaborative Forensics: Preliminary Framework
(PDF)
(BibTex)
Mike Mabey and Gail-Joon Ahn
IEEE International Conference on Information Reuse and Integration (IRI), Las Vegas, NV, USA, August 3-5, 2011
MasterBlaster: Identifying Influential Players in Botnet Transactions
(PDF)
(BibTex)
Napoleon C. Paxton, Gail-Joon Ahn and Mohamed Shehab
IEEE International Computer Software and Applications Conference (COMPSAC), Munich, Germany, July 18-21, 2011
Multiparty Authorization Framework for Data Sharing in Online Social Networks
(PDF)
(BibTex)
Hongxin Hu and Gail-Joon Ahn
IFIP WG 11.3 Working Conference on Database and Application Security (DBSec), Richmond, VA, USA, July 11-13, 2011
Anomaly Discovery and Resolution in Web Access Control Policies
(PDF)
(BibTex)
Hongxin Hu, Gail-Joon Ahn and Ketan Kulkarni
ACM Symposium on Access Control Models And Technologies (SACMAT), Innsbruck, Austria, June 15-17, 2011
Best Paper Award Candidate
Ontology-based Risk Evaluation in User-centric Identity Management
(PDF)
(BibTex)
Gail-Joon Ahn and Pradeep Sekar
IEEE International Conference on Communications (ICC), Kypto, Japan, June 5-9, 2011
Dynamic Audit Services for Integrity Verification of Outsourced Storages in Clouds
(PDF)
(BibTex)
Yan Zhu, Huaixi Wang, Zexing Hu, Gail-Joon Ahn, Hongxin Hu and Stephen S. Yau
ACM Symposium on Applied Computing (SAC), Security Track, TaiChung, Taiwan, March 21-25, 2011
2010
Constructing Authorization Systems Using Assurance Management Framework
(PDF)
(BibTex)
Hongxin Hu and Gail-Joon Ahn
IEEE Transactions on Systems, Man, and Cybernetics-Part C: Applications and Reviews (TSMC), June 2010
Security and Privacy Challenges in Cloud Computing Environments
(PDF)
(BibTex)
Hassan Takabi, James B. D. Joshi and Gail-Joon Ahn
IEEE Security & Privacy Magazine, December 2010
Information Flow Control in Cloud Computing
(PDF)
(BibTex)
Ruoyu Wu, Gail-Joon Ahn, Hongxin Hu and Mukesh Singhal
IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), Chicago, IL, USA, October 9-12, 2010
A Collaborative Framework for Privacy Protection in Online Social Networks
(PDF)
(BibTex)
Yan Zhu, Zexing Hu, Huaixi Wang, Hongxin Hu and Gail-Joon Ahn
IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), Chicago, IL, USA, October 9-12, 2010
FAME: A Firewall Anomaly Management Environment
(PDF)
(BibTex)
Hongxin Hu, Gail-Joon Ahn and Ketan Kulkarni
ACM Workshop on Assurable & Usable Security Configuration (SafeConfig) in conjunction with 17th ACM Conference on Computer and Communications Security (CCS), Chicago, IL, USA, October 4, 2010
Risk-Aware Response for Mitigating MANET Routing Attacks
(PDF)
(BibTex)
Ziming Zhao, Hongxin Hu, Gail-Joon Ahn and Ruoyu Wu
IEEE Global Communications Conference (GLOBECOM), Miami, FL, December 6-10, 2010
DR@FT: Efficient Remote Attestation Framework for Dynamic Systems
(PDF)
(BibTex)
Wenjuan Xue, Gail-Joon Ahn, Hongxin Hu, Xinwen Zhang and Jean-Pierre Seifert
European Symposium on Research in Computer Security (ESORICS), Athens, Greece, September 20-22, 2010
Representing and Reasoning about Web Access Control Policies
(PDF)
(BibTex)
Gail-Joon Ahn, Hongxin Hu, Joohyung Lee and Yunsong Meng
IEEE International Computer Software and Applications Conference (COMPSAC), Seoul, Korea, July 19-23, 2010
Why Johnny Can't Pentest: An Analysis of Black-box Web Vulnerability Scanners
(PDF)
(BibTex)
Adam Doupé, Marco Cova, and Giovanni Vigna
SIG SIDAR Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), July, 2010
SecureCloud: Towards a Comprehensive Security Framework for Cloud Computing Environments
(PDF)
(BibTex)
Hassan Takabi, James Joshi and Gail-Joon Ahn
IEEE International Workshop on Emerging Applications for Cloud Computing (CloudApp) in conjunction with the 34th Annual IEEE
International Computer Software and Applications Conference (COMPSAC), Seoul, Korea, July 19-23, 2010
Reasoning about XACML Policy Descriptions in Answer Set Programming
(PDF)
(BibTex)
Gail-Joon Ahn, Hongxin Hu, Joohyung Lee and Yunsong Meng
International Workshop on Nonmonotonic Reasoning (NMR), Toronto, Canada, May 14-16, 2010
Cryptographic Role-based Security Mechanisms based on Role-Key Hierarchy
(PDF)
(BibTex)
Yan Zhu, Gail-Joon Ahn, Hongxin Hu and Huaixi Wang
ACM Symposium on Information, Computer and Communications Security (ASIACCS), Beijing, China, April 13-16, 2010
2009
Security-enhanced OSGi Service Environments
(PDF)
(BibTex)
Gail-Joon Ahn, Hongxin Hu and Jing Jin
IEEE Transactions on Systems, Man, and Cybernetics-Part C: Applications and Reviews (TSMC), 2009
Discretionary Access Control
(LINK)
(BibTex)
Gail-Joon Ahn
Encyclopedia of Database Systems, Springer, 2009
Authorization Framework for Resource Sharing in Grid Environments
(PDF)
(BibTex)
Jing Jin and Gail-Joon Ahn
International Conference on Grid and Distributed Computing (GDC), Communications in Computer and Information Science (63), Springer, p148-155, December 2009
A Framework for Enabling User-controlled Persona in Online
Social Networks (PDF)
(BibTex)
Dongwan Shin, Rodrigo Lopes, William Claycomb and Gail-Joon Ahn
IEEE International Computer Software and Applications Conference (COMPSAC), Seattle, WA, USA, July 20-24, 2009
Towards System Integrity Protection with Graph-Based Policy Analysis
(PDF)
(BibTex)
Wenjuan Xu, Xinwen Zhang and Gail-Joon Ahn
IFIP WG 11.3 Working Conference on Database and Application Security (DBSec), Montreal, Canada July 12-15, 2009
Privacy enhanced User-Centric Identity Management
(PDF)
(BibTex)
Gail-Joon Ahn, Moonam Ko and Mohamed Shehab
IEEE International Conference on Communications (ICC), Dresden, Germany, June 14-18, 2009
Patient-centric Authorization Framework for Sharing Electronic Health Records
(PDF)
(BibTex)
Jing Jin, Gail-Joon Ahn, Hongxin Hu, Michael Covington and Xinwen Zhang
ACM Symposium on Access Control Models And Technologies (SACMAT), Stresa, Italy, June 3-5, 2009
2008
Analyzing and Managing Role-Based Access Control Policies
(PDF)
(BibTex)
Karsten Sohr, Michael Drouineaud, Gail-Joon Ahn and Martin Gogolla
IEEE Transactions on Knowledge and Data Engineering (TKDE), 2008
Access Control Management for SCADA Systems
(LINK)
(BibTex)
Seng-Phil Hong, Gail-Joon Ahn and Wenjuan Xu
IEICE Transactions on Information and Systems, 2008
Enforcing Role-Based Access Control Policies in Web Services with UML and OCL
(PDF)
(BibTex)
Karsten Sohr, Tanveer Mustafa, Xinyu Bao, Yan Guo and Gail-Joon Ahn
Annual Computer Security Applications Conference (ACSAC), Anaheim, CA, USA, December 8-12, 2008
Toward an Access Control Model for Sharing Composite Electronic Health Records
(PDF)
(BibTex)
Jing Jin, Gail-Joon Ahn, Michael J. Covington, and Xinwen Zhang
IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), Miami, FL, November 13-16, 2008
Risk Evaluation for Personal Identity Management Based on Privacy Attribute Ontology
(PDF)
(BibTex)
Mizuho Iwaihara, Kohei Murakami, Gail-Joon Ahn and Masatoshi Yoshikawa
International Conference on Conceptual Modelling, Barcelona, Catalonia, Spain, October 20-23, 2008
Beyond User-to-User Access Control for Online Social Networks
(PDF)
(BibTex)
Mohamed Shehab, Anna Squicciarini and Gail-Joon Ahn
International Conference on Information and Communications Security (ICICS), Birmingham, UK, October 20-22, 2008
Towards Role-based Authorization for OSGi Service Environments
(PDF)
(BibTex)
Gail-Joon Ahn, Hongxin Hu and Jing Jin
IEEE International Workshop on Future Trends of Distributed Computing Systems (FTDCS), Kunming, China, October 21-23, 2008
Portable User-Centric Identity Management
(PDF)
(BibTex)
Gail-Joon Ahn, Moonam Ko and Mohamed Shehab
IFIP International Information Security Conference (SEC), Milano, Italy, September 8-10, 2008
Enabling verification and conformance testing for access control model
(PDF)
(BibTex)
Hongxin Hu and Gail-Joon Ahn
ACM Symposium on Access Control Models And Technologies (SACMAT), Estes Park, CL, USA, June 11-12, 2008
Visualization Based Policy Analysis: Case Study in SELinux
(PDF)
(BibTex)
Wenjuan Xu, Mohamed Shehab and Gail-Joon Ahn
ACM Symposium on Access Control Models And Technologies (SACMAT), Estes Park, CL, USA, June 11-12, 2008
Systematic Policy Analysis for High-assurance Services in SELinux
(PDF)
(BibTex)
Gail-Joon Ahn, Wenjuan Xu and Xinwen Zhang
IEEE Workshop on Policies for Distributed Systems and Networks (POLICY), Palisades, NY, USA, June 2-4, 2008
Understanding IRC Bot Behaviors in Network-centric Attack Detection and Prevention Framework
(LINK)
(BibTex)
Gail-Joon Ahn, Napoleon Paxton and Kevin Pearson
International Conference on Information Warfare and Security, Peter Kiewit Institute, University of Nebraska Omaha, USA, April 24-25, 2008
2007
Secure Information Sharing Using Role-based Delegation
(PDF)
(BibTex)
Gail-Joon Ahn, Badrinath Mohan and S. Hong
Journal of Network and Computer Applications, Elsevier, January 2007
User-centric Privacy Management for Federated Identity Management
(PDF)
(BibTex)
Gail-Joon Ahn and Moonam Ko
IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), New York, November 12-15, 2007
Towards Trust-aware Access Management for Ad-hoc Collaborations
(PDF)
(BibTex)
Jing Jin, Gail-Joon Ahn, Mohamed Shehab and Hongxin Hu
IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), New York, November 12-15, 2007
Towards Practical Framework for Collecting and Analyzing Network-Centric Attacks
(PDF)
(BibTex)
Napoleon Paxton, Gail-Joon Ahn and Bill Chu
IEEE International Conference on Information Reuse and Integration (IRI), Las Vegas, NV, August 13-15, 2007
Collegiate Cyber Game Design Criteria and Participation
(PDF)
(BibTex)
Bill Chu, Gail-Joon Ahn, Steven Blanchard, James Deese, Richard Kelly, Huiming Yu and Ashika Young
IEEE/ACIS International Conference on Computer and Information Science (ICIS), Melbourne, Australia, July 11-13, 2007
Enabling Role-Based Delegation and Revocation on Security-Enhanced Linux
(PDF)
(BibTex)
Gail-Joon Ahn and Dhruv Gami
IEEE Symposium on Computers and Communications (ISCC), Aveiro, Portugal, July 1-4, 2007
Towards Realizing a Formal RBAC Model in Real Systems
(PDF)
(BibTex)
Gail-Joon Ahn and Hongxin Hu
ACM Symposium on Access Control Models And Technologies (SACMAT), Sophia Antipolis, France, June 20-22, 2007
Towards Effective Security Policy Management for Heterogeneous Network Environments
(PDF)
(BibTex)
Lawrence Teo and Gail-Joon Ahn
IEEE Workshop on Policies for Distributed Systems and Networks (POLICY), Bologna, Italy, June 13-15, 2007
Collecting and Analyzing Bots in a Systematic Honeynet-based Testbed Environment
(PDF)
(BibTex)
Napoleon Paxton, Gail-Joon Ahn, Richard Kelly, Kevin Pearson and Bill Chu
Colloquium for Information Systems Security Education, Boston University, Boston, MA, June 4-7, 2007
Managing Heterogeneous Network Environments Using an Extensible Policy Framework
(PDF)
(BibTex)
Lawrence Teo and Gail-Joon Ahn
ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS) Singapore, March 20-22, 2007
2006
Building Decision Support Problem Domain Ontology from Security Requirements to Engineer Software-intensive Systems
(BibTex)
Seok-Won Lee, Divya Muthurajan, Robin Gandhi, Deepak Yavagal and Gail-Joon Ahn
International Journal of Software Engineering and Knowledge Engineering, World Scientific, 2006
Certification Process Artifacts Defined as Measurable Units for Software Assurance
(PDF)
(BibTex)
Seok-Won Lee, Robin Gandhi and Gail-Joon Ahn
Software Process: Improvement and Practice, John Wiley & Sons, 2006
Towards Secure Information Sharing and Management in Grid Environments
(PDF)
(BibTex)
Jing Jin and Gail-Joon Ahn
IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), Atlanta, GA, USA, November 17-20, 2006
Role-based Access Management for Ad-hoc Collaboration
(PDF)
(BibTex)
Jing Jin and Gail-Joon Ahn
ACM Symposium on Access Control Models And Technologies (SACMAT), Lake Tahoe, CA, USA, June 7-9, 2006
Building Problem Domain Ontology from Security Requirements in Regulatory Documents
(PDF)
(BibTex)
Seok-Won Lee, Robin Gandhi, Divya Muthurajan and Deepak Yavagal and Gail-Joon Ahn
ACM ICSE Workshop on Software Engineering for Secure Systems (SESS), Shanghai, China, May 20-28, 2006
ShareEnabler: Policy-Driven Access Management for Ad-hoc Collaborative Sharing
(PDF)
(BibTex)
Jing Jin, Gail-Joon Ahn and Mukesh Signhal
International Workshop on Pervasive Information Management (PIM), Lecture Notes in Computer Science (LNCS-4254), Munich, Germany, March 30, 2006
2005
Role-based Privilege and Trust Management
(PDF)
(BibTex)
Dongwan Shin and Gail-Joon Ahn
Computer Systems Science & Engineering Journal, Vol. 20, No. 6, CRL Publishing, November 2005
Access Control in Collaborative Systems
(PDF)
(BibTex)
B. Tolone, Gail-Joon Ahn, T. Pai and S. Hong
ACM Computing Surveys (CSUR), Vol. 37, No. 1, ACM, March 2005
Managing Privacy Preferences in Federated Identity Management
(PDF)
(BibTex)
Gail-Joon Ahn and John Lam
ACM Workshop on Digital Identity Management (In conjunction with 12th ACM Conference on Computer and Communications Security), Fairfax, VA, November 11, 2005
Specification and Validation of Authorisation Constraints Using UML and OCL
(PDF)
(BibTex)
Karsten Sohr, Gail-Joon Ahn, Martin Gogolla and Lars Migge
European Symposium on Research in Computer Security (ESORICS), Lecture Notes in Computer Science (LNCS), Milan, Italy, September 12-14, 2005
Security Requirements Driven Risk Assessment for Critical Infrastructure Information Systems
(PDF)
(BibTex)
Seok-Won Lee, Robin A. Gandhi and Gail-Joon Ahn
Symposium on Requirements Engineering for Information Security, (In conjunction with 13th IEEE International Requirements Engineering Conference), Paris, France, August 29, 2005
Engineering Information Assurance for Critical Infrastructures: The DITSCAP Automation Study
(PDF)
(BibTex)
Seok Won Lee, Gail-Joon Ahn and Robin A. Gandhi
Annual International INCOSE Symposium, Rochester, New York, July 10-15, 2005
Active Automation of the DITSCAP
(PDF)
(BibTex)
Seok Won Lee, Robin A. Gandhi, Gail-Joon Ahn and Deepak Yavagal
IEEE International Conference on Intelligence and Security Informatics, Lecture Notes in Computer Science (LNCS), Atlanta, GA, May 19-20, 2005
Establishing Trustworthiness in Services of the Critical Infrastructure through Certification and Accreditation
(PDF)
(BibTex)
Seok Won Lee, Robin A. Gandhi and Gail-Joon Ahn
ACM ICSE Workshop on Software Engineering for Secure Systems (SESS), St. Louis, MO, May 15-16, 2005
(Also in ACM SIGSOFT Software Engineering Notes, Volume 30 , Issue 4, July 2005)
Articulating and Enforcing Authorisation Policies with UML and OCL
(PDF)
(BibTex)
Karsten Sohr, Gail-Joon Ahn and Lars Migge
ACM ICSE Workshop on Software Engineering for Secure Systems (SESS), St. Louis, MO, May 15-16, 2005
(Also in ACM SIGSOFT Software Engineering Notes, Volume 30 , Issue 4, July 2005)
Common Criteria Requirements Modeling and its Uses for Quality of Information Assurance (QoIA)
(PDF)
(BibTex)
Deepak S. Yavagal, Seok Won Lee, Gail-Joon Ahn and Robin A. Gandhi
ACM Southeast Conference, Atlanta, GA, March 18-20, 2005
Supporting Access Control Policies Across Multiple Operating Systems
(PDF)
(BibTex)
Lawrence Teo and Gail-Joon Ahn
ACM Southeast Conference, Atlanta, GA, March 18-20, 2005
Formal Specification of Role-based Security Policies for Clinical Information Systems
(PDF)
(BibTex)
Karsten Sohr, Michael Drounineaud and Gail-Joon Ahn
ACM Symposium on Applied Computing (SAC), Santa Fe, NM, USA, March 13-17, 2005
Interactive Exploration of Large Filesystems
(PDF)
(BibTex)
K.R. Subramanian, J.A. Foster and Gail-Joon Ahn
SPIE Conference on Visualization and Data Analysis, San Jose, CA, USA, January 16-20, 2005
2004
A Role-based Infrastructure Management System: Design and Implementation
(PDF)
(BibTex)
Dongwan Shin and Gail-Joon Ahn
Concurrency and Computation: Practice and Experience, Vol.16, No.11, John Wiley & Sons, August 2004
Information Assurance in Federated Identity Management: Experimentations and Issues
(PDF)
(BibTex)
Gail-Joon Ahn and Dongwan Shin and Seng-Phil Hong
International Conference on Web Information Systems Engineering, Lecture Notes in Computer Science (LNCS3306), p79-90, Brisbane, Australia, November 22-24, 2004
Role-based Trust Assignment in Trust Management Systems
(BibTex)
Dongwan Shin and Gail-Joon Ahn
International Conference on Parallel and Distributed Computing Systems (PDCS), San Francisco, CA, USA, September 15-17, 2004
Role-based Privilege Management Using Attribute Certificates and Delegation
(PDF)
(BibTex)
Gail-Joon Ahn, Dongwan Shin and Longhua Zhang
International Conference on Trust and Privacy in Digital Business, Lecture Notes in Computer Science (LNCS3184), August 30 - September 3, 2004
Towards the Specification of Access Control Policies on Multiple Operating Systems
(PDF)
(BibTex)
Lawrence Teo and Gail-Joon Ahn
IEEE Information Assurance Workshop, United States Military Academy, West Point, New York, USA, June 10-11, 2004
Application Penetration Testing: Concepts and Taxonomy
John Melton and Gail-Joon Ahn
Department of Energy Cyber Security Training Conference, Overland Park, Kansas, May 24-27, 2004
Best Student Paper presented by Department of Energy Office of the Chief Information Officer
Ensuring Information Assurance in Federated Identity Management
(PDF)
(BibTex)
Dongwan Shin, Gail-Joon Ahn and Prasad Shenoy
IEEE International Performance Computing and Communications Conference (IPCCC), Phoenix, AZ, USA, April 14-17, 2004
Group Hierarchies with Constrained User Assignment in Linux
(PDF)
(BibTex)
Gail-Joon Ahn and Seng-Phil Hong
Second International Workshop on Security In Information Systems (WOSIS) held in conjunction with the 6th International Conference on Enterprise Information Systems (ICEIS), Porto, Portugal, April 13, 2004
Defeating Internet Attacks Using Risk Awareness and Active Honeypots
(PDF)
(BibTex)
Lawrence Teo, Yu-An Sun and Gail-Joon Ahn
IEEE International Information Assurance Workshop (IWIA), Charlotte, NC, USA, April 8-9, 2004
Secure Information Sharing Using Role-based Delegation
(PDF)
(BibTex)
Gail-Joon Ahn and Badrinath Mohan
IEEE International Conference on Information Technology: Coding & Computing (ITCC), Las Vegas, NV, USA, April 5-7, 2004
2003
A Rule-Based Framework for Role-Based Delegation and Revocation
(PDF)
(BibTex)
Longhua Zhang, Gail-Joon Ahn and Bill Chu
ACM Transactions on Information and System Security (TISSEC), Vol.6, No.3, August 2003
Secure Consolidated Authorization Mechanism for Supply Chain Management
S. Hong, Gail-Joon Ahn and Myungchul Kim
International Journal of Computer and Information Science, Vol. 4, No. 1, 2003
Towards IA-Aware Web Services for Federated Identity Management
(BibTex)
Prasad Shenoy, Dongwan Shin and Gail-Joon Ahn
IASTED International Conference on Communication, Network, and Information Security (CNIS), New York, USA, December 10-12, 2003
Authorization Management for Role-based Collaboration
(PDF)
(BibTex)
Gail-Joon Ahn, Longhua Zhang, Dongwan Shin and Bill Chu
IEEE International Conference on System, Man and Cybernetic (SMC), WA D.C, USA, October 5-8, 2003
Locale-Based Access Control: placing collaborative authorization decisions in context
(PDF)
(BibTex)
Bill Tolone. Robin Gandhi and Gail-Joon Ahn
IEEE International Conference on System, Man and Cybernetic (SMC), WA D.C, USA, October 5-8, 2003
Context & Environmental Aware Wireless Sensor Networks for Reconfigurable Manufacturing Systems
(PDF)
(BibTex)
Ivan Howitt, Gail-Joon Ahn, Teresa Dahlberg, Asis Nasupri and Yuliang Zheng
CIRP Conference on Agile, Reconfigurable Manufacturing, Ann Arbor, MA, USA, August 20-21, 2003
Specification and Classification of Role-based Authorization Policies
(PDF)
(BibTex)
Gail-Joon Ahn
IEEE International Workshop on Enterprise Security (WETICE), Linz, Austria, June 9-11, 2003
Dynamic and Risk Aware Network Access Management
(PDF)
(BibTex)
Lawrence Teo, Gail-Joon Ahn and Yuliang Zheng
ACM Symposium on Access Control Models And Technologies (SACMAT), Como, Italy, June 2-3, 2003
Role Control Center: Features and Case Studies
(PDF)
(BibTex)
David Ferriolo, Gail-Joon Ahn, R. Chandramouli and Serban I. Gavrila
ACM Symposium on Access Control Models And Technologies (SACMAT), Como, Italy, June 2-3, 2003
On Modeling System-centric Information for Role Engineering
(PDF)
(BibTex)
Dongwan Shin, Gail-Joon Ahn, Sangrae Cho and Seunghun Jin
ACM Symposium on Access Control Models And Technologies (SACMAT), Como, Italy, June 2-3, 2003
Constrained Role-based Delegation
(PDF)
(BibTex)
Longhua Zhang and Gail-Joon Ahn
IFIP International Information Security Conference (SEC), Athens, Greece, May 26-28, 2003
Intrusion Detection Force: An Infrastructure for Internet-Scale Intrusion Detection
(PDF)
(BibTex)
Lawrence Teo, Yuliang Zheng and Gail-Joon Ahn
IEEE International Information Assurance Workshop (IWIA), Darmstadt, Germany, March 24, 2003
Role-Based Authorization in Decentralized Health Care Environments
(PDF)
(BibTex)
Gail-Joon Ahn and Badrinath Mohan
ACM Symposium on Applied Computing (SAC), Melbourne, FL, USA, March 9-12, 2003
An Administration System for Role-based Authorization Infrastructures
Dongwan Shin, Gail-Joon Ahn and Sangrae Cho
ACM Symposium on Applied Computing (SAC), March 9-12, 2003, Melbourne, FL, USA, March 9-12, 2003
2002
Reconstructing a Formal Security Model
(PDF)
(BibTex)
Gail-Joon Ahn, S. Hong and M. Shin
Information and Software Technology, Vol. 44, No. 11, Elsevier Science, August 2002
Role-based EAM Using X.509 Attribute Certificate
(PDF)
(BibTex)
Dongwan Shin, Gail-Joon Ahn and Sangrae Cho
IFIP WG 11.3 Working Conference on Database and Application Security (DBSec), King's College, University of Cambridge, UK, July 29-31, 2002
A Neural Model for Network Intrusion Detection
Kayvan Najarian, Xiaolu Sun and Gail-Joon Ahn
World Multi-Conference on Systemics, Cybernetics, and Informatics, Orlando, FL, USA, July 2002
An application of DSML for RBAC
(PDF)
(BibTex)
Dongwan Shin, Gail-Joon Ahn and Joon S. Park
IEEE International Computer Software and Application Conference (COMPSAC), p934-939, Oxford, UK, August 26-29, 2002
Towards Scalable Authentication in Health Services
(PDF)
(BibTex)
Gail-Joon Ahn and Dongwan Shin
IEEE International Workshop on Enterprise Security (WETICE), CMU, PA, USA, June 10-12, 2002
A Role-Based Delegation Framework for Healthcare Information Systems
(PDF)
(BibTex)
Longhua Zhang, Gail-Joon Ahn and Bill Chu
ACM Symposium on Access Control Models And Technologies (SACMAT), Naval Postgraduate School, Monterey, CA, USA, June 3-4, 2002
Challenges to Multi-Enterprise Integration: the EECOMS Experience
(PDF)
(BibTex)
William J. Tolone, Bei-tseng Chu, Gail-Joon Ahn, Robert G. Wilhelm, John E. Sims
IFIP TC5/WG5.12 International Conference on Architectures for Enterprise Integration, Valencia, Spain, April 24-26, 2002
2001 and Before
CONUGA: Constrained User Group Assignment
(PDF)
(BibTex)
Gail-Joon Ahn and Kwangjo Kim
Journal of Network and Computer Applications, Vol. 24, No. 2, Academic Press, April 2001
Also appeared in Reader's Guide to Journal Papers in Cipher
Decentralized User Group Assignment in Windows NT
(PDF)
(BibTex)
Gail-Joon Ahn and Ravi Sandhu
Journal: Systems and Software, Elsevier Science, Vol. 56, No. 1, February 2001
Also appeared in Reader's Guide to Journal Papers in Cipher
Secure Attribute Services on the Web
(PDF)
(BibTex)
Joon Park, Gail-Joon Ahn and Ravi Sandhu
ACM Transactions on Information and System Security (TISSEC), Vol. 4, No. 1, February 2001
Role-based access control in DCOM
(PDF)
(BibTex)
Gail-Joon Ahn
Journal of Systems Architecture, Vol. 46, No. 13, Elsevier Science, November 2000
Role-based Authorization Constraints Specification
(PDF)
(BibTex)
Gail-Joon Ahn and Ravi Sandhu
ACM Transactions on Information and System Security (TISSEC), p207-226, Vol. 3, No. 4, ACM, November 2000
Towards Role-Based Administration in Network Information Services
(PDF)
(BibTex)
Gail-Joon Ahn and Ravi Sandhu
Journal of Network and Computer Applications, p199-213, Vol. 22, No. 3, Academic Press, February 1999
Adopting Roles in Network Information Services
(BibTex)
Gail-Joon Ahn
International Journal of Computers and Applications, Vol. 21, No. 3, ACTA Press, 1999
A Secure Consolidated Authorization Mechanism for SCM
(BibTex)
Seung-Phil Hong, Gail-Joon Ahn, Myung-Chul Kim, Min-Hyung Kim and Jung Tae Yoo
ACIS International Conference on Computer and Information Science (ICIS), Orlando, FL, October 3-5, 2001
Scalable Authentication Architecture for Critical Information System
Gail-Joon Ahn
AFCEA (Armed Forces Communications and Electronics Association) Annual Federal Database Colloquium and Exposition, San Diego, CA, USA, August 28-30, 2001
Browsing Structured Data with Role-based Security Realm
Seung-Phil Hong and Gail-Joon Ahn
ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, NIT, Japan, August 20-22, 2001
RBAC on the Web Using LDAP
(PDF)
(BibTex)
Joon S. Park, Gail-Joon Ahn and Ravi Sandhu
IFIP WG 11.3 Working Conference on Database and Application Security (DBSec), Ontario, Canada, July 15-18, 2001
Role-based Authorization Constraints Specification Using Object Constraint Language
(PDF)
(BibTex)
Gail-Joon Ahn and Michael E. Shin
IEEE International Workshop on Enterprise Security (WETICE), MIT, MA, USA, June 20-22, 2001
A Rule-Based Framework for Role-Based Delegation
(PDF)
(BibTex)
Longhua Zhang, Gail-Joon Ahn and Bei-Tseng Chu
ACM Symposium on Access Control Models and Technologies (SACMAT), Chantilly, VA, May 3-4, 2001
Role Based Constraints Language, Position Paper
Gail-Joon Ahn and Ravi Sandhu
IEEE Workshop on Policies for Distributed Systems and Networks (Policy), HP Labs, Bristol, UK, January 29-31, 2001
Injecting RBAC to Secure a Web-based Workflow System
(PDF)
(BibTex)
Gail-Joon Ahn, Ravi Sandhu, Joon S. Park and Myong Kang
ACM Workshop on Role-Based Access Control (SACMAT), Germany, July 26-28, 2000
UML-based Representation of Role-based Access Control
(PDF)
(BibTex)
Michael Eonsuk Shin and Gail-Joon Ahn
IEEE International Workshop on Enterprise Security (WETICE), NIST, MD, USA, June 14-16, 2000
The RSL99 Language for Role-Based Separation of Duty Constraints
(PDF)
(BibTex)
Gail-Joon Ahn and Ravi Sandhu
ACM Workshop on Role-Based Access Control (SACMAT), p43-54, Fairfax, VA, USA, October 28-29, 1999
Hierarchical Administration in Network Information Services
Gail-Joon Ahn
IAoM Annual International Conference on Computer Science, August 6-8, 1999
Security Architecture of DCOM and Its Integration with RBAC
(BibTex)
Gail-Joon Ahn and Ravi Sandhu
International Computer Symposium (ICS), p71-78, December 17-19, 1998
Decentralized Group Hierarchies in UNIX: An Experiment and Lessons Learned
(PDF)
(BibTex)
Ravi Sandhu and Gail-Joon Ahn
NIST-NCSC National Information Systems Security Conference, p486-502, VA, USA, October 5-8, 1998
Group Hierarchies with Decentralized User Assignment in Windows NT
(PDF)
(BibTex)
Ravi Sandhu and Gail-Joon Ahn
IASTED International Conference on Software Engineering, San Francisco, CA, USA, October 28-31, 1998
Also at NSA University Research Program Symposium, August 18-19, 1998