Publications

"If we knew what it was we were doing, it would not be called research, would it?"

— attributed to Albert Einstein

Book Chapters

  1. Adam Bates, Devin Pohly, and Kevin R. B. Butler. Secure and Trustworthy Provenance Collection for Digital Forensics. In C. Wang, R. M. Gerges, Y. Guan, and S. K. Kasera, eds., Digital Fingerprinting (pp. 141–176). New York: Springer-Verlag, 2016.
  2. Kevin Butler, William Enck, Patrick Traynor, Jennifer Plasterr, and Patrick McDaniel. Privacy Preserving Web-Based Email. Algorithms, Architectures and Information Systems Security, Statistical Science and Interdisciplinary Research. World Scientific Computing, November 2008.

Journal Publications

  1. Weidong Zhou, Grant Hernandez, Washington Garcia, Dave (Jing) Tian, Sara Rampazzi, and Kevin Butler. SrFTL: Leveraging Storage Semantics for Effective Ransomware Defense in Flash-based SSDs. ACM Transactions on Storage, accepted for publication July 2025.
  2. Seth Layton, Daniel Olszewski, Kevin Warren, Kevin Butler, and Patrick Traynor. Every Breath You Don’t Take: Deepfake Speech Detection Using Breath. ACM Digital Threats: Research and Practice, 6(3), article 13, pages 1–18, September 2025.
  3. Chris Moore, Catherine Gill, Nadya Bliss, Kevin Butler, Stephanie Forrest, Dan Lopresti, Mary Lou Maher, Helena Mentis, Shashi Shekhar, Amanda Stent, and Matthew Turk. Concerning the Responsible Use of AI in the US Criminal Justice System. Communications of the ACM, 68(9), pages 41–44, August 2025.
  4. Cassidy Gibson, Patrick Traynor, and Kevin Butler. Copycat Crimes: Characterizing Code Reuse in the Mobile Android Stalkerware Ecosystem. IEEE Security and Privacy, 23(4), pages 71–79, July/August 2025.
  5. Cassidy Gibson, Kevin R. B. Butler, Tadayoshi Kohno, and Elissa M. Redmiles. The Tools and Tolls of AI Nudification. USENIX ;login, July 2025.
  6. Kevin Butler, Kurt Hugenberg, Eakta Jain, Apu Kapadia, Tadayoshi Kohno, Elissa M. Redmiles, Franziska Roesner, Mattea Sim, Patrick Traynor, and Hanna Barakat. Extending the Heilmeier Catechism to Evaluate Security & Privacy Systems: Who is Left Out? IEEE Security and Privacy, 23(3), pages 91–95, May/June 2025.
  7. Ethan Wilson, Azim Ibragimov, Michael J. Proulx, Sai Deep Tetali, Kevin Butler, and Eakta Jain. Privacy-Preserving Gaze Data Streaming in Immersive Interactive Virtual Reality: Robustness and User Experience. IEEE Transactions on Visualization and Computer Graphics, January 2024. Selected for presentation at IEEE VR 2024 conference.
  8. Brendan David-John, Kevin Butler, and Eakta Jain. Privacy-Preserving Datasets of Eye-Tracking Samples with Applications in XR. IEEE Transactions on Visualization and Computer Graphics, 29(5), pages 2774–2784, May 2023. Selected for presentation at IEEE VR 2023 conference.
  9. Tuba Yavuz, Farhaan Fowze, Grant Hernandez, Ken (Yihang) Bai, Kevin Butler, and Dave (Jing) Tian. ENCIDER: Detecting Timing and Cache Side Channels in SGX Enclaves and Cryptographic APIs. IEEE Transactions on Dependable and Secure Computing, 20(2), pages 1577–1595, March/April 2023.
  10. Weidong Zhu and Kevin Butler. NASA: NVM-Assisted Secure Deletion for Flash Memory. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (TCAD), July 2022 (early access). Accepted for presentation at the International Conference on Embedded Software (EMSOFT) 2022.
  11. Brendan David-John, Diane Hosfelt, Kevin Butler, and Eakta Jain. A Privacy-Preserving Approach to Streaming Eye-Tracking Data. IEEE Transactions on Visualization and Computer Graphics, 27(5), pages 2555–2565, May 2021. Best paper nominee at IEEE VR 2021.
  12. Farhaan Fowze, Dave Tian, Grant Hernandez, Kevin Butler, and Tuba Yavuz. ProXray: Protocol Model Learning and Guided Firmware Analysis. IEEE Transactions on Software Engineering, August 2019. Selected for Journal-First presentation at ICSE’20.
  13. Grant Hernandez, Dave (Jing) Tian, Farhaan Fowze, Tuba Yavuz, Patrick Traynor, and Kevin Butler. Toward Automated Firmware Analysis in the IoT Era. IEEE Security and Privacy, 17(5), pages 38–46, Sept/Oct 2019.
  14. Joseph Choi and Kevin Butler. Secure Multiparty Computation and Trusted Hardware: Examining Adoption Challenges and Opportunities. Security and Communication Networks, 2019, Article ID 1368905, 28 pages, April 2019.
  15. Benjamin Mood and Kevin Butler. PAL: A Pseudo Assembly Language for Optimizing Secure Function Evaluation in Mobile Devices. Journal of Information Security and Applications, 40, pp. 78–91, June 2018.
  16. Patrick Traynor, Kevin Butler, Jasmine Bowers, and Bradley Reaves. FinTechSec: Addressing the Security Challenges of Digital Financial Services. IEEE Security and Privacy, 15(5), pp. 85–89, Sept./Oct. 2017.
  17. Dave (Jing) Tian, Kevin R. B. Butler, Joseph Choi, Patrick D. McDaniel, and Padma Krishnaswamy. Securing ARP/NDP From the Ground Up. IEEE Transactions on Information Forensics and Security, 12(0), pp. 2131–2143, September 2017.
  18. Adam Bates, Dave (Jing) Tian, Grant Hernandez, Thomas Moyer, Kevin R. B. Butler, and Trent Jaeger. Taming the Costs of Trustworthy Provenance through Policy Reduction. ACM Transactions on Internet Technology, 17(4), Article 34, September 2017.
  19. Bradley Reaves, Jasmine Bowers, Nolen Scaife, Adam Bates, Arnav Bhartiya, Patrick Traynor, and Kevin Butler. Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications. ACM Transactions on Privacy and Security, 20(3), Article 11, August 2017.
  20. Bradley Reaves, Jasmine Bowers, Sigmund Albert Gorski III, Rahul Bobate, Raymond Cho, Hiranava Sas, Sharique Hussain, Hamza Karachiwala, Nolen Scaife, Byron Wright, Kevin Butler, William Enck, and Patrick Traynor. *droid: Assessment and Evaluation of Android Application Analysis Tools. ACM Computing Surveys, 49(3), Article 55, November 2016.
  21. Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler. Outsourcing Secure Two-Party Computation as a Black Box. Security and Communication Networks, 9(14), pp. 2261–2275, September 2016.
  22. Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler. Secure Outsourced Garbled Circuit Evaluation for Mobile Devices. Journal of Computer Security, 24(2), pp. 137–180, 2016.
  23. Adam Bates, Kevin Butler, Micah Sherr, Clay Shields, Patrick Traynor, and Dan Wallach. Accountable Wiretapping — or — I Know That They Can Hear You Now. Journal of Computer Security, 23(2), pp. 167–195, 2015.
  24. Adam Bates, Benjamin Mood, Joe Pletcher, Hannah Pruse, Masoud Valafar, and Kevin Butler. On Detecting Co-Resident Cloud Instances Using Network Flow Watermarking Techniques. International Journal of Information Security, 13(2), pp. 171–198, April 2014.
  25. Thomas Moyer, Kevin Butler, Joshua Schiffman, Patrick McDaniel, and Trent Jaeger. Scalable Web Content Attestation. IEEE Transactions on Computers, 61(5), pp. 686–699, May 2012.
  26. Kevin Butler, Stephen McLaughlin, Thomas Moyer, and Patrick McDaniel. New Security Architectures Based on Emerging Disk Functionality. IEEE Security and Privacy, 8(5), pp. 34–41, Sept./Oct. 2010.
  27. Kevin Butler, Toni Farley, Patrick McDaniel, and Jennifer Rexford. A Survey of BGP Security Issues and Solutions. Proceedings of the IEEE, 98(1):100–122, January 2010.
  28. Patrick Traynor, Kevin Butler, William Enck, Kevin Borders, and Patrick McDaniel. malnets: Large-Scale Malicious Networks via Compromised Wireless Access Points. Journal of Security and Communication Networks (SCN), 2009.
  29. Kevin Butler, Sunam Ryu, Patrick Traynor, and Patrick McDaniel. Leveraging Identity-Based Cryptography for Node ID Assignment in Structured P2P Systems. IEEE Transactions on Parallel and Distributed Systems (TPDS), 20(12):1803–1815, December 2009.
  30. Patrick McDaniel, William Aiello, Kevin Butler, and John Ioannidis. Origin Authentication in Interdomain Routing. Computer Networks, 50(16), pp. 2953–2980, 14 November 2006.

Conference Publications

  1. Seaver Thorn, Nathaniel Bennett, Kevin Butler, Patrick Traynor, and William Enck. ASN1spect: Uncovering ASN.1 Compiler-Generated Vulnerabilities in Critical Infrastructure. 2026 ACM Secure Development Conference (SecDev’26), Montreal, QC, Canada, July 2026.
  2. Nathaniel Bennett, Tyler Tucker, Carson Stillman, William Enck, Patrick Traynor, and Kevin Butler. Fizzle: A Framework for Deterministic and Reproducible Network Fuzzing. 47th IEEE Symposium on Security and Privacy (Oakland’26), San Francisco, CA, USA, May 2026.
  3. Seth Layton, Bernardo B. P. Medeiros, Kevin Butler, and Patrick Traynor. AI Wrote My Paper and All I Got Was This False Negative: Measuring the Efficacy of Commercial AI Text Detectors. 47th IEEE Symposium on Security and Privacy (Oakland’26), San Francisco, CA, USA, May 2026.
  4. Weidong Zhu, Wenxuan Bao, Vincent Bindschaedler, Sara Rampazzi, and Kevin Butler. Enabling Plausible Deniability in Flash-based Storage through Data Permutation. Proceedings of the 2025 Annual Computer Security Applications Conference (ACSAC 2025), Honolulu, HI, USA, December 2025.
  5. Carson Stillman, Jennifer Sheldon, Ian Garrett, Patrick Traynor, Ryan Gerdes, Sara Rampazzi, and Kevin Butler. EM-Flow: Advanced Electromagnetic Control Flow Verification for Embedded Systems. Proceedings of the 2025 Annual Computer Security Applications Conference (ACSAC 2025), Honolulu, HI, USA, December 2025.
  6. Kevin Childs, Mollie Brewer, Spencer Thomas, Celeste Wilkins, Jennifer A. Nichols, Kristy Elizabeth Boyer, and Kevin R. B. Butler. Mapping the Flow of Information from Continuous Wearables: Insights from Elite Collegiate Athletes in the United States. 2025 ACM Conference on Human-Computer Interaction and Sports (SportsHCI 2025), Twente, The Netherlands, November 2025.
  7. Weidong Zhu, Carson Stillman, Sara Rampazzi, and Kevin Butler. Enabling Secure and Efficient Data Loss Prevention with a Retention-aware Versioning SSD. 32nd ACM Conference on Computer and Communication Security (CCS’25), Taipei, Taiwan, October 2025. (Acceptance rate: 14.4%)
  8. Daniel Olszewski, Tyler Tucker, Kevin Butler, and Patrick Traynor. SoK: Towards a Unified Approach to Applied Replicability for Computer Security. 34th USENIX Security Symposium (Security’25), Seattle, WA, USA, August 2025. (Acceptance rate: 17.1%)
  9. Cassidy Gibson, Daniel Olszewski, Natalie Grace Brigham, Anna Crowder, Kevin R. B. Butler, Patrick Traynor, Elissa M. Redmiles, and Tadayoshi Kohno. Analyzing the AI Nudification Application Ecosystem. 34th USENIX Security Symposium (Security’25), Seattle, WA, USA, August 2025. (Acceptance rate: 17.1%) 🏆 Internet Defense Prize Runner-Up 🏆 Distinguished Paper Honorable Mention 🏆 CSAW Social Impact Award
  10. Daniel Olszewski, Allison Lu, Anna Crowder, Nathaniel Bennett, Seth Layton, Sri Hrushikesh Varma Bhupathiraju, Tyler Tucker, Siddhant Kalgutkar, Hunter Ver Helst, Carson Stillman, Kevin Butler, Sara Rampazzi, and Patrick Traynor. Reproducibility in Applied Security Conferences: An 11-Year Review on Artifacts and Evaluation Committees. 2025 ACM Conference on Reproducibility and Replicability (REP 2025), Vancouver, BC, Canada, July 2025. 🏆 Best Paper Award
  11. Anna Crowder, Allison Lu, Kevin Childs, Carson Stillman, Patrick Traynor, and Kevin R. B. Butler. Data to Infinity and Beyond: Examining Data Sharing and Usage Practices in the Computer Security Community. 46th IEEE Symposium on Security and Privacy (Oakland’25), San Francisco, CA, USA, May 2025. (Acceptance rate: 14.8%)
  12. Mollie Brewer, Kevin Childs, Spencer Thomas, Celeste Wilkins, Kristy Elizabeth Boyer, Jennifer A. Nichols, Kevin R. B. Butler, Garrett F. Beatty, and Daniel P. Ferris. Coach, Data Analyst, and Protector: Exploring Data Practices of Collegiate Coaching Staff. 2025 ACM CHI Conference on Human Factors in Computing Systems (CHI’25), Yokohama, Japan, April 2025. (Acceptance rate: 24.9%)
  13. Magdalena Pasternak, Kevin Warren, Daniel Olszewski, Susan Nittrouer, Patrick Traynor, and Kevin R. B. Butler. Characterizing the Impact of Audio Deepfakes in the Presence of Cochlear Implant Simulated Audio. 32nd ISOC Network and Distributed System Security Symposium (NDSS 2025), San Diego, CA, February 2025. (Acceptance rate: 16.1%)
  14. Tyler Tucker, Nathaniel Bennett, Martin Kotuliak, Simon Erni, Srdjan Capkun, Kevin Butler, and Patrick Traynor. Detecting IMSI-Catchers by Characterizing Identity Exposing Messages in Cellular Traffic. 32nd ISOC Network and Distributed System Security Symposium (NDSS 2025), San Diego, CA, February 2025. (Acceptance rate: 16.1%)
  15. Anna Crowder, Daniel Olszewski, Patrick Traynor, and Kevin R. B. Butler. I Can Show You the World (of Censorship): Extracting Insights from Censorship Measurement Data Using Statistical Techniques. 40th Annual Computer Security Applications Conference (ACSAC 2024), Honolulu, HI, December 2024. (Acceptance rate: 21.8%)
  16. Kevin Childs, Cassidy Gibson, Anna Crowder, Kevin Warren, Carson Stillman, Elissa M. Redmiles, Eakta Jain, Patrick Traynor, and Kevin R. B. Butler. "I Had Sort of a Sense that I was Always Being Watched…Since I Was": Examining Interpersonal Discomfort From Continuous Location-Sharing Applications. 31st ACM Conference on Computer and Communications Security (CCS’24), Salt Lake City, UT, USA, October 2024. (Acceptance rate: 16.9%)
  17. Nathaniel Bennett, Weidong Zhu, Benjamin Simon, Ryon Kennedy, William Enck, Patrick Traynor, and Kevin R. B. Butler. RANsacked: A Domain-Informed Approach for Fuzzing LTE and 5G RAN-Core Interfaces. 31st ACM Conference on Computer and Communications Security (CCS’24), Salt Lake City, UT, USA, October 2024. (Acceptance rate: 16.9%)
  18. Kevin Warren, Tyler Tucker, Anna Crowder, Daniel Olszewski, Allison Lu, Caroline Fedele, Magdalena Pasternak, Seth Layton, Kevin Butler, Carrie Gates, and Patrick Traynor. "Better Be Computer Or I’m Dumb": A Large-Scale Evaluation of Humans as Audio Deepfake Detectors. 31st ACM Conference on Computer and Communications Security (CCS’24), Salt Lake City, UT, USA, October 2024. (Acceptance rate: 16.9%) 🏆 Distinguished Paper Award
  19. Seth Layton, Tyler Tucker, Daniel Olszewski, Kevin Warren, Kevin Butler, and Patrick Traynor. SoK: The Good, The Bad, and The Unbalanced: Measuring Structural Limitations of Current Deepfake Datasets. USENIX Security Symposium (Security’24), Philadelphia, PA, USA, August 2024. (Acceptance rate: 17.6%)
  20. Weidong Zhu, Grant Hernandez, Washington Garcia, Dave (Jing) Tian, Sara Rampazzi, and Kevin Butler. Minding the Semantic Gap for Effective Storage-Based Ransomware Defense. 38th International Conference on Massive Storage Systems and Technology (MSST’24), Santa Clara, CA, USA, June 2024.
  21. Seaver Thorn, K. Virgil English, Kevin Butler, and William Enck. 5GAC-Analyzer: Identifying Over-Privilege Between 5G Core Network Functions. ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec’24), Seoul, Korea, May 2024. (Acceptance rate: 16.0% for full papers)
  22. K. Virgil English, Nathaniel Bennett, Seaver Thorn, Kevin Butler, William Enck, and Patrick Traynor. Examining Cryptography and Randomness Failures in Open-Source Cellular Cores. ACM Conference on Data and Application Security and Privacy (CODASPY’24), Porto, Portugal, June 2024. (Acceptance rate: 21.3%) 🏆 Best Paper Award
  23. Jennifer Sheldon, Weidong Zhu, Adnan Abdullah, Sri Hrushikesh Varma Bhupathiraju, Takeshi Sugawara, Kevin Butler, Md Jahidul Islam, and Sara Rampazzi. AquaSonic: Acoustic Manipulation of Underwater Data Center Operations and Resource Management. IEEE Symposium on Security and Privacy (Oakland’24), San Francisco, CA, USA, May 2024. (Acceptance rate: 17.8%)
  24. Caroline Fedele, Christopher Petersen, Tyler Lovelly, and Kevin Butler. Protecting Satellite Proximity Operations via Secure Multi-Party Computation. American Institute of Aeronautics and Astronautics (AIAA) SciTech Forum, Orlando, FL, USA, January 2024.
  25. Daniel Olszewski, Allison Lu, Carson Stillman, Kevin Warren, Cole Kitroser, Alejandro Pascual, Divyajyoti, Kevin Butler, and Patrick Traynor. "Get in Researchers; We’re Measuring Reproducibility": A Reproducibility Study of Machine Learning Papers in Tier 1 Security Conferences. 30th ACM Conference on Computer and Communications Security (CCS’23), Copenhagen, Denmark, November 2023. (Acceptance rate: 19.2%)
  26. Kyungtae Kim, Sungwoo Kim, Kevin Butler, Antonio Bianchi, and Dave (Jing) Tian. Fuzz The Power: Dual-role State Guided Black-box Fuzzing for USB Power Delivery. 32nd USENIX Security Symposium (Security’23), Anaheim, CA, USA, August 2023. (Acceptance rate: 29%)
  27. Yazhou Tu, Liqun Shen, Md Imran Hossen, Sara Rampazzi, Kevin Butler, and Xiali Hei. Auditory Eyesight: Demystifying μs-Precision Keystroke Tracking Attacks on Unconstrained Keyboard Inputs. 32nd USENIX Security Symposium (Security’23), Anaheim, CA, USA, August 2023. (Acceptance rate: 29%)
  28. Christian Peeters, Tyler Tucker, Anushri Jain, Kevin Butler, and Patrick Traynor. LeopardSeal: Detecting Call Interception via Audio Rogue Base Stations. 21st ACM International Conference on Mobile Systems, Applications, and Services (MobiSys’23), Helsinki, Finland, June 2023. (Acceptance rate: 20.7%)
  29. Yan Long, Pirouz Naghavi, Blas Kojusner, Kevin Butler, Sara Rampazzi, and Kevin Fu. Side Eye: Characterizing the Limits of POV Acoustic Eavesdropping from Smartphone Cameras with Rolling Shutters and Movable Lenses. 44th IEEE Symposium on Security and Privacy (Oakland’23), San Francisco, CA, USA, May 2023. (Acceptance rate: 17.1%)
  30. Tyler Tucker, Hunter Searle, Kevin Butler, and Patrick Traynor. Blue’s Clues: Practical Discovery of Non-Discoverable Bluetooth Devices. 44th IEEE Symposium on Security and Privacy (Oakland’23), San Francisco, CA, USA, May 2023. (Acceptance rate: 17.1%)
  31. Washington Garcia, Pin-Yu Chen, Hamilton Scott Clouse, Somesh Jha, and Kevin Butler. Less is More: Dimension Reduction Finds On-Manifold Adversarial Examples in Hard-Label Attacks. IEEE Conference on Secure and Trustworthy Machine Learning (SatML 2023), Raleigh, NC, USA, February 2023.
  32. Shantanu Ghosh, Zheng Feng, Kevin Butler, and Mattia Prosperi. DR-VIDAL: Doubly Robust Variational Information-theoretic Deep Adversarial Learning for Counterfactual Prediction and Treatment Effect Estimation. 2022 American Medical Informatics Association Annual Symposium (AMIA 2022), Washington, DC, USA, November 2022.
  33. Daniel Olszewski, Weidong Zhu, Sandeep Sathyanarayana, Kevin Butler, and Patrick Traynor. HallMonitor: A Framework for Identifying Network Policy Violations in Software. 2022 IEEE Conference on Communications and Network Security (CNS 2022), Austin, TX, USA, October 2022.
  34. Logan Blue, Kevin Warren, Hadi Abdullah, Cassidy Gibson, Luis Vargas, Jessica O’Dell, Kevin Butler, and Patrick Traynor. Who Are You (I Really Wanna Know)? 31st USENIX Security Symposium (Security’22), Boston, MA, USA, August 2022.
  35. Cassidy Gibson, Vanessa Frost, Katie Platt, Washington Garcia, Luis Vargas, Sara Rampazzi, Vincent Bindschaedler, Patrick Traynor, and Kevin Butler. Analyzing the Monetization Ecosystem of Stalkerware. 22nd Privacy Enhancing Technologies Symposium (PETS 2022), Sydney, Australia, July 2022.
  36. Washington Garcia, Hamilton Scott Clouse, and Kevin Butler. Disentangling Categorization in Multi-agent Emergent Communication. 2022 Conference of the North American Chapter of the Association for Computational Linguistics (NAACL 2022), Seattle, WA, USA, July 2022.
  37. Brendan David-John, Kevin Butler, and Eakta Jain. For Your Eyes Only: Privacy-Preserving Eye-Tracking Datasets. 14th ACM Symposium on Eye Tracking Research and Applications (ETRA 2022), Seattle, WA, USA, June 2022.
  38. Mounir Elbharabawy, Blas Kojusner, Mohammad Mannan, Kevin Butler, Byron Williams, and Amr Youssef. SAUSAGE: Security Analysis of Unix Domain Socket Usage in Android. 7th IEEE European Symposium on Security and Privacy (Euro S&P’22), Genoa, Italy, June 2022. 🏆 Best Paper Finalist
  39. Kyungtae Kim, Taegyu Kim, Ertza Warriach, Byoungyoung Lee, Kevin Butler, Antonio Bianchi, and Dave (Jing) Tian. FuzzUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks. 43rd IEEE Symposium on Security and Privacy (Oakland’22), San Francisco, CA, USA, May 2022.
  40. Grant Hernandez, Marius Muench, Dominik Maier, Alyssa Milburn, Shinjo Park, Tobias Scharnowski, Tyler Tucker, Patrick Traynor, and Kevin Butler. FirmWire: Transparent Dynamic Analysis for Cellular Baseband Firmware. 2022 ISOC Network and Distributed System Security Symposium (NDSS’22), San Diego, CA, USA, April 2022. (Acceptance rate: 16.2%)
  41. Washington Garcia, Animesh Chhotaray, Joseph Choi, Suman Kalyan Adara, Kevin Butler, and Somesh Jha. Brittle Features of Device Authentication. 11th ACM Conference on Data and Application Security and Privacy (CODASPY’21), Virtual, April 2021.
  42. Grant Hernandez, Dave (Jing) Tian, Anurag Vadav, Byron Williams, and Kevin Butler. BigMAC: Fine-Grained Policy Analysis of Android Firmware. 29th USENIX Security Symposium (USENIX Security’20), Boston, MA, USA, August 2020. (Acceptance rate: 16.1%)
  43. Joseph Choi, Dave (Jing) Tian, Grant Hernandez, Christopher Patton, Benjamin Mood, Thomas Shrimpton, Patrick Traynor, and Kevin Butler. A Hybrid Approach to Secure Function Evaluation Using SGX. 14th ACM ASIA Conference on Computer and Communications Security (ASIACCS’19), Auckland, New Zealand, July 2019. (Acceptance rate: 17.0% for full papers)
  44. Vanessa Frost, Dave (Jing) Tian, Christie Ruales, Patrick Traynor, and Kevin Butler. Examining DES-based Cipher Suite Support within the TLS Ecosystem. 14th ACM ASIA Conference on Computer and Communications Security (ASIACCS’19), Auckland, New Zealand, July 2019. (Acceptance rate: 22.0%)
  45. Jasmine Bowers, Imani Sherman, Kevin Butler, and Patrick Traynor. Characterizing Security and Privacy Practices in Emerging Digital Credit Applications. 12th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec’19), Miami, FL, USA, May 2019. (Acceptance rate: 25.9%)
  46. Dave (Jing) Tian, Grant Hernandez, Joseph Choi, Vanessa Frost, Peter Johnson, and Kevin Butler. LBM: A Security Framework for Peripherals within the Linux Kernel. 40th IEEE Symposium on Security and Privacy (Oakland’19), San Francisco, CA, USA, May 2019. (Acceptance rate: 12.0%)
  47. Dave (Jing) Tian, Joseph Choi, Grant Hernandez, Patrick Traynor, and Kevin Butler. A Practical Intel SGX Setting for Linux Containers in the Cloud. 9th ACM Conference on Data and Application Security and Privacy (CODASPY’19), Dallas, TX, USA, March 2019. (Acceptance rate: 23.5%) 🏆 Distinguished Poster Award
  48. Luis Vargas, Gyan Hazarika, Rachel Culpepper, Kevin Butler, Thomas Shrimpton, Doug Szajda, and Patrick Traynor. Mitigating Risk while Complying with Data Retention Laws. 25th ACM Conference on Computer and Communications Security (CCS’18), Toronto, ON, Canada, October 2018. (Acceptance rate: 16.6%)
  49. Dave (Jing) Tian, Grant Hernandez, Joseph Choi, Vanessa Frost, Christie Ruales, Patrick Traynor, Hayawardh Vijaykumar, Lee Harrison, Amir Rahmati, Mike Grace, and Kevin Butler. ATtention Spanned: Comprehensive Vulnerability Analysis of AT Commands Within the Android Ecosystem. 27th USENIX Security Symposium (USENIX Security’18), Baltimore, MD, August 2018. (Acceptance rate: 19.1%)
  50. Dave (Jing) Tian, Nolen Scaife, Deepak Kumar, Michael Bailey, Adam Bates, and Kevin Butler. SoK: "Plug & Pray" Today — Understanding USB Insecurity in Versions 1 through C. 39th IEEE Symposium on Security and Privacy (Oakland’18), San Francisco, CA, May 2018. (Acceptance rate: 11.5%)
  51. Christian Peeters, Hadi Abdullah, Nolen Scaife, Jasmine Bowers, Patrick Traynor, Bradley Reaves, and Kevin Butler. Sonar: Detecting SS7 Redirection Attacks Via Call Audio-Based Distance Bounding. 39th IEEE Symposium on Security and Privacy (Oakland’18), San Francisco, CA, May 2018. (Acceptance rate: 11.5%)
  52. Grant Hernandez, Farhaan Fowze, Dave (Jing) Tian, Tuba Yavuz, and Kevin Butler. FirmUSB: Vetting USB Device Firmware using Domain Informed Symbolic Execution. 24th ACM Conference on Computer and Communications Security (CCS’17), Dallas, TX, USA, October 2017. (Acceptance rate: 18.1%)
  53. Robert Karam, Tamzidul Hoque, Kevin Butler, and Swarup Bhunia. Mixed-Granular Architectural Diversity for Device Security in the Internet of Things. Asian Hardware Oriented Security and Trust Symposium (AsianHOST 2017), Beijing, China, October 2017.
  54. Tyler Ward, Joseph Choi, Kevin Butler, John M. Shea, Patrick Traynor, and Tan Wong. Privacy Preserving Localization Using a Distributed Particle Filtering Protocol. IEEE MILCOM, Baltimore, MD, October 2017.
  55. Jasmine Bowers, Bradley Reaves, Imani N. Sherman, Patrick Traynor, and Kevin Butler. Regulators, Mount Up! Analysis of Privacy Policies for Mobile Money Services. 13th Symposium on Usable Privacy and Security (SOUPS 2017), Santa Clara, CA, July 2017. (Acceptance rate: 26.5%)
  56. Adam Bates, Wajih Ul Hassan, Kevin Butler, Alin Dobra, Brad Reaves, Patrick Cable, Thomas Moyer, and Nabil Schear. Transparent Web Service Auditing via Network Provenance Functions. 26th World Wide Web Conference (WWW 2017), Perth, Australia, April 2017. (Acceptance rate: 17.0%)
  57. Sriharsha Etigowni, Dave (Jing) Tian, Grant Hernandez, Saman Zonouz, and Kevin Butler. CPAC: Securing Critical Infrastructure with Cyber-Physical Access Control. 32nd Annual Computer Security Applications Conference (ACSAC 2016), Los Angeles, CA, USA, December 2016. (Acceptance rate: 22.8%)
  58. Thomas Moyer, Patrick Cable, Karishma Chadha, Robert Cunningham, Nabil Schear, Warren Smith, Adam Bates, Kevin Butler, Frank Capobianco, and Trent Jaeger. Leveraging Data Provenance to Enhance Cyber Resilience. 1st IEEE Cybersecurity Development Conference (SecDev 2016), Boston, MA, USA, November 2016. (Acceptance rate: 52.2%)
  59. Dave (Jing) Tian, Adam Bates, Kevin Butler, and Raju Rangaswami. ProvUSB: Block-level Provenance-Based Data Protection for USB Storage Devices. 23rd ACM Conference on Computer and Communications Security (CCS’16), Vienna, Austria, October 2016. (Acceptance rate: 16.5%)
  60. Dave (Jing) Tian, Nolen Scaife, Adam Bates, Kevin Butler, and Patrick Traynor. Making USB Great Again with USBFILTER. 25th USENIX Security Symposium (USENIX Security’16), Austin, TX, USA, August 2016. (Acceptance rate: 15.5%)
  61. Bradley Reaves, Logan Blue, Dave Tian, Patrick Traynor, and Kevin Butler. Detecting SMS Spam in the Age of Legitimate Bulk Messaging. 9th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec’16), Darmstadt, Germany, July 2016. (Acceptance rate: 35.0%)
  62. Nolen Scaife, Henry Carter, Patrick Traynor, and Kevin Butler. CryptoLock (and Drop It): Stopping Ransomware Attacks on User Data. 36th IEEE International Conference on Distributed Computing Systems (ICDCS 2016), Nara, Japan, June 2016. (Acceptance rate: 17.6%)
  63. Bradley Reaves, Dave Tian, Nolen Scaife, Logan Blue, Patrick Traynor, and Kevin Butler. Sending Out an SMS: Characterizing the Security of the SMS Ecosystem with Public Gateways. 2016 IEEE Symposium on Security and Privacy (Oakland’16), San Jose, CA, USA, May 2016. (Acceptance rate: 13.3%)
  64. Benjamin Mood, Debayan Gupta, Henry Carter, Kevin Butler, and Patrick Traynor. Frigate: A Validated, Extensible, and Efficient Compiler and Interpreter for Secure Computation. 1st IEEE European Symposium on Security and Privacy (Euro S&P 2016), Saarbrücken, Germany, March 2016. (Acceptance rate: 17.3%)
  65. Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler. Outsourcing Secure Two-Party Computation as a Black Box. 14th International Conference on Cryptology and Network Security (CANS 2015), Marrakesh, Morocco, December 2015. (Acceptance rate: 52.9%)
  66. Jing (Dave) Tian, Adam Bates, and Kevin Butler. Defending Against Malicious USB Firmware with GoodUSB. 31st Annual Computer Security Applications Conference (ACSAC 2015), Los Angeles, CA, USA, December 2015. (Acceptance rate: 24.4%)
  67. Adam Bates, Dave Tian, Kevin Butler, and Thomas Moyer. Trustworthy Whole-System Provenance for the Linux Kernel. 24th USENIX Security Symposium (Security’15), Washington, DC, USA, August 2015. (Acceptance rate: 15.7%)
  68. Bradley Reaves, Nolen Scaife, Adam Bates, Patrick Traynor, and Kevin Butler. Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications in the Developing World. 24th USENIX Security Symposium (Security’15), Washington, DC, USA, August 2015. (Acceptance rate: 15.7%)
  69. Ethan Shernan, Henry Carter, Dave Tian, Patrick Traynor, and Kevin Butler. More Guidelines Than Rules: CSRF Vulnerabilities from Noncompliant OAuth 2.0 Implementations. International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), Milan, Italy, July 2015. (Acceptance rate: 22.7%)
  70. Jing (Dave) Tian, Kevin Butler, Patrick McDaniel, and Padma Krishnaswamy. Securing ARP from the Ground Up. 5th ACM Conference on Data and Application Security and Privacy (CODASPY 2015), San Antonio, TX, USA, March 2015. (Acceptance rate: 33.3%)
  71. Benjamin Mood, Debayan Gupta, Kevin Butler, and Joan Feigenbaum. Reuse It Or Lose It: More Efficient Secure Computation Through Reuse of Encrypted Values. 21st ACM Conference on Computer and Communications Security (CCS’14), Scottsdale, AZ, USA, November 2014. (Acceptance rate: 19.5%)
  72. Adam Bates, Joe Pletcher, Tyler Nichols, Braden Hollembaek, Dave Tian, Abdulrahman Alkhelaifi, and Kevin Butler. Securing SSL Certificate Verification through Dynamic Linking. 21st ACM Conference on Computer and Communications Security (CCS’14), Scottsdale, AZ, USA, November 2014. (Acceptance rate: 19.5%)
  73. Adam Bates, Joe Pletcher, Tyler Nichols, Braden Hollembaek, and Kevin Butler. Forced Perspectives: Evaluating an SSL Trust Enhancement at Scale. 2014 ACM Internet Measurement Conference (IMC’14), Vancouver, BC, Canada, November 2014. (Acceptance rate: 22.9%)
  74. Adam Bates, Ryan Leonard, Hannah Pruse, Daniel Lowd, and Kevin Butler. Leveraging USB to Establish Host Identity Using Commodity Devices. 21st ISOC Network and Distributed System Security Symposium (NDSS’14), San Diego, CA, USA, February 2014. (Acceptance rate: 18.6%)
  75. Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler. Secure Outsourced Garbled Circuit Evaluation for Mobile Devices. 22nd USENIX Security Symposium (Security’13), Washington, DC, USA, August 2013. (Acceptance rate: 16.2%)
  76. Benjamin Kreuter, abhi shelat, Benjamin Mood, and Kevin Butler. PCF: A Portable Circuit Format For Scalable Two-Party Secure Computation. 22nd USENIX Security Symposium (Security’13), Washington, DC, USA, August 2013. (Acceptance rate: 16.2%)
  77. Adam Bates, Benjamin Mood, Masoud Valafar, and Kevin Butler. An Infrastructure for Provenance-Based Access Control in Cloud Environments. 3rd ACM Conference on Data and Application Security and Privacy (CODASPY 2013), San Antonio, TX, USA, February 2013. (Acceptance rate: 31.8%)
  78. Vasant Tendulkar, Joe Pletcher, Ashwin Shashidharan, Ryan Snyder, Kevin Butler, and William Enck. Abusing Cloud-based Browsers for Fun and Profit. 28th Annual Computer Security Applications Conference (ACSAC 2012), Orlando, FL, USA, December 2012. (Acceptance rate: 19.0%)
  79. Devin J. Pohly, Stephen McLaughlin, Patrick McDaniel, and Kevin Butler. Hi-Fi: Collecting High-Fidelity Whole-System Provenance. 28th Annual Computer Security Applications Conference (ACSAC 2012), Orlando, FL, USA, December 2012. (Acceptance rate: 19.0%)
  80. Benjamin Mood, Lara Letaw, and Kevin Butler. Memory-Efficient Garbled Circuit Generation for Mobile Devices. 16th IFCA International Conference on Financial Cryptography and Data Security (FC’12), Bonaire, February 2012. (Acceptance rate: 26.1%)
  81. Adam Bates, Kevin Butler, Micah Sherr, Clay Shields, Patrick Traynor, and Dan Wallach. Accountable Wiretapping — or — I Know That They Can Hear You Now. 19th ISOC Network and Distributed System Security Symposium (NDSS 2012), San Diego, CA, USA, February 2012. (Acceptance rate: 17.8%)
  82. Kevin Butler, Stephen McLaughlin, and Patrick McDaniel. Kells: A Protection Framework for Portable Data. 26th Annual Computer Security Applications Conference (ACSAC 2010), Austin, TX, USA, December 2010. (Acceptance rate: 16.3%)
  83. Machigar Ongtang, Kevin Butler, and Patrick McDaniel. Porscha: Policy Oriented Secure Content Handling in Android. 26th Annual Computer Security Applications Conference (ACSAC 2010), Austin, TX, USA, December 2010. (Acceptance rate: 16.3%)
  84. Thomas Moyer, Kevin Butler, Joshua Schiffman, Patrick McDaniel, and Trent Jaeger. Scalable Asynchronous Web Content Attestation. 25th Annual Computer Security Applications Conference (ACSAC 2009), Honolulu, HI, USA, December 2009. (Acceptance rate: 19.0%)
  85. William Enck, Kevin Butler, Thomas Richardson, Patrick McDaniel, and Adam Smith. Defending Against Attacks on Main Memory Persistence. 24th Annual Computer Security Applications Conference (ACSAC 2008), Anaheim, CA, USA, December 2008. (Acceptance rate: 24.3%)
  86. Kevin Butler, Stephen McLaughlin, and Patrick McDaniel. Rootkit-Resistant Disks. 15th ACM Conference on Computer and Communications Security (CCS’08), Alexandria, VA, USA, November 2008. (Acceptance rate: 18.1%)
  87. Patrick Traynor, Kevin Butler, William Enck, and Patrick McDaniel. Realizing Massive-Scale Conditional Access Systems Through Attribute-Based Cryptosystems. 15th Annual Network and Distributed System Security Symposium (NDSS’08), San Diego, CA, USA, February 2008. (Acceptance rate: 17.8%)
  88. Dhananjay Bapat, Kevin Butler, and Patrick McDaniel. Towards Automatic Privilege Separation. Third International Conference on Information Systems Security (ICISS 2007), Delhi, India, December 2007. (Acceptance rate: 25.0%)
  89. Lisa Johansen, Kevin Butler, Michael Rowell, and Patrick McDaniel. Email Communities of Interest. Fourth Conference on Email and Anti-Spam (CEAS 2007), Mountain View, CA, USA, August 2007. (Acceptance rate: 19.0%)
  90. Anusha Sriraman, Kevin Butler, Patrick McDaniel, and Padma Raghavan. Analysis of the IPv4 Address Delegation Structure. IEEE Symposium on Computers and Communications (ISCC’07), Aveiro, Portugal, July 2007. (Acceptance rate: 40%)
  91. Sunam Ryu, Kevin Butler, Patrick Traynor, and Patrick McDaniel. Leveraging Identity-Based Cryptography for Node ID Assignment in Structured P2P Systems. 3rd IEEE International Symposium on Security in Networks and Distributed Systems (SSNDS’07), Niagara Falls, ON, Canada, May 2007. (Acceptance rate: 40%)
  92. Kevin Butler, Patrick Traynor, William Enck, Jennifer Plasterr, and Patrick McDaniel. Privacy Preserving Web-Based Email. 2nd International Conference on Information Systems Security (ICISS 2006), Kolkata, India, December 2006. (Acceptance rate: 30.4%)
  93. Kevin Butler, Patrick McDaniel, and William Aiello. Optimizing BGP Security by Exploiting Path Stability. 13th ACM Conference on Computer and Communications Security (CCS’06), Alexandria, VA, USA, November 2006. (Acceptance rate: 14.8%)
  94. Trent Jaeger, Kevin Butler, David King, Serge Hallyn, Joy Latten, and Xiolan Zhang. Leveraging IPsec for Distributed Authorization. 2nd IEEE Communications Society/CreateNet International Conference on Security and Privacy in Communication Networks (SecureComm’06), Baltimore, MD, USA, August 2006. (Acceptance rate: 25.4%)
  95. Kevin Butler and Patrick McDaniel. Understanding Mutable Internet Pathogens, or How I Learned to Stop Worrying and Love Parasitic Behavior. 1st International Conference on Information Systems Security (ICISS 2005), Kolkata, India, December 2005. (Invited paper)

Workshop Publications

  1. Jennifer Sheldon, Weidong Zhu, Adnan Abdulla, Kevin Butler, Md Jahidul Islam, and Sara Rampazzi. Position: Deep Note: Can Acoustic Interference Damage the Availability of Hard Disk Storage in Underwater Data Centers? 15th ACM Workshop on Hot Topics in Storage and File Systems (HotStorage 2023), Boston, MA, USA, July 2023. 🏆 Best Paper Award
  2. Brendan David-John, Diane Hosfelt, Kevin Butler, and Eakta Jain. Let’s SOUP Up XR: Collected thoughts from an IEEE VR workshop on privacy in mixed reality. 1st International Workshop on Security for XR and XR for Security (VR4Sec), in conjunction with SOUPS 2021, virtual event, August 2021.
  3. Sushrut Shringarputale, Patrick McDaniel, Kevin Butler, and Thomas La Porta. Co-residency Attacks on Containers are Real. 2020 ACM Cloud Computing Security Workshop (CCSW’20), Orlando, FL, USA, November 2020.
  4. Suman Adari, Washington Garcia, and Kevin Butler. Adversarial Video Captioning. 2019 Dependable and Secure Machine Learning Workshop (DSML’19), Portland, OR, USA, June 2019.
  5. Siddhant Deshmukh, Henry Carter, Grant Hernandez, Patrick Traynor, and Kevin Butler. Efficient and Secure Template Blinding for Biometric Authentication. 2nd IEEE Workshop on Security and Privacy in the Cloud (SPC 2016), Philadelphia, PA, USA, October 2016.
  6. Debayan Gupta, Benjamin Mood, Joan Feigenbaum, Kevin Butler, and Patrick Traynor. Using Intel Software Guard Extensions for Efficient Two-Party Secure Function Evaluation. 2016 Workshop on Encrypted Computing and Applied Homomorphic Cryptography (WAHC’16), Barbados, February 2016.
  7. Adam Bates, Kevin Butler, and Thomas Moyer. Take Only What You Need: Leveraging Mandatory Access Control Policy to Reduce Provenance Storage Costs. 7th International Workshop on Theory and Practice of Provenance (TaPP’15), Edinburgh, Scotland, July 2015.
  8. Adam Bates, Kevin Butler, Andreas Haeberlen, Micah Sherr, and Wenchao Zhou. Let SDN Be Your Eyes: Secure Forensics in Data Center Networks. NDSS Workshop on Security of Emerging Network Technologies (SENT), San Diego, CA, USA, February 2014.
  9. Matt Bishop, Carrie Gates, Steven Greenspan, Kevin Butler, and Emily Rine Butler. Forgive and Forget: Return to Obscurity. 2013 New Security Paradigms Workshop (NSPW), Banff, AB, Canada, September 2013.
  10. Peter McKay, Bryan Clement, Sean Haverty, Elijah Newton, and Kevin Butler. Read My Lips: Towards Use of the Microsoft Kinect as a Visual-Only Automatic Speech Recognizer. 2013 Workshop on Home Usable Privacy and Security (HUPS), Newcastle, UK, July 2013.
  11. Adam Bates, Benjamin Mood, Joe Pletcher, Hannah Pruse, Masoud Valafar, and Kevin Butler. Detecting Co-Residency with Active Traffic Analysis Techniques. 4th ACM Cloud Computing Security Workshop (CCSW 2012), Raleigh, NC, USA, October 2012. (Acceptance rate: 12.0% full papers, 22.0% overall)
  12. Lara Letaw, Joe Pletcher, and Kevin Butler. Host Identification via USB Fingerprinting. 6th IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE 2011), Oakland, CA, USA, May 2011. (Acceptance rate: 34.8%)
  13. Patrick McDaniel, Kevin Butler, Stephen McLaughlin, Radu Sion, Erez Zadok, and Marianne Winslett. Towards a Secure and Efficient System for End-to-End Provenance. 2nd USENIX Workshop on the Theory and Practice of Provenance (TaPP’10), San Jose, CA, USA, February 2010.
  14. Kevin Butler and Petros Efstathopoulos. U Can’t Touch This: Block-Level Protection for Portable Storage. International Workshop on Software Support for Portable Storage (IWSSPS 2009), Grenoble, France, October 2009.
  15. Kevin Butler, William Enck, Harri Hursti, Stephen McLaughlin, Patrick Traynor, and Patrick McDaniel. Systemic Issues in the Hart InterCivic and Premier Voting Systems: Reflections Following Project EVEREST. 2008 USENIX/ACCURATE Electronic Voting Technology Workshop (EVT’08), San Jose, CA, USA, July 2008.
  16. Kevin Butler, Stephen McLaughlin, and Patrick McDaniel. Non-Volatile Memory and Disks: Avenues for Policy Architectures. 1st Computer Security Architecture Workshop (CSAW 2007), Alexandria, VA, USA, November 2007.
  17. Shiva Chaitanya, Kevin Butler, Anand Sivasubramaniam, Patrick McDaniel, and Murali Vilayannur. Design, Implementation and Evaluation of Security in iSCSI-based Network Storage Systems. 2nd International Workshop on Storage Security and Survivability (StorageSS 2006), Alexandria, VA, USA, October 2006.
  18. Kevin Butler and Patrick McDaniel. Testing Large Scale BGP Security in Replayable Network Environments. DETER Community Workshop on Cyber Security Experimentation and Test, Arlington, VA, USA, June 2006.
  19. Kevin Butler, Sophie Qiu, and Patrick McDaniel. BGPRV: Retrieving and Processing BGP Data with Efficiency and Convenience. DETER Community Workshop on Cyber Security Experimentation and Test, Arlington, VA, USA, June 2006.

Other Publications

  1. Kevin Butler, Leon Perlman, Paul Makin, Henry Gerwitz, Patrick Traynor, Yury Grin, Evgeniy Bondarenko, and Richard Miller. Security Aspects of Digital Financial Services (DFS). ITU-T FG-DFS: Telecommunication Standardization Sector of the International Telecommunication Union, Focus Group on Digital Financial Services. Focus Group Technical Report, January 2017.
  2. Patrick McDaniel, Kevin Butler, William Enck, Harri Hursti, Stephen McLaughlin, Patrick Traynor, Matt Blaze, Adam Aviv, Pavol Cerny, Sandy Clark, Eric Cronin, Gaurav Shah, Micah Sherr, Giovanni Vigna, Richard Kemmerer, David Balzarotti, Greg Banks, Marco Cova, Viktoria Felmetsger, William Robertson, Fredrik Valeur, Joseph Lorenzo Hall, and Laura Quilter. EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing. Public Report, Ohio Secretary of State, 2007.
  3. Kevin Butler. 18th USENIX Security Symposium Conference Summaries. USENIX ;login Magazine, December 2009.
  4. Kevin Butler. 16th USENIX Security Symposium Conference Summaries. USENIX ;login Magazine, December 2007.
  5. Kevin Butler. 15th USENIX Security Symposium Conference Summaries. USENIX ;login Magazine, December 2006.
  6. Kevin Butler. 14th USENIX Security Symposium Conference Summaries. USENIX ;login Magazine, December 2005.

Technical Reports

  1. Kevin Butler and Petros Efstathopoulos. U Can’t Touch This: Block-Level Protection for Portable Storage. Technical Report Symantec-SRL/MV2009-11, Symantec Research Labs, Mountain View, CA, June 2009.
  2. Kevin Butler, Stephen McLaughlin, Thomas Moyer, Joshua Schiffman, Patrick McDaniel, and Trent Jaeger. Firma: Disk-Based Foundations for Trusted Operating Systems. Technical Report NAS-TR-0114-2009, Networking and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, May 2009.
  3. Kevin Butler, Stephen McLaughlin, Thomas Moyer, Patrick McDaniel, and Trent Jaeger. SwitchBlade: Policy-Driven Disk Segmentation. Technical Report NAS-TR-0098-2008, Networking and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, November 2008.
  4. Lisa Johansen, Kevin Butler, William Enck, Patrick Traynor, and Patrick McDaniel. Grains of SANs: Building Storage Area Networks from Memory Spots. Technical Report NAS-TR-0060-2006, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, January 2007.
  5. Kevin Butler, Stephen McLaughlin, Patrick McDaniel, and Youngjae Kim. Autonomously Secure Disks. Technical Report NAS-TR-0072-2007, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, May 2007. (Updated September 2007.)
  6. Luke St. Clair, Lisa Johansen, Kevin Butler, William Enck, Matthew Pirretti, Patrick Traynor, Patrick McDaniel, and Trent Jaeger. Password Exhaustion: Predicting the End of Password Usefulness. Technical Report NAS-TR-0030-2006, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, May 2006. (Updated January 2007.)