Sean W. Smith

Orcid: 0000-0001-5995-574X

Affiliations:
  • Dartmouth College, Hanover, USA


According to our database1, Sean W. Smith authored at least 150 papers between 1991 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
The HTTP Garden: Discovering Parsing Vulnerabilities in HTTP/1.1 Implementations by Differential Fuzzing of Request Streams.
CoRR, 2024

Parsing, Performance, and Pareto in Data Stream Security.
Proceedings of the IEEE Security and Privacy, 2024

Weird Machines in Package Managers: A Case Study of Input Language Complexity and Emergent Execution in Software Systems.
Proceedings of the IEEE Security and Privacy, 2024

2023
A Survey of Parser Differential Anti-Patterns.
Proceedings of the 2023 IEEE Security and Privacy Workshops (SPW), 2023

2022
Capturing the iccMAX calculatorElement: A Case Study on Format Design.
Proceedings of the 43rd IEEE Security and Privacy, 2022

A Secure Parser Generation Framework for IoT Protocols on Microcontrollers.
Proceedings of the 43rd IEEE Security and Privacy, 2022

2021
What We Have Here Is Failure to Validate: Summer of LangSec.
IEEE Secur. Priv., 2021

Research Report: Parsing PEGs with Length Fields in Software and Hardware.
Proceedings of the IEEE Security and Privacy Workshops, 2021

A Communications Validity Detector for SCADA Networks.
Proceedings of the Critical Infrastructure Protection XV, 2021

2020
Securing the Internet of Things: An Ongoing Challenge.
Computer, 2020

Research Report: The Parsley Data Format Definition Language.
Proceedings of the 2020 IEEE Security and Privacy Workshops, 2020

Armor Within: Defending Against Vulnerabilities in Third-Party Libraries.
Proceedings of the 2020 IEEE Security and Privacy Workshops, 2020

Ghostbusting: mitigating spectre with intraprocess memory isolation.
Proceedings of the 7th Annual Symposium on Hot Topics in the Science of Security, 2020

Eyes on URLs: Relating Visual Behavior to Safety Decisions.
Proceedings of the ETRA '20: 2020 Symposium on Eye Tracking Research and Applications, 2020

Distributed IoT Attestation via Blockchain.
Proceedings of the 20th IEEE/ACM International Symposium on Cluster, 2020

2019
The Internet of Things: Security Challenges.
IEEE Secur. Priv., 2019

Human-Computability Boundaries.
Proceedings of the Security Protocols XXVII, 2019

Mismorphism: The Heart of the Weird Machine.
Proceedings of the Security Protocols XXVII, 2019

Scalable Identity and Key Management for Publish-Subscribe Protocols in the Internet-of-Things.
Proceedings of the 9th International Conference on the Internet of Things, 2019

Converting an Electric Power Utility Network to Defend Against Crafted Inputs.
Proceedings of the Critical Infrastructure Protection XIII, 2019

Dynamic Repair of Mission-Critical Applications with Runtime Snap-Ins.
Proceedings of the Critical Infrastructure Protection XIII, 2019

2018
PhasorSec: Protocol Security Filters for Wide Area Measurement Systems.
Proceedings of the 2018 IEEE International Conference on Communications, 2018

Going Dark: A Retrospective on the North American Blackout of 2038.
Proceedings of the New Security Paradigms Workshop, 2018

Reinventing the privilege drop: how principled preservation of programmer intent would prevent security bugs.
Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security, 2018

2017
Modeling Aggregate Security with User Agents that Employ Password Memorization Techniques.
Proceedings of the Thirteenth Symposium on Usable Privacy and Security, 2017

Protecting Against Malicious Bits On the Wire: Automatically Generating a USB Protocol Parser for a Production Kernel.
Proceedings of the 33rd Annual Computer Security Applications Conference, 2017

2016
Beliefs about Cybersecurity Rules and Passwords: A Comparison of Two Survey Samples of Cybersecurity Professionals Versus Regular Users.
Proceedings of the Workshop on Security Fatigue, 2016

Invisible and forgotten: Zero-day blooms in the IoT.
Proceedings of the 2016 IEEE International Conference on Pervasive Computing and Communication Workshops, 2016

I Am Joe's Fridge: Scalable Identity in the Internet of Things.
Proceedings of the 2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, 2016

Implementing a vertically hardened DNP3 control stack for power applications.
Proceedings of the 2nd Annual Industrial Control System Security Workshop, 2016

Validating an Agent-Based Model of Human Password Behavior.
Proceedings of the Artificial Intelligence for Cyber Security, 2016

2015
Never Mind Pearl Harbor-What about a Cyber Love Canal?
IEEE Secur. Priv., 2015

Solving the Grid Defender's Dilemma: Tamper Protection for Distributed Cyber-Physical Systems.
Proceedings of the SECRYPT 2015, 2015

Workarounds to Computer Access in Healthcare Organizations: You Want My Password or a Dead Patient?
Proceedings of the Driving Quality in Informatics: Fulfilling the Promise, 2015

Mismorphism: a semiotic model of computer security circumvention (poster abstract).
Proceedings of the 2015 Symposium and Bootcamp on the Science of Security, 2015

Measuring the security impacts of password policies using cognitive behavioral agent-based modeling.
Proceedings of the 2015 Symposium and Bootcamp on the Science of Security, 2015

Mismorphism: a Semiotic Model of Computer Security Circumvention.
Proceedings of the Ninth International Symposium on Human Aspects of Information Security & Assurance, 2015

2014
Healthcare information technology's relativity problems: a typology of how patients' physical reality, clinicians' mental models, and healthcare information technology differ.
J. Am. Medical Informatics Assoc., 2014

2013
Privacy-preserving screen capture: Towards closing the loop for health IT usability.
J. Biomed. Informatics, 2013

Circumvention of Security: Good Users Do Bad Things.
IEEE Secur. Priv., 2013

Securing Information Technology in Healthcare.
IEEE Secur. Priv., 2013

"Weird Machines" in ELF: A Spotlight on the Underappreciated Metadata.
Proceedings of the 7th USENIX Workshop on Offensive Technologies, 2013

The Page-Fault Weird Machine: Lessons in Instruction-less Computation.
Proceedings of the 7th USENIX Workshop on Offensive Technologies, 2013

Electronic Prescription for Controlled Substances: A Cybersecurity Perspective.
Proceedings of the 2013 USENIX Workshop on Health Information Technologies, 2013

2012
Intrusion detection for resource-constrained embedded control systems in the power grid.
Int. J. Crit. Infrastructure Prot., 2012

Security and Cognitive Bias: Exploring the Role of the Mind.
IEEE Secur. Priv., 2012

Access Control Hygiene and the Empathy Gap in Medical IT.
Proceedings of the 3rd USENIX Workshop on Health Security and Privacy, 2012

XUTools: Unix Commands for Processing Next-Generation Structured Text.
Proceedings of the Strategies, 2012

Cryptographic scalability challenges in the smart grid (extended abstract).
Proceedings of the IEEE PES Innovative Smart Grid Technologies Conference, 2012

Api-do: Tools for Exploring the Wireless Attack Surface in Smart Meters.
Proceedings of the 45th Hawaii International International Conference on Systems Science (HICSS-45 2012), 2012

2011
Zeroization.
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

Tamper Evidence.
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

Secure Coprocessor.
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

Logic Bomb.
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

Dynamic Root of Trust.
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

Attestation.
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

Nymble: Blocking Misbehaving Users in Anonymizing Networks.
IEEE Trans. Dependable Secur. Comput., 2011

Room at the Bottom: Authenticated Encryption on Slow Legacy Networks.
IEEE Secur. Priv., 2011

Using Hierarchical Change Mining to Manage Network Security Policy Evolution.
Proceedings of the USENIX Workshop on Hot Topics in Management of Internet, 2011

Identifying Vulnerabilities in SCADA Systems via Fuzz-Testing.
Proceedings of the Critical Infrastructure Protection V, 2011

Lightweight Intrusion Detection for Resource-Constrained Embedded Control Systems.
Proceedings of the Critical Infrastructure Protection V, 2011

2010
BLAC: Revoking Repeatedly Misbehaving Anonymous Users without Relying on TTPs.
ACM Trans. Inf. Syst. Secur., 2010

Finding the PKI needles in the Internet haystack.
J. Comput. Secur., 2010

Katana: Towards Patching as a Runtime Part of the Compiler-Linker-Loader Toolchain.
Int. J. Secur. Softw. Eng., 2010

What's Wrong with Access Control in the Real World?
IEEE Secur. Priv., 2010

Dr. Jekyll or Mr. Hyde: Information Security in the Ecosystem of Healthcare.
Proceedings of the 1st USENIX Workshop on Health Security and Privacy, 2010

VM-based security overkill: a lament for applied systems security research.
Proceedings of the 2010 Workshop on New Security Paradigms, 2010

High Security with Low Latency in Legacy SCADA Systems.
Proceedings of the Critical Infrastructure Protection IV, 2010

Computational techniques for increasing PKI policy comprehension by human analysts.
Proceedings of the 9th Symposium on Identity and Trust on the Internet, 2010

PorKI: Portable PKI Credentials via Proxy Certificates.
Proceedings of the Public Key Infrastructures, Services and Applications, 2010

The diversity of TPMs and its effects on development: a case study of integrating the TPM into OpenSolaris.
Proceedings of the fifth ACM workshop on Scalable trusted computing, 2010

Small, stupid, and scalable: secure computing with faerieplay.
Proceedings of the fifth ACM workshop on Scalable trusted computing, 2010

Trusted virtual containers on demand.
Proceedings of the fifth ACM workshop on Scalable trusted computing, 2010

Katana: A Hot Patching Framework for ELF Executables.
Proceedings of the ARES 2010, 2010

2009
Interoperable PKI Data Distribution in Computational Grids.
Int. J. Grid High Perform. Comput., 2009

The effects of introspection on creating privacy policy.
Proceedings of the 2009 ACM Workshop on Privacy in the Electronic Society, 2009

A Computational Framework for Certificate Policy Operations.
Proceedings of the Public Key Infrastructures, Services and Applications, 2009

ABUSE: PKI for Real-World Email Trust.
Proceedings of the Public Key Infrastructures, Services and Applications, 2009

The cake is a lie: privilege rings as a policy resource.
Proceedings of the 1st ACM Workshop on Virtual Machine Security, 2009

2008
Preventative Directions For Insider Threat Mitigation Via Access Control.
Proceedings of the Insider Attack and Cyber Security - Beyond the Hacker, 2008

Virtualization and Security: Back to the Future.
IEEE Secur. Priv., 2008

Why Do Street-Smart People Do Stupid Things Online?
IEEE Secur. Priv., 2008

TwoKind authentication: protecting private information in untrustworthy environments.
Proceedings of the 2008 ACM Workshop on Privacy in the Electronic Society, 2008

TOCTOU, Traps, and Trusted Computing.
Proceedings of the Trusted Computing, 2008

YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems.
Proceedings of The IFIP TC-11 23rd International Information Security Conference, 2008

Combating Spam and Denial-of-Service Attacks with Trusted Puzzle Solvers.
Proceedings of the Information Security Practice and Experience, 2008

Secure Cryptographic Precomputation with Insecure Memory.
Proceedings of the Information Security Practice and Experience, 2008

PEACHES and Peers.
Proceedings of the Public Key Infrastructure, 2008

PEREA: towards practical TTP-free revocation in anonymous authentication.
Proceedings of the 2008 ACM Conference on Computer and Communications Security, 2008

Traps, events, emulation, and enforcement: managing the yin and yang of virtualization-based security.
Proceedings of the 1st ACM Workshop on Virtual Machine Security, 2008

Extending PKI Interoperability in Computational Grids.
Proceedings of the 8th IEEE International Symposium on Cluster Computing and the Grid (CCGrid 2008), 2008

PPAA: Peer-to-Peer Anonymous Authentication.
Proceedings of the Applied Cryptography and Network Security, 6th International Conference, 2008

The Craft of System Security
Addison-Wesley, ISBN: 978-0-321-43483-8, 2008

2007
Towards usefully secure email.
IEEE Technol. Soc. Mag., 2007

TwoKind authentication: usable authenticators for untrustworthy environments.
Proceedings of the 3rd Symposium on Usable Privacy and Security, 2007

Nymble: Anonymous IP-Address Blocking.
Proceedings of the Privacy Enhancing Technologies, 7th International Symposium, 2007

Attribute-Based Publishing with Hidden Credentials and Hidden Policies.
Proceedings of the Network and Distributed System Security Symposium, 2007

Batch Pairing Delegation.
Proceedings of the Advances in Information and Computer Security, 2007

Information Risk in Financial Institutions: Field Study and Research Roadmap.
Proceedings of the Enterprise Applications and Services in the Finance Industry, 2007

WSKE: Web Server Key Enabled Cookies.
Proceedings of the Financial Cryptography and Data Security, 2007

AutoPKI: A PKI Resources Discovery System.
Proceedings of the Public Key Infrastructure, 2007

Blacklistable anonymous credentials: blocking misbehaving users without ttps.
Proceedings of the 2007 ACM Conference on Computer and Communications Security, 2007

Pastures: Towards Usable Security Policy Engineering.
Proceedings of the The Second International Conference on Availability, 2007

2006
Distributing security-mediated PKI.
Int. J. Inf. Sec., 2006

Modeling and Evaluation of Certification Path Discovery in the Emerging Global PKI.
Proceedings of the Public Key Infrastructure, 2006

2005
Trusted paths for browsers.
ACM Trans. Inf. Syst. Secur., 2005

The performance impact of BGP security.
IEEE Netw., 2005

Pretending that Systems Are Secure.
IEEE Secur. Priv., 2005

Turing is from Mars, Shannon is from Venus: Computer Science and Computer Engineering.
IEEE Secur. Priv., 2005

The TIPPI Point: Toward Trustworthy Interfaces.
IEEE Secur. Priv., 2005

Protecting Client Privacy with Trusted Computing at the Server.
IEEE Secur. Priv., 2005

Keyjacking: the surprising insecurity of client-side SSL.
Comput. Secur., 2005

SHEMP: Secure Hardware Enhanced MyProxy.
Proceedings of the Third Annual Conference on Privacy, 2005

The Dartmouth Green Grid.
Proceedings of the Computational Science, 2005

Modeling Public Key Infrastructures in the Real World.
Proceedings of the Public Key Infrastructure, 2005

CA-in-a-Box.
Proceedings of the Public Key Infrastructure, 2005

Aggregated path authentication for efficient BGP security.
Proceedings of the 12th ACM Conference on Computer and Communications Security, 2005

PorKI: Making User PKI Safe on Machines of Heterogeneous Trustworthiness.
Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC 2005), 2005

Trusted Computing Platforms - Design and Applications.
Springer, ISBN: 978-0-387-23916-3, 2005

2004
Evaluation of efficient security for BGP route announcements using parallel simulation.
Simul. Model. Pract. Theory, 2004

Outbound authentication for programmable secure coprocessors.
Int. J. Inf. Sec., 2004

Grand Challenges in Information Security: Process and Output.
IEEE Secur. Priv., 2004

Magic Boxes and Boots: Security in Hardware.
Computer, 2004

Design and Prototype of a Coercion-Resistant, Verifiable Electronic Voting System.
Proceedings of the Second Annual Conference on Privacy, 2004

Private Information Storage with Logarithm-Space Secure Hardware.
Proceedings of the Information Security Management, Education and Privacy, 2004

Detecting Unauthorized Use in Online Journal Archives: A Case Study.
Proceedings of the IADIS International Conference WWW/Internet 2004, 2004

Using SPKI/SDSI for Distributed Maintenance of Attribute Release Policies in Shibboleth.
Proceedings of the IADIS International Conference WWW/Internet 2004, 2004

Distributing Security-Mediated PKI.
Proceedings of the Public Key Infrastructure, 2004

Flexible and Scalable Public Key Security for SSH.
Proceedings of the Public Key Infrastructure, 2004

Open-Source Applications of TCPA Hardware.
Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC 2004), 2004

2003
Using caching for browsing anonymity.
SIGecom Exch., 2003

A Funny Thing Happened on the Way to the Marketplace.
IEEE Secur. Priv., 2003

Humans in the Loop: Human-Computer Interaction and Security.
IEEE Secur. Priv., 2003

Fairy Dust, Secrets, and the Real World.
IEEE Secur. Priv., 2003

2002
Trusted Paths for Browsers.
Proceedings of the 11th USENIX Security Symposium, 2002

Prototyping an Armored Data Vault: Rights Management on Big Brother's Computer.
Proceedings of the Privacy Enhancing Technologies, Second International Workshop, 2002

Digital signatures and electronic documents: a cautionary tale.
Proceedings of the Advanced Communications and Multimedia Security, 2002

2001
WebALPS: a survey of E-commerce privacy and security applications.
SIGecom Exch., 2001

Practical server privacy with secure coprocessors.
IBM Syst. J., 2001

Building the IBM 4758 Secure Coprocessor.
Computer, 2001

Improving DES Coprocessor Throughput for Short Operations.
Proceedings of the 10th USENIX Security Symposium, 2001

SAM: A Flexible and Secure Auction Architecture Using Trusted Hardware.
Proceedings of the 15th International Parallel & Distributed Processing Symposium (IPDPS-01), 2001

Security Issues in M-Commerce: A Usage-Based Taxonomy.
Proceedings of the E-Commerce Agents, 2001

Securing Web Servers against Insider Attack .
Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC 2001), 2001

1999
Building a high-performance, programmable secure coprocessor.
Comput. Networks, 1999

1998
Trusting Trusted Hardware: Towards a Formal Model for Programmable Secure Coprocessors.
Proceedings of the 3rd USENIX Workshop on Electronic Commerce, Boston, Massachusetts, USA, August 31, 1998

Using a High-Performance, Programmable Secure Coprocessor.
Proceedings of the Financial Cryptography, 1998

1996
Minimizing Timestamp Size for Completely Asynchronous Optimistic Recovery with Minimal Rollback.
Proceedings of the 15th Symposium on Reliable Distributed Systems, 1996

1995
Completely Asynchronous Optimistic Recovery with Minimal Rollbacks.
Proceedings of the Digest of Papers: FTCS-25, 1995

1991
Improved Learning of AC<sup>0</sup> Functions.
Proceedings of the Fourth Annual Workshop on Computational Learning Theory, 1991


  Loading...