Publications
Below is a list of publications in reverse chronological order that pertain to the project.
- Peeking Behind the Curtains of Serverless Platforms
L. Wang, M. Li, Y. Zhang, T. Ristenpart, and M. Swift
In USENIX Annual Technical Conference (ATC) , July 2018. - Static evaluation of noninterference using approximate model counting
Z. Zhou, Z. Qian, M. K. Reiter, and Y. Zhang
In 39th IEEE Symposium on Security and Privacy, May 2018. - Differentially private access patterns for searchable symmetric encryption
G. Chen, T.-H. Lai, M. K. Reiter, and Y. Zhang
In IEEE International Conference on Computer Communications, April 2018. - PivotWall: SDN-Based Information Flow Control
T. OConnor, W. Enck, W. Petullo, and A. Verma
In ACM Symposium on SDN Research (SOSR), March 2018. - On-demand time blurring to support side-channel defense
W. Liu, D. Gao, and M. K. Reiter
In 22nd European Symposium on Research in Computer Security (ESORICS), September 2017. - Personalized pseudonyms for servers in the cloud
Q. Xiao, M. K. Reiter, and Y. Zhang
In Proceedings on Privacy Enhancing Technologies, October 2017. - TapCon: Practical third-party attestation for the cloud
Y. Zhai, Q. Cao, J. Chase, and M. Swift
In 9th USENIX Workshop on Hot Topics in Cloud Computing, July 2017. - Rethinking security in the era of cloud computing
J. Aikat, A. Akella, J. Chase, A. Juels, M. Reiter, T. Ristenpart, V. Sekar, M, Swift
IEEE Security & Privacy, 15(3): 60-69, June 2017. - About PaaS security
D. Kim, H. Schaffer, M. Vouk
In International Journal of Cloud Computing, 2017. - P5: Policy-driven optimization of P4 pipeline
A. Abhashkumar, J. Lee, J. Tourrilhes, S. Banerjee, W. Wu, J. Kang and A. Akella
In ACM Symposium on SDN Research, April 2017. - Sealed-glass proofs: Using transparent enclaves to prove and sell knowledge
F. Tramèr, F. Zhang, H. Lin, J.-P. Hubaux, A. Juels, and E. Shi
In IEEE European Symposium on Security and Privacy, April, 2017. - A system to verify network behavior of known cryptographic clients
A. Chi, R. A. Cochran, M. Nesfield, M. K. Reiter, and C. Sturton
In 14th USENIX Symposium on Networked Systems Design and Implementation, March 2017. - Genesis: Data plane synthesis in multi-tenant networks
K. Subramanian, L. Antoni and A. Akella
In 44th ACM SIGPLAN Symposium on Principles of Programming Languages, January 2017. - Reassembling our digital selves
D. Estrin and A. Juels
Journal of the American Academy of Arts & Sciences, 145(1): 43–53, Winter 2016. - Efficient network reachability analysis using a succinct control plane representation
S. K. Fayaz, T. Sharma, A. Fogel, R. Mahajan, T. Millstein, V. Sekar, and G. Varghese
In 12th USENIX Conference on Operating Systems Design and Implementation, November 2016. - Breaking web applications built on top of encrypted data
P. Grubbs, R. McPherson, M. Naveed, T. Ristenpart, and V. Shmatikov
In 23rd ACM Conference on Computer and Communications Security, October 2016. - A software approach to defeating side channels in last-level caches
Z. Zhou, M. K. Reiter, and Y. Zhang
In 23rd ACM Conference on Computer and Communications Security, October 2016. - The ring of gyges: Investigating the future of criminal smart contracts
A. Juels, A. Kosba, and E. Shi
In 23rd ACM Conference on Computer and Communications Security, October 2016. - Town crier: An authenticated data feed for smart contracts
F. Zhang, E. Cecchetti, K. Croman, A. Juels, and E. Shi
In 23rd ACM Conference on Computer and Communications Security, October 2016. - CQSTR: Securing cross-tenant applications with cloud containers
Y. Zhai, L. Yin, J. Chase, T. Ristenpart, and M. Swift
In 7th ACM Symposium on Cloud Computing, October 2016. - Stealing machine learning models via prediction APIs
F. Tramèr, F. Zhang, A. Juels, M. K. Reiter, and T. Ristenpart
In 25th USENIX Security Symposium, Aug 2016. - One sketch to rule them all: Rethinking network flow monitoring with UnivMon
Z. Liu, A. Manousis, G. Vorsanger, V. Sekar, V. Braverman
In ACM SIGCOMM 2016 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, August 2016. - Fast control plane analysis using an abstract representation
A. Gember-Jacobson, R. Viswanathan, A. Akella, and R. Mahajan
In ACM SIGCOMM 2016 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, August 2016. - AC/DC TCP: Virtual switch-based congestion control enforcement for datacenter networks
K. He, E. Rozner, K. Agarwal, Y. Gu, W. Felter, J. Carter, and A. Akella
In ACM SIGCOMM 2016 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, August 2016. - Privacy is dead, long live privacy: Protecting social norms as confidentiality wanes
J.-P. Hubaux and A. Juels
Communications of the ACM (CACM), 59(6): 39-41, June 2016. - pASSWORD tYPOS and how to correct them securely
R. Chatterjee, A. Athayle, D. Akawhe, A. Juels, and T. Ristenpart
In IEEE Symposium on Security and Privacy, May 2016. - Honey encryption beyond message recovery security
Joseph Jaeger, Thomas Ristenpart, and Qiang Tang
Advances in Cryptology – Eurocrypt, May 2016. - Simplifying software-defined network optimization applications using SOL
V. Heorhiadi, M. K. Reiter, and V. Sekar
In 13th USENIX Symposium on Networked System Design and Implementation, March 2016. - Server-side verification of client behavior in cryptographic protocols
A. Chi, R. Cochran, M. Nesfield, M. K. Reiter, and C. Sturton
arXiv preprint 1603.04085, March 2016. - BUZZ: Testing context-dependent policies in stateful networks
S. K. Fayaz, T. Yu, Y. Tobioka, S. Chaki, and V. Sekar
In 13th USENIX Symposium on Networked Systems Design and Implementation, March 2016. - Leakage-abuse attacks against searchable encryption
D. Cash, P. Grubbs, J. Perry, and T. Ristenpart
In 22nd ACM Conference on Computer and Communications Security, October 2015. - Model inversion attacks that exploit confidence information and basic countermeasures
M. Fredrikson, S. Jha, and T. Ristenpart
In 22nd ACM Conference on Computer and Communications Security, October 2015. - Mitigating storage side channels using statistical privacy mechanisms
Q. Xiao, M. K. Reiter, and Y. Zhang
In 22nd ACM Conference on Computer and Communications Security, October 2015. - Nomad: Mitigating arbitrary cloud side channels via provider-assisted migration
S.-J. Moon, V. Sekar, and M. K. Reiter
In 22nd ACM Conference on Computer and Communications Security, October 2015. - PGA: Using graphs to express and automatically reconcile network policies
C. Prakash, J. Lee, Y. Turner, J.-M. Kang, A. Akella, S. Banerjee, C. Clark, Y. Ma, P. Sharma, and Y. Zhang
In ACM SIGCOMM 2015 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, August 2015. - Improving the safety, scalability, and efficiency of network function state transfers
A. Gember-Jacobson and A. Akella
In ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization, August 2015. - The Pythia PRF service
A. Everspaugh, R. Chaterjee, S. Scott, A. Juels, and T. Ristenpart
In 24th USENIX Security Symposium, August 2015. - A placement vulnerability study in multi-tenant public clouds
V. Varadarajan, Y. Zhang, T. Ristenpart, and M. Swift
In 24th USENIX Security Symposium, August 2015. - Flexible and elastic DDoS defense using Bohatei
S. K. Fayaz, Y. Tobioka, V. Sekar, and M. Bailey
In 24th USENIX Security Symposium, August 2015. - Replica placement for availability in the worst case
P. Li, D. Gao, and M. K. Reiter
In 35th IEEE International Conference on Distributed Computing Systems, June 2015. - Trust as the foundation of resource exchange in GENI
M. Brinn, N. Bastin, A. Bavier, M. Berman, J. Chase, and R. Ricci
In 10th EAI International Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities, June 2015. - Measuring control plane latency in SDN-enabled switches
K. He, J. Khalid, A. Gember-Jacobson, C. Prakash, A. Akella, E. Li, and M. Thottan
In 1st ACM SIGCOMM Symposium on SDN Research, June 2015. - Cracking-resistant password vaults using natural language encoders
R. Chatterjee, J. Bonneau, A. Juels, and T. Ristenpart
In IEEE Symposium on Security and Privacy, May 2015. - SEER: Practical memory virus scanning as a service
J. Gionta, A. Azab, W. Enck, P. Ning, and X. Zhang
In 30th Annual Computer Security Applications Conference, December 2014. - A survey of common security vulnerabilities and corresponding countermeasures for SaaS
D. Kim, P. Ning, and M. Vouk
In IEEE Globecom 2014 Workshop on Cloud Computing Systems, Networks, and Applications, December 2014. - StopWatch: A cloud architecture for timing channel mitigation
P. Li, D. Gao, and M. K. Reiter
ACM Transactions on Information and System Security 17(2), November 2014. - Cross-tenant side-channel attacks in PaaS clouds
Y. Zhang, A. Juels, M. K. Reiter, and T. Ristenpart
In 21st ACM Conference on Computer and Communications Security, November 2014. - WhoWas: A platform for measuring web deployments on IaaS clouds
L. Wang, A. Nappa, J. Caballero, T. Ristenpart, and A. Akella
In 14th ACM Internet Measurement Conference, November 2014. - Scheduler-based defenses against cross-VM side-channels
V. Varadarajan, T. Ristenpart, and M. Swift
In 23rd USENIX Security Symposium, August 2014. - OpenNF: Enabling innovation in network function control
A. Gember, R. Vishwanathan, C. Prakash, R. Grandl, J. Khalid, S. Das, and A. Akella
In ACM SIGCOMM 2014 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, pages 163-174, August 2014. - Testing stateful and dynamic data planes with FlowTest
S. K. Fayazbakhsh and V. Sekar
In 3rd ACM Workshop on Hot Topics in Software Defined Networking, August 2014. - DACSA: A decoupled architecture for cloud security analysis
J. Gionta, A. Azab, W. Enck, P. Ning, and X. Zhang
In 7th Workshop on Cyber Security Experimentation and Test, August 2014. - Secure authorization for federated environments (SAFE): Overview and progress report
J. Chase and V. Thummala
Technical Report CS-2014-003, Department of Computer Science, Duke University, 2014. - A guided tour of SAFE GENI
J. Chase and V. Thummala
Technical Report CS-2014-002, Department of Computer Science, Duke University, 2014. - Integrating VCL into a re-configurable cloud computing layer on an IBM BG/P supercomputer
G. Mathew, P. Dreher, and M. Vouk
In 2nd International IBM Cloud Academy Conference, May 2014. - Enforcing network-wide policies in the presence of dynamic middlebox actions using FlowTags
S. Fayazbakhsh, V. Sekar, M. Yu, and J. Mogul
In 11th USENIX Symposium on Networked System Design and Implementation, April 2014. - Securing hadoop in cloud
X. Yu, P. Ning, and M. Vouk
In Symposium and Bootcamp on the Science of Security (HotSoS), pages 155-156, April 2014. - Diversity-based detection of security anomalies
R. Venkatakrishnan and M. Vouk
In Symposium and Bootcamp on the Science of Security (HotSoS), pages 160-161, April 2014. - Verifiable network function outsourcing: Requirements, challenges, and roadmap
S. K. Fayazbakhsh, M. K. Reiter, and V. Sekar
In Workshop on Hot Topics in Middleboxes and Network Function Virtualization, pages 25–30, December 2013. - Düppel: Retrofitting commodity operating systems to mitigate cache side channels in the cloud
Y. Zhang and M. K. Reiter
In 20th ACM Conference on Computer and Communications Security, pages 827–837, November 2013. - Honeywords: Making password-cracking detectable
A. Juels and R. L. Rivest
In 20th ACM Conference on Computer and Communications Security, November 2013. - Next stop, the cloud: Understanding modern web service deployment in EC2 and Azure
K. He, A. Fisher, L. Wang, A. Gember, A. Akella, and T. Ristenpart
In Internet Measurement Conference, pages 177–190, October 2013. - Ensuring file authenticity in private DFA evaluation on encrypted files in the cloud
L. Wei and M. K. Reiter
In Computer Security – ESORICS 2013: 18th European Symposium on Research in Computer Security (Lecture Notes in Computer Science 8134), September 2013. - DupLESS: Server-aided encryption for deduplicated storage
M. Bellare, S. Keelveedhi, and T. Ristenpart
In 22nd USENIX Security Symposium, August 2013. - SIMPLE-fying middlebox policy enforcement using SDN
Z. Qazi, C. Tu, L. Chiang, R. Miao, V. Sekar, and M. Yu
In ACM SIGCOMM 2013 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, August 2013. - FlowTags: Enforcing network-wide policies in the presence of dynamic middlebox actions
S. Fayazbakhsh, V. Sekar, M. Yu, and J. Mogul
In 2nd ACM Workshop on Hot Topics in Software Defined Networking, August 2013. - Mitigating access-driven timing channels in clouds using StopWatch
P. Li, D. Gao, and M. K. Reiter
In 43rd IEEE/IFIP International Conference on Dependable Systems and Networks, June 2013. - Message-locked encryption and secure deduplication
M. Bellare, S. Keelveedhi, and T. Ristenpart
In Advances in Cryptology – EUROCRYPT 2013, 32nd Annual International Conference on the Theory and Application of Cryptographic Techniques, pages 296–312, May 2013. - Toward verifiable resource accounting for outsourced computation
C. Chen, P. Maniatis, A. Perrig, A. Vasudevan, and V. Sekar
In 9th Annual International Conference on Virtual Execution Environments, pages 167–178, March 2013. - New approaches to security and availability for cloud data
A. Juels and A. Oprea
Communications of the ACM 56(2): pages 64–73, February 2013. - New opportunities for load balancing in network-wide intrusion detection systems
V. Heorhiadi, M. K. Reiter, and V. Sekar
In 8th International Conference on Emerging Networking Experiments and Technologies, pages 361–372, December 2012. - Iris: A scalable cloud file system with efficient integrity checks
E. Stefanov, M. van Dijk, A. Oprea, and A Juels
In 28th Annual Computer Security Applications Conference, pages 229–238, December 2012. - Cross-VM side channels and their use to extract private keys
Y. Zhang, A. Juels, M. K. Reiter, and T. Ristenpart
In 19th ACM Conference on Computer and Communications Security, pages 305–316, October 2012. - More for your money: Exploiting performance heterogeneity in public clouds
B. Farley, V. Varadaraja, K. Bowers, A. Juels, T. Ristenpart, and M. Swift
In 3rd ACM Symposium on Cloud Computing, October 2012. - Resource-freeing attacks: Improve your cloud performance (at your neighbor’s expense)
V. Varadarajan, T. Kooburat, B. Farley, T. Ristenpart, and M. Swift
In 19th ACM Computer and Communications Security, pages 281–292, October 2012. - Third-party private DFA evaluation on encrypted files in the cloud
L. Wei and M. K. Reiter
In Computer Security – ESORICS 2012: 17th European Symposium on Research in Computer Security (Lecture Notes in Computer Science 7459), pages 523–540, September 2012. - Multi-resource fair queueing for packet processing
A. Ghodsi, V. Sekar, M. Zaharia, and I. Stoica
In ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, pages 1–12, August 2012. - Making middleboxes someone else’s problem: Network processing as a cloud service
J. Sherry, S. Hassan, C. Scott, A. Krishnamurthy, S. Ratnasamy, and V. Sekar
In ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, pages 13–24, August 2012. - How to tell if your cloud files are vulnerable to drive crashes
K. D. Bowers, M. van Dijk, A. Juels, A. Oprea, and R L. Rivest
In 18th ACM Conference on Computer and Communications Security, pages 501–514, October 2011. - Verifiable resource accounting for cloud computing services
V. Sekar and P. Maniatis
In 3rd ACM Workshop on Cloud Computing Security, pages 21–26, October 2011. - Trusted Platform-as-a-Service: A foundation for trustworthy cloud-hosted applications
A. Brown and J. Chase
In 3rd ACM Cloud Computing Security Workshop, October 2011. - HomeAlone: Co-residency detection in the cloud via side-channel analysis
Y. Zhang, A. Juels, A. Oprea, and M.K. Reiter
In IEEE Symposium on Security and Privacy, pages 313–328, 2011. - On the impossibility of cryptography alone for privacy-preserving cloud computing
M. van Dijk and A. Juels
In USENIX Workshop on Hot Topics in Security, pages 1–8, 2010. - HAIL: A high-availability and integrity layer for cloud storage
K.D. Bowers, A. Juels, and A. Oprea
In 16th ACM Conference on Computer and Communications Security, pages 187–198, 2009. - Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds
T. Ristenpart, E. Tromer, H. Shacham, and S. Savage
In 16th ACM Conference on Computer and Communications Security, pages 199–212, November 2009. - Proofs of retrievability: Theory and implementation
K.D. Bowers, A. Juels, and A. Oprea
In Cloud Computing Security Workshop, pages 43–54, 2009. - PORs: Proofs of retrievability for large files
A. Juels and B. S. Kaliski, Jr.
In 14th ACM Conference on Computer and Communications Security, pages 584–597, 2007.
* Please note: Papers not linked above do not yet have a DOI registration. We shall link them as soon as a doi link is available. Please contact us directly at Project Silver Webmaster if you need the full-text of a paper not linked above. Thanks.