Usable Security and Privacy Lab
The following publications are available for personal use only. To make copies for distribution, please see the publisher regarding copyright policy.
Automatic Detection of Fake Key Attacks in Secure Messaging, Tarun Kumar Yadav, Devashish Gosain, Amir Herzberg, Daniel Zappala, and Kent Seamons, ACM SIGSAC Conference on Computer and Communications Security (CCS), November 2022.
James Conners, Steven Derbidge, Corey Devenport, Natalie Farnsworth, Kyler Gates, Stephen Lambert, Christopher McClain, Parker Nichols, and Daniel Zappala, Let’s Authenticate: Automated Certificates for User Authentication, Network and Distributed System Security Symposium (NDSS), February 2022.
Justin Wu, Cyrus Gatrell, Devon Howard, Jake Tyler, Elham Vaziripour, Kent Seamons, and Daniel Zappala, “Something isn’t secure, but I’m not sure how that translates into a problem”: Promoting autonomy by designing for understanding in Signal, USENIX Symposium on Usable Privacy and Security (SOUPS), August 2019.
Data available at https://signal.internet.byu.edu
Elham Vaziripour, Devon Howard, Jake Tyler, Mark O’Neill, Justin Wu, Kent Seamons, Daniel Zappala, I Don’t Even Have to Bother Them! Using Social Media to Automate the Authentication Ceremony in Secure Messaging, Proceedings of the 37th Annual ACM Conference on Human Factors in Computing Systems (CHI 2019), May 2019.
Scott Ruoti, Jeff Anderson, Luke Dickinson, Scott Heidbrink, Tyler Monson, Mark O’Neill, Ken Reese, Brad Spendlove, Elham Vaziripour, Justin Wu, Daniel Zappala, and Kent Seamons, A Usability Study of Four Secure Email Tools Using Paired Participants, ACM Transactions on Privacy and Security (TOPS), Volume 22, Number 2, April 2019.
Mark O’Neill, Kent Seamons, and Daniel Zappala , The Secure Socket API: TLS as an Operating System Service, ;login:, The USENIX Magazine, Winter 2018, volume 43, number 4.
Mark O’Neill, Scott Heidbrink, Jordan Whitehead, Tanner Perdue, Luke Dickinson, Torstein Collett, Nick Bonner, Kent Seamons, and Daniel Zappala, The Secure Socket API: TLS as an Operating System Service, USENIX Security, August 2018, 18 pages.
Second Place, Facebook Internet Defense Prize ($60,000)
Data and code available at https://owntrust.org
Justin Wu and Daniel Zappala, When is a Tree Really a Truck? Exploring Mental Models of Encryption, USENIX Symposium on Usable Privacy and Security (SOUPS), August 2018.
Honorable Mention for the Distinguished Paper Award
Data available soon at https://mentalmodels.internet.byu.edu
Elham Vaziripour, Justin Wu, Mark O’Neill, Daniel Metro, Josh Cockrell, Timothy Moffett, Jordan Whitehead, Nick Bonner, Kent Seamons, and Daniel Zappala, Action Needed! Helping Users Find and Complete the Authentication Ceremony in Signal, USENIX Symposium on Usable Privacy and Security (SOUPS), August 2018, 16 pages.
Data available soon at https://action.internet.byu.edu
Scott Ruoti, Jeff Andersen, Tyler Monson, Daniel Zappala, and Kent Seamons, A Comparative Usability Study of Key Management in Secure Email, USENIX Symposium on Usable Privacy and Security (SOUPS), August 2018, 21 pages.
Data available at https://isrl.byu.edu/data/soups2018/
Elham Vaziripour, Reza Farahbakhsh, Mark O’Neill, Justin Wu, Kent Seamons, and Daniel Zappala. Private But Not Secure: A Survey Of the Privacy Preferences and Practices of Iranian Users of Telegram, Workshop on Usable Security (USEC), February 2018, 20 pages.
Data available soon at https://telegram.internet.byu.edu
Tylor Monson, Joshua Reynolds, Trevor Smith, Scott Ruoti, Daniel Zappala, and Kent Seamons. A Usability Study of Secure Email Deletion, European Workshop on Usable Security (EuroUSEC), April 2018, 11 pages.
Data available at https://isrl.byu.edu/data/eurousec2018/
Scott Ruoti, Kent Seamons, and Daniel Zappala. Layering Security at Global Control Points to Secure Unmodified Software, IEEE Secure Development Conference (IEEE SecDev), September 2017.
Best Paper Award.
Mark O’Neill, Scott Heidbrink, Scott Ruoti, Jordan Whitehead, Dan Bunker, Luke Dickinson, Travis Hendershot, Joshua Reynolds, Kent Seamons, and Daniel Zappala, TrustBase: An Architecture to Repair and Strengthen Certificate-based Authentication, USENIX Security, August 2017.
Data and code available at https://owntrust.org
Elham Vaziripour, Justin Wu, Mark O’Neill, Ray Clinton, Jordan Whitehead, Scott Heidbrink, Kent Seamons, Daniel Zappala, Is that you, Alice? A Usability Study of the Authentication Ceremony of Secure Messaging Applications, USENIX Symposium on Usable Privacy and Security (SOUPS), July 2017. Errata, Corrected version.
Data available at https://alice.internet.byu.edu
Scott Ruoti, Tyler Monson, Justin Wu, Daniel Zappala, and Kent Seamons, Brigham Young University, Weighing Context and Trade-offs: How Suburban Adults Selected Their Online Security Posture, USENIX Symposium on Usable Privacy and Security (SOUPS), July 2017.
Data available at https://isrl.byu.edu/data/soups2017/
Mark O’Neill, Scott Ruoti, Kent Seamons, and Daniel Zappala. TLS Inspection: How Often and Who Cares? IEEE Internet Computing, May/June 2017. (magazine, invited)
Mark O’Neill, Scott Ruoti, Kent Seamons, Daniel Zappala, TLS Proxies: Friend or Foe?, ACM Internet Measurement Conference, November, 2016.
Mark O’Neill, Elham Vaziripour, Justin Wu, Daniel Zappala, Condensing Steam: Distilling the Diversity of Gamer Behavior, ACM Internet Measurement Conference, November, 2016.
Alexander Afanasyev, J. Alex Halderman, Scott Ruoti, Kent Seamons, Yingdi Yu, Daniel Zappala, Lixia Zhang, Content-Based Security for the Web, New Security Paradigms Workshop (NSPW), September, 2016.
Scott Ruoti, Mark O’Neil, Daniel Zappala, Kent Seamons, User Attitudes Toward the Inspection of Encrypted Traffic, Symposium on Usable Privacy and Security (SOUPS), July 2016.
David Grimsman, Vasu Chetty, Nathan Scott Woodbury, Elham Vaziripour, Sandip Roy, Daniel Zappala, Sean Warnick, A Case Study of a Systematic Attack Design Method for Critical Cyber-Physical Systems, 2016 American Control Conference (ACC), July 2016.
Scott Ruoti, Jeff Andersen, Scott Heidbrink, Mark O’Neill, Elham Vaziripour, Justin Wu, Daniel Zappala, Kent Seamons, “We’re on the Same Page”: A Usability Study of Secure Email Using Pairs of Novice Users, Proceedings of the 34th Annual ACM Conference on Human Factors in Computing Systems (CHI), May 2016.
Honorable Mention Award
Randy Buck, Rich Lee, Phil Lundrigan and Daniel Zappala, WiFu: A Composable Toolkit for Experimental Wireless Transport Protocols, IEEE International Conference on Mobile Ad Hoc and Sensor Systems (MASS), October 2012.
Travis Andelin, Vasu Chetty, Devon Harbaugh, Sean Warnick and Daniel Zappala, Quality Selection for Dynamic Adaptive Streaming over HTTP with Scalable Video Coding 3rd ACM Multimedia Systems Conference (MMSys), February 2012, pages 149—154.
David Ripplinger, Sean Warnick and Daniel Zappala, First Principles Modeling of Wireless Networks for Rate Control, 50th IEEE Conference on Decision and Control (CDC), December 2011.
Xingang Zhang, Randy Buck, and Daniel Zappala, Experimental Performance Evaluation of ATP in a Wireless Mesh Network, IEEE International Conference on Mobile Ad Hoc and Sensor Systems (MASS), October 2011.
Daniel Scofield, Lei Wang and Daniel Zappala, HxH: A Hop-by-Hop Transport Protocol for Multi-Hop Wireless Networks, The Fourth International Wireless Internet Conference (WICON 2008), October 2008.
Manoj Pandey and Daniel Zappala, Hop-by-Hop Multicast Transport for Mobile Ad Hoc Wireless Networks, The Fifth IEEE International Conference on Mobile Ad Hoc and Sensor Systems (MASS), October 2008.
Qiuyi Duan, Lei Wang, Charles D. Knutson and Daniel Zappala, Link Quality Prediction for Wireless Devices with Multiple Radios, IEEE International Symposium on World of Wireless, Mobile and Multimedia Networks (WoWMoM), June 2008.
Manoj Pandey, Roger Pack, Lei Wang, Qiuyi Duan and Daniel Zappala, To Repair or Not to Repair: Helping Routing Protocols to Distinguish Mobility From Congestion, IEEE Infocom MiniSymposia, May 2007.
Manoj Pandey, Daniel Delorey, Qiuyi Duan, Lei Wang, Charles Knutson, Daniel Zappala, and Ryan Woodings, RIA: An RF Interference Avoidance Algorithm for Heterogeneous Wireless Networks, IEEE Wireless Communications and Networking Conference (WCNC), March 2007.
Manoj Pandey and Daniel Zappala, A Scenario Based Evaluation of Mobile Ad Hoc Multicast Routing Protocols, IEEE International Symposium on World of Wireless, Mobile and Multimedia Networks (WoWMoM), June 2005.
Chris GauthierDickey, Virginia Lo, and Daniel Zappala, Using N-Trees for Scalable Event Ordering in Peer-to-Peer Games, ACM NOSSDAV, June 2005.
Daniel Stutzbach, Daniel Zappala, and Reza Rejaie, The Scalability of Swarming Peer-to-Peer Content Delivery, IFIP Networking, May, 2005.
James S. Conners and Daniel Zappala, Let’s Authenticate: Automated Cryptographic Authentication for the Web with Simple Account Recovery, Who Are You?! Adventures in Authentication Workshop, July 2019.
Daniel Zappala, Making TLS Client Authentication Usable, USENIX HotSec Workshop, August 2018.
Elham Vaziripour, Mark O’Neill, Justin Wu, Scott Heidbrink, Kent Seamons, and Daniel Zappala, Social Authentication for End-to-End Encryption, Who Are You?! Adventures in Authentication Workshop, July 2016.
Manoj Pandey and Daniel Zappala, Scalable Multicast Routing for Ad Hoc Networks, The Fourth International Workshop on Localized Communication and Topology Protocols for Ad Hoc Networks (LOCAN), October 2008.
Jared Jardine and Daniel Zappala, A Hybrid Architecture for Massively Multiplayer Online Games, The Seventh Annual Workshop on Network and Systems Support for Games (NetGames), October 2008.
Qiuyi Duan, Lei Wang, Charles D. Knutson and Daniel Zappala, Autonomous and Intelligent Radio Switching for Heterogeneous Wireless Networks, The Fourth IEEE International Workshop Heterogeneous Multi-Hop Wireless and Mobile Networks (MHWMN), October, 2008.