Adam J. Aviv

Associate Professor of Computer Science
The George Washington University

aaviv@gwu.edu

SEH 5810

202-994-6569

adamaviv

@adamaviv

@adamaviv@infosec.exchange

I am on sabbatical Fall 2023 and Spring 2024

About Me

I am an Associate Professor of Computer Science at the George Washington University. I have broad research interests, primarily in the area of computer security/cybersecurity, privacy, and usable security. I am the lead for the George Washington University/Usable Security and Privacy Lab (gwusec). If you are interested in joining the lab or collaborating on research, more information can be found there.

Interested in having me as a mentor for your PhD?

Yes! I am looking to accept one (or more) new PhD student to start in September 2024. If you are interested in applying, feel free to send me a short email with your research interests and background. Please ensure that your interests overlap with my research interests in usable security/privacy. I may not reply --- please do not take it personally as I get a lot of email -- but I promise to read your email.

Undergrad or masters student at GW interested in research?

Yes! I am always looking for motivated undergraduates and masters students at GW to do research. Shoot me an email.

For Fall 2023 / Spring 2024 I am on sabbatical academic year 2023/2024 an will not be accepting new MS or Undergrad researchers during this time.

Want to meet with me?

Public Office Hours virtual open to all

Calendly Scheduler

Am I listed as your MS Academic Advisor?

I am happy to help, but before sending me an email or scheduling a meeting, please check the CS MS Advising FAQ

News

2024 News

Good News (Mar 2024) We have an accepted paper at CHI's Late Breaking Work as an extended asbtract

Adryana Hutchinson, Collins W. Munyendo, Peter Mayer, and Adam J. Aviv. An Analysis of Password Managers' Password Checkup Tools. ACM CHI Extend Abstracts '2024.

Bad News (Mar 2024) One paper rejected from IEEE S&P
Good News (Jan 2024) We have an accepted talk at PrivacyCon 2024 for our paper

Peter Mayer, Yixin Zou, Bryon M. Lowens, Hunter A. Dyer, Khue Lee, Florian Schaub, and Adam J. Aviv. Awareness, Intention, (In)Action: Individuals' Reactions to Data Breaches.

Bad News (Jan 2024) One paper rejected from USENIX
Good News (Jan 2024) One paper accepted to USEC 2024

Adryana Hutchinson, Jinwei Tang, Adam J. Aviv, and Peter Story. Measuring the Prevalence of Password Manager Issues Using In-Situ Experiments. Symposium on Usable Security and Privacy (USEC) 2024.

2023 News

Good News (Dec 2023) One paper accepted at PoPETS 2024

Florian M. Farke, David G. Balash, Maximilian Golla and Adam J. Aviv. How Does Connecting Online Activities to Advertising Inferences Impact Privacy Perceptions?. To appear in the Proceedings of Privacy Enhancing Technologies. 2024.

Good News (Oct 2023) One poster accepted to CCS

David G. Balash, Mir Masood Ali, Monica Kodwani, Xiaoyuan Wu, Chris Kanich, and Adam J. Aviv. 2023. Poster: Longitudinal Measurement of the Adoption Dynamics in Apple's Privacy Label Ecosystem. In Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (CCS '23). (pdf)

Bad News (Oct 2023) One paper major-revision and then withdrawn from CSCW
Bad News (Oct 2023) One proposal rejected from Google
Good News (July 2023) One paper accepted at EuroUSEC 2023

Daniel V. Bailey,Collins W. Munyendo,Hunter A. Dyer, Miles Grant, Philipp Markert,and Adam J. Aviv. ”Someone Definitely Used 0000”: Strategies, Performance, and User Perception of Novice Smartphone-Unlock PIN-Guessers. The 2023 European Symposium on Usable Security (EuroUSEC’23). Oct 2023.

Good News (July 2023) One paper paper accepted at CCS 2023

Collins W. Munyendo, Peter Mayer, and Adam J. Aviv. “I just stopped using one and started using the other”: Motivations, Techniques, and Challenges When Switching Password Managers. Proceedings of the 30th ACM Conference on Computer and Communications Security (CCS’23). ACM. Nov 2023.

Bad News (July 2023) One paper early rejected from USENIX Security 2024
Bad News (July 2023) One grant proposal rejected
Good News (June 2023) New paper accepted at CSET'23

Harel Berger, Adam J. Aviv, and Micah Sher. Cadence: A Simulator for Human Movement-based Communication Protocols. Workshop on Cyber Security Experimentation and Test (CSET’23). May 2023.

Bad News (June 2023) One paper early rejected from CCS 2023
Bad News (June 2023) One paper rejected from USENIX Security 2023
Good News (May 2023) Our paper on cyber cafes in Keny with Collins Munyendo and Yasemin Acar won distinguished paper award at IEEE Security and Privacy Sympoisum
Good News (May 2023) New NSF Awards

Collaborative Research: SaTC: CORE: Small: Measuring, Validating and Improving upon App-Based Privacy Nutrition Labels is a new three year aard to study privacy labels, along with my collaborators Chris Kanich and Serge Egelman
Institute for Trustworthy AI in Law and Society (TRAILS) is a new institute charted for five-years to study society issues around AI. Participating as Senior Personel (SP) with Hal Daume PI, and Co-PIs Susan Aarons, David Broniatowski, Katherine Shilton, and Thomas Goldstein.

Bad News (Mar 2023) One paper early rejected from SOUPS 2023
Good News (Mar 2023) New paper acceptd to IEEE Security & Privacy '23 (Oakland)

Collins Munyendo, Yasemin Acar, and Adam J. Aviv. "In Eighty Percent of the Cases, I Select the Password for Them": Security and Privacy Challenges, Advice, and Opportunities at Cybercafes in Kenya To appear at the IEEE Security and Privacy Smposium (IEEE SP23). May. 2023.

Bad News (Mar 2023) Two papers rejected from IEEE S&P 2023
Bad News (Feb 2023) Fulbright Scholar application denied
Good News (Feb 2023) New paper acceptd to USENIX Security 2023
- David G. Balash, Rahel A. Fainchtein, Elena Korkes, Miles Grant, Micah Sherr, and Adam J. Aviv. Educators’ Perspectives of Using (or Not Using) Online Exam Proctoring. To appear at the 34th USENIX Security Symposium (USENIX Sec23). Aug. 2023.
Bad News (Feb 2023) Paper rejected from EuroS&P
Good News (Jan 2023) New journal article accepted to ToCHI
- Peter Mayer, Yixin Zou, Bryon M. Lowens, Hunter A. Dyer, Khue Lee, Florian Schaub, and Adam J. Aviv. Awareness, Intention, (In)Action: Individuals' Reactions to Data Breaches. To appear in ACM Transactions on Computer-Human Interaction.

2022 News -- Starting in 2022, I include both good and bad news.

Good News (Dec 2022) Proposal to organize the 2023 NSF SaTC Aspring PI Workshop was funded by NSF
- The event will bring together aspiring PIs int he SaTC program to learn more about the SaTC program and how to write a successfully proposal.
Good News (Nov 2022) One proposal accepted by Google in the ASPIRE program
- Measuring the Evolution and Migration of Android Malware with Gianluca Stringhini at Boston University
Bad News (Nov 2022) One proposal rejected from Google
Bad News (Oct 2022) One paper rejected from NDSS 2023
Good News (Oct 2022) Two papers accessed from ACSAC 2022
- Rahel A. Fainchtein, Adam J. Aviv, and Micah Sherr. User Perceptions of the Privacy and Usability of Smart DNS. Annual Computer Security Applications Conference. (ACSAC'22). 2022
- Xiaoyuan Wu, Collins W. Munyendo, Eddie Cosic, Genevieve A. Flynn, Olivia Legault, and Adam J. Aviv. User Perceptions of Five-Word Passwords. Annual Computer Security Applications Conference. (ACSAC'22). 2022
Good News (Sep 2022) New NSF (CICI) grant awarded on Supporting Scientists as End-Users in Managing Security and Privacy
Bad News (Aug 2022) One papers early rejected from ACSAC 2022
Bad News (July 2022) One papers early rejected from IMC 2022
Good News (May 2022) A new paper accepted to USENIX Security 2022

Peter Mayer, Collins Munyendo, Michelle L. Mazurek, and Adam J. Aviv. Why Users (Don't) Use Password Managers at a Large Educational Institution. USENIX Security Symposium (Sec'22). Aug, 2022.

Bad News (May 2022) Two papers rejected from SOUPS 2022
Bad News (April 2022) NSF Grant Declined (SaTC Frontier)
Good News (April 2022) A new paper accepted to IEEE Security and Privacy 2022

Collins Munyendo, Yasemin Acar, and Adam J. Aviv. "Desperate Times Call for Desperate Measures:" User Concerns with Mobile Loan Apps in Kenya. Proceedings of the 2022 IEEE Symposium on Security and Privacy - Oakland’22. May, 2022

Bad News (April 2022) NSF Grant Declined (SaTC Small)
Good News (April 2022) New NSF Grant Awarded

NSF SaTC EDU: Security and Privacy Implications of Remote Proctoring for School Policies and Practices
With Mich Sherr (Georgetown) and Ryan Watkins

Good News (Feb 2022) A new paper accepted to USENIX Security 2022

Collins W. Munyendo, Philipp Markert, Alexandra Nisenoff, Miles Grant, Elena Korkes, Blase Ur, and Adam J. Aviv. "The Same PIN, Just Longer": On the (In)Security of Upgrading PINs from 4 to 6 Digits. USENIX Security Symposium (Sec'22). Aug, 2022.

2021 News (click to reveal)

Good News (Dec 2021) A new paper accepted to CHI 2022

Jaron Mink, Amanda Rose Yuile, Uma Pal, Adam J. Aviv and Adam Bates. Users can Deduce Sensitive Locations Protected by Privacy Zones on Fitness Tracking Apps. ACM CHI Conference on Human Factors in Computing Systems (CHI'22). May, 2022

Good News (Oct 2021) A new journal paper has been published at ACM TOPS

Philipp Markert, Daniel V. Bailey, Maximilian Golla, Markus Dürmuth, and Adam J. Aviv. On the Security of Smartphone Unlock PINs. ACM Transactions on Privacy and Security (TOPS). Vol. 24 (4). ACM. Sep 2021
Open Access Article here

Good News (Sep 2021) A new paper accepted to USENIX Security 2022

David G. Balash, Xiaoyuan Wu, Miles Grant, Irwin Reyes, and Adam J. Aviv. Security and Privacy Perceptions of Third-Party Application Access for Google Accounts. 31st USENIX Security Symposium (Security'22). Aug, 2022.

Good News (June 2021) Three new publications at SOUPS 2021

Collins Munyendo, Miles Grant, Philipp Markert, Timothy J. Forman, and Adam J. Aviv. Using a Blocklist to Improve the Security of User Selection of Android Patterns. 17th Symposium on Usable Security and Privacy (SOUPS '21)
David G. Balash, Dongkun Kim, Darika Shaibekova, Rahel A. Fainchtein, Micah Sherr, and Adam J. Aviv. Examining the Examiners: Students' Privacy and Security Perceptions of Online Proctoring Services. 17th Symposium on Usable Security and Privacy (SOUPS '21)
Daniel V. Baily, Philipp Markert, and Adam J. Aviv. ``I have no idea what they're trying to accomplish:'' Enthusiastic and Casual Signal Users' Understanding of Signal PINs. 17th Symposium on Usable Security and Privacy (SOUPS '21)

Good News (June 2021) Three new publications at USENIX Security 2021

Noel Warford, Collins W. Munyendo, Ashna Mediratta, Adam J. Aviv, and Michelle L. Mazurek. Strategies and Perceived Risks of Sending Sensitive Documents. 30th USENIX Security Symposium (USENIX Security 21). USENIX Association. Aug 2021.

Arxiv here

Florian Farke, David G. Balash, Maximilian Golla, Markus Dürmuth, and Adam J. Aviv. Are Privacy Dashboards Good for End Users? Evaluating User Perceptions and Reactions to Google's My Activity. 30th USENIX Security Symposium (USENIX Security 21). USENIX Association. Aug 2021.

Arxiv here

Flynn Wolf, Adam J. Aviv, and Ravi Kuber. Security Obstacles and Motivations for Small Businesses from a CISO’s Perspective. 30th USENIX Security Symposium (USENIX Security 21). USENIX Association. Aug 2021.

Good News (Apr 2021) Good News publication at USENIX Security 2021

Peter Mayer, Yixin Zou, Florian Schaub, and Adam J. Aviv. "Now I'm a bit angry:" Individuals' Awareness, Perception, and Responses to Data Breaches that Affected Them. 30th USENIX Security Symposium (USENIX Security 21). (Sec'21). USENIX Association. Aug 2021.
Article here

Good News (Feb 2021) Good News publication at NDSS 2021

Ian Martiny, Gabriel Kaptchuk, Adam J. Aviv, Daniel S. Roche, and Eric Wustrow. Improving Signal’s Sealed Sender. In the proceedings of the 2021 Network and Distributed Systems Symposium. NDSS'21. Feb 2021.
Article here

2020 News (click to reveal)

Good News (Nov 2020) I have two new conference articles to appear at PoPETS 2021

Hirak Ray, Flynn Wolf, Ravi Kuber, Adam J. Aviv. ``Warn Them'' or ``Just Block Them''?: Comparing Privacy Concerns of Older and Working Age Adults
Rahel A. Fainchtein, Adam A. Aviv, Micah Sherr, Stephen Ribaudo, and Armaan Khullar. Holes in the Geofence: Privacy Vulnerabilities in “Smart” DNS Services.

Expanded version of the paper available on the arxiv

Good News (Oct 2020) I have new conference article appearing at USENIX Sec'2021

Hirak Ray, Flynn Wolf, Ravi Kuber, Adam J. Aviv. Why Older Adults (Don't) Use Password Managers. In the proceedings of the 2021 USENIX Security Symposium. Aug. 2021.

Preprint on the arxiv </ul> </ul>
Good News (Aug 2020) I have two new conference article appearing at ACSAC'2020

Timothy J. Forman and Adam J. Aviv. Double Patterns: A Usable Solution to Increase the Security of Android Unlock Patterns. In the proceedings of the 2020 Annual Computer Security Applications Conference (ACSAC'20). Dec. 2020.
Hassan Khan, Jason Ceci, Jonah Stegman, Adam J. Aviv, Rozita Dara, Ravi Kuber. Widely Reused and Shared, Infrequently Updated, and Sometimes Inherited: A Holistic View of PIN Authentication in Digital Lives and Beyond. In the proceedings of the 2020 Annual Computer Security Applications Conference (ACSAC'20). Dec. 2020.

Good News (Apr 2020) I have a new conference article appearing at SOUPS'2020

Raina Samuel, Philipp Markert, Adam J. Aviv, and Iulian Neamtiu. Knock, Knock. Who's There? On the Security of LG's Knock Codes. 2020 Symposium on Usable Security and Privacy (SOUPS'20). Pgs. 1-24. USENIX. 2020.

Paper is available here
Checkout the video presentation and talk slides
Read more about the project in the news: fastcompany Science Daily
Preprint on the arxiv

Good News (Feb. 2020) We have a new gwusec lab page!
Good News (Feb. 2020) Three new students are joining the research group at GW: David Balash, Nelson Jaimes, and Collins Munyendo. Welcome!
2019 News (click to reveal)