For additional references, please see my Google Scholar or DBLP

2023

  1. Peter Mayer, Yixin Zou, Byron M. Lowens, Hunter A. Dyer, Khue Le, Florian Schaub and Adam J. Aviv. Awareness, Intention, (In)Action: Individuals’ Reactions to Data Breaches. ACM Trans. Comput.-Hum. Interact.. Vol. 30 (5). Association for Computing Machinery. 2023 (doi) (bib)
  1. Daniel V. Bailey, Collins W. Munyendo, Hunter A. Dyer, Miles Grant, Philipp Markert and Adam J. Aviv. "Someone Definitely Used 0000": Strategies, Performance, and User Perception of Novice Smartphone-Unlock PIN-Guessers. Proceedings of the 2023 European Symposium on Usable Security (EuroUSEC '23). Pgs. 158–174. 2023 (doi) (bib)
  1. Collins W. Munynedo, Peter Mayer and Adam J. Aviv. "I just stopped using one and started using the other": Mitivations, Techniques, and Challenges When Siwtching Password Managers. 30th ACM Conference on Computer and Communication Security (CCS'23). 2023 (bib)
  1. David G. Balash, Rahel A. Fainchtein, Elena Korkes, Miles Grant, Micah Sherr and Adam J. Aviv. Educators’ Perspectives of Using (or Not Using) Online Exam Proctoring. Proceedings of the 32nd USENIX Security Symposium (Sec'23). 2023 (arxiv) (artifact) (bib)
  1. Collins Munyendo, Yasemin Acar and Adam J. Aviv. "In Eighty Percent of the Cases, I Select the Password for Them": Security and Privacy Challenges, Advice, and Opportunities at Cybercafes in Kenya. 2023 IEEE Symposium on Security and Privacy (SP'23). Pgs. 570-587. 2023 (pdf) (doi) (bib)
  1. Harel Berger, Micah Sherr and Adam Aviv. Cadence: A Simulator for Human Movement-Based Communication Protocols. Proceedings of the 16th Cyber Security Experimentation and Test Workshop (CSET '23). Pgs. 26–31. 2023 (doi) (bib)

2022

  1. Rahel A. Fainchtein, Adam J. Aviv and Micah Sherr. User Perceptions of the Privacy and Usability of Smart DNS. Annual Computer Security Applications Conference (ACSAC'22). 2022 (bib)
  1. Xiaoyuan Wu, Collins W. Munyendo, Eddie Cosic, Genevieve A. Flynn, Olivia Legault and Adam J. Aviv. User Perceptions of Five-Word Passwords. Annual Computer Security Applications Conference (ACSAC'22). 2022 (bib)
  1. Peter Mayer, Collins W. Munyendo, Michelle L. Mazurek and Adam J. Aviv. Why Users (Don't) Use Password Managers at a Large Educational Institution. 31st USENIX Security Symposium (USENIX Security 22) (Sec'22). 2022 (artifact) (bib)
  1. Collins W. Munyendo, Philipp Markert, Alex, ra Nisenoff, Miles Grant, Elena Korkes, Blase Ur and Adam J. Aviv. "The Same PIN, Just Longer": On the (In)Security of Upgrading PINs from 4 to 6 Digits. 31st USENIX Security Symposium (USENIX Security 22) (Sec'22). 2022 (bib)
  1. David G. Balash, Xiaoyuan Wu, Miles Grant, Irwin Reyes and Adam J. Aviv. Security and Privacy Perceptions of Third-Party Application Access for Google Accounts. 31st USENIX Security Symposium (USENIX Security 22) (Sec'22). 2022 (bib)
  1. Collins Munyendo, Yasemin Acar, and Adam J. Aviv. ``Desperate Times Call for Desperate Measures:'' User Concerns with Mobile Loan Apps in Kenya.. 43rd IEEE Symposium on Security and Privacy (SP'22). 2022 (bib)
  1. Jaron Mink, Am, a Rose Yuile, Uma Pal, Adam J. Aviv and Adam Bates. Users Can Deduce Sensitive Locations Protected by Privacy Zones on Fitness Tracking Apps. ACM CHI Conference on Human Factors in Computing Systems. 2022 (bib)
  1. Hirak Ray, Ravi Kuber and Adam J. Aviv. Investigating Older Adults’ Adoption and Usage of Online Conferencing Tools During COVID-19. 19th International Web for All Conference (W4A '22). 2022 (bib)

2021

  1. Hirak Ray, Flynn Wolf, Ravi Kuber and Adam J. Aviv. ``Warn Them'' or ``Just Block Them''?: Comparing Privacy Concerns of Older and Working Age Adults. Proceedings on Privacy Enhancing Technologies (PoPETS). 2021 (bib)
  1. Rahel A. Fainchtein, Adam J. Aviv, Micah Sherr, Stephen Ribaudo and Armaan Khullar. Holes in the Geofence: Privacy Vulnerabilities in ``Smart'' DNS Services. Proceedings on Privacy Enhancing Technologies (PoPETS). 2021 (arxiv) (bib)
  1. Philipp Markert, Daniel V. Bailey, Maximilian Golla, Markus D"urmuth and Adam J. Aviv. On the Security of Smartphone Unlock PINs. ACM Trans. Priv. Secur.. Vol. 24 (4). Association for Computing Machinery. 2021 (doi) (bib)
  1. Collins Munyendo, Miles Grant, Philipp Markert, Timothy J. Forman and Adam J. Aviv. Using a Blocklist to Improve the Security of User Selection of Android Patterns. 17th Symposium on Usable Security and Privacy (SOUPS'21). 2021 (bib)
  1. David G. Balash, Dongkun Kim, Darika Shaibekova, Rahel A. Fainchtein, Micah Sherr and Adam J. Aviv. Examining the Examiners: Students' Privacy and Security Perceptions of Online Proctoring Services. 17th Symposium on Usable Security and Privacy (SOUPS'21). 2021 (arxiv) (bib)
  1. Daniel V. Baily, Philipp Markert and Adam J. Aviv. ``I have no idea what they're trying to accomplish:'' Enthusiastic and Casual Signal Users' Understanding of Signal PINs. 17th Symposium on Usable Security and Privacy (SOUPS'21). 2021 (bib)
  1. Flynn Wolf, Adam J. Aviv and Ravi Kuber. Security Obstacles and Motivationsfor Small Businesses from a CISO’s Perspective. 30th USENIX Security Symposium (USENIX Security 21) (Sec'21). 2021 (bib)
  1. Florian Farke, David G. Balash, Maximilian Golla, Markus Dürmuth and Adam J. Aviv. Are Privacy Dashboards Good for End Users? Evaluating User Perceptions and Reactions to Google's My Activity. 30th USENIX Security Symposium (USENIX Security 21) (Sec'21). 2021 (arxiv) (bib)
  1. Noel Warford, Collins W. Munyendo, Ashna Mediratta, Adam J. Aviv and Michelle L. Mazurek. Strategies and Perceived Risks of Sending Sensitive Documents. 30th USENIX Security Symposium (USENIX Security 21) (Sec'21). 2021 (arxiv) (bib)
  1. Peter Mayer, Yixin Zou, Florian Schaub and Adam J. Aviv. "Now I'm a bit angry:" Individuals' Awareness, Perception, and Responses to Data Breaches that Affected Them. 30th USENIX Security Symposium (USENIX Security 21) (Sec'21). 2021 (bib)
  1. Ian Martiny, Gabriel Kaptchuk, Adam J. Aviv, Daniel S. Roche and Eric Wustrow. Improving Signal’s Sealed Sender. Network and Distributed Systems Security Symposium (NDSS'21). 2021 (pdf) (bib)
  1. Hirak Ray, Flynn Wolf, Ravi Kuber and Adam J. Aviv. Why Older Adults (Don't) Use Password Managers. 30th USENIX Security Symposium (USENIX Security 21) (Sec'21). 2021 (arxiv) (bib)

2020

  1. Timothy J. Forman and Adam J. Aviv. Double Patterns: A Usable Solution to Increase the Security of Android Unlock Patterns. 2020 Annual Computer Security Conference (ACSAC'20). 2020 (arxiv) (bib)
  1. Hassan Khan, Jason Ceci, Jonah Stegman, Adam J. Aviv, Rozita Dara and Ravi Kuber. Widely Reused and Shared, Infrequently Updated, and Sometimes Inherited: A Holistic View of PIN Authentication in Digital Lives and Beyond. 2020 Annual Computer Security Conference (ACSAC'20). 2020 (arxiv) (bib)
  1. Raina Samuel, Philipp Markert, Adam J. Aviv and Iulian Neamtiu. Knock, Knock. Who's There? On the Security of LG's Knock Codes. 2020 Symposium on Usable Security and Privacy (SOUPS'20). Pgs. 1-24. 2020 (arxiv) (pdf) (bib)
  1. Philipp Markert, Daniel V. Bailey, Maximillian Golla, Markus Duermuth and Adam J. Aviv. This PIN Can Be Easily Guessed: Analyzing the Security of Smartphone Unlock PINs. 2020 IEEE Symposium on Security and Privacy (SP). Pgs. 1525-1542. 2020 (doi) (bib)
  1. Timothy J. Forman, Daniel S. Roche and Adam J. Aviv. Twice as Nice? A Preliminary Evaluation of Double Android Unlock Patterns. Extended Abstracts of the 2020 CHI Conference on Human Factors in Computing Systems (CHI EA ’20). Pgs. 1–7. 2020 (doi) (bib)

2019

  1. Hirak Ray, Flynn Wolf, Ravi Kuber and Adam J. Aviv. "Woe is me:" Examining Older Adults' Perceptions of Privacy. Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems (CHI EA '19). Pgs. LBW2611:1--LBW2611:6. 2019 (pdf) (doi) (bib)
  1. Flynn Wolf, Ravi Kuber and Adam J. Aviv. "Pretty Close to a Must-Have": Balancing Usability Desire and Security Concern in Biometric Adoption. Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems (CHI '19). Pgs. 151:1--151:12. 2019 (doi) (bib)
  1. Anrin Chakraborti, Adam J. Aviv, Seung Geol Choi, Travis Mayberry, Daniel S. Roche and Radu Sion. rORAM: Efficient Range ORAM with O(log^2 N) Locality. Symposium on the Network and Distributed Systems Security (NDSS'19). 2019 (doi) (bib)
  1. Maximilian Golla, Jan Rimkus, Adam J. Aviv and Markus Duermuth. Work in Progress: On the In-Accuracy and Influence of Android Pattern Strength Meters. Workshop on Usable Security (USEC'19). 2019 (pdf) (doi) (bib)

2018

  1. Flynn Wolf, Adam J. Aviv and Ravi Kuber. "It’s all about the start" classifying eyes-free mobile authentication techniques. Journal of Information Security and Applications. Vol. 41. Pgs. 28 - 40. 2018 (doi) (bib)
  1. Guixin Ye, Zhanyong Tang, Dingyi Fang, Xiaojiang Chen, Willy Wolff, Adam J. Aviv and Zheng Wang. A Video-based Attack for Android Pattern Lock. ACM Transactions on Privacy and Security (TOPS). Vol. 21 (4). Pgs. 19:1--19:31. ACM. 2018 (doi) (bib)
  1. Flynn Wolf, Ravi Kuber and Adam J Aviv. An empirical study examining the perceptions and behaviours of security-conscious users of mobile authentication. Behaviour & Information Technology. Vol. 37 (4). Pgs. 320--334. Taylor & Francis. 2018 (bib)
  1. Adam J. Aviv, Flynn Wolf and Ravi Kuber. Comparing Video Based Shoulder Surfing with Live Simulation. Annual Computer Security Applications Conference (ACSAC'18). 2018 (arxiv) (doi) (bib)
  1. John Sonchack, Oliver Michel, Adam J. Aviv, Eric Keller and Jonathan M. Smith. Scaling Hardware Accelerated Network Monitoring to Concurrent and Dynamic Queries With *Flow. 2018 USENIX Annual Technical Conference (ATC'18). 2018 (bib)
  1. Flynn Wolf, Ravi Kuber and Adam J. Aviv. How Do We Talk Ourselves Into These Things?. Extended Abstracts of the 2018 CHI Conference on Human Factors in Computing Systems (CHI EA '18). Pgs. LBW502:1--LBW502:6. 2018 (doi) (bib)
  1. John Sonchack, Adam J. Aviv, Eric Keller and Jonathan M. Smith. Turboflow: Information Rich Flow Record Generation on Commodity Switches. Proceedings of the Thirteenth EuroSys Conference (EuroSys '18). Pgs. 11:1--11:16. 2018 (doi) (bib)
  1. Adam J Aviv and Ravi Kuber. Towards Understanding Connections between Security/Privacy Attitudes and Unlock Authentication. Workshop on Usable Security (USEC'18). 2018 (arxiv) (doi) (bib)
  1. Flynn Wolf, Adam J. Aviv and Ravi Kuber. Work-In-Progress: Performance of Eyes-Free Mobile Authentication. Workshop on Usable Security (USEC'18). 2018 (doi) (bib)

2017

  1. Adam J Aviv, Ravi Kuber and Devon Budzitowski. Is Bigger Better When It Comes to Android Graphical Pattern Unlock?. IEEE Internet Computing. Vol. 21 (6). Pgs. 46--51. IEEE. 2017 (doi) (bib)
  1. Adam J. Aviv, John T. Davin, Flynn Wolf and Ravi Kuber. Towards Baselines for Shoulder Surfing on Mobile Authentication. Proceedings of the 33rd Annual Computer Security Applications Conference (ACSAC 2017). Pgs. 486--498. 2017 (pdf) (doi) (bib)
  1. Daniel S. Roche, Adam Aviv, Seung Geol Choi and Travis Mayberry. Deterministic, Stash-Free Write-Only ORAM. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS '17). Pgs. 507--521. 2017 (pdf) (doi) (bib)
  1. Adam J. Aviv, Seung Geol Choi, Travis Mayberry and Daniel S. Roche. ObliviSync: Practical Oblivious File Backup and Synchronization. 24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, California, USA, February 26 - March 1, 2017. 2017 (pdf) (bib)

2016

  1. John Sonchack and Adam J Aviv. Exploring large scale security system reproducibility with the LESS simulator. Journal of Computer Security. Vol. 24 (5). Pgs. 645--665. IOS Press. 2016 (bib)
  1. John Sonchack, Anurag Dubey, Adam J. Aviv, Jonathan M. Smith and Eric Keller. Timing-based reconnaissance and defense in software-defined networks. Proceedings of the 32nd Annual Conference on Computer Security Applications, ACSAC 2016, Los Angeles, CA, USA, December 5-9, 2016. Pgs. 89--100. 2016 (pdf) (bib)
  1. Vaishali Narkhede, Karuna P. Joshi, Adam J. Aviv, Seung Geol Choi, Daniel S. Roche and Tim Finin. Managing Cloud Storage Obliviously. 9th IEEE International Conference on Cloud Computing, CLOUD 2016, San Francisco, CA, USA, June 27 - July 2, 2016. Pgs. 990--993. 2016 (doi) (bib)
  1. Daniel S. Roche, Adam J. Aviv and Seung Geol Choi. A Practical Oblivious Map Data Structure with Secure Deletion and History Independence. IEEE Symposium on Security and Privacy, SP 2016, San Jose, CA, USA, May 22-26, 2016. Pgs. 178--197. 2016 (doi) (bib)
  1. Abdullah Ali, Adam J Aviv and Ravi Kuber. Developing and evaluating a gestural and tactile mobile interface to support user authentication. IConference 2016 Proceedings. 2016 (pdf) (bib)
  1. John Sonchack, Jonathan M. Smith, Adam J. Aviv and Eric Keller. Enabling Practical Software-defined Networking Security Applications with OFX. 23rd Annual Network and Distributed System Security Symposium, NDSS 2016, San Diego, California, USA, February 21-24, 2016. 2016 (pdf) (bib)
  1. Adam J. Aviv, Markus Duermuth and Payas Gupta. Position Paper: Measuring the Impact of Al- phabet and Culture on Graphical Passwords. Who Are You?! Adventures in Authentication Workshop (WAY'16). 2016 (bib)
  1. Flynn Wolf, Ravi Kuber and Adam J. Aviv. Preliminary Findings from an Exploratory Qualitative Study of Security-Conscious Users of Mobile Authentication. 2nd Workshop on Security Information Workers (WSIW'16). 2016 (bib)
  1. John Sonchack, Adam J. Aviv and Eric Keller. Timing SDN Control Planes to Infer Network Configurations. Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, SDN-NFV@CODASPY 2016, New Orleans, LA, USA, March 11, 2016. Pgs. 19--22. 2016 (pdf) (doi) (bib)
  1. Adam J Aviv, Justin Maguire and Jeanne Luning Prak. Analyzing the impact of collection methods and demographics for android’s pattern unlock. Workshop on Usable Security (USEC'16). 2016 (pdf) (bib)
  1. Andrew West and Adam J. Aviv. On the Privacy Concerns of URL Query Strings. Workshop on Web 2.0 Security and Privacy. 2016 (pdf) (bib)

2015

  1. John Sonchack, Adam J Aviv and Jonathan M Smith. Cross-domain collaboration for improved IDS rule set selection. Journal of Information Security and Applications. Vol. 24. Pgs. 25--40. Elsevier. 2015 (bib)
  1. Adam J. Aviv, Devon Budzitowski and Ravi Kuber. Is Bigger Better? Comparing User-Generated Passwords on 3x3 vs. 4x4 Grid Sizes for Android's Pattern Unlock. Proceedings of the 31st Annual Computer Security Applications Conference, Los Angeles, CA, USA, December 7-11, 2015. Pgs. 301--310. 2015 (pdf) (doi) (bib)

2014

  1. Adam J Aviv, Matt Blaze, Micah Sherr and Jonathan M Smith. Privacy-aware message exchanges for HumaNets. Computer Communications. Vol. 48. Pgs. 30--43. Elsevier. 2014 (pdf) (bib)
  1. Andrew G West and Adam J Aviv. Measuring Privacy Disclosures in URL Query Strings. IEEE Internet Computing. Vol. 18 (6). Pgs. 52--59. IEEE. 2014 (pdf) (bib)
  1. Adam J. Aviv and Dane Fichter. Understanding visual perceptions of usability and security of Android's graphical password pattern. Proceedings of the 30th Annual Computer Security Applications Conference, ACSAC 2014, New Orleans, LA, USA, December 8-12, 2014. Pgs. 286--295. 2014 (pdf) (doi) (bib)
  1. John Sonchack and Adam J. Aviv. LESS Is More: Host-Agent Based Simulator for Large-Scale Evaluation of Security Systems. Computer Security - ESORICS 2014 - 19th European Symposium on Research in Computer Security, Wroclaw, Poland, September 7-11, 2014. Proceedings, Part II. Pgs. 365--382. 2014 (doi) (bib)

2013

  1. John Sonchack, Adam J Aviv and Jonathan M Smith. Bridging the Data Gap: Data Related Challenges in Evaluating Large Scale Collaborative Security Systems.. 6th Workshop on Cybersecurity Evaluatoin and Testing (CSET'13). 2013 (pdf) (bib)

2012

  1. Adam J Aviv, Vin Mannino, Thanat Owlarn, Seth Shannin, Kevin Xu and Boon Thau Loo. Experiences in teaching an educational user-level operating systems implementation project. ACM SIGOPS Operating Systems Review. Vol. 46 (2). Pgs. 80--86. ACM. 2012 (pdf) (bib)
  1. Adam J. Aviv, Benjamin Sapp, Matt Blaze and Jonathan M. Smith. Practicality of accelerometer side channels on smartphones. 28th Annual Computer Security Applications Conference, ACSAC 2012, Orlando, FL, USA, 3-7 December 2012. Pgs. 41--50. 2012 (pdf) (doi) (bib)
  1. Adam J. Aviv, Micah Sherr, Matt Blaze and Jonathan M. Smith. Privacy-Aware Message Exchanges for Geographically Routed Human Movement Networks. Computer Security - ESORICS 2012 - 17th European Symposium on Research in Computer Security, Pisa, Italy, September 10-12, 2012. Proceedings. Pgs. 181--198. 2012 (doi) (bib)
  1. Side Channels Enabled by Smartphone Interaction. Adam J. Aviv. Thesis Disseration at University of Pennsylvania. 2012 (pdf) (bib)

2011

  1. Adam J Aviv and Andreas Haeberlen. Challenges in experimenting with botnet detection systems. 4th Workshop on Cybersecurity Evaluatoin and Testing (CSET'11). 2011 (pdf) (bib)

2010

  1. Andrew G. West, Adam J. Aviv, Jian Chang and Insup Lee. Spam mitigation using spatio-temporal reputations from blacklist history. Twenty-Sixth Annual Computer Security Applications Conference, ACSAC 2010, Austin, Texas, USA, 6-10 December 2010. Pgs. 161--170. 2010 (pdf) (doi) (bib)
  1. Adam J Aviv, Micah Sherr, Matt Blaze and Jonathan M Smith. Evading cellular data monitoring with human movement networks. 5th USENIX Workhsop on Hot Topics in Security (HotSec'10). Pgs. 1--9. 2010 (bib)
  1. Adam J Aviv, Katherine L Gibson, Evan Mossop, Matt Blaze and Jonathan M Smith. Smudge Attacks on Smartphone Touch Screens.. 4th USENIX Workshop on on Offensive Security (WOOT'10). 2010 (pdf) (bib)
  1. Jason Reed, Adam J. Aviv, Daniel Wagner, Andreas Haeberlen, Benjamin C. Pierce and Jonathan M. Smith. Differential Privacy for Collaborative Security. Proceedings of the Third European Workshop on System Security (EUROSEC '10). Pgs. 1--7. 2010 (doi) (bib)

2009

  1. Andrew G. West, Adam J. Aviv, Jian Chang, Vinayak S. Prabhu, Matt Blaze, Sampath Kannan, Insup Lee, Jonathan M. Smith and Oleg Sokolsky. QuanTM: A Quantitative Trust Management System. Proceedings of the Second European Workshop on System Security (EUROSEC '09). Pgs. 28--35. 2009 (doi) (bib)

2008

  1. Maritza L Johnson, Chaitanya Atreya, Adam J Aviv, Steven M Bellovin and Gail E Kaiser. RUST: A Retargetable Usability Testbed for Web Site Authentication Technologies.. USENIX Workshop on Usability, Psychology and Security (UPSEC'08). 2008 (pdf) (bib)
  1. Adam Aviv, Pavol Cerny, S Clark, y, Eric Cronin, Gaurav Shah, Micah Sherr and Matt Blaze. Security evaluation of ES&S voting machines and election management system. Conference on Electronic voting technology. Pgs. 11. 2008 (pdf) (bib)

2007

  1. Adam J. Aviv, Michael E. Locasto, Shaya Potter and Angelos D. Keromytis. SSARES: Secure Searchable Automated Remote Email Storage. 23rd Annual Computer Security Applications Conference (ACSAC 2007), December 10-14, 2007, Miami Beach, Florida, USA. Pgs. 129--139. 2007 (pdf) (doi) (bib)