Results overview: Found 311 records in 0.01 seconds.
Refereed Journal Papers, 22 records found
Refereed Conference Papers, 105 records found
Books, 3 records found
Theses, 24 records found
Unrefereed Conference Papers, 6 records found
Technical Reports, 38 records found
Talks/Presentations, 88 records found
Posters, 20 records found
Patents, 1 records found
etc, 4 records found
Refereed Journal Papers 22 records found  1 - 10nextend  jump to record:
1. Android users in the wild: Their authentication and usage behavior / Ahmed Mahfouz ; Ildar Muslukhov ; Konstantin Beznosov [LERSSE-RefJnlPaper-2017-002]
In this paper, we performed a longitudinal field study with 41 participants, who installed our monitoring framework on their Android smartphones and ran it for at least 20 days. [...]
Published in A. Mahfouz, I. Muslukhov, K. Beznosov, “Android users in the wild: Their authentication and usage behavior,” Pervasive and Mobile Computing, v. 32, 2016, 50-61.:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
2. Decoupling data-at-rest encryption and smartphone locking with wearable devices / Ildar Muslukhov ; San-Tsai Sun ; Primal Wijesekera ; Yazan Boshmaf ; et al [LERSSE-RefJnlPaper-2017-001]
Smartphones store sensitive and confidential data, e.g., business related documents or emails. [...]
Published in I. Muslukhov, S.-T. Sun, P. Wijesekera, Y. Boshmaf, K. Beznosov, “Decoupling data-at-rest encryption and smartphone locking with wearable devices,” Pervasive and Mobile Computing, v. 32, 2016, 26-34.:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
3. Phishing threat avoidance behaviour: An empirical investigation / Nalin Asanka Gamagedara Arachchilage ; Steve Love ; Konstantin Beznosov [LERSSE-RefJnlPaper-2016-001]
Abstract Phishing is an online identity theft that aims to steal sensitive information such as username, password and online banking details from its victims. [...]
Published in Nalin Asanka Gamagedara Arachchilage, Steve Love, Konstantin Beznosov, Phishing threat avoidance behaviour: An empirical investigation, Computers in Human Behavior, Volume 60, July 2016, Pages 185-197, ISSN 0747-5632:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
4. Heuristics for Evaluating IT Security Management Tools / Pooya Jaferian ; Kirstie Hawkey ; Andreas Sotirakopoulos ; Maria Velez-Rojas ; et al [LERSSE-RefJnlPaper-2013-002]
The usability of IT security management (ITSM) tools is hard to evaluate by regular methods, making heuristic evaluation attractive. [...]
Published in Pooya Jaferian, Kirstie Hawkey, Andreas Sotirakopoulos, Maria Velez-Rojas, Konstantin Beznosov, Heuristics for Evaluating IT Security Management Tools, Accepted in Human–Computer Interaction, doi:10.1080/07370024.2013.819198.:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
5. Investigating Users' Perspectives of Web Single Sign-On: Conceptual Gaps and Acceptance Model / San-Tsai Sun ; Eric Pospisil ; Ildar Muslukhov ; Nuray Dindar ; et al [LERSSE-RefJnlPaper-2013-001]
OpenID and OAuth are open and simple web single sign-on (SSO) protocols that have been adopted by major service providers, and millions of supporting websites. [...]
Published in San-Tsai Sun, Eric Pospisil, Ildar Muslukhov, Nuray Dindar, Kirstie Hawkey, and Konstantin Beznosov. Investigating users' perspectives of web single sign-on: Conceptual gaps and acceptance model. Accepted for publication in ACM Transactions on Internet Technology (TOIT) on June 4th, 2013.:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
6. Speculative Authorization / Pranab Kini ; Konstantin Beznosov [LERSSE-RefJnlPaper-2012-003]
We present Speculative Authorization (SPAN), a prediction technique that reduces authorization latency in enterprise systems. [...]
Published in Pranab Kini, Konstantin Beznosov, "Speculative Authorization," IEEE Transactions on Parallel and Distributed Systems, 10 Aug. 2012.:
Transfer from CDS 0.99.7: Download fulltextPDF;
7. Design and Analysis of a Social Botnet / Yazan Boshmaf ; Ildar Muslukhov ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-RefJnlPaper-2012-002]
Online Social Networks (OSNs) have attracted millions of active users and have become an integral part of today's Web ecosystem. [...]
Published in Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, Matei Ripeanu. Design and Analysis of a Social Botnet. Elsevier Journal of Computer Network - Special Issue on Botnets, 2012.:
Transfer from CDS 0.99.7: Download fulltextPDF;
8. Systematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures / San-Tsai Sun ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefJnlPaper-2012-001]
OpenID 2.0 is a user-centric Web single sign-on protocol with over one billion OpenID-enabled user accounts, and tens of thousands of supporting websites. [...]
Published in San-Tsai Sun, Kirstie Hawkey, and Konstantin Beznosov. Systematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures. Computers & Security, Accepted 7 February 2012.:
Transfer from CDS 0.99.7: Download fulltextPDF;
9. Analysis of ANSI RBAC Support in EJB / Wesam Darwish ; Konstantin Beznosov [LERSSE-RefJnlPaper-2011-001]
This paper analyzes access control mechanisms of the Enterprise Java Beans (EJB) architecture and defines a configuration of the EJB protection system in a more precise and less ambiguous language than the EJB 3.0 standard. [...]
Published in Wesam Darwish and Konstantin Beznosov. Analysis of ANSI RBAC support in EJB. International Journal of Secure Software Engineering, 2(2):25-52, April-June 2011.:
Transfer from CDS 0.99.7: Download fulltextPDF;
10. Toward Understanding Distributed Cognition in IT Security Management: The Role of Cues and Norms / David Botta ; Kasia Muldner ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-RefJnlPaper-2010-002]
Information technology security management (ITSM) entails significant challenges, including the distribution of tasks and stakeholders across the organization, the need for security practitioners to cooperate with others, and technological complexity. [...]
Published in 1. D. Botta, K. Muldner, K. Hawkey, and K. Beznosov, “Toward Understanding Distributed Cognition in IT Security Management: The Role of Cues and Norms,” accepted for publication to the International Journal of Cognition, Technology and Work on 16 / Aug / 2010.:
Transfer from CDS 0.99.7: Download fulltextPDF;

Refereed Journal Papers : 22 records found   1 - 10nextend  jump to record:
Refereed Conference Papers 105 records found  1 - 10nextend  jump to record:
1. Users’ Expectations, Experiences, and Concerns With COVID Alert, an Exposure-Notification App / Yue Huang ; Borke Obada-Obieh ; Satya Lokam ; Konstantin Beznosov [LERSSE-RefConfPaper-2022-005]
We conducted semi-structured interviews with 20 users of Canada’s exposure-notification app, COVID Alert. [...]
Published in Yue Huang, Borke Obada-Obieh, Satya Lokam, and Konstantin Beznosov. 2022. Users’ Expectations, Experiences, and Concerns With COVID Alert, an Exposure-Notification App. Proceeding of ACM Human-Computer Interact. 6, CSCW2, https://doi.org/10.1145/3555770:
Fulltext: Download fulltextPDF;
2. Neither Access nor Control: A Longitudinal Investigation of the Efficacy of User Access-Control Solutions on Smartphones / Masoud Mehrabi Koushki ; Yue Huang ; Julia Rubin ; Konstantin Beznosov [LERSSE-RefConfPaper-2022-004]
The incumbent all-or-nothing model of access control on smartphones has been known to dissatisfy users, due to high overhead (both cognitive and physical) and lack of device-sharing support. [...]
Published in Masoud Mehrabi Koushki, Yue Huang, Julia Rubin, and Konstantin Beznosov. Neither Access nor Control: A Longitudinal Investigation of The Efficacy of User Access Control Solutions on Smartphones. In Proceedings of the 31st USENIX Security Symposium, 2022.:
Fulltext: Download fulltextPDF;
3. Users' Perceptions of Chrome's Compromised Credential Notification / Yue Huang ; Borke Obada-Obieh ; Konstantin Beznosov [LERSSE-RefConfPaper-2022-003]
This paper reports the challenges that users experienced and their concerns regarding the Chrome compromised credentials notification. [...]
Published in Yue Huang, Borke Obada-Obieh, and Konstantin Beznosov, Users' Perceptions of Chrome’s Compromised Credential Notification, In Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022):
Fulltext: Download fulltextPDF;
4. SoK: The Dual Nature of Technology in Sexual Abuse / Borke Obada-Obieh, ; Yue Huang, ; Lucrezia Spagnolo, ; Konstantin Beznosov [LERSSE-RefConfPaper-2022-002]
This paper systematizes and contextualizes the ex- isting body of knowledge on technology’s dual nature regarding sexual abuse: facilitator of it and assistant to its prevention, reporting, and restriction. [...]
Published in Borke Obada-Obieh,Yue Huang, Lucrezia Spagnolo, & Konstantin Beznosov. (2022, May). SoK: The Dual Nature of Technology in Sexual Assault. In Proceedings of the Forty-Third Symposium of the Institute of Electrical and Electronics Engineers, Security and Privacy (IEEE S&P 2022):
Fulltext: Download fulltextPDF;
5. COVID-19 Information-Tracking Solutions: A Qualitative Investigation of the Factors Influencing People’s Adoption Intention / Yue Huang ; Borke Obada-Obieh ; Elissa M. Redmiles ; Satya Lokam ; et al [LERSSE-RefConfPaper-2022-001]
Numerous information-tracking solutions have been implemented worldwide to fight the COVID-19 pandemic. [...]
Published in Yue Huang, Borke Obada-Obieh, Elissa M. Redmiles, Satya Lokam, and Konstantin Beznosov. 2022. COVID 19 Information-Tracking Solutions: A Qualitative Investigation of the Factors Influencing People’s Adoption Intention. In Proceedings of the 2022 ACM SIGIR Conference on Human Information Interaction and Retrieval (CHIIR ’22), March 14–18, 2022, Regensburg, Germany. ACM, New York, NY, USA, 23 pages. https://doi.org/10.1145/3498366.3505756:
Fulltext: Download fulltextPDF;
6. Challenges and Threats of Mass Telecommuting: A Qualitative Study of Workers / Borke Obada-Obieh ; Yue Huang ; Konstantin Beznosov [LERSSE-RefConfPaper-2021-008]
This paper reports the security and privacy challenges and threats that people experience while working from home. [...]
Published in Obada-Obieh, B., Huang, Y., & Beznosov, K. (2021, August). Challenges and Threats of Mass Telecommuting: A Qualitative Study of Workers. In Seventeenth Symposium on Usable Privacy and Security ({SOUPS} 2021) (pp. 675-694).:
Fulltext: Download fulltextPDF;
7. What Makes Security-Related Code Examples Different / Azadeh Mokhberi ; Tiffany Quon ; Konstantin Beznosov [LERSSE-RefConfPaper-2021-007]
Developers relying on code examples (CEs) in software engineering can impact code security. [...]
Published in Azadeh Mokhberi, Tiffany Quon, Konstantin Beznosov. What Makes Security-Related Code Examples Different. In The 7th Workshop on Security Information Workers at SOUPS workshops, 2021.:
Fulltext: Download fulltextPDF;
8. SoK: Human, Organizational, and Technological Dimensions of Developers’ Challenges in Engineering Secure Software / Azadeh Mokhberi ; Konstantin Beznosov [LERSSE-RefConfPaper-2021-006]
Despite all attempts to improve software security, vulnerabilities are still propagated within software. [...]
Published in Azadeh Mokhberi, Konstantin Beznosov. SoK: Human, Organizational, and Technological Dimensions of Developers’ Challenges in Engineering Secure Software. Proceedings of the ACM European Symposium on Usable Security (ACM EuroUSEC'21), 2021:
Fulltext: Download fulltextPDF;
9. Non-Adoption Of Crypto-Assets: Exploring The Role Of Trust, Self-Efficacy, And Risk / Artemij Voskobojnikov ; Svetlana Abramova ; Konstantin Beznosov ; Rainer Böhme [LERSSE-RefConfPaper-2021-005]
Over the last years, crypto-assets have gained significant interest from private investors, academia, and industry. [...]
Published in Voskobojnikov, Artemij; Abramova, Svetlana; Beznosov, Konstantin (Kosta); and Böhme, Rainer, “Non-Adoption of Crypto-Assets: Exploring the Role of Trust, Self-Efficacy, and Risk” (2021). In Proceedings of the 29th European Conference on Information Systems (ECIS), An Online AIS Conference, June 14-16, 2021.:
Fulltext: Download fulltextPDF;
10. Security Notifications in Static Analysis Tools: Developers’ Attitudes, Comprehension, and Ability to Act on Them / Mohammad Tahaei ; Kami Vaniea ; Konstantin Beznosov ; Maria K. Wolters [LERSSE-RefConfPaper-2021-004]
Static analysis tools (SATs) have the potential to assist developers in finding and fixing vulnerabilities in the early stages of software development, requiring them to be able to understand and act on tools’ notifications. [...]
Published in Mohammad Tahaei, Kami Vaniea, Konstantin Beznosov, Maria K. Wolters. Security Notifications in Static Analysis Tools: Developers’ Attitudes, Comprehension, and Ability to Act on Them. Proceedings of the ACM CHI Conference on Human Factors in Computing Systems (ACM CHI'21), 2021:
Fulltext: Download fulltextPDF;

Refereed Conference Papers : 105 records found   1 - 10nextend  jump to record:
Books 3 records found  
1. Mastering Web Services Security / Bret Hartman ; Donald J. Flinn ; Konstantin Beznosov ; Shirley Kawamoto [LERSSE-BOOK-2005-003]
We present material on how to use the architectures and technologies and how to understand the specifications that are available to build a secure Web Services system. [...]
Published in Bret Hartman, Donald J. Flinn, Konstantin Beznosov, Shirley Kawamoto, "Mastering Web Services Security," New York, New York, USA, John Wiley Sons, Inc., ISBN 0-471-26716-3, January, 2003, pp.464. :
Transfer from CDS 0.99.7: Download fulltextPDF;
2. Enterprise Security with EJB™ and CORBA® / Bret Hartman ; Donald J. Flinn ; Konstantin Beznosov [LERSSE-BOOK-2005-002]
This book shows you how to apply enterprise security integration (ESI) to secure your enterprise from end-to-end, using theory, examples, and practical advice. [...]
Published in Bret Hartman, Donald J. Flinn, Konstantin Beznosov, "Enterprise Security with EJB? and CORBA?," New York, New York, USA, John Wiley and Sons, Inc., ISBN 0-471-40131-5, April, 2001, pp.400. :
Transfer from CDS 0.99.7: Download fulltextPDF;
3. Engineering Application-level Access Control in Distributed Systems / Konstantin Beznosov ; Yi Deng [LERSSE-BOOK-2005-001]
This chapter discusses issues of engineering access control solutions in distributed applications for enterprise computing environments. [...]
Published in Konstantin Beznosov, Yi Deng, "Engineering Application-level Access Control in Distributed Systems," in Handbook of Software Engineering And Knowledge Engineering, World Scientific Publishing, vol. 1, ISBN 981-02-4973-X, January, 2002, pp.20. :
Transfer from CDS 0.99.7: Download fulltextPDF;

Theses 24 records found  1 - 10nextend  jump to record:
1. Toward understanding and improving the user experience with smartphone physical security / Masoud Mehrabi Koushki [LERSSE-THESIS-2022-003]
The incumbent physical security system on smartphones is known to dissatisfy users. [...]
Published in Masoud Mehrabi Koushki, "Toward understanding and improving the user experience with smartphone physical security", PhD Dissertation, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, September, 2022:
Fulltext: Download fulltextPDF;
2. Security and privacy challenges of using technology in personal, professional, and involuntary relationships / Borke Obada-Obieh [LERSSE-THESIS-2022-001]
This dissertation reports on the security and privacy challenges of using technology in personal, professional, and involuntary relationships. [...]
Published in Obada-Obieh, B. (2022). Security and privacy challenges of using technology in personal, professional, and involuntary relationships (T). University of British Columbia. Retrieved from https://open.library.ubc.ca/collections/ubctheses/24/items/1.0406667:
Fulltext: Download fulltextPDF;
3. Towards understanding and improving the crypto-asset user experience / Artemij Voskobojnikov [LERSSE-THESIS-2021-001]
The crypto-asset domain has grown substantially over the past years, both in terms of overall market capitalization, available crypto-assets, and the number of users. [...]
Published in Artemij Voskobojnikov, "Towards understanding and improving the crypto-asset user experience", PhD Dissertation, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, August, 2021::
Fulltext: Download fulltextPDF;
4. Privacy on Social Networking Sites Among Canadian Teenagers / Salma Haghighat-Kashani [LERSSE-THESIS-2019-001]
The widespread popularity of social networking sites (SNSs) among teenagers continually raises concerns over their safety among parents, educators, and policy makers. [...]
Published in Salma Haghighat-Kashani, "Privacy on Social Networking Sites Among Canadian Teenagers", MASc Thesis, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, May, 2019:
Fulltext: Download fulltextPDF;
5. Analysis of Data-At-Rest Security In Smartphones / Ildar Muslukhov [LERSSE-THESIS-2018-003]
With almost two billion users worldwide, smartphones are used for almost everything – booking a hotel, ordering a cup of coffee, or paying in a shop. [...]
Published in Ildar Muslukhov, "Analysis of Data-At-Rest Security In Smartphones", PhD Dissertation, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, August, 2018:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
6. Contextual Permission Models for Better Privacy Protection / Primal Wijesekera [LERSSE-THESIS-2018-002]
Despite corporate cyber intrusions attracting all the attention, privacy breaches that we, as ordinary users, should be worried about occur every day without any scrutiny. [...]
Published in Primal Wijesekera, "Contextual Permission Models for Better Privacy Protection", PhD Dissertation, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, June, 2018:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
7. Advancing the Understanding of Android Unlocking and Usage / Lina Qiu [LERSSE-THESIS-2018-001]
Research efforts have been made towards creating mobile authentication systems to better serve users’ concerns regarding usability and security. [...]
Published in Lina Qiu, "Advancing the Understanding of Android Unlocking and Usage", MASc Thesis, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, May, 2018:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
8. Towards understanding how Touch ID impacts users’ authentication secrets selection for iPhone lock. / Ivan Cherapau [LERSSE-THESIS-2015-004]
Smartphones today store large amounts of data that can be confidential, private or sensitive. [...]
Published in LERSSE-THESIS-2015-003:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
9. Security Analysis of Malicious Socialbots on the Web / Yazan Boshmaf [LERSSE-THESIS-2015-002]
The open nature of the Web, online social networks (OSNs) in particular, makes it possible to design socialbots—automation software that controls fake accounts in a target OSN, and has the ability to perform basic activities similar to those of real users. [...]
Published in Yazan Boshmaf, Security Analysis of Malicious Socialbots on the Web, PhD Dissertation, UBC, 2015:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
10. Engineering Access Control For Distributed Enterprise Systems / Konstantin Beznosov [LERSSE-THESIS-2015-001]
Access control (AC) is a necessary defense against a large variety of security attacks on the resources of distributed enterprise applications. [...]
Published in Florida International University, 2000:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);

Theses : 24 records found   1 - 10nextend  jump to record:
Unrefereed Conference Papers 6 records found  
1. Strategies for Monitoring Fake AV Distribution Networks / Onur Komili ; Kyle Zeeuwen ; Matei Ripeanu ; Konstantin Beznosov [LERSSE-UnrefConfPaper-2011-001]
We perform a study of Fake AV networks advertised via search engine optimization. [...]
Published in Onur Komili, Kyle Zeeuwen, Matei Ripeanu, and Konstantin Beznosov. Strategies for Monitoring Fake AV Distribution Networks. In Proceedings of the 21st Virus Bulletin Conference, October 5-7, 2011.:
Transfer from CDS 0.99.7: Download fulltextPDF;
2. Usability Meets Access Control: Challenges and Research Opportunities / Konstantin Beznosov ; Philip Inglesant ; Jorge Lobo ; Rob Reeder ; et al [LERSSE-UnrefConfPaper-2009-005]
This panel discusses specific challenges in the usability of access control technologies and new opportunities for research [...]
Published in Konstantin Beznosov, Philip Inglesant, Jorge Lobo, Rob Reeder, and Mary Ellen Zurko, "Usability Meets Access Control: Challenges and Research Opportunities," in Proceedings of the ACM Symposium on Access Control Models and Aechnologies (SACMAT), Stresa, Italy, ACM, 3-5 June, 2009 :
Transfer from CDS 0.99.7: Download fulltextPDF;
3. Identification of Sources of Failures and Their Propagation in Critical Infrastructures from 12 Years of Public Failure Reports / Hafiz A. Rahman ; Konstantin Beznosov ; Jose R. Martí [LERSSE-UnrefConfPaper-2006-004]
Survival in our society relies on continued services from interdependent critical infrastructures. [...]
Published in Hafiz A. Rahman, Konstantin Beznosov, Jose R. Martí "Identification of Sources of Failures and Their Propagation in Critical Infrastructures from 12 Years of Public Failure Reports," Proceedings of the Third International Conference on Critical Infrastructures, Alexandria, VA, USA, The International Institute for Critical Infrastructures, 24-27 September, 2006, pp.11.:
Transfer from CDS 0.99.7: Download fulltextPDF;
4. Requirements for Access Control: US Healthcare Domain / Konstantin Beznosov [LERSSE-UnrefConfPaper-2005-003]
Roles are important factors in authorization rules. [...]
Published in Konstantin Beznosov, "Requirements for Access Control: US Healthcare Domain," in Proceedings of the Third ACM Workshop on Role-Based Access Control, Fairfax, Virginia, USA, ACM, pp.43: (October, 1998)
Transfer from CDS 0.99.7: Download fulltextPDF;
5. Issues in the Security Architecture of the Computerized Patient Record Enterprise / Konstantin Beznosov [LERSSE-UnrefConfPaper-2005-002]
We discuss issues in CPR enterprise security architecture. [...]
Published in Konstantin Beznosov, "Issues in the Security Architecture of the Computerized Patient Record Enterprise," in Proceedings of the Second Workshop on Distributed Object Computing Security (DOCSec), Baltimore, Maryland, USA, pp.5: (May, 1998)
Transfer from CDS 0.99.7: Download fulltextPDF;
6. Future Direction of Access Control Models, Architectures, and Technologies / Konstantin Beznosov [LERSSE-UnrefConfPaper-2005-001]
The goal of this panel is to explore future directions in the research and practice of Access Control Models, Architectures, and Technologies (ACMAT). [...]
Published in Konstantin Beznosov, "Future Direction of Access Control Models, Architectures, and Technologies," in Proceedings of the Tenth ACM Symposium on Access Control Models and Aechnologies (SACMAT), Stockholm, Sweden, ACM, pp.48-48: (1-3 June, 2005)
Transfer from CDS 0.99.7: Download fulltextPDF;

Technical Reports 38 records found  1 - 10nextend  jump to record:
1. Forecasting Suspicious Account Activity at Large-Scale Online Service Providers / Hassan Halawa ; Matei Ripeanu ; Konstantin Beznosov ; Baris Coskun ; et al [LERSSE-REPORT-2018-001]
In the face of large-scale automated social engineering attacks to large online services, fast detection and remediation of compromised accounts are crucial to limit the spread of new attacks and to mitigate the overall damage to users, companies, and the public at large. [...]
Published in H. Halawa, M. Ripeanu, K. Beznosov, B. Coskun, and M. Liu "Forecasting Suspicious Account Activity at Large-Scale Online Service Providers", published in arXiv https://arxiv.org/abs/1801.08629v1:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
2. Access Review Survey Report / Pooya Jaferian ; Konstantin Beznosov [LERSSE-REPORT-2014-001]
To further understand the state of the practice in access review, and collect quantitative results on how companies perform access review, we conducted a survey of security practitioners [...]
Published in P. Jaferian and K. Beznosov. Access Review Survey Report. Technical Report LERSSE-TR-2014-001, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, May 2014.:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
3. The Socialbot Network: When Bots Socialize for Fame and Money / Yazan Boshmaf ; Ildar Muslukhov ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-REPORT-2012-001]
Online Social Networks (OSNs) have attracted millions of active users and have become an integral part of today's Web ecosystem. [...]
Published in Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, and Matei Ripeanu. The socialbot network: when bots socialize for fame and money. In Proceedings of the 27th Annual Computer Security Applications Conference (ACSAC'11), December 2011:
Transfer from CDS 0.99.7: Download fulltextPDF;
4. Speculative Authorization / Pranab Kini ; Konstantin Beznosov [LERSSE-REPORT-2010-002]
As enterprises aim towards achieving zero latency for their systems, latency introduced by authorization process can act as an obstacle towards achieving their goal. [...]
Published in Pranab Kini and Konstantin Beznosov, "Speculative Authorizaion," Tech. Rep. LERSSE-TR-2010-002, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, December 2010: :
Transfer from CDS 0.99.7: Download fulltextPDF;
5. An RT-based Policy Model for Converged Networks / San-Tsai Sun ; Konstantin Beznosov [LERSSE-REPORT-2010-001]
Technologies advanced in communication devices and wireless networks enable telecommunication network operators to provide rich personalized multimedia services. [...]
Published in San-Tsai Sun and Konstantin Beznosov, "An RT-based Policy Model for Converged Networks," Tech. Rep. LERSSE-TR-2010-001, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, January 2010:
Transfer from CDS 0.99.7: Download fulltextPDF;
6. Support for ANSI RBAC in EJB / Wesam Darwish ; Konstantin Beznosov [LERSSE-REPORT-2009-034]
We analyze access control mechanisms of the Enterprise Java Beans (EJB)architecture and define a configuration of the EJB protection system in a more precise and less ambiguous language than the EJB 3.0 standard. [...]
Published in Wesam Darwish and Konstantin Beznosov. Support for ANSI RBAC in EJB. Technical Report LERSSE-TR-2009-34, accessible from http://lersse-dl.ece.ubc.ca, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, January 21 2009:
Transfer from CDS 0.99.7: Download fulltextPDF;
7. Effectiveness of IT Security Tools in Practice / Fahimeh Raja ; Kasia Muldner ; Konstantin Beznosovz [LERSSE-REPORT-2009-033]
In today's world, IT security plays a critical role in different organizations, yet little is known about IT security in the context of organizations. [...]
Published in Fahimeh Raja, Kasia Muldner, and Konstantin Beznosovz. Effectiveness of it security tools in practice. Technical Report LERSSE-TR-2009-33, University of British Columbia, March 2008.:
Transfer from CDS 0.99.7: Download fulltextPDF;
8. SQLPrevent: Effective Dynamic Protection Against SQL Injection Attacks / San-Tsai Sun ; Konstantin Beznosov [LERSSE-REPORT-2009-032]
This paper presents an approach for retrofitting existing web applications with run-time protection against known as well as unseen SQL injection attacks (SQLIAs). [...]
Published in San-Tsai Sun and Konstantin Beznosov, "SQLPrevent: Effective Dynamic Protection Against SQL Injection Attacks," Tech. Rep. LERSSE-TR-2009-32, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, March 2009:
Transfer from CDS 0.99.7: Download fulltextPDF;
9. A Usability Analysis of Microsoft Windows Vista’s Firewall / Arun Chebium ; Pooya Jaferian ; Nima Kaviani ; Fahimeh Raja [LERSSE-REPORT-2009-031]
The usability of personal firewalls has not received a significant amount of attention in the literature. [...]
Published in Arun Chebium, Pooya Jaferian, Nima Kaviani, Fahimeh Raja, "A Usability Analysis of Microsoft Windows Vista’s Firewall", term project report, CPSC 544, University of British Columbia, Canada, Spring 2007. :
Transfer from CDS 0.99.7: Download fulltextPDF;
10. Usability of Windows Vista Firewall: A Laboratory User Study / Fahimeh Raja ; Robert Boeck ; Ganapathy Viswanathan ; Pouyan Arjmandi [LERSSE-REPORT-2009-030]
In this project we conducted a user study of Microsoft Windows Vista Firewall: a lab study followed by a questionnaire to evaluate the usability of Vista’s personal firewall. [...]
Published in Fahimeh Raja, Robert Boeck, Ganapathy Viswanathan, Pouyan Arjmandi, "Usability of Windows Vista Firewall: A Laboratory User Study", EECE 412 report, University of British Columbia, Canada, Fall 2007 :
Transfer from CDS 0.99.7: Download fulltextPDF;

Technical Reports : 38 records found   1 - 10nextend  jump to record:
Talks/Presentations 88 records found  1 - 10nextend  jump to record:
1. Integro: Leveraging Victim Prediction for Robust Fake Account Detection in OSNs / Yazan Boshmaf ; Dionysios Logothetis ; Georgos Siganos ; Jorge Leria ; et al [LERSSE-PRESENTATION-2015-001]
Detecting fake accounts in online social networks (OSNs) protects OSN operators and their users from various malicious activities. [...]
Published in Boshmaf et al. "Integro: Leveraging Victim Prediction for Robust Fake Account Detection in OSNs" In proceedings the 2015 Network and Distributed System Security Symposium (NDSS'15), San Diego, USA.:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
2. Thwarting fake accounts by predicting their victims / Yazan Boshmaf ; Dionysios Logothetis ; Georgos Siganos ; Matei Ripeanu ; et al [LERSSE-PRESENTATION-2014-001]
Traditional fake account detection systems employed by today's online social networks rely on either features extracted from user activities, or ranks computed from the underlying social graph. [...]
Published in Boshmaf et al. Thwarting fake accounts by predicting their victims. Invited talk at AAAI 2014 Spring Symposia, Social Hacking and Cognitive Security on the Internet and New Media, Stanford, CA, March, 2014.:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
3. Security and Privacy in Online Social Networks / Konstantin Beznosov [LERSSE-PRESENTATION-2013-001]
Facebook has more monthly active users than almost any nation in the world. [...]
Published in Konstantin Beznosov, "Security and Privacy in Online Social Networks," Presentation, 2013, 81p.:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
4. Key Challenges in Defending Against Malicious Socialbots / Yazan Boshmaf ; Ildar Muslukhov ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-PRESENTATION-2012-001]
The ease with which we adopt online personas and relationships has created a soft spot that cyber criminals are willing to exploit. [...]
Published in Usenix 5th Workshop on Large-scale Exploits and Emerging Threats (LEET'12), San Jose, CA, USA.:
Transfer from CDS 0.99.7: Download fulltextPDF;
5. Automated Social Engineering Attacks in OSNs / Yazan Boshmaf ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-PRESENTATION-2011-003]
In this presentation, we outline the latest automated social engineering attacks in Online Social Networks (OSNs) such as Facebook [...]
Published in Yazan Boshmaf, Konstantin Beznosov, and Matei Ripeanu. Automated social engineering attacks in OSNs. The Office of the Privacy Commissioner of Canada (Ottawa), May 2010:
Transfer from CDS 0.99.7: Download fulltextPPT;
6. Password Managers, Single Sign-On, Federated ID: Have users signed up? / Konstantin Beznosov [LERSSE-PRESENTATION-2011-002]
Users have not signed up for OpenId. [...]
Published in Konstantin Beznosov, "Password Managers, Single Sign-On, Federated ID: Have users signed up?," panel presentation given at "Workshop on The Future of User Authentication and Authorization on the Web: Challenges in Current Practice, New Threats, and Research Directions," 4 March 2011, 23 pages.:
Transfer from CDS 0.99.7: Download fulltextPDF;
7. Is OpenID too Open? Technical, Business, and Human Issues That Get in the Way of OpenID and Ways of Addressing Them / San-Tsai Sun ; Konstantin Beznosov [LERSSE-PRESENTATION-2011-001]
The web is essential for business and personal activities well beyond information retrieval, such online banking, financial transactions, and payment authorization, but reliable user authentication remains a challenge. [...]
Published in San-Tsai Sun and Konstantin Beznosov, "Is OpenID too Open? Technical, Business, and Human Issues That Get in the Way of OpenID and Ways of Addressing Them," presented at Eurecom, February 24, 2011. 57 pages.:
Transfer from CDS 0.99.7: Download fulltextPDF;
8. OpenID Security Analysis and Evaluation / San-Tsai Sun ; Konstantin Beznosov [LERSSE-PRESENTATION-2010-002]
OpenID is a promising user-centric Web single sign-on protocol. [...]
Published in San-Tsai Sun and Konstantin Beznosov, "OpenID Security Analysis and Evaluation," presented at the OWASP Chapter Meeting, Vancouver, Canada, October 21th 2010:
Transfer from CDS 0.99.7: Download fulltextPDF;
9. Open problems in Web 2.0 user content sharing / San-Tsai Sun ; Konstantin Beznosov [LERSSE-PRESENTATION-2010-001]
Users need useful mechanisms for sharing their Web 2.0 content with each other in a controlled manner across boundaries of content-hosting and service providers (CSPs). [...]
Published in San-Tsai Sun and Konstantin Beznosov, "Open problems in Web 2.0 user content sharing," presented at the iNetSec Workshop, Zurich, Switzerland, April 23th 2009, 44 pages.:
Transfer from CDS 0.99.7: Download fulltextPDF;
10. Security Research Advances in 2009 / Konstantin Beznosov [LERSSE-PRESENTATION-2009-083]
This presentation reviews latest scientific conference reports on the cutting edge research in computer security. [...]
Published in Konstantin Beznosov, "Security Research Advances in 2009," presented at Vancouver International Security Conference, November 30-December 1, 2009, 56 pages.:
Transfer from CDS 0.99.7: Download fulltextPDF;

Talks/Presentations : 88 records found   1 - 10nextend  jump to record:
Posters 20 records found  1 - 10next  jump to record:
1. Augur: Aiding Malware Detection Using Large-Scale Machine Learning / Yazan Boshmaf ; Matei Ripeanu ; Konstantin Beznosov ; Kyle Zeeuwen ; et al [LERSSE-POSTER-2012-001]
We present Augur: a large-scale machine learning system that uses malware static and dynamic analyses to predict the maliciousness of new files. [...]
Published in Yazan Boshmaf, Matei Ripeanu, Konstantin Beznosov, Kyle Zeeuwen, David Cornell, Dmitry Samosseiko. Augur: Aiding Malware Detection Using Large-Scale Machine Learning. At the Poster Session of the 21st Usenix Security Symposium, Bellevue, WA, 2012:
Transfer from CDS 0.99.7: Download fulltextPDF;
2. [POSTER] The Socialbot Network: When Bots Socialize for Fame and Money / Yazan Boshmaf ; Ildar Muslukhov ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-POSTER-2011-002]
Online Social Networks (OSNs) have become an integral part of today's Web. [...]
Published in Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, and Matei Ripeanu. The socialbot network: when bots socialize for fame and money. In the Poster Session of the 20th USENIX Conference on Security (SEC'11), August 2011.:
Transfer from CDS 0.99.7: Download fulltextPDF;
3. Promoting A Physical Security Mental Model For Personal Firewall Warnings / Fahimeh Raja ; Kirstie Hawkey ; Steven Hsu ; Kai-Le Clement Wang ; et al [LERSSE-POSTER-2011-001]
We used an iterative process to design personal firewall warnings in which the functionality of a firewall is visualized based on a physical security mental model. [...]
Published in Fahimeh Raja, Kirstie Hawkey, Steven Hsu, Kai-Le Clement Wang, and Konstantin Beznosov. Promoting A Physical Security Mental Model For Personal Firewall Warnings. In Proceedings of the 29th International Conference Extended Abstracts on Human Factors in Computing Systems (Vancouver, BC, Canada, 2011). ACM, New York, NY, 6 pages.:
Transfer from CDS 0.99.7: Download fulltextPDF;
4. Expectations, Perceptions, and Misconceptions of Personal Firewalls / Fahimeh Raja ; Kirstie Hawkey ; Pooya Jaferian ; Konstantin Beznosov ; et al [LERSSE-POSTER-2010-007]
In this research, our goal is to better understand users' knowledge, expectations, perceptions, and misconceptions of personal firewalls. [...]
Published in Raja, F., Jaferian, P., Hawkey, K., Beznosov, K., Booth, K. 2009. Expectations, Perceptions, and Misconceptions of Personal Firewalls. In Proceedings of the 6th Symposium on Usable Privacy and Security (Redmond, WA, July 14 - 16, 2010). SOUPS '10. ACM, New York, NY, 1-2.:
Transfer from CDS 0.99.7: Download fulltextPDF;
5. Poster: OpenIDemail Enabled Browser, Towards Fixing the Broken Web Single Sign-On Triangle / San-Tsai Sun ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-POSTER-2010-006]
Current Web single sign-on (SSO) solutions impose a cognitive burden on web users and do not provide content-hosting and service providers (CSPs) with sufficient incentives to become relying parties (RPs). [...]
Published in San-Tsai Sun, Kirstie Hawkey, and Konstantin Beznosov. Poster: Openidemail enabled browser, towards fixing the broken web single sign-on triangl. poster at the SOUPS 2009, July 13th 2010.:
Transfer from CDS 0.99.7: Download fulltextPDF;
6. Poster: Validating and Extending a Study on the Effectiveness of SSL Warnings / Andreas Sotirakopoulos ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-POSTER-2010-005]
We recently replicated and extended a 2009 study that investigated the effectiveness of SSL warnings. [...]
Published in A. Sotirakopoulos, K. Hawkey, and K. Beznosov. Poster: Validating and extending a study on the effectiveness of ssl warnings. Poster at Symposium on Usable Privacy and Security, 2010.:
Transfer from CDS 0.99.7: Download fulltextPDF;
7. Investigating User Account Control Practices / Sara Motiee ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-POSTER-2010-004]
Non-administrator user accounts and the user account control (UAC) approach of Windows Vista are two practical solutions to limit the damage of malware infection [...]
Published in Sara Motiee, Kirstie Hawkey and Konstantin Beznosov. Investigating User Account Control Practices. In Proceedings of the 28th international Conference Extended Abstracts on Human Factors in Computing Systems (Atlanta, GA, USA, April 10 - 15, 2010). ACM, New York, NY, 6 pages.:
Transfer from CDS 0.99.7: Download fulltextPDF;
8. Investigating an Appropriate Design for Personal Firewalls / Fahimeh Raja ; Kirstie Hawkey ; Konstantin Beznosov ; Kellogg S. Booth [LERSSE-POSTER-2010-003]
Personal firewalls are an important aspect of security for home computer users, but little attention has been given to their usability. [...]
Published in Fahimeh Raja, Kirstie Hawkey, Konstantin Beznosov, and Kellogg S. Booth. Investigating an Appropriate Design for Personal Firewalls. In Proceedings of the 28th international Conference Extended Abstracts on Human Factors in Computing Systems (Atlanta, GA, USA, April 10 - 15, 2010). ACM, New York, NY, 6 pages.:
Transfer from CDS 0.99.7: Download fulltextPDF;
9. Poster: OpenIDemail Enabled Browser / San-Tsai Sun ; Konstantin Beznosov [LERSSE-POSTER-2010-002]
Today's Web is site-centric. [...]
Published in San-Tsai Sun and Konstantin Beznosov. Poster: OpenIDemail Enabled Browser. In the poster session of the 25th Annual Computer Security Applications Conference (ACSAC), December 2009:
Transfer from CDS 0.99.7: Download fulltextPDF;
10. Towards Developing Usability Heuristics for Evaluation of IT Security Management (ITSM) Tools / Pooya Jaferian ; David Botta ; Kirstie Hawkey ; Konstantin Beznosov [LERSSE-POSTER-2009-010]
Evaluating the usability of specific information technology (IT) security tools is challenging. [...]
Published in Pooya Jaferian, David Botta, Kirstie Hawkey, Konstantin Beznosov, Towards Developing Usability Heuristics for Evaluation of IT Security Management (ITSM) Tools. Poster at CHIMIT 2009, Baltimore, MD, 2009.:
Transfer from CDS 0.99.7: Download fulltextPDF;

Posters : 20 records found   1 - 10next  jump to record:
Patents 1 records found  
1. Method and System for Authorization and Access to Protected Resources / Konstantin Beznoso ; Jennifer Carter ; James Mwaura ; Hieu Nguyen [LERSSE-PATENT-2005-001]
The present invention relates to the access of data resources using a Resource Access Decision Facility (RAD), preferably a CORBA RAD. [...]
Published in Konstantin Beznosov, Jennifer Carter, James Mwaura, Hieu Nguyen, "Method and System for Authorization and Access to Protected Resources," Sprint Communications Company L.P., United States Application Serial Number 10/132,838, 25 April, 2002.:
Transfer from CDS 0.99.7: Download fulltextPDF;

etc 4 records found  
1. Dynamically Regulating Mobile Application Permissions / Primal Wijesekera ; Arjun Baokar ; Lynn Tsai ; Joel Reardon ; et al [LERSSE-etc-2018-001]
Current smartphone operating systems employ permission systems to regulate how apps access sensitive resources. [...]
Published in P. Wijesekera et al., "Dynamically Regulating Mobile Application Permissions," in IEEE Security & Privacy, vol. 16, no. 1, pp. 64-71, January/February 2018. doi: 10.1109/MSP.2018.1331031 keywords: {Computer security;Medical devices;Mobile communication;Privacy;Smart phones;IEEE Symposium on Security and Privacy;machine learning;mobile privacy;permission systems;security}, URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8283440&isnumber=8283426:
Fulltext: Download fulltextPDF Download fulltextPDF (PDFA);
2. The Socialbot Network: Are Social Botnets Possible? / Yazan Boshmaf ; Ildar Muslukhov ; Konstantin Beznosov ; Matei Ripeanu [LERSSE-etc-2012-001]
In this invited piece at the ACM Interactions Magazine, we briefly describe our research into the use, impact, and implications of socialbots on Facebook..
Published in Article by Tim Hwang, Ian Pearce, and Max Nanis. Socialbots: voices from the fronts. In ACM Interactions 19, 2 (March 2012). Piece by Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, Matei Ripeanu. The Socialbot Network: Are Social Botnets Possible?:
Transfer from CDS 0.99.7: Download fulltextPDF;
3. Perforce Installation Guide / Qiang Wei [LERSSE-etc-2006-002]
This document provides a simple guide on how to install perforce in Windows platform..
Published in Qiang Wei, "Perforce Installation Guide," Lersse, 2006.:
Transfer from CDS 0.99.7: Download fulltextPDF;
4. Summary of the HOT Admin Proposal / Konstantin Beznosov ; Sidney Fels ; Brian Fisher ; Lee Iverson [LERSSE-etc-2006-001]
Published in Konstantin Beznosov, Sidney Fels, Brian Fisher, Lee Iverson, "Summary of the HOT Admin Proposal," December 2005, pp. 2.:
Transfer from CDS 0.99.7: Download fulltextPDF;

Interested in being notified about new results for this query?
Subscribe to the RSS feed.