SECURITAS
Economic and Applied Security at Harvard

People Research Goals
Michael D. Smith
Stuart E. Schechter
Rachel A. Greenstadt
David J. Malan
  • Develop new metrics for security and privacy
  • Explore new threats to systems
  • Create and analyze new system and data safeguards
  • Create economically informed threat models
  • Develop incentive models for employee's role in securing the organization

About Us

The Securitas research group gathers for lunch at 12:00 P.M. on Wednesdays at the Center for Research on Computation and Society's (CRCS) lunch seminar.


Publications

Implementing Public-Key Infrastructure for Sensor Networks
David J. Malan, Matt Welsh, and Michael D. Smith
ACM Transactions on Sensor Networks
Volume 4, Issue 4. November 2008

Rapid Detection of Botnets through Collaborative Networks of Peers
David J. Malan
Harvard University Doctoral Dissertation
Cambridge, MA. June, 2007

Improving Privacy in Distributed Constraint Optimization
Rachel Greenstadt
Harvard University Doctoral Dissertation
Cambridge, MA. May, 2007

SSDPOP: Improving the Privacy of DCOP with Secret Sharing
Rachel Greenstadt, Barbara Grosz and Michael D. Smith
Proceedings of the 6th International Joint Conference on Autonomous Agents and Multiagent Systems (AAMAS '07)
Honolulu, Hawaii. May 2007.

Data Surveillance: Guest Editors' Introduction
Simson Garfinkel and Michael D. Smith
IEEE Security and Privacy
Volume 4, Number 6. November/December 2006.

Exploiting Temporal Consistency to Reduce False Positives in Host-Based, Collaborative Detection of Worms
David J. Malan and Michael D. Smith
ACM Workshop on Recurring Malcode
Fairfax, Virginia. November 2006.

Analysis of Privacy Loss in Distributed Constraint Optimization
Rachel Greenstadt, Jonathan P. Pearce, and Milind Tambe
Proceedings of the 21st National Conference on Artificial Intelligence (AAAI-06)
Boston, Massachusetts. July 2006.

Privatizing Constraint Optimization
Rachel Greenstadt
Proceedings of the 11th SIGART/AAAI Doctoral Consortium,
in conjunction with the 21st National Conference on Artificial Intelligence (AAAI-06)

Boston, Massachusetts. July 2006.

Collaborative Scheduling: Threats and Promises
Rachel Greenstadt and Michael D. Smith
Proceedings of the 5th Workshop on the Economics of Information Security (WEIS 2006)
Cambridge, United Kingdom. June 2006.

One Big File Is Not Enough: A Critical Evaluation of the Dominant Free-Space Sanitization Technique
Simson L. Garfinkel and David J. Malan
6th Workshop on Privacy Enhancing Technologies
Cambridge, United Kingdom. June 2006.

Experimental Analysis of Privacy Loss in DCOP Algorithms
Rachel Greenstadt, Jonathan P. Pearce, Emma Bowring, and Milind Tambe
Proceedings of the 5th International Joint Conference on Autonomous Agents and Multiagent Systems (AAMAS '06)
Hakodate, Japan. May 2006.

An Experimental Analysis of Privacy Loss in DCOP Algorithms
Rachel Greenstadt, Jonathan P. Pearce, Emma Bowring, and Milind Tambe
Proceedings of the 7th International Workshop in Distributed Constraint Reasoning
Hakodate, Japan. May 2006.

Advanced Forensic Format: An Open, Extensible Format for Disk Imaging
Simson L. Garfinkel, David J. Malan, Karl-Alexander Dubec, Christopher C. Stevens, and Cecile Pham
Second Annual IFIP WG 11.9 International Conference on Digital Forensics
Orlando, Florida. January 2006.

Host-Based Detection of Worms through Peer-to-Peer Cooperation (slides)
David J. Malan and Michael D. Smith
ACM Workshop on Rapid Malcode
Fairfax, Virginia. November 2005.

Protecting Personal Information: Obstacles and Directions
Rachel Greenstadt and Michael D. Smith
Fourth Workshop on Economics of Information Security
Cambridge, MA. June, 2005.

A Public-Key Infrastructure for Key Distribution in TinyOS Based on Elliptic Curve Cryptography (slides)
David J. Malan, Matt Welsh, and Michael D. Smith
First IEEE International Conference on Sensor and Ad hoc Communications and Networks
Santa Clara, CA. October, 2004.

Computer Security Strength & Risk: A Quantitative Approach
Stuart E. Schechter
Harvard University Doctoral Dissertation
Cambridge, MA. May, 2004

Toward Econometric Models of the Security Risk from Remote Attacks
Stuart E. Schechter
The Third Workshop on Economics and Information Security
Minneapolis, MN. May, 2004

Access For Sale: A New Class of Worm
Stuart E. Schechter and Michael D. Smith
The Workshop on Rapid Malcode (WORM 2003)
Washington, DC. October 27, 2003

Trusted Computing, Peer-to-Peer Distribution, and the Economics of Pirated Entertainment
Stuart E. Schechter, Rachel A. Greenstadt, and Michael D. Smith
The Second Workshop on Economics and Information Security
College Park, MD. May, 2003.
Also appears in Economics of Information Security,
edited by L. Jean Camp and Stephen Lewis,
Series: Advances in Information Security, Vol. 12, Springer, 2004.

Why We Can't Be Bothered To Read Privacy Policies: Privacy as a Lemons Market
Tony Vila, Rachel Greenstadt, David Molnar
The Second Workshop on Economics and Information Security
College Park, MD. May, 2003.
Also appears in Economics of Information Security,
edited by L. Jean Camp and Stephen Lewis,
Series: Advances in Information Security, Vol. 12, Springer, 2004.

How Much Security is Enough to Stop a Thief?
Stuart E. Schechter and Michael D. Smith
The Seventh International Financial Cryptography Conference
Gosier, Guadeloupe. January, 2003

How to Buy Better Testing: using competition to get the most security and robustness for your dollar
Stuart E. Schechter
Infrastructure Security Conference
Bristol, UK. October, 2002

Quantitatively Differentiating System Security
Stuart E. Schechter
The First Workshop on Economics and Information Security
Berkeley, CA. May, 2002

Anonymous Authentication of Membership in Dynamic Groups
Stuart E. Schechter, Alexander Hartemink, and Todd Parnell
The Third International Financial Cryptography Conference
Anguilla, BWI. 1999


Funding and Other Support

Securitas research is supported in part by the National Science Foundation under Grant No. CCR-0310877 and by gifts by Microsoft.