Stephen McLaughlin's Publications

Journal

Automated PLC Code Analytics for Detection of Industrial Control Malware (To Appear.)
Saman Zonouz, Julian Rrushi, and Stephen McLaughlinStephen McLaughlin
IEEE Security & Privacy Magazine.

A Multi-Sensor Intrusion and Energy Theft Detection Framework for Advanced Metering Infrastructures (To Appear.)
Stephen McLaughlin, Brett Holbert, Ahmed Fawaz, Robin Berthier, and Saman Zonouz
IEEE Selected Areas in Communications.

Semantically Rich Application-Centric Security in Android

Security and Communication Networks, 2012.

New Security Architectures Based on Emerging Disk Functionality

IEEE Security and Privacy Magazine, 2010.

Conference

Scopol: Controller-Aware False Data Injection Against Programmable Logic Controllers

Proc. IEEE SmartGridComm 2014

Covert Channel Communication Through Physical Interdependencies in Cyber-Physical Infrastructures

Proc. IEEE SmartGridComm 2014

A Trusted Safety Verifier for Process Controller Code

Proc. ISOC Network and Distributed Systems Security Symposium (NDSS 2014).

CPS:Stateful Policy Enforcement for Control System Device Usage

Proc. 29th Annual Computer Security Applications Conference (ACSAC 2013) CPS Track

Hi-Fi: Collecting High-Fidelity Whole-System Provenance

Proc. 28th Annual Computer Security Applications Conference (ACSAC 2012)

AMIDS: A Multi-Sensor Energy Theft Detection Framework for Advanced Metering Infrastructures.

Proc. Third IEEE International Conference on Smart Grid Communications (SmartGridComm 2012).

SABOT: Specification-based Payload Generation for Programmable Logic Controllers

Proc. 19th ACM Conference on Computer and Communications Security (CCS 2012).

Minimizing Private Data Disclosures in the Smart Grid

Proc. 19th ACM Conference on Computer and Communications Security (CCS 2012).

Protecting Consumer Privacy from Electric Load Monitoring

Proc. 18th ACM Conference on Computer and Communications Security (CCS 2011).

Multi-vendor Penetration Testing in the Advanced Metering Infrastructure

Proc. 26th Annual Computer Security Applications Conference (ACSAC 2010).

Kells: A Protection Framework for Portable Data

Proc. 26th Annual Computer Security Applications Conference (ACSAC 2010).

Disk-Enabled Authenticated Encryption

Proc. 26th IEEE Symposium on Massive Storage Systems and Technologies (MSST 2010).

Semantically Rich Application-Centric Security in Android (Best paper)

Proc. 25th Annual Computer Security Applications Conference (ACSAC 2009).

New Side Channel Attacks Targeting Passwords

Proc. 24th Annual Computer Security Applications Conference (ACSAC 2008).

Rootkit Resistant Disks

Proc. 15th ACM Conference on Computer and Communications Security (CCS 2008).

Workshop

On Dynamic Malware Payloads Aimed at Programmable Logic Controllers

Proc. 6th USENIX Workshop on Hot Topics in Security (HotSec 2011).

Embedded Firmware Diversity for Smart Electric Meters

Proc. of the 5th USENIX Workshop on Hot Topics in Security (HotSec 2010).

Towards a Secure and Efficient System for End-to-End Provenance

Proc. 2nd USENIX Workshop on the Theory and Practice of Provenance (TAPP 2010).

Energy Theft in the Advanced Metering Infrastructure

Proc. 4th International Workshop on Critical Information Infrastructure Security (CRITIS 2009).

Systemic Issues in the Hart InterCivic and Premier Voting Systems: Reflections Following Project EVEREST

Proc. 2008 USENIX/ACCURATE Electronic Voting Technology Workshop (EVT 2008).

Non-Volatile Memory and Disks: Avenues for Policy Architectures

Proc. 1st Computer Security Architecture Workshop (CSAW 2007).