Computer Security Lab: Rice University

• Distributed and Peer-to-Peer Systems
• Electronic Voting
• Programming Languages and Mobile Code

Distributed and Peer-to-Peer Systems Security

• Scott A. Crosby, Dan S Wallach, An Analysis of BitTorrent’s Two Kademlia-Based DHTs. Technical Report TR07-04, Department of Computer Science, Rice University, May 2007.
• Scott A Crosby, Rudolf H Riedi, and Dan S Wallach, Opportunities and Limits of Remote Timing Attacks. Technical Report TR07-03, Department of Computer Science, Rice University, May 2007.
• Atul Singh, Tsuen-Wan “Johnny” Ngan, Peter Druschel, and Dan S. Wallach, Eclipse Attacks on Overlay Networks: Threats and Defenses, IEEE INFOCOM ‘06, (Barcelona, Spain), April 2006.
• Animesh Nandi, Tsuen-Wan “Johnny” Ngan, Atul Singh, Peter Druschel, and Dan S. Wallach, Scrivener: Providing Incentives in Cooperative Content Distribution Systems, ACM/IFIP/USENIX 6th International Middleware Conference (Middleware 2005), (Grenoble, France), November 2005.
• Seth James Nielson, Scott S. Crosby, and Dan S. Wallach, A Taxonomy of Rational Attacks, Proceedings of the Fourth International Workshop on Peer-to-Peer Systems (IPTPS ‘05), (Ithaca, New York), February, 2005.
• Tsuen-Wan “Johnny” Ngan, Dan S. Wallach, and Peter Druschel, Incentives-Compatible Peer-to-Peer Multicast, 2nd Workshop on Economics of Peer-to-Peer Systems, (Cambridge, Massachusetts), June 2004.
• Tsuen-Wan “Johnny” Ngan, Animesh Nandi, Atul Singh, Dan S. Wallach, and Peter Druschel, Designing Incentives-Compatible Peer-to-Peer Systems, 2nd Bertinoro Workshop on Future Directions in Distributed Computing (FuDiCo 2004), Bertinoro, Italy, June 2004.
• Scott Crosby and Dan S. Wallach, Denial of Service via Algorithmic Complexity Attacks, 12th Usenix Security Symposium (Washington, D.C.), August 2003.
• Tsuen-Wan “Johnny” Ngan, Dan S. Wallach, and Peter Druschel, Enforcing Fair Sharing of Peer-to-Peer Resources, 2nd International Workshop on Peer-to-Peer Systems (IPTPS ‘03) (Berkeley, California), February 2003.
• Miguel Castro, Peter Druschel, Ayalvadi Ganesh, Antony Rowstron, Dan S. Wallach, Security for Peer-to-Peer Routing Overlays. Fifth Symposium on Operating Systems Design and Implementation (OSDI ‘02) (Boston, Massachusetts), December 2002.
• Dan S. Wallach, A Survey of Peer-to-Peer Security Issues, International Symposium on Software Security (Tokyo, Japan), November 2002.
• Cristian Coarfa, Peter Druschel, Dan S. Wallach, Performance Analysis of TLS Web Servers, Network and Distributed Systems Security Symposium (San Diego, California), February 2002.

Electronic Voting Security

• Daniel R. Sandler, Kyle Derr, and Dan S. Wallach. VoteBox: a tamper-evident, verifiable electronic voting system. To appear in Proceedings of the 17th USENIX Security Symposium (USENIX Security ’08), 2008.
• Daniel R. Sandler and Dan S. Wallach. The case for networked remote voting precincts. To appear in Proceedings of the 3rd USENIX/ACCURATE Electronic Voting Technology Workshop (EVT ’08), 2008.
• Daniel R. Sandler, Kyle Derr, Scott Crosby, and Dan S. Wallach. Finding the evidence in tamper-evident logs.
  In Proceedings of the 3rd International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE ’08), 2008.
• Daniel R. Sandler and Dan S. Wallach. Casting Votes in the Auditorium. In Proceedings of the 2nd USENIX/ACCURATE Electronic Voting Technology Workshop (EVT ’07), Boston, MA, 2007. To appear.
• Dan S. Wallach, Testimony for the NIST/EAC Technical Guidelines Development Committee (Gaithersburg, Maryland), September 2004.
• Tadayoshi Kohno, Adam Stubblefield, Aviel D. Rubin, Dan S. Wallach, Analysis of an Electronic Voting System, 2004 IEEE Symposium on Security and Privacy (Oakland, California), May 2004.
• Jonathan Bannet, David W. Price, Algis Rudys, Justin Singer, Dan S. Wallach, Hack-a-Vote: Demonstrating Security Issues with Electronic Voting Systems, IEEE Security & Privacy Magazine, volume 2, number 1, January/February 2004, pp. 32-37. Also reprinted by ComputerUser, March 2004.

Programming Language / Mobile Code Safety and Security

• David W. Price, Algis Rudys, Dan S. Wallach, Garbage Collector Memory Accounting in Language-Based Systems, 2003 IEEE Symposium on Security and Privacy (Oakland, California), May 2003.
• Algis Rudys and Dan S. Wallach, Termination in Language-based Systems, ACM Transactions on Information and System Security, volume 5, number 2, May 2002.
• Dan S. Wallach, Edward W. Felten, Andrew W. Appel, The Security Architecture Formerly Known as Stack Inspection: A Security Mechanism for Language-based Systems, ACM Transactions on Software Engineering and Methodology, volume 9, number 4, October 2000.