Publications


Book Chapters


Adam Bates, Devin J. Pohly, and Kevin R. B. Butler.
Secure and Trustworthy Provenance Collection for Digital Forensics.
Digital Fingerprinting (Springer). October 1, 2016.

Journal Publications


Ayoosh Bansal, Anant Kandikuppa, Chien-Ying Chen, Monowar Hasan, Adam Bates and Sibin Mohan.
System Auditing for Real-Time Systems.
ACM Transactions on Privacy and Security. November 13, 2023.

Adam Bates and Wajih Ul Hassan.
Can Data Provenance Put an End to the Data Breach?.
IEEE Security and Privacy Magazine. July 9, 2019.

Deepak Kumar, Riccardo Paccagnella, Paul Murley, Eric Hennenfent, Joshua Mason, Adam Bates, and Michael Bailey.
Emerging Threats in IoT Voice Services.
IEEE Security and Privacy Magazine. July 9, 2019.

Bradley Reaves, Jasmine Bowers, Nolen Scaife, Adam Bates, Arnav Bhartiya, Patrick Traynor, and Kevin R.B. Butler.
Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications.
ACM Transactions on Privacy and Security: Volume 20, Issue 3. August 1, 2017.

Adam Bates, Dave (Jing) Tian, Grant Hernandez, Thomas Moyer, Kevin R. B. Butler, and Trent Jaeger.
Taming the Costs of Trustworthy Provenance through Policy Reduction.
ACM Transactions on Internet Technology (TOIT). September 1, 2017.

Adam Bates, Kevin Butler, Micah Sherr, Clay Shields, Patrick Traynor, and Dan Wallach.
Accountable Wiretapping -or- I Know They Can Hear You Now.
Journal of Computer Security: Volume 23, Issue 2, Pages 167-195. January 1, 2015.

Adam Bates, Ben Mood, Joe Pletcher, Hannah Pruse, Masoud Valafar, and Kevin Butler.
On Detecting Co-Resident Cloud Instances Using Network Flow Watermarking Techniques.
International Journal of Information Security: Volume 13, Issue 2, pg. 171-189. April 1, 2014.

Conference Publications


Apurva Virkud, Muhammad Adil Inam, Andy Riddle, Jason Liu, Gang Wang, and Adam Bates.
How does Endpoint Detection use the MITRE ATT&CK Framework?.
33rd USENIX Security Symposium (Security'24). Philadelphia, PA, USA. August 14, 2024.


Mahmood Sharif, Pubali Datta, Andy Riddle, Kim Westfall, Adam Bates, Vijay Ganti, Matthew Lentz, and David Ott.
DrSec: Flexible Distributed Representations for Efficient Endpoint Security..
45th IEEE Symposium on Security and Privacy (Oakland'24). San Francisco, CA, USA. May 20, 2024.
(acceptance rate=17.8%)

Akul Goyal, Gang Wang, and Adam Bates.
R-CAID: Embedding Root Cause Analysis within Provenance-based Intrusion Detection.
45th IEEE Symposium on Security and Privacy (Oakland'24). San Francisco, CA, USA. May 20, 2024.
(acceptance rate=17.8%)

Isaac Polinsky, Pubali Datta, Adam Bates, and Will Enck.
GRASP: Hardening Serverless Applications through Graph Reachability Analysis of Security Policies.
The Web Conference. Singapore. May 13, 2024.


Yi-Shyuan Chiang, Omar Khan, Adam Bates, and Camille Cobb.
More than just informed: The importance of consent facets in smart homes.
ACM CHI Conference on Human Factors in Computing Systems. Honolulu, HI, USA. May 11, 2024.
(acceptance rate=26.3%)

Phoebe Moh, Pubali Datta, Noel Warford, Adam Bates, Nathan Malkin, and Michelle L. Mazurek.
Characterizing Everyday Misuse of Smart Home Devices.
44th IEEE Symposium on Security and Privacy (Oakland'23). San Francisco, CA, USA. May 22, 2023.
(acceptance rate=17.1%)
Distinguished Paper Award Recipient

Muhammad Adil Inam, Yinfang Chen, Akul Goyal, Jason Liu, Jaron Mink, Noor Michael, Sneha Gaur, Adam Bates, and Wajih Ul Hassan.
SoK: History is a Vast Early Warning System: Auditing the Provenance of System Intrusions.
44th IEEE Symposium on Security and Privacy (Oakland'23). San Francisco, CA, USA. May 22, 2023.
(acceptance rate=17.1%)

Akul Goyal, Xueyuan Han, Gang Wang, and Adam Bates.
Sometimes, You Aren't What You Do: Mimicry Attacks against Provenance Graph Host Intrusion Detection Systems.
30th ISOC Network and Distributed System Security Symposium (NDSS'23). San Diego, CA, USA. February 27, 2023.
(acceptance rate=16.400000000000002%)

Muhammad Adil Inam, Akul Goyal, Jason Liu, Jaron Mink, Noor Michael, Sneha Gaur, Adam Bates, and Wajih Ul Hassan.
FAuST: Striking a Bargain between Forensic Auditing's Security and Throughput.
38th Annual Computer Security Applications Conference (ACSAC'22). Austin, TX, USA. December 5, 2022.
(acceptance rate=25.3%)
Artifacts Evaluated - Functional; Artifacts Available

Ayoosh Bansal, Anant Kandikuppa, Chien-Ying Chen, Monowar Hasan, Adam Bates and Sibin Mohan.
Towards Efficient Auditing for Real-Time Systems.
27th European Symposium on Research in Computer Security (ESORICS'22). Copenhagen, Denmark. September 26, 2022.
(acceptance rate=18.5%)

Joshua Reynolds, Adam Bates and Michael Bailey.
Equivocal URLs: Understanding the Fragmented Space of URL Parser Implementations.
27th European Symposium on Research in Computer Security (ESORICS'22). Copenhagen, Denmark. September 26, 2022.
(acceptance rate=18.5%)
Best Paper Award Recipient

Jason Liu, Anant Kandikuppa, and Adam Bates.
Transparent DIFC: Harnessing Innate Application Event Logging for Fine-Grained Decentralized Information Flow Control.
7th IEEE European Symposium on Security and Privacy (EuroSP'22). Genoa, Italy. June 6, 2022.
(acceptance rate=29.799999999999997%)

Pubali Datta, Isaac Polinsky, Muhammad Adil Inam, Adam Bates, and Will Enck.
ALASTOR: Reconstructing the Provenance of Serverless Intrusions.
31st USENIX Security Symposium (Security'22). Boston, MA, USA. August 10, 2022.
(acceptance rate=17.2%)

Jaron Mink, Amanda Rose Yuile, Uma Pal, Adam Aviv, and Adam Bates.
Users Can Deduce Sensitive Locations Protected by Privacy Zones on Fitness Tracking Apps.
ACM CHI Conference on Human Factors in Computing Systems (CHI'22). New Orleans, LA, USA. April 30, 2022.
(acceptance rate=24.6%)

Muhammad Adil Inam, Wajih Ul Hassan, Ali Ahad, Adam Bates, Rashid Tahir, Tianyin Xu, and Fareed Zaffar.
Forensic Analysis of Configuration-based Attacks.
29th ISOC Network and Distributed System Security Symposium (NDSS'22). San Diego, CA, USA. February 27, 2022.
(acceptance rate=16.2%)

Carter Yagemann, Mohammad Noureddine, Wajih Ul Hassan, Simon Chung, Adam Bates, and Wenke Lee.
Validating the Integrity of Audit Logs Against Execution Repartitioning Attacks.
28th ACM Conference on Computer and Communications Security (CCS'21). Seoul, South Korea. November 15, 2021.
(acceptance rate=22.3%)

Nick Roessler, Lucas Atayde, Imani Palmer, Derrick McKee, Jai Pandey, Vasileios P. Kemerlis, Mathias Payer, Adam Bates, Jonathan M. Smith, Andre DeHon, and Nathan Dautenhahn.
muSCOPE: A Methodology for Analyzing Least-Privilege Compartmentalization in Large Software Artifacts.
24th International Symposium on Research in Attacks, Intrusions and Defenses (RAID'21). Donostia / San Sebastian, Spain. October 6, 2021.
(acceptance rate=23.200000000000003%)

Benjamin E. Ujcich, Samuel Jero, Richard Skowyra, Adam Bates, William H. Sanders, and Hamed Okhravi.
Causal Analysis for Software-Defined Networking Attacks.
30th USENIX Security Symposium (Security'21). The Internet. August 13, 2021.
(acceptance rate=18.8%)

Isaac Polinsky, Pubali Datta, Adam Bates, and Will Enck.
SCIFFS: Enabling Secure Third-Party Security Analytics using Serverless Computing.
ACM Symposium on Access Control Models and Technologies (SACMAT'21). The Internet. June 18, 2021.
(acceptance rate=28.599999999999998%)

Wajih Ul Hassan, Ding Li, Kangkook Jee, Xiao Yu, Kexuan (Klaus) Zou, Dawei Wang, Zhengzhang Chen, Zhichun Li, Junghwan Rhee, Jiaping Gui, and Adam Bates.
This is Why We Can't Cache Nice Things: Lightning-Fast Threat Hunting using Suspicion-Based Hierarchical Storage.
36th Annual Computer Security Applications Conference. The Internet. December 7, 2020.
(acceptance rate=23.200000000000003%)

Noor Michael, Jaron Mink, Jason Liu, Sneha Gaur, Wajih Ul Hassan, and Adam Bates.
On the Forensic Validity of Approximated Audit Logs.
36th Annual Computer Security Applications Conference. The Internet. December 7, 2020.
(acceptance rate=23.200000000000003%)

Arnav Sankaran, Pubali Datta, and Adam Bates.
Workflow Integration Alleviates Identity and Access Management in Serverless Computing.
36th Annual Computer Security Applications Conference. The Internet. December 7, 2020.
(acceptance rate=23.200000000000003%)

Riccardo Paccagnella, Kevin Liao, Dave (Jing) Tian, and Adam Bates.
Logging to the Danger Zone: Race Condition Attacks and Defenses on System Audit Frameworks.
27th ACM Conference on Computer and Communications Security (CCS'20). The Internet. November 9, 2020.
(acceptance rate=16.900000000000002%)

Benjamin E. Ujcich, Adam Bates, and William H. Sanders.
Provenance for Intent-Based Networking.
2020 IEEE Conference on Network Softwarization (NetSoft '20). The Internet. June 29, 2020.


Wajih Ul Hassan, Adam Bates, and Daniel Marino.
Tactical Provenance Analysis for Endpoint Detection and Response Systems.
41st IEEE Symposium on Security and Privacy (Oakland'20). The Internet. May 18, 2020.
(acceptance rate=12.3%)

Pubali Datta, Prabuddha Kumar, Tristan Morris, Michael Grace, Amir Rahmati, and Adam Bates.
Valve: Securing Function Workfows on Serverless Computing Platforms.
The Web Conference (WWW'20). Taipei, Taiwan. April 20, 2020.
(acceptance rate=19.2%)

Riccardo Paccagnella, Pubali Datta, Wajih Ul Hassan, Adam Bates, Christopher Fletcher, Andrew Miller, and Dave Tian.
CUSTOS: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution.
27th ISOC Network and Distributed System Security Symposium (NDSS'20). San Diego, CA, USA. February 23, 2020.
(acceptance rate=17.4%)

Wajih Ul Hassan, Mohammad Ali Noureddine, Pubali Datta, and Adam Bates.
OmegaLog: High-Fidelity Attack Investigation via Transparent Multi-layer Log Analysis.
27th ISOC Network and Distributed System Security Symposium (NDSS'20). San Diego, CA, USA. February 23, 2020.
(acceptance rate=17.4%)

Benjamin E. Ujcich, Samuel Jero, Richard Skowyra, Steven R. Gomez, Adam Bates, William H. Sanders, and Hamed Okhravi.
Automated Discovery of Cross-Plane Event-Based Vulnerabilities in Software-Defined Networking.
27th ISOC Network and Distributed System Security Symposium (NDSS'20). San Diego, CA, USA. February 23, 2020.
(acceptance rate=17.4%)

Xueyuan Han, Thomas Pasquier, Adam Bates, James Mickens, and Margo Seltzer.
UNICORN: Runtime Provenance-Based Detector for Advanced Persistent Threats.
27th ISOC Network and Distributed System Security Symposium (NDSS'20). San Diego, CA, USA. February 23, 2020.
(acceptance rate=17.4%)

Qi Wang, Pubali Datta, Wei Yang, Si Liu, Carl Gunter, and Adam Bates.
Charting the Attack Surface of Trigger-Action IoT Platforms.
26th ACM Conference on Computer and Communications Security (CCS'19). London, UK. November 11, 2019.
(acceptance rate=16.2%)

Wajih Ul Hassan, Shengjian Guo, Ding Li, Zhengzhang Chen, Kangkook Jee, Zhichun Li, and Adam Bates.
NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage.
26th ISOC Network and Distributed System Security Symposium (NDSS'19). San Diego, CA, USA. February 24, 2019.
(acceptance rate=17.1%)

Thomas Pasquier, Xueyuan Han, Thomas Moyer, Adam Bates, Olivier Hermant, David Eyers, Jean Bacon, and Margo Seltzer.
Runtime Analysis of Whole-System Provenance.
25th ACM Conference on Computer and Communications Security (CCS'18). Toronto, Ontario, Canada. October 15, 2018.
(acceptance rate=16.6%)

Benjamin E. Ujcich, Samuel Jero, Anne Edmundson, Qi Wang, Richard Skowyra, James Landry, Willam H. Sanders, Christina Rita-Notaru, and Hamed Okravi.
Cross-App Poisoning in Software-Defined Networking.
25th ACM Conference on Computer and Communications Security (CCS'18). Toronto, Ontario, Canada. October 15, 2018.
(acceptance rate=16.6%)

Wajih Ul Hassan, Saad Hussain, and Adam Bates.
Analysis of Privacy Protections in Fitness Tracking Social Networks -or- You can run, but can you hide?.
27th USENIX Security Symposium (Security'18). Baltimore, MD, USA. August 16, 2018.
(acceptance rate=19.1%)

Deepak Kumar, Riccardo Paccagnella, Paul Murley, Eric Hennenfent, Joshua Mason, Adam Bates, and Michael Bailey.
Skill Squatting Attacks on Amazon Alexa.
27th USENIX Security Symposium (Security'18). Baltimore, MD, USA. August 15, 2018.
(acceptance rate=19.1%)

Tianyuan Liu, Avesta Hojjati, Adam Bates and Klara Nahrstedt.
AliDrone: Enabling Trustworthy Proof-of-Alibi for Commercial Drone Compliance.
38th IEEE International Conference on Distributed Computing Systems (ICDCS'18). Vienna, Austria. July 5, 2018.
(acceptance rate=20.0%)

Dave (Jing) Tian, Nolen Scaife, Deepak Kumar, Michael Bailey, Adam Bates, and Kevin R. B. Butler.
SoK: 'Plug and Pray' Today -- Understanding USB Insecurity in Versions 1 through C.
39th IEEE Symposium on Security and Privacy (Oakland'18). San Francisco, CA, USA. May 23, 2018.
(acceptance rate=11.5%)

Wajih Ul Hassan, Mark Lemay, Nuraini Aguse, Adam Bates, and Thomas Moyer.
Towards Scalable Cluster Auditing through Grammatical Inference over Provenance Graphs.
25th ISOC Network and Distributed System Security Symposium (NDSS'18). San Diego, CA, USA. February 17, 2018.
(acceptance rate=21.0%)

Qi Wang, Wajih Ul Hassan, Adam Bates, and Carl Gunter.
Fear and Logging in the Internet of Things.
25th ISOC Network and Distributed System Security Symposium (NDSS'18). San Diego, CA, USA. February 17, 2018.
(acceptance rate=21.0%)

Benjamin E. Ujcich, Andrew Miller, Adam Bates, and William H. Sanders.
Towards an Accountable Software-Defined Networking Architecture.
3rd IEEE Conference on Network Softwarization. Bologna, Italy. July 4, 2017.
(acceptance rate=20.0%)

Adam Bates, Wajih Ul Hassan, Kevin Butler, Alin Dobra, Bradley Reaves, Patrick Cable, Thomas Moyer,and Nabil Schear.
Transparent Web Service Auditing via Network Provenance Functions .
26th World Wide Web Conference (WWW'17). Perth, Australia. April 6, 2017.
(acceptance rate=17.0%)

Thomas Moyer, Patrick Cable, Karishma Chada, Robert Cunningham, Nabil Schear, Warren Smith, Adam Bates, Kevin Butler, Frank Capobianco, and Trent Jaeger..
Leveraging Data Provenance to Enhance Cyber Resilience.
1st IEEE Cybersecurity Development Conference (SecDev'16). Boston, MA, USA. November 4, 2016.
(acceptance rate=38.6%)

Dave (Jing) Tian, Adam Bates, Kevin R. B. Butler, and Raju Rangaswami.
ProvUSB: Block-level Provenance-Based Data Protection for USB Storage Devices.
23rd ACM Conference on Computer and Communications Security (CCS'16). Vienna, Austria. October 25, 2016.
(acceptance rate=15.299999999999999%)

Dave (Jing) Tian, Nolen Scaife, Adam Bates, Kevin R. B. Butler, and Patrick Traynor.
Making USB Great Again with USBFILTER.
2016 USENIX Security Symposium (Security'16). Austin, TX, USA. August 11, 2016.
(acceptance rate=15.5%)

Dave (Jing) Tian, Adam Bates, and Kevin R.B. Butler.
Defending Against Malicious USB Firmware with GoodUSB.
31st Annual Computer Security Applications Conference (ACSAC'15). Los Angeles, California, USA. December 7, 2015.
(acceptance rate=24.3%)

Adam Bates, Dave Tian, Kevin R.B. Butler, and Thomas Moyer.
Trustworthy Whole-System Provenance for the Linux Kernel.
24th USENIX Security Symposium (Security'15). Washington D.C., USA. August 13, 2015.
(acceptance rate=15.7%)

Bradley Reaves, Nolen Scaife, Adam Bates, Kevin R.B. Butler, and Patrick Traynor.
Mo(bile) Money, Mo(bile) Problems:Analysis of Branchless Banking Applications in the Developing World.
24th USENIX Security Symposium (Security'15). Washington D.C., USA. August 12, 2015.
(acceptance rate=15.7%)

Bradley Reaves, Ethan Shernan, Adam Bates, Hank Carter, and Patrick Traynor.
Boxed Out: Blocking Cellular Interconnect Bypass Fraud at the Network Edge.
24th USENIX Security Symposium (Security'15). Washington D.C., USA. August 14, 2015.
(acceptance rate=15.7%)

Adam Bates, Joe Pletcher, Tyler Nichols, Braden Hollembaek, Jing (Dave) Tian, Abdulrahman Alkhelaifi, and Kevin R.B. Butler.
Securing SSL Certificate Validation through Dynamic Linking.
21st ACM Conference on Computer and Communications Security (CCS'14). Scottsdale, AZ, USA. November 5, 2014.
(acceptance rate=19.400000000000002%)

Adam Bates, Joe Pletcher, Tyler Nichols, Braden Hollembaek, and Kevin R.B. Butler.
Forced Perspectives: Evaluating an SSL Trust Enhancement at Scale.
14th ACM SIGCOMM Conference on Internet Measurement (IMC'14). Vancouver, BC, Canada. November 5, 2014.
(acceptance rate=22.8%)

Adam Bates, Ryan Leonard, Hannah Pruse, Kevin Butler, and Daniel Lowd.
Leveraging USB to Establish Host Identity Using Commodity Devices.
21st ISOC Network and Distributed System Security Symposium (NDSS'14). San Diego, CA, USA. February 25, 2014.
(acceptance rate=18.6%)

Adam Bates, Ben Mood, Masoud Valafar, and Kevin Butler.
Towards Secure Provenance-based Access Control in Cloud Environments.
3rd ACM Conference on Data and Application Security and Privacy (CODASPY'13). San Antonio, TX, USA. February 19, 2013.
(acceptance rate=31.7%)

Adam Bates, Kevin Butler, Micah Sherr, Clay Shields, Patrick Traynor, and Dan Wallach.
Accountable Wiretapping -or- I Know They Can Hear You Now.
19th ISOC Network and Distributed System Security Symposium (NDSS'12). San Diego, CA, USA. February 7, 2012.
(acceptance rate=17.8%)

Workshop Publications


Benjamin E. Ujcich, Adam Bates, and William H. Sanders.
A Provenance Model for the European Union General Data Protection Regulation.
7th International Provenance and Annotation Workshop (IPAW'18).
London, UK. July 9, 2017.

Adam Bates, Kevin R.B. Butler, and Thomas Moyer.
Take Only What You Need:Leveraging Mandatory Access Control Policy to Reduce Provenance Storage Costs.
7th International Workshop on Theory and Practice of Provenance (TaPP'15).
Edinburgh, Scotland. July 9, 2015.

Adam Bates, Kevin Butler, Andreas Haeberlen, Micah Sherr and Wenchao Zhou.
Let SDN Be Your Eyes: Secure Forensics in Data Center Networks.
2014 NDSS Workshop on Security of Emerging Network Technologies (SENT'14).
San Diego, CA, USA. February 23, 2014.

Adam Bates, Ben Mood, Joe Pletcher, Hannah Pruse, Masoud Valafar, and Kevin Butler.
Detecting Co-Residency with Active Traffic Analysis Techniques.
2012 ACM Workshop on Cloud Computing Security (CCSW'12).
Raleigh, NC, USA. October 19, 2012.
(acceptance rate=12.0%)