We are the George Washington University/Usable Security and Privacy Lab (GWUSEC). The lab works on problems related to computer security and privacy, with a human centered approach. We are interested in learning why and how users interact, understand, and use/misuse security and privacy tools, and then we design and build better solutions. We are also interested in more general problems related to cybersecurity and privacy. If you want to find out more, please join one of our public activities.
- June 2021 Collins Munyendo, Miles Grant, Philipp Markert, Timothy J. Forman, and Adam J. Aviv have a new paper at SOUPS'21
- June 2021 David G. Balash, Dongkun Kim, Darika Shaibekova, Rahel A. Fainchtein, Micah Sherr, and Adam J. Aviv have a new paper at SOUPS'21
- June 2021 Danil V. Baily, Philipp Markert, and Adam J. Aviv have a new paper at SOUPS'21
- June 2021 Noel Warford, Collins Munyendo, Ashna Mediratta, Adam J. Aviv, and Michelle L. Mazurek have a new paper accepted at USENIX Sec'21
- June 2021 Flynn Wolf, Ravi Kuber, and Adam J. Aviv have a new paper accepted at USENIX Sec'21
- June 2021 Florian Farke, David Balash, Maximilian Golla, Markus, Markus Dürmuth, and Adam J. Aviv have a new paper accepted at USENIX Sec'21
- Apr 2021 Peter Mayer, Yixin Zou, Florian Schaub, and Adam J. Aviv have a new paper accepted at USENIX Sec'21
- Feb 2021 Ian Martiny, Gabriel Kaptchuk, Adam J. Aviv, Daniel S. Roche, and Eric Wustrow have a new paper accepted at NDSS'21
- 2020 News (click to reveal)
Adam J. Aviv
Assist. Prof./Co-Lab Director
(starting Jul, 2021)
Postdoc in abstentia
Xiaoyuan (Owen) Wu
External Lab Collaborations
- PUSH Group: Privacy & Usable Security Human-centered Computing at University of Maryland, Baltimore County (UMD)
- Ravi Kuber
- Hirak Rey
- Flynn Wolf
- Security, Privacy, People lab (SP2) at University of Maryland, College Park (UMD)
- Michelle Mazurek
- Noel Wartford
- Security Privacy Interaction Lab at the University of Michigan (UM)
- Florian Schaub
- Yixin Zou
- Georgetown SecLab
- Micah Sherr
- Rahel Fainchtein
- Tim Forman (USNA/BSE) Now a ENS USN
- James Levy (MS)
The lab has a number of public and private activities. Everyone is welcome at the public events, without invitation. Attending a public event is a great way to meet people in the lab, and potentially getting involved in research.
- Security and Privacy Reading Group
The Security and Privacy Reading Group is a weekly public event where we discuss a recent research article related to security and privacy. A discussion lead will prepare a short presentation that will kick off the discussion. The reading group is also "brown bag lunch" and has a social component.
Tuesdays 1130-1230. Currently meeting virtually (email Prof. Aviv to be added to the mailing list).
- Lab Scrum Meetings
We have regular, scrum-like lab meetings where status updates on all projects are quickly presented. Non collaborators are allowed to attend, by invitation.
Friday 430-500. Currently meeting virtually.
- Social Hour/Lab Open House
Once a month, we have a social hour and lab open house where students, faculty, and prospective collaborators can socialize.
Second Friday of every month from 430-530, during the academic year.
Time/Place TBD as we assess social distancing requirements.
Join the lab!
So, you're interested in computer security and privacy research and you're interested in joining the lab? Great! We are always looking for new collaborators. What actions you should take depends on your background.
- Prospective PhD Students
We are always looking for new PhD students, and if you are applying to grad school and interested in usable security and privacy, please consider GW! Please email Adam Aviv with any inquiries, but be mindful, we may not follow up with everyone. Obvious form emails sent enmass will not receive a response, so please be sure to write a personal email that notes some background about yourself and what kinds of projects you're interested in researching. Do not attach a CV or resume: just let us know who you are and why you want to join the lab.
- GW Undergraduate/Masters Students
If you are a current GW student, either an undergraduate or masters students, the easiest way to get involved in the lab is to attend one of our public events. Participating in reading group or social hour is the fastest way to learn what is happening in the lab, as well as earn an invite to the lab meeting.
You may also email Adam Aviv if you are interested in research project, but you will likely be directed to attend a public event. If you cannot attend a public event, we can arrange other times to meet.
At GWUSEC, we strive to conduct the highest quality academic research that is inclusive, diverse, and impactful. In those pursuits, we are guided by the following principles:
- creativity — we reward creativity in our research, and do not confine or belittle others’ ideas;
- integrity — we value honesty and accuracy in our communications and reports;
- ethics — we consider the ethics of our research methods and treat our subjects with respect, always striving to minimize risk and maximize benefits;
- scientific rigor — we seek academic and scientific rigor in our research efforts to explore subject matters in-depth;
- inclusion — we recognize that that many groups have historically been marginalized in our field, and we strive to find ways to collaborate and partner with individuals across all backgrounds, races, and genders and uplift researchers and professionals who have been unjustly marginalized;
- humility — we are willing to admit when we are wrong, take action to correct mistakes in ourselves, and treat mistakes as learning opportunities;
- compassion — we show compassion to each other by supporting lab members in cases when their physical or mental health, personal life or family situation warrants special consideration;
- justice — we believe in racial justice and oppose discrimination based on age, gender, race, ethnicity, religion, (dis)ability, economic background and nationality, and condemn oppression in any form.
- impact — we are determined to conduct research that is impactful both within the scientific community and broadly for all humanity.
- Collins Munyendo, Miles Grant, Philipp Markert, Timothy J. Forman, and Adam J. Aviv. Using a Blocklist to Improve the Security of User Selection of Android Patterns. 17th Symposium on Usable Security and Privacy (SOUPS '21). Aug 2021.
- David G. Balash, Dongkun Kim, Darika Shaibekova, Rahel A. Fainchtein, Micah Sherr, and Adam J. Aviv. Examining the Examiners: Students' Privacy and Security Perceptions of Online Proctoring Services. 17th Symposium on Usable Security and Privacy (SOUPS '21). Aug 2021. (arxiv)
- Danil V. Baily, Philipp Markert, and Adam J. Aviv. ``I have no idea what they're trying to accomplish:'' Enthusiastic and Casual Signal Users' Understanding of Signal PINs. 17th Symposium on Usable Security and Privacy (SOUPS '21). Aug 2021.
- Flynn Wolf, Adam J. Aviv, and Ravi Kuber. Security Obstacles and Motivationsfor Small Businesses from a CISO’s Perspective. 30th USENIX Security Symposium (USENIX Security 21). USENIX Association. Aug 2021.
- Florian Farke, David G. Balash, Maximilian Golla, Markus Dürmuth, and Adam J. Aviv. Are Privacy Dashboards Good for End Users? Evaluating User Perceptions and Reactions to Google's My Activity. 30th USENIX Security Symposium (USENIX Security 21). USENIX Association. Aug 2021. (arxiv)
- Noel Warford, Collins W. Munyendo, Ashna Mediratta, Adam J. Aviv, and Michelle L. Mazurek. Strategies and Perceived Risks of Sending Sensitive Documents. 30th USENIX Security Symposium (USENIX Security 21). USENIX Association. Aug 2021. (arxiv)
- Peter Mayer, Yixin Zou, Florian Schaub, and Adam J. Aviv. "Now I'm a bit angry:" Individuals' Awareness, Perception, and Responses to Data Breaches that Affected Them. 30th USENIX Security Symposium (USENIX Security 21). USENIX Association. Aug 2021. (pdf)
- Ian Martiny, Gabriel Kaptchuk, Adam J. Aviv, Daniel S. Roche, and Eric Wustrow. Improving Signal’s Sealed Sender. In the proceedings of the 2021 Network and Distributed Systems Symposium. NDSS'21. Feb 2021. (pdf)
- Hirak Ray, Flynn Wolf, Ravi Kuber, Adam J. Aviv. "Warn Them" or "Just Block Them"?: Comparing Privacy Concerns of Older and Working Age Adults. In the proceedings of the Privacy Enhancing Technology Symposium (PoPets'21). Jul. 2021. (pdf)
- Rahel A. Fainchtein, Adam A. Aviv, Micah Sherr, Stephen Ribaudo, and Armaan Khullar. Holes in the Geofence: Privacy Vulnerabilities in “Smart” DNS Services. In the proceedings of the Privacy Enhancing Technology Symposium (PoPets'21). Jul. 2021. (pdf)
- Hirak Ray, Flynn Wolf, Ravi Kuber, Adam J. Aviv. Why Older Adults (Don't) Use Password Managers. In the proceedings of the 2021 USENIX Security Symposium (Sec'21). Aug. 2021. (arxiv) (pdf)
- Timothy J. Forman and Adam J. Aviv. Double Patterns: A Usable Solution to Increase the Security of Android Unlock Patterns. In the proceedings of the 2020 Annual Computer Security Applications Conference (ACSAC'20). Dec. 2020. (arxiv)
- Hassan Khan, Jason Ceci, Jonah Stegman, Adam J. Aviv, Rozita Dara, Ravi Kuber. Widely Reused and Shared, Infrequently Updated, and Sometimes Inherited: A Holistic View of PIN Authentication in Digital Lives and Beyond. In the proceedings of the 2020 Annual Computer Security Applications Conference (ACSAC'20). Dec. 2020. (arxiv)
- Raina Samuel, Philipp Markert, Adam J. Aviv, and Iulian Neamtiu. Knock, Knock. Who's There? On the Security of LG's Knock Codes. 2020 Symposium on Usable Security and Privacy (SOUPS'20). Pgs. 1-24. USENIX. 2020. (arxiv pre-print)
- Philipp Markert, Daniel V. Bailey, Maximillian Golla, Markus Dürmuth, and Adam J. Aviv. This PIN Can Be Easily Guessed: Analyzing the Security of Smartphone Unlock PINs. 2020 IEEE Symposium on Security and Privacy (SP'20). Pgs. 1525-1542. IEEE Computer Society. 2020 (arxiv)
- Timothy J. Forman, Daniel S. Roche, and Adam J. Aviv. Twice as Nice? A Preliminary Evaluation of Double Android Unlock Patterns. Extended Abstracts of the 2020 CHI Conference on Human Factors in Computing Systems. (CHI EA ’20). Pgs. 1–7. Association for Computing Machinery. 2020