Skip to main content

Rubin, Aviel

Professor
Computer Science

Malone 309
(410) 516-8177
rubin@jhu.edu

Jump to:

News

About

Education
  • Ph.D. 1994, Univ of Michigan Ann Arbor*
  • Master of Science in Engineering 1991, Univ of Michigan Ann Arbor*
  • Bachelor of Science 1989, Univ of Michigan Ann Arbor*
Experience
  • 2014 - Present:  Technical Director, JHUISI
  • 2009 - 2010:  Co-chair, USENIX
  • 2007 - 2008:  Co-chair, IEEE
  • 2006 - 2006:  Co-chair, Financial Cryptography
  • 2005 - 2010:  Director, ACCURATE Center
  • 2003 - Present:  Technical Director, JHUISI
Research Areas
  • Systems and networking security, with special attention to computer privacy
Awards
  • 2011:  Reviewer for Fulbright Awards
  • 2011:  Senior Member of ACM
  • 2010:  Fulbright Fellowship for Sabbatical
  • 2010:  2003 Baltimorean of the Year - Baltimore Magazine - January - 2004.
  • 2010:  2005 Best Student Paper Award at the 14th USENIX Security Symposium - Security Analysis of a Cryptographically-Enabled RFID Device (with Stephen C. Bono - Matthew Green - Ari Juels - Adam Stubblefield - Michael Szydlo).
  • 2009:  Google Research Award of $60 - 000
  • 2008:  Chosen as one of 54 favorite people - places and things in Jewish Baltimore - Baltimore Jewish Times - February 22 - 2008.
  • 2004:  Electronic Frontiers Foundation - Pioneer award
Presentations
  • "Taking Two-Factor to the Next Level: Protecting Online Poker, Banking, Healthcare and Other Applications", Annual Computer Security Applications Conference.  New Orleans, LA.  December 10, 2014
  • "Understanding Computer Security in Today's World", Har Sainai Technology Committee.  Har Sainai synagogue in Owings Mills, MD.  November 11, 2014
  • "Computer Security in the Real World", Wealth Management Conference.  Panama City, PanamA.  September 19, 2014
  • "Security of embedded devices", Pentagon Briefing.  Pentagon building.  January 15, 2014

Publications

Journal Articles
  • Cartagena A, Rimmer G, Van Dalsen T, Watkins L, Robinson WH, Rubin A (2020).  Privacy Violating Opensource Intelligence Threat Evaluation Framework: A Security Assessment Framework for Critical Infrastructure Owners.  2020 10th Annual Computing and Communication Workshop and Conference, CCWC 2020.  494-499.
  • Chavis JS, Buczak A, Rubin A, Watkins LA (2020).  Connected Home Automated Security Monitor (CHASM): Protecting IoT Through Application of Machine Learning.  2020 10th Annual Computing and Communication Workshop and Conference, CCWC 2020.  684-690.
  • Watkins L, Ramos J, Snow G, Vallejo J, Robinson WH, Rubin AD, Ciocco J, Jedrzejewski F, Liu J, Li C (2018).  Exploiting multi-vendor vulnerabilities as back-doors to counter the threat of rogue small unmanned aerial systems.  Proceedings of the 1st ACM MobiHoc Workshop on Mobile IoT Sensing, Security, and Privacy, Mobile IoT SSP 2018.
  • Martin PD, Russell D, Rubin AD, Checkoway S, Salem MB (2018).  Sentinel: Secure mode profiling and enforcement for embedded systems.  Proceedings - ACM/IEEE International Conference on Internet of Things Design and Implementation, IoTDI 2018.  105-116.
  • Kaptchuk G, Green M, Rubin A (2017).  Outsourcing medical dataset analysis: A possible solution.  Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).  10322 LNCS.  98-123.
  • Martin PD, Rushanan M, Tantillo T, Lehmann CU, Rubin AD (2016).  Applications of Secure location sensing in healthcare.  ACM-BCB 2016 - 7th ACM Conference on Bioinformatics, Computational Biology, and Health Informatics.  58-67.
  • Rushanan M, Russell D, Rubin AD (2016).  Mallory worker: Stealthy computation and covert channels using web workers.  Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).  9871 LNCS.  196-211.
  • Rubin AD (2014).  Taking two-factor to the next level: Protecting online poker, banking, healthcare and other applications.  ACM International Conference Proceeding Series.  2014-December(December).  1-5.
  • Rushanan M, Rubin AD, Kune DF, Swanson CM (2014).  SoK: Security and privacy in implantable medical devices and body area networks.  Proceedings - IEEE Symposium on Security and Privacy.  524-539.
  • Garman C, Green M, Miers I, Rubin AD (2014).  Rational zero: Economic security for zerocoin with everlasting anonymity.  Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).  8438.  140-155.
  • Rushanan M, Rubin A, Kune DF, Swanson CM (2014).  SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks.
  • Martin P, Rubin AD, Bhatti R (2013).  Enforcing minimum necessary access in healthcare through integrated audit and access control.  2013 ACM Conference on Bioinformatics, Computational Biology and Biomedical Informatics, ACM-BCB 2013.  946-955.
  • Miers I, Garman C, Green M, Rubin AD (2013).  Zerocoin: Anonymous distributed e-cash from bitcoin.  Proceedings - IEEE Symposium on Security and Privacy.  397-411.
  • Akinyele JA, Garman C, Miers I, Pagano MW, Rushanan M, Green M, Rubin AD (2013).  Charm: A framework for rapidly prototyping cryptosystems.  Journal of Cryptographic Engineering.  3(2).  111-128.
  • Akinyele JA, Pagano MW, Green MD, Lehmann CU, Peterson ZNJ, Rubin AD (2011).  Securing electronic medical records using attribute-based encryption on mobile devices.  Proceedings of the ACM Conference on Computer and Communications Security.  75-86.
  • Gardner RW, Garera S, Rubin AD (2010).  Designing for audit: A voting machine with a tiny TCB.  Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).  6052 LNCS.  312-319.
  • Gardner RW, Garera S, Rubin AD (2009).  Detecting code alteration by creating a temporary memory bottleneck.  IEEE Transactions on Information Forensics and Security.  4(4).  638-650.
  • Blaze M, Ioannidis J, Keromytis AD, Malkin T, Rubin A (2009).  Anonymity in wireless broadcast networks.  International Journal of Network Security.  8(1).  37-51.
  • Rivest RL, Chaum D, Preneel B, Rubin AD, Saari DG, Vora PL (2009).  Guest editorial special issue on electronic voting.  IEEE Transactions on Information Forensics and Security.  4(4).  593-596.
  • Gardner RW, Garera S, Pagano MW, Green M, Rubin AD (2009).  Securing medical records on smart phones.  Proceedings of the ACM Conference on Computer and Communications Security.  31-39.
  • Gardner RW, Garera S, Rubin AD (2009).  Coercion resistant end-to-end voting.  Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).  5628 LNCS.  344-361.
  • Jefferson DR, Rubin AD (2008).  New research results for electronic voting.  IEEE Security and Privacy.  6(3).  12-13.
  • Garera S, Rubin AD (2007).  An independent audit framework for software dependent voting systems.  Proceedings of the ACM Conference on Computer and Communications Security.  256-265.
  • Garera S, Provos N, Chew M, Rubin AD (2007).  A framework for detection and measurement of phishing attacks.  WORM'07 - Proceedings of the 2007 ACM Workshop on Recurring Malcode.  1-8.
  • Qiu SY, McDaniel PD, Monrose F, Rubin AD (2006).  Characterizing address use structure and stability of origin advertisement in inter-domain routing.  Proceedings - International Symposium on Computers and Communications.  489-496.
  • Bono S, Rubin A, Stubblefield A, Green M (2006).  Security through legality.  Communications of the ACM.  49(6).  41-43.
  • Doshi S, Monrose F, Rubin AD (2006).  Efficient memory bound puzzles using pattern databases.  Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).  3989 LNCS.  98-113.
  • Blaze M, Ioannidis J, Keromytis AD, Malkin T, Rubin A (2005).  WAR: Wireless Anonymous Routing.  Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).  3364 LNCS.  218-232.
  • McDaniel P, Rubin AD (2005).  Web security.  Computer Networks.  48(5).  697-699.
  • Peterson ZNJ, Burns R, Herring J, Stubblefield A, Rubin AD (2005).  Secure deletion for a versioning file system.  FAST 2005 - 4th USENIX Conference on File and Storage Technologies.  143-154.
  • Stubblefield A, Rubin AD, Wallach DS (2005).  Managing the performance impact of web security.  Electronic Commerce Research.  5(1).  99-116.
  • Bono SC, Green M, Stubblefield A, Juels A, Rubin AD, Szydlo M (2005).  Security analysis of a cryptographically-enabled RFID device.  14th USENIX Security Symposium.  1-15.
  • Jefferson D, Rubin AD, Simons B, Wagner D (2004).  Analyzing Internet voting security.  Communications of the ACM.  47(10).  59-64.
  • Kohno T, Stubblefield A, Rubin AD, Wallach DS (2004).  Analysis of an electronic voting system.  Proceedings - IEEE Symposium on Security and Privacy.  2004.  27-40.
  • Byers S, Rubin AD, Kormann D (2004).  Defending against an Internet-based attack on the physical world.  ACM Transactions on Internet Technology.  4(3).  239-254.
  • Shim SSY, Gong L, Rubin AD, Gwennap L (2004).  Guest editor's introduction: Securing the high-speed internet.  Computer.  37(6).  33-35.
  • Stubblefield A, Ioannidis J, Rubin AD (2004).  A key recovery attack on the 802.11b wired equivalent privacy protocol (WEP).  ACM Transactions on Information and System Security.  7(2).  319-332.
  • Dill DL, Rubin AD (2004).  Guest Editors' Introduction: E-Voting Security.  IEEE Security and Privacy.  2(1).  22-23.
  • Rubin AD (2003).  Wireless security.  Communications of the ACM.  46(5).  28-30.
  • Rubin AD (2002).  Security considerations for remote electronic voting.  Communications of the ACM.  45(12).  39-44.
  • Byers S, Rubin AD, Kormann D (2002).  Defending against an Internet-based attack on the physical world.  Proceedings of the ACM Conference on Computer and Communications Security.  (WORKSHOP).  11-18.
  • Rubin AD, Wright RN (2002).  Off-line generation of limited-use credit card numbers.  Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).  2339.  196-209.
  • Gerck E, Andrew Neff C, Rivest RL, Rubin AD, Yung M (2002).  The business of electronic voting.  Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).  2339.  243-268.
  • Waldman M, Rubin AD, Faith Cranor L (2001).  The Architecture of Robust Publishing Systems.  ACM Transactions on Internet Technology.  1(2).  199-230.
  • McDaniel P, Rubin A (2001).  A response to “can we eliminate certificate revocation lists?”.  Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).  1962.  245-258.
  • Waldman M, Rubin AD, Cranor LF (2000).  Publius: A robust, tamper-evident, censorship-resistant web publishing system.  Proceedings of the 9th USENIX Security Symposium.
  • Waldman M, Rubin AD, Cranor LF (2000).  Publius: A robust, tamper-evident, censorship-resistant web publishing system.  Proceedings of the 9th USENIX Security Symposium.
  • Monrose F, Rubin AD (2000).  Keystroke dynamics as a biometric for authentication.  Future Generation Computer Systems.  16(4).  351-359.
  • Kormann DP, Rubin AD (2000).  Risks of the passport single signon protocol.  Computer Networks.  33(1).  51-58.
  • Gilmore C, Kormann D, Rubin AD (1999).  Secure remote access to an internal Web server.  IEEE Network.  13(6).  31-37.
  • Jermyn I, Mayer A, Monrose F, Reiter MK, Rubin AD (1999).  The design and analysis of graphical passwords.  8th USENIX Security Symposium.
  • Aiello WA, Rubin AD, Strauss MJ (1999).  Using smartcards to secure a personalized gambling device.  Proceedings of the ACM Conference on Computer and Communications Security.  128-137.
  • Jermyn I, Mayer A, Monrose F, Reiter MK, Rubin AD (1999).  The design and analysis of graphical passwords.  8th USENIX Security Symposium.
  • Jermyn I, Mayer A, Monrose F, Reiter MK, Rubin AD (1999).  The design and analysis of graphical passwords.  8th USENIX Security Symposium.
  • Reiter MK, Rubin AD (1999).  Anonymous web transactions with crowds.  Communications of the ACM.  42(2).  32-38.
  • Rubin AD, Geer DE (1998).  Mobile code security.  IEEE Internet Computing.  2(6).  30-34.
  • Rubin AD, Geer DE (1998).  A survey of web security.  Computer.  31(9).  34-41.
  • Malkhi D, Reiter MK, Rubin AD (1998).  Secure execution of Java applets using a remote playground.  Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy.  40-51.
  • Rubin AD (1997).  An experience teaching a graduate course in cryptography.  Cryptologia.  21(2).  97-109.
  • Rubin AD (1997).  Panel: The security of downloadable executable content: Past, present and future.  Proceedings of the Annual Internet Society (ISOC) Symposium on Network and Distributed System Security.  38.
  • Martin DM, Rajagopalan S, Rubin AD (1997).  Blocking Java applets at the firewall.  Proceedings of the Annual Internet Society (ISOC) Symposium on Network and Distributed System Security.  16-26.
  • Monrose F, Rubin A (1997).  Authentication via keystroke dynamics.  Proceedings of the ACM Conference on Computer and Communications Security.  48-56.
  • Rubin AD (1997).  Extending NCP for protocols using public keys.  Mobile Networks and Applications.  2(3).  227-241.
  • Rubin AD, Boneh D, Fu K (1997).  Revocation of unread E-mail in an untrusted network.  Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).  1270.  62-75.
  • Jaeger T, Prakash A, Rubin AD (1996).  System architecture for flexible control of downloaded executable content.  International Workshop on Object Orientation in Operating Systems - Proceedings.  14-18.
  • Rubin AD (1996).  Independent one-time passwords.  Computing systems.  9(1).  15-27.
  • Jaeger T, Rubin AD, Prakashy A (1996).  Building systems that flexibly control downloaded executable content.  6th USENIX Security Symposium 1996.
  • Jaeger T, Rubin AD, Prakashy A (1996).  Building systems that flexibly control downloaded executable content.  6th USENIX Security Symposium 1996.
  • Jaeger T, Rubin AD (1996).  Preserving integrity in remote file location and retrieval.  Proceedings of Internet Society Symposium on Network and Distributed Systems Security, NDSS 1996.  53-63.
  • Rubin AD (1995).  Extending NCP for protocols using public keys.  Proceedings of the International Conference on Computer Communications and Networks, ICCCN.  94-104.
  • Rubin AD (1995).  Independent one-time passwords.  5th USENIX Security Symposium.
  • Rubin AD (1995).  Trusted distribution of software over the internet.  Proceedings of the Symposium on Network and Distributed System Security, NDSS 1995.  47-53.
  • Rubin AD (1995).  Independent one-time passwords.  5th USENIX Security Symposium.
  • Rubin AD (1995).  Secure distribution of electronic documents in a hostile environment.  Computer Communications.  18(6).  429-434.
  • Rubin AD, Honeyman P (1995).  Nonmonotonic cryptographic protocols.  Proceedings of the Computer Security Foundations Workshop.  100-116.
Book Chapters
  • Gardner R, Garera S, Rubin AD, Rajan A, Rozas CV, Sastry M (2009).  Protecting Patient Records from Unwarranted Access.  Future of Trust in Computing: Proceedings of the First International Conference Future of Trust in Computing 2008: With 58 Illustrations.  122-128.
Other Publications
  • Martin PD, Rushanan M, Checkoway S, Rubin A, Green M (2013).  Classifying Network Protocol Implementation Versions: An OpenSSL Case Study.  Johns Hopkins University Department of Computer Science.  (13-01).
Conference Proceedings
  • Rushanan M, Rubin A, Kuhn DF, Swanson CM (2014).  Security and Privacy in Implantable Medical Devices and Body Area Networks.  IEEE Symposium on Security and Privacy.
  • Garman C, Green M, Miers I, Rubin A (2014).  Rational Zero: Economic Security for Zerocoin with Everlasting Anonymity.  1st Workshop on Bitcoin Research.
  • Rubin A (2014).  Taking two-factor to the next level: protecting online poker, banking, healthcare and other applications.  Proceedings of the 30th Annual Computer Security Applications Conference.  1-5.
Patents
  • "Broadband certified mail", 2018.
  • "Broadband certified mail", 2015.
  • "Method for secure remote backup", 2015.
  • "Broadband certified mail", 2014.
  • "Method and apparatus for connection to virtual private networks for secure transactions", 2014.
  • "Using smartcards to enable probabilistic transactions on an untrusted device", 2013.
  • "Method for secure remote backup", 2013.
  • "Method for secure remote backup", 2012.
  • "Method and apparatus for connection to virtual private networks for secure transactions", 2012.
  • "Method for secure remote backup", 2011.
  • "Broadband certified mail", 2010.
  • "Using smartcards to enable probabilistic transactions on an untrusted device", 2009.
  • "Broadband certified mail", 2008.
  • "Method and apparatus for secure remote access to an internal web server", 2008.
  • "Method for secure remote backup", 2007.
  • "Method for content distribution in a network supporting a security protocol", 2006.
  • "Method and apparatus for enhanced security in a broadband telephony network", 2006.
  • "Broadband certified mail", 2006.
  • "Using smartcards to enable probabilistic transactions on an untrusted device", 2005.
  • "Using smartcards to enable probabilistic transaction on an untrusted device", 2002.
Back to top