Summary

I am a visiting faculty member at the Computer Science Department at Swarthmore College. I received my Ph.D. from the University of Pennsylvania where I was advised by Professors Jonathan M. Smith and Matt Blaze. I have broad research interests, primarily in the area of computer and network security/privacy.

News:

• I'll be serving on the program committee for the USENIX workshop on CyberSecurity Evaluation and Test 2013 (CSET'13); submission due April 25, 2013.
• I presented my paper Practicality of Accelerometer Side-Channels on Smarpthones at ACSAC'12
  (with Ben Sapp, Matt Blaze, and Jonathan M. Smith)
• I presented my paper Privacy-Aware Message Exchange for Geographically Routed Human Movement Networks at ESORICS'12
  (with Micah Sherr, Matt Blaze, and Jonathan M. Smith)
• I started a new job as a Visiting Assistant Professor at Swarthmore College
• I successfully defended my thesis Security Side Channels Enabled by Smartphone User Interaction in July 2012 and deposited October 2012. (update, December 2012, degree is in the mail!)

Teaching Schedule Spring 2013

• CS:43 Computer Networks (Fall 2012)

Research

My research focuses on computer and network security. Recently, I am very interested in the effects of smartphones/tablets on security and privacy, but have published articles on varied security topics, including side-channels, electronic voting, applied cryptography, botnet/intrusion detection, security testing/methodology, and privacy in ad-hoc mobile and geographic routing.

My Ph.D. research covered side channels on smartphones that are enabled by smartphones' handheld and touch oriented user interfaces. A side channel is the unintended leakage of information via a side-effect of a security or input procedure. For example, if I were to just learn the timing of the key presses on a keyboard, I could use that information to determine what you typed. (This is a real side channel!). In my thesis, I investigated the effectiveness of two smartphone-oriented side channels: A smudge attack that leverages residual smudges on the touchscreen surface remaining after user input, and a sensor-based side channel that leverages on-board sensors, particularly the accelerometer sensor, to infer user input based on the subtle shifting of the device that occurs while input is being provided.

Currently, I am expanding and continuing this line of investigation by applying these, and new, side channels to other touch/hand-held devices, such as tablets, as well as developing physical and software based counter measures to the attacks discovered. I am looking for self-motivated and smart students at the undergraduate and graduate level to collaborated on a number of research projects in the domain of security and privacy. Feel free to contact me if you are interested or if you have any questions.

Selected Publications

• Practicality of Accelerometer Side-Channel on Smartphones. Adam J. Aviv, Ben Sapp, Matt Blaze, and Jonathan M. Smith. In the proceedings of the 28th Annual Computer Security Applications Conference (ACSAC'12). December, 2012. (pdf)
• Privacy-Aware Message Exchanges for Geographically Routed Human Movement Networks. Adam J. Aviv, Micah Sherr, Matt Blaze, and Jonathan Smith. Computer Security --- ESORICS 2012. Pgs. 181-198. September, 2012. (LNCS) (pdf)
• Experiences in teaching an educational user-level operating systems implementation project. Adam J. Aviv, Vin Mannino, Thanat Owlarn, Seth Shannin, Kevin Xu, and Boon Thau Loo. SIGOPS Oper. Syst. Rev. 46, 2 (July 2012), 80-86. (acm-dl) ( TR: MS-CIS-12-02 )
• Challenges in Experimenting with Botnet Detection Systems. Adam J. Aviv and Andreas Haeberlen. In the proceedings 4th Workshop on Cyber Security Evaluation and Testing (CSET'11). August 8, 2011. (acm-dl) (pdf)
• Spam Mitigation using Spatio-Temporal Reputation from Blacklist History. Andrew West, Adam J. Aviv, Jian Chang, and Insup Lee. In the proceedings of the 26th Annual Computer Security Application Conference (ACSAC'10). December 6-10, 2010. (pdf)
• Evading Cellular Data Monitoring with Human Movement Networks. Adam J. Aviv, Micah Sherr, Matt Blaze, and Jonathan M. Smith. In proceeding of the 5th Usenix Workshop on Hot Topics in Security (HotSec'10). August 11, 2010. (pdf) (errata)
• Smudge Attacks on Smartphone Touch Screens . Adam J. Aviv, Katherine Gibson, Evan Mossop, Matt Blaze, Jonathan M. Smith. In the proceedings of the 4th Usenix Workshop on Offensive Technogies (WOOT'10). August 10, 2010. (pdf)
• Differential Privacy for Collaborative Security. Jason Reed, Adam J. Aviv, Daniel Wagner, Andreas Haeberlen, Benjamin Pierce, and Jonathan M. Smith. In the proceeding of the 3rd European Workshop on Security (EUROSEC'10). Paris, France. April, 2010. (acm-dl) (pdf)
• QuanTM: A Quantified Trust Management System. Andrew G. West, Adam J. Aviv, Jian Chang, Vinayak S. Prabhu, Matt Blaze, Sampath Kannan, Insup Lee, Jonathan M. Smith, and Oleg Sokolsky. Proceedings of the 2nd European Workshop on System Security (EuroSec'09). pg. 28-35. 31 March 2009. Nuremburg, Germany. (acm-dl) (pdf)
• Security Evaluation of ES&S Voting Machines and Election Management System. Adam Aviv, Pavol Cerny, Sandy Clark, Eric Cronin, Gaurav Shah, Micah Sherr, and Matt Blaze. In proceedings of Usenix EVT '08: Electronic Voting Technology Workshop, July 28-29, 2008. (acm-dl) (usenix) (pdf)
• SSARES : Secure Searchable Automated Remote Email Storage. Adam J. Aviv , Michael E. Locasto, Shaya Potter, and Angelos D. Keromytis. In Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC'07), pp. 129 - 138. December 2007, Miami Beach, FL. (acm-dl) (pdf)