Publications and other reports

Glove: A Bespoke Website Fingerprinting Defense
Rishab Nithyanand, Xiang Cai, and Rob Johnson. WPES 2014.
CS-BuFLO: A Congestion Sensitive Website Fingerprinting Defense
Xiang Cai, Rishab Nithyanand, and Rob Johnson. WPES 2014.
A Systematic Approach to Developing and Evaluating Website Fingerprinting Defenses
Xiang Cai, Rishab Nithyanand, Tao Wang, Rob Johnson, and Ian Goldberg. ACM CCS 2014.
Effective Attacks and Provable Defenses for Website Fingerprinting
Tao Wang, Xiang Cai, Rishab Nithyanand, Rob Johnson, and Ian Goldberg. USENIX Security 2014.
Cache-Adaptive Algorithms
Michael A. Bender, Roozbeh Ebrahimi, Jeremy T. Fineman, Golnaz Ghasemiesfeh, Rob Johnson, and Samuel McCauley. SODA 2014.
The Password Allocation Problem: Strategies for Reusing Passwords Effectively
Rishab Nithyanand and Rob Johnson. 2013 Workshop on Privacy in the Electronic Society.
Types and Access Controls for Cross-Domain Security in Flash
Aseem Rastogi, Avik Choudhuri, Rob Johnson. APLAS 2012.
Touching from a Distance: Website Fingerprinting Attacks and Defenses
Xiang Cai, Xin Cheng Zhang, Brijesh Joshi, and Rob Johnson. ACM CCS 2012.
CAWDOR: Compiler-Assisted Worm Defense
Jun Yuan and Rob Johnson. IEEE SCAM 2012.
Don't Thrash: How to Cache your Hash on Flash
Michael Bender, Martin Farach-Colton, Rob Johnson, Russell Kraner, Bradley Kuszmaul, Djzejla Medjedovic, Pablo Montes, Pradeep Shetty, Richard Spillane, Erez Zadok. VLDB 2012. Istanbul, Turkey, August 2012.
PhorceField: A Phish-Proof Password Ceremony
Michael Hart, Claude Castille, Manoj Harpalani, Jonathan Toohill, Rob Johnson. The 27th Annual Computer Security Applications Conference (ACSAC 2011). Orlando, Florida, December 2011.
Don't Thrash: How to Cache your Hash on Flash
Michael Bender, Martin Farach-Colton, Rob Johnson, Bradley Kuszmaul, Djzejla Medjedovic, Pablo Montes, Pradeep Shetty, Richard Spillane, Erez Zadok. The 3rd USENIX Workshop on Hot Topics in Storage and File Systems. Portland, USA, June 2011.
Text Processing for Enterprise Data Loss Prevention
Michael Hart, Partyusa Manadhata, Rob Johnson. The 11th Privacy Enhancing Technologies Symposium. Waterloo, Canada, July 2011.
Language of Vandalism: Improving Wikipedia Vandalism Detection via Stylometric Analysis
Manoj Harpalani, Sandesh Singh, Michael Hart, Rob Johnson and Yejin Choi. The 49th Annual Meeting of the Association for Computational Linguistics: Human Language Technologies. Portland, USA, June 2011.
Homomoprhic Signatures for Digital Photographs (draft)
Rob Johnson, Leif Walsh, Michael Lamb. The Fifteenth International Conference on Financial Cryptography and Data Security, St. Lucia, February 2011.
Implementing a Key Recovery Attack on the High-Bandwidth Digital Content Protection Protocol
Mikhail Rubnich, Andres DelaCruz, Rob Johnson. The 7th IEEE International Workshop on Digital Rights Management Impact on Consumer Communications (DRM 2011), Las Vegas, NV, January 2011.
Prevention and Reaction: Defending Privacy in the Web 2.0 (draft)
Michael Hart and Rob Johnson. W3C Workshop on Privacy and Data Usage Control, Cambridge, MA, October, 2010.
Wiki Vandalysis - Wikipedia Vandalism Analysis
Manoj Harpalani, Thanadit Phumprao, Megha Bassi, Michael Hart, and Rob Johnson. The 4th International Workshop on Uncovering Plagiarism, Authorship, and Social Software Misuse (PAN-10), Padua, Italy, September 2010.
iTag: A Personalized Blog Tagger (draft)
Michael Hart, Rob Johnson, Amanda Stent. ACM Conference on Recommender Systems, New York City, October 2009.
Pre-Patched Software (draft)
Jianing Guo, Jun Yuan, Rob Johnson. USENIX Workshop on Hot Topics in Security, Montreal, Canada, August 2009.
Usable Privacy Controls for Blogs (draft)
Michael Hart, Claude Castille, Rob Johnson, Amanda Stent. IEEE Symposium on Social Intelligence and Networking, Vancouver, Canada, August 2009.
Exploiting Unix File-System Races via Algorithmic Complexity Attacks
Xiang Cai, Yuwei Gui, and Rob Johnson. IEEE Symposium on Security and Privacy, Berkeley, CA, May 2009.
A Practical Mimicry Attack Against Powerful System-Call Monitors
Chetan Parampelli, R. Sekar, and Rob Johnson. ASIACCS, Tokyo, March 2008.
More Content - Less Control: Access Control in the Web 2.0
Michael Hart, Rob Johnson, Amanda Stent. IEEE Web 2.0 Privacy and Security Workshop, Oakland, CA, May 2007.
RICH: Automatically Protecting Against Integer-Based Vulnerabilities
David Brumley, Tzi-cker Chiueh, Robert Johnson, Huijia Lin Dawn Song. Proceedings of the 14th Annual Network & Distributed System Security Symposium, San Diego, CA, February, 2007.
Flow-Insensitive Type Qualifiers
Jeff Foster, Rob Johnson, John Kodumal, Alex Aiken. Transactions on Programming Languages, Vol. 28, Issue 6, pp. 1035-1087, 2006.
Deflation-Secure Web Metering
Rob Johnson, Jessica Staddon. International Journal of Information and Computer Science, Vol. 1(1/2), 2006.
Fixing Races for Fun and Profit: How to abuse atime
Nikita Borisov, Rob Johnson, Naveen Sastry, and David Wagner. Proceedings of the Fourteenth USENIX Security Symposium (USENIX Security 2005), August 2005.
Finding User/Kernel Pointer Bugs With Type Inference
Rob Johnson and David Wagner. 13th USENIX Security Symposium, 2004. The slides (PDF) from the conference talk are available. These slides also have a high-level overview of other CQual features and a tutorial on developing new analyses with CQual.
FAIR: Fair Audience InfeRence
Rob Johnson and Jessica Staddon. 2002 ACM Workshop on Digital Rights Management.
Multiplicative Differentials
Nikita Borisov, Monica Chew, Rob Johnson, and David Wagner. Fast Software Encryption 2002. This paper generalizes the techniques developed in the MultiSwap attack and uses them to attack several other ciphers.
Cryptanalysis of MultiSwap
Nikita Borisov, Monica Chew, and Rob Johnson
A Cryptanalysis of the High-bandwidth Digital Content Protection System
Scott Crosby, Ian Goldberg, Rob Johnson, Dawn Song, and David Wagner. ACM Workshop on Security and Privacy in Digital Rights Management.
Homomorphic Signature Schemes
Robert Johnson, David Molnar, Dawn Song, and David Wagner. RSA 2002, Cryptographer's track.
On Union-closed Families, I
Rob Johnson and Theresa Vaughan, in the Journal of Combinatorial Theory, Series A 85, pp. 112-119.