Stephen Checkoway

Affiliate Scholar
Oberlin College

Email: s@pahtak.org

Research Interests

My primary research interests are in embedded and cyberphysical systems security. Beyond those, I am interested in a number of topics such as tech policy, cryptography, programming languages, and compilers.

I think research is a social activity and I enjoy collaboration.

Research Projects

I have a collection of miscellaneous software I’ve written here.

Recent Papers

  1. Mohammad Ghasemisharif, Amrutha Ramesh, Stephen Checkoway, Chris Kanich, and Jason Polakis. O Single Sign-Off, Where Art Thou? An Empirical Analysis of Single Sign-On Account Hijacking and Session Management on the Web, in Proceedings of USENIX Security 2018. USENIX, Aug. 2018. [Details, PDF]
  2. Paul D. Martin, David Russel, Malek Ben Salem, Stephen Checkoway, and Avi Rubin. Sentinel: Secure Mode Profiling and Enforcement for Embedded Systems, in Proceedings of the ACM/IEEE International Conference on Internet of Things Design and Implementation, 2018. ACM/IEEE, Apr. 2018.
  3. Stephen Checkoway, Jacob Maskiewicz, Christina Garman, Joshua Fried, Shaanan Cohney, Matthew Green, Nadia Heninger, Ralf-Philipp Weinmann, Eric Rescorla, and Hovav Shacham. A Systematic Analysis of the Juniper Dual EC Incident, in Proceedings of the ACM Conference on Computer and Communications Security 2016, pp. 468–479. ACM Press, Oct. 2016. Best paper award. [Details, PDF]
  4. Michael Rushanan and Stephen Checkoway. Run-DMA, in Proceedings of the USENIX Workshop on Offensive Technologies. USENIX, Aug. 2015. [Details, PDF]
  5. Devin Lundberg, Brown Farinholt, Edward Sullivan, Ryan Mast, Stephen Checkoway, Stefan Savage, Alex C. Snoeren, and Kirill Levchenko. On the Security of Mobile Cockpit Information Systems, in Proceedings of the ACM Conference on Computer and Communication Security 2014. ACM Press, Nov. 2014. [Details, PDF]
  6. Caroline Tice, Tom Roeder, Peter Collingbourne, Stephen Checkoway, Úlfar Erlingsson, Luis Lozano, and Geoff Pike. Enforcing Forward-Edge Control-Flow Integrity in GCC & LLVM, in Proceedings of the USENIX Security Symposium 2014. USENIX, Aug. 2014. [Details, PDF]
  7. Matthew Brocker and Stephen Checkoway. iSeeYou: Disabling the MacBook Webcam Indicator LED, in Proceedings of the USENIX Security Symposium 2014. USENIX, Aug. 2014. [Details, PDF]
  8. Keaton Mowery, Eric Wustrow, Tom Wypych, Corey Singleton, Chris Comfort, Eric Rescorla, Stephen Checkoway, J. Alex Halderman, and Hovav Shacham. Security Analysis of a Full-Body Scanner, in Proceedings of the USENIX Security Symposium 2014. USENIX, Aug. 2014. [Details, PDF]

All of my papers are available and my Google Scholar profile is reasonably up to date.

Teaching

Past teaching at UIC

Past teaching at JHU

Professional Activities

Recent Musings

All of my musings are available.

Education