Stephen Checkoway

Affiliate Scholar and Research Specialist
Computer Science Department
Oberlin College

Email: stephen.checkoway@oberlin.edu

Research Interests

My primary research interests are in embedded and cyberphysical systems security. Beyond those, I am interested in a number of topics such as tech policy, cryptography, programming languages, and compilers.

I think research is a social activity and I enjoy collaboration.

Research Projects

I have a collection of miscellaneous software I’ve written here.

Recent Papers

  1. Stephen Checkoway, Jacob Maskiewicz, Christina Garman, Joshua Fried, Shaanan Cohney, Matthew Green, Nadia Heninger, Ralf-Philipp Weinmann, Eric Rescorla, and Hovav Shacham. Where Did I Leave My Keys? Lessons from the Juniper Dual EC Incident, Communications of the ACM, vol. 61, no. 11, pp. 148–155, ACM, Oct. 2018. [Details, PDF]
  2. Mohammad Ghasemisharif, Amrutha Ramesh, Stephen Checkoway, Chris Kanich, and Jason Polakis. O Single Sign-Off, Where Art Thou? An Empirical Analysis of Single Sign-On Account Hijacking and Session Management on the Web, in Proceedings of USENIX Security 2018. USENIX, Aug. 2018. [Details, PDF]
  3. Paul D. Martin, David Russel, Malek Ben Salem, Stephen Checkoway, and Avi Rubin. Sentinel: Secure Mode Profiling and Enforcement for Embedded Systems, in Proceedings of the ACM/IEEE International Conference on Internet of Things Design and Implementation, 2018. ACM/IEEE, Apr. 2018.
  4. Stephen Checkoway, Jacob Maskiewicz, Christina Garman, Joshua Fried, Shaanan Cohney, Matthew Green, Nadia Heninger, Ralf-Philipp Weinmann, Eric Rescorla, and Hovav Shacham. A Systematic Analysis of the Juniper Dual EC Incident, in Proceedings of the ACM Conference on Computer and Communications Security 2016, pp. 468–479. ACM Press, Oct. 2016. Best paper award. [Details, PDF]
  5. Michael Rushanan and Stephen Checkoway. Run-DMA, in Proceedings of the USENIX Workshop on Offensive Technologies. USENIX, Aug. 2015. [Details, PDF]
  6. Devin Lundberg, Brown Farinholt, Edward Sullivan, Ryan Mast, Stephen Checkoway, Stefan Savage, Alex C. Snoeren, and Kirill Levchenko. On the Security of Mobile Cockpit Information Systems, in Proceedings of the ACM Conference on Computer and Communication Security 2014. ACM Press, Nov. 2014. [Details, PDF]
  7. Stephen Checkoway, Matthew Fredrikson, Ruben Niederhagen, Adam Everspaugh, Matthew Green, Tanja Lange, Thomas Ristenpart, Daniel J. Bernstein, Jake Maskiewicz, and Hovav Shacham. On the Practical Exploitability of Dual EC in TLS Implementations, in Proceedings of the USENIX Security Symposium 2014. USENIX, Aug. 2014. [Details, PDF]
  8. Caroline Tice, Tom Roeder, Peter Collingbourne, Stephen Checkoway, Úlfar Erlingsson, Luis Lozano, and Geoff Pike. Enforcing Forward-Edge Control-Flow Integrity in GCC & LLVM, in Proceedings of the USENIX Security Symposium 2014. USENIX, Aug. 2014. [Details, PDF]

All of my papers are available and my Google Scholar profile is reasonably up to date.

Teaching

Past teaching at UIC

Past teaching at JHU

Professional Activities

Recent Musings

All of my musings are available.

Education