Dongwan Shin, Ph.D. Associate Professor Computer Science and Engineering New Mexico Tech Phone... 575-835-6459 (voice), 575-835-5587 (fax) Email... Director, Secure Computing Laboratory Faculty Advisor, NMT ACM Student Chapter Faculty Researcher, Institute for Complex Additive Systems Analysis

Teaching: Graduate courses CSE589-1 Access Control and System Security (spring06, spring08, spring10, spring12) CSE589-2 Cloud Computing and Applications (spring09, spring11, spring13) CSE589-3 Advanced Computer Security (spring07) CSE589-4/CS441/IT441 Cryptography and Applications (fall05, fall06, fall07, fall08, fall10, fall12) Undergraduate courses CSE326/IT326 Software Engineering (spring07, spring08, spring09, spring10, spring11, spring12, spring13) CSE389/IT321 Internet and Web Programming (spring05, fall06, fall09, fall10, fall12) CSE328/IT328 Secure Software Construction (fall07, fall08) CSE222 Systems Programming (spring 2006)

Research: Interest Areas Computer Security and Privacy Software Engineering Funded Projects Security Analysis of Web Applications Vulnerability Scanners: CAaNES, PI, 2011-2 Secure Data Services in Cloud Computing: Los Alamos Lab, 2010 Trustworthy Computing: User-controlled Persona in Virtual Community: NSF, PI, 2009-13 ENSL:Experimental Network of Sensors Lab for Advancing Research: NSF, co-PI, 2007-11 ARIEL: An Advanced Security Policy Engineering Framework for Protecting Distributed and Critical Systems: Sandia Labs, PI, 2007-8 Secure Infrastructure Management Systems: Sandia Labs, PI, 2007 DoD Information Assurance Scholarship Program: Capacity Building: DoD, co-PI, 2005-7 Building a Secure State-of-the-Art Embedded Real-Time Systems Laboratory at NMT: Intel, co-PI, 2005-6

Recent Journal/Conference/Workshop Activities: Journals Guest Editor, Special issue on Security and Privacy in Mobile Platforms, IEEE Transactions on Dependable and Secure Computing (TDSC), IEEEi Guest Editor, Special issue on CollaborateCom and TrustCol, Computer and Security (COSE), Elsevier Guest Editor, Special issue on Advanced Technologies for Homeland Defense and Security, Journal of Network and Computer Applications, Elsevier (submission due on October 26, 2012) Guest Editor, Special issue on Addressing Insider Threats and Information Leakage, Journal of Wireless Mobile Networks, Uniquitous Computing and Dependable Applications Conferences and Workshops Workshop co-Chair, International Workshop on Trusted Collaboration (TrustCol 2012) Track Co-Chair, ACM SAC Special Track on Smart Grid and Smart Technologies (SAC 2013) Publication Chair, ACM Symposium on Applied Computing (since 2009) Web Master, ACM Symposium on Access Control Models and Technologies (since 2010) Program Committee, ACM Symposium on Access Control Models and Technologies (SACMAT 2012) Program Committee, IEEE Signature Conference on Computers, Software, and Applications (COMPSAC 2012) Program Committee, 5th IEEE/ACM International Conference on Utility and Cloud Computing (UCC 2012) Program Committee, 3rd International Workshop on Privacy, Security, and Trust in Mobile and Wireless Systems (MobiPST 2013) Program Committee, 31st IEEE International Performance Computing and Communications Conference (IPCCC 2012) Program Committee, 2nd International Conference on Advanced Collaborative Networks, Systems and Applications (Colla 2012) Program Committee, IADIS International Conference on Collaborative Technologies 2012 Program Committee, 2nd International Conference on Cloud and Green Computing (CGC 2012) Program Committee, IEEE Globecom: Ad Hoc, Sensor, and Mesh Networking Symposium (AHSN 2013) Program Committee, 16th Colloquium for Information Systems Security Education 2012 (CISSE 2012) Program Committee, 5th International Workshop on Managing Insider Security Threats (MIST2013)

Recent Publications: 2013 Huiping Yao and Dongwan Shin. "Towards Preventing QR Code Based Attacks on Android Phone using Security Warnings," In Proceedings of the 8th ACM Symposium on Information, Computer and Communications Security (AsiaCCS 13), Hangzhou, China, May 7-10, 2013. Dongwan Shin, Huiping Yao, and Une Rosi. "Supporting Visual Security Cues for WebView-based Android Apps," In Proceedings of the 28th ACM Symposium on Applied Computing (SAC 13), Coimbra, Portugal, March 18-22, 2013. 2012 Manoj Cherukuri, Srinivas Mukkamala, and Dongwan Shin."Similarity Analysis of Shellcodes in Drive-by Download Attack Kits," In Proceedings of the 7th International Workshop on Trusted Collaboration (TrustCol'12 - in conjunction with CollaborateCom 12), Pittsburgh, PA, October 14, 2012. Daniel Fairweather and Dongwan Shin. "Demo: A Chrome Extension to Prevent the SSLstripping Attack," In Symposium on Usable Privacy and Security (SOUPS 12), Washington DC, July 11-13, 2012. (demo session) Dongwan Shin, Rodrigo Lopes, and Seok-Woo Jang. "An Efficient Scheme for User-controlled Attribute Sharing in Federated Identity," In Smart Computing Review, KAIS, 2(2), 2012. Dongwan Shin, Ying Wang, and William Claycomb. "A Policy-based Decentralized Authorization Management Framework for Cloud Computing," In Proceedings of the 27th ACM Symposium on Applied Computing (SAC 12), Riva del Garda (Trento), Italy, March 26-30, 2012. William Claycomb, Dongwan Shin, and Gail-Joon Ahn. "Enhancing Directory Virtualization to Detect Insider Activity," In Security and Communication Networks, Wiley, 5(8), 2012. 2011 Dongwan Shin and Rodrigo Lopes. "An Empirical Study of Visual Security Cues to Prevent the SSLstripping Attack," In Proceedings of the 27th Annual Computer Security Applications Conference (ACSAC 11), Orlando, Florida, December 5-9, 2011. Rodrigo Lopes and Dongwan Shin. "Preventing SSLstripping Attack using Visual Security Cues," In Symposium on Usable Privacy and Security (SOUPS 11), Pittsburgh, PA, July 20-22, 2011. (poster abstract) Dongwan Shin, Hakan Akkan, William Claycomb, and Kwanjoong Kim. "Towards Role-based Provisioning and Access Control for Infrastructure as a Service," In Journal of Internet Services and Applications, Springer, 2(3), 2011. William Claycomb and Dongwan Shin. "Extending Formal Analysis of Mobile Device Authentication Applications," In Journal of Internet Services and Information Security, 1(1), 2011. William Claycomb and Dongwan Shin. "A Novel Node Level Security Policy Framework for Wireless Sensor Networks," In Journal of Network and Computer Applications, Elsevier, 34(1), 2011. William Claycomb and Dongwan Shin. "Formal Analysis of Device Authentication Applications in Ubiquitous Computing" In Proceedings of the 26th ACM Symposium on Applied Computing (SAC 11), TaiChung, Taiwan, March 21-24, 2011. 2010 Dongwan Shin and Hakan Akkan."Domain-based Virtualized Resource Management in Cloud Computing" In Proceedings of the 5th International Workshop on Trusted Collaboration (TrustCol 10 - in conjunction with CollaborateCom 10), Chicago, October 9, 2010. William Claycomb and Dongwan Shin. "Detecting Insider Activity Using Enhanced Directory Virtualization," In Proceedings of the ACM Workshop on Insider Threat (held in conjunction with ACM CCS 2010), Chicago, IL, October 8, 2010 Victor Echeverria, Lorie M. Liebrock, and Dongwan Shin. "Permission Management System: Permission as a Service in Cloud Computing," In Proceedings of the 1st IEEE International Workshop on Emerging Applications for Cloud Computing (CloudApp 10 - in conjunction with Compsac 10), Seoul, South Korea, July 19-23, 2010 William Claycomb and Dongwan Shin. "Towards Secure Virtual Directories: A Risk Analysis Framework," In Proceedings of the 34th IEEE International Computer Software and Applications Conference (Compsac 10), Seoul, South Korea, July 19-23, 2010. Dongwan Shin, William Claycomb, and Seunghyun Im. "A Visual Way to Talk to Strangers: Authentication in Wireless Pervasive Computing," In International Journal of Ad Hoc and Ubiquitous Computing, InderScience, 5(4), 2010. William Claycomb, Rodrigo Lopes, Dongwan Shin, and Byunggi Kim. "Group-based Security Policy in Wireless Sensor Networks," In Proceedings of the 25th ACM Symposium on Applied Computing (SAC 10), Sierre, Switzerland, March 22-26, 2010. William Claycomb and Dongwan Shin. "A Framework for Risk Analysis in Virtual Directory Security," In Proceedings of the 25th ACM Symposium on Applied Computing (SAC 10), Sierre, Switzerland, March 22-26, 2010.

Misc Links/Updates: View Dongwan Shin's profile