Office: CTLM 249
Colorado School of Mines
Department of Computer Science
1500 Illinois St.
Golden, Colorado 80401
Chuan Yue is an Associate Professor of Computer Science at the Colorado School of Mines (Mines). His current research focuses on (1) Web, Mobile, Cloud, CPS/IoT, and AI systems security, (2) usable security and privacy, (3) vulnerability measurement and analysis, and (4) cybersecurity education. His broad research interests include Security and Privacy, Web-based Systems, Human-Computer Interaction, Collaborative Computing, Distributed and Parallel Computing, Cloud Computing, and Mobile Computing. His research and educational activities have been supported by NSF, DOD, and Meta (big thanks!). He is the founder and current point of contact (POC) of the Center for Cyber Security and Privacy (CCSP) at Mines. He is a Daniels Fund Faculty Fellow from 2016 to 2019 (on incorporating ethics instruction into security and privacy courses). He received his B.E. and M.E. degrees in Computer Science from the Xidian University, China, in 1996 and 1999, respectively, and his Ph.D. in Computer Science from the College of William and Mary in 2010. He worked as a Member of Technical Staff at Bell Labs China, Lucent Technologies for four years from 1999 to 2003, mainly on the design and development of the Web-based Distributed Service Management System for Intelligent Network. He worked as an Assistant Professor of Computer Science at the University of Colorado Colorado Springs (UCCS) for five years (and commuted between Denver and Colorado Springs for four years) before joining Mines.
- Current PhD Students: Weiping Pei (Recipient of the 2021 Outstanding CS PhD Student Award at Mines), Ahmed Alshehri, Khalid Alkhattabi, Mengxia Ren, Anhao Xiang
- Graduated PhD Students:
- Rui Zhao (December 2016; decided to pursue a career in academia.)
(Recipient of the 2016 university-level Rath Award for the Best PhD Thesis with the Potential for the Greatest Societal Impact.)
(Recipient of the 2015 Outstanding CS PhD Student Award at UCCS.)
- Matthew Sanders (May 2019; pursued his PhD degree while working full-time in industry, and completed his PhD thesis with high quality.)
- Yi Qin (May 2021; decided to pursue a career in industry.)
- Zhiju Yang (August 2021; decided to pursue a career in academia.)
- Prof. Tao Feng at the Yunnan University of Finance and Economics (July 2017 ~ May 2018)
- Current Master Students: Ivan Santos, Vincent Morgan (co-advising with Dr. Phil Romig)
- Graduated Master Students (at Mines): Kento Okamoto, Ryan Hunt, Michael Hughes, Yanina Likhtenshteyn, Riley Miller, Johnny Zeng, Thien Ngo Le, Leo Chely
- Graduated Master Students (at UCCS): Jeff Hinson, Christopher Shuster, Derrick Erickson, Anitha Tadimalla, Alex Renger, Xiang Tan, Robert Lancaster
Undergraduate Research Assistants (my PhD students help or helped advise most of them.)
- Sponsored or Advised Undergraduate Research Assistants in Summer 2021: Luke Beukelman, Leon Wan, Ethan Maestas
- Sponsored or Advised Undergraduate Research Assistants in 2020~2021: Jhonathan Malagon, Sophia Collins, Max Gawason, James Singleton,
Amiya Prasad, Joseph Spielman, Nathan Gavelek, Benjamin Breisch, Christopher Engel, Michelle Torres-Ortiz, Jacob Parker, Eugin Phak, Kai Miller, Davita Bird
- Sponsored or Advised Undergraduate Research Assistants in Summer 2020: Cole Smith, John Simpson, Elizabeth Holter, Ethan Maestas
- Sponsored or Advised Undergraduate Research Assistants in 2019~2020: Leo Chely, Andrew Harelson, Kaylynn Tu, Gazi Mahbub-Morshed, Matthew Lynn-goin
- Sponsored or Advised Undergraduate Research Assistants in 2018~2019: Riley Miller, Jacob Granley, Arthur Mayer, Kaylynn Tu, Andrew Harelson, Nicholas Redhorse, Fisher Darling
- Sponsored or Advised Undergraduate Research Assistants in 2017~2018: Grant Schmaedick, Riley Miller, Jacob Granley, Jordan Vickers, Arthur Mayer
- Sponsored or Advised Undergraduate Research Assistants in 2016~2017: Bernardo Trindade, Marcus Tonsmann, John Galbavy, Xiaoyang Liu, Anthony Roebuck
- Previously Sponsored Undergraduate Research Assistants at UCCS: Stacy Karas, Daniel Six, Aaron Batilo, Christopher Varga, Michael Pease, Joanne Wood
High School Research Assistants
- Advised High School Research Assistants in Summer 2021: Leah Jo Maloney, Nabil Djaber, John Pumayalli, Abhinav Vemulapalli, Caleb Cox, Jennifer Lalone (Mengxia Ren helped advise them.)
- Advised High School Research Assistants in Summer 2020: Kai Hoshijo, Ava Ward, Dylan Knudsen (Weiping Pei helped advise them.)
- Advised High School Research Assistants in 2019~2020: Cailean Albert (Ahmed Alshehri helped advise Cailean.)
- Advised High School Research Assistants in 2017~2018: Sonia Chu (Yi Qin helped advise Sonia.)
I am looking for motivated undergraduate and graduate students to work with me on Web, Mobile, Cloud, CPS/IoT, and AI systems security & privacy research.
Please stop by my office or send me an email with a brief introduction of yourself. Thank you!
Teaching at Colorado School of Mines (Mines)
- CSCI 585: Information Security and Privacy, Fall 2020
- CSCI 474/574: Introduction to Cryptography/Theory of Cryptography, Spring 2018~2021
- CSCI 475/585: Information Security and Privacy, Fall 2018, Fall 2019
- CSCI 585 Online: Information Security and Privacy, Fall 2019
- CSCI 474/598: Introduction to Cryptography, Spring 2016, Spring 2017
- CSCI 475/598: Information Security and Privacy, Fall 2016, Fall 2017
- CSCI 598: Security & Privacy in Systems, Fall 2015
Selected Publications (full list)
- Generating Content-Preserving and Semantics-Flipping Adversarial Text.
By Weiping Pei and Chuan Yue. To appear in proceedings of the ACM ASIA Conference on Computer and Communications Security (AsiaCCS), 2022
- Exploring the Privacy Concerns of Bystanders in Smart Homes from the Perspectives of both Owners and Bystanders.
By Ahmed Alshehri, Joseph Spielman, Amiya Prasad, and Chuan Yue. To appear in proceedings of the Privacy Enhancing Technologies Symposium (PETS), 2022.
- Fuzzing-Based Hard-Label Black-Box Attacks Against Machine Learning Models.[pdf]
By Yi Qin and Chuan Yue. In Journal of Computers & Security (COMPSEC), Elsevier, 117: 102694, 2022.
- WtaGraph: Web Tracking and Advertising Detection using Graph Neural Networks.[pdf]
By Zhiju Yang, Weiping Pei, Monchu Chen, and Chuan Yue. In proceedings of the IEEE Symposium on Security and Privacy (S&P), 2022.
- Quality Control in Crowdsourcing based on Fine-Grained Behavioral Features.[pdf]
By Weiping Pei, Zhiju Yang, Monchu Chen, and Chuan Yue. In proceedings of the ACM on Human-Computer Interaction:
ACM Conference on Computer-Supported Cooperative Work and Social Computing (CSCW), 28 pages, 2021.
- Attention Please: Your Attention Check Questions in Survey Studies Can Be Automatically Answered.[pdf]
By Weiping Pei, Arthur Mayer, Kaylynn Tu, and Chuan Yue. In proceedings of The Web Conference (formerly known as The WWW Conference), 2020.
(This paper is on Quality Control in Crowdsourcing. Arthur and Kaylynn are undergraduate research assistants whose contribution is on data collection.)
- A Comparative Measurement Study of Web Tracking on Mobile and Desktop Environments.[pdf]
By Zhiju Yang and Chuan Yue. In proceedings of the Privacy Enhancing Technologies Symposium (PETS), 2020.
- Distinguishability of Adversarial Examples.[pdf]
By Yi Qin, Ryan Hunt, and Chuan Yue. In proceedings of the International Conference on Availability, Reliability and Security (ARES), 2020.
- Security and Privacy Analysis of Android Family Locator Apps.[pdf]
By Khalid Alkhattabi, Ahmed Alshehri, and Chuan Yue. In proceedings of the ACM Symposium on Access Control Models and Technologies (SACMAT), 2020.
- Visualizing and Interpreting RNN Models in URL-based Phishing Detection.[pdf]
By Tao Feng and Chuan Yue. In proceedings of the ACM Symposium on Access Control Models and Technologies (SACMAT), 2020.
- Attacking and Protecting Tunneled Traffic of Smart Home Devices.[pdf]
By Ahmed Alshehri, Jacob Granley, and Chuan Yue. In proceedings of the ACM Conference on Data and Applications Security (CODASPY), 2020.
- Mining Least Privilege Attribute Based Access Control Policies.[pdf],[slides],[code]
By Matthew Sanders and Chuan Yue. In proceedings of the Annual Computer Security Applications Conference (ACSAC), 2019.
- Sensor-based Mobile Web Cross-site Input Inference Attacks and Defenses.[pdf]
By Rui Zhao, Chuan Yue, and Qi Han. In IEEE Transactions on Information Forensics and Security (TIFS), 2019.
- Minimizing Privilege Assignment Errors in Cloud Services. (Outstanding Paper Award!) [pdf]
By Matthew Sanders and Chuan Yue. In proceedings of the ACM Conference on Data and Applications Security (CODASPY), 2018.
- Design and Evaluation of the Highly Insidious Extreme Phishing Attacks.[pdf]
By Rui Zhao, Samantha John, Stacy Karas, Cara Bussell, Jennifer Roberts, Daniel Six, Brandon Gavett, and Chuan Yue.
In Journal of Computers & Security (COMPSEC), Elsevier, 70: 634--647, 2017.
(In this paper, we report the partial research results of our NSF project with award #1624149 (formerly #1359542))
- Phishing Suspiciousness in Older and Younger Adults: The Role of Executive Functioning.[pdf]
By Brandon Gavett, Rui Zhao, Samantha John, Cara Bussell, Jennifer Roberts, and Chuan Yue. In Journal of PLoS ONE, 12(2): e0171620, 2017.
(In this paper, we report the partial research results of our NSF project with award #1624149 (formerly #1359542))
- Teaching Computer Science with Cybersecurity Education Built-in.[pdf]
By Chuan Yue. In proceedings of the USENIX Workshop on Advances in Security Education (ASE), 2016.
(In this paper, we report the partial research results of our NSF project with award #1619841 (formerly #1438935))
- Sensor-based Mobile Web Fingerprinting and Cross-site Input Inference Attacks (a position paper).[pdf]
By Chuan Yue. In proceedings of the IEEE Workshop on Mobile Security Technologies (MoST), 2016.
(My slides can be accessed from the workshop website.)
- SafeSky: A Secure Cloud Storage Middleware for End-user Applications.[pdf]
By Rui Zhao, Chuan Yue, Byungchul Tak, and Chunqiang Tang. In proceedings of the IEEE Symposium on Reliable Distributed Systems (SRDS), 2015.
- Automatic Detection of Information Leakage Vulnerabilities in Browser Extensions.[pdf]
By Rui Zhao, Chuan Yue, and Qing Yi. In proceedings of the International World Wide Web Conference (WWW), 2015.
- Toward A Secure and Usable Cloud-based Password Manager for Web Browsers.[pdf]
By Rui Zhao and Chuan Yue. In Journal of Computers & Security (COMPSEC), Elsevier, 46(3): 32--47, 2014.
(This is an extended version of our CODASPY'13 conference paper "All Your Browser-saved Passwords Could Belong to Us: a Security Analysis and a Cloud-based New Design",
which was reported by The Oregonian in March 2014, and has prompted at least one top Web browser vendor to make some important changes in its password manager feature.)
- The Devil is Phishing: Rethinking Web Single Sign-On Systems Security.[pdf]
By Chuan Yue. In proceedings of the 6th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), 2013.
By Chuan Yue and Haining Wang. In ACM Transactions on the Web (TWEB), 7(2): 1--39, 2013.
- Preventing the Revealing of Online Passwords to Inappropriate Websites with LoginInspector. (Best Paper Award!) [pdf]
By Chuan Yue. In proceedings of the USENIX Large Installation System Administration Conference (LISA), 2012.
- Using Amazon EC2 in Computer and Network Security Lab Exercises: Design, Results, and Analysis.[pdf]
By Chuan Yue, Weiying Zhu, Greg Williams, and Edward Chow. In proceedings of the 119th ASEE Annual Conference and Exposition, 2012.
- BogusBiter: A Transparent Protection Against Phishing Attacks.
By Chuan Yue and Haining Wang. In ACM Transactions on Internet Technology (TOIT), 10(2): 1--31, 2010.
(This is an extended version of our ACSAC'08 conference paper "Anti-Phishing in Offense and Defense".)
(One U.S. utility patent has been granted to us for this anti-phishing work!)
- SessionMagnifier: A Simple Approach to Secure and Convenient Kiosk Browsing.
By Chuan Yue and Haining Wang. In proceedings of the International Conference on Ubiquitous Computing (Ubicomp), 2009.
(One U.S. utility patent has been granted to us for this kiosk browsing work!)
- RCB: A Simple and Practical Framework for Real-time Collaborative Browsing.[pdf]
By Chuan Yue, Zi Chu, and Haining Wang. In proceedings of the USENIX Annual Technical Conference (USENIX ATC), 2009.
(This work was reported by MIT's Technology Review and the Computer Power User magazine.)
Institution Level Significant Services
- Successfully completed the NSA/DHS National Center of Academic Excellence in Cyber Defense Education (CAE-CDE) Program applications for Mines in 2016 and 2021.
- Successfully completed the NSA Information Assurance Courseware Evaluation (IACE) Program application (Approval Letter), NSA/DHS National Centers of Academic Excellence
in Information Assurance Education (CAE/IAE) Program application (Approval Letter), and NSA/DHS CAE-CDE) Program application for UCCS in 2011, 2012, and 2014, respectively.
Research and Education Community Services
- ACM CODASPY 2022, ICICS 2022, etc.
- ACM CODASPY 2021, ICICS 2021, etc.
- ACM CODASPY 2020, IEEE/IFIP DSN 2020, etc.
- ACM CODASPY 2019, etc.
- ACM CODASPY 2018, IEEE ICC 2018, IEEE CCNC 2018, IFIP NTMS 2018
- ACM CODASPY 2017, IEEE/IFIP DSN 2017, IEEE ICC 2017, IEEE CCNC 2017
- ACM CODASPY 2016, IEEE ICC 2016, ACM AsiaCCS-AuthTech 2016, MobiSPC 2016, IFIP NTMS 2016, IEEE ICCCN 2016
- ACM CODASPY 2015, ACM CCS 2015, IEEE ICC 2015, IEEE GLOBECOM 2015, IEEE ICCCN 2015, MobiSPC 2015, IEEE NAS 2015, IFIP NTMS 2015
- ACM CODASPY 2014, IEEE ICNP 2014, IFIP NTMS 2014, IEEE ICC 2014, IEEE GLOBECOM 2014, IEEE NAS 2014, MobiSPC 2014, REUNS 2014
- IEEE GLOBECOM 2013, IEEE ICC 2013, IEEE ICCCN 2013, CTS 2013, IEEE/CIC ICCC 2013, IEEE NAS 2013, InterCloud-HPC 2013, ICCVE 2013
- IEEE GLOBECOM 2012, IEEE ICCCN 2012, COMPSAC 2012, ISSRE 2012, IEEE ISWPC 2012, IEEE NAS 2012, CTS 2012, IFIP NTMS 2012, ICCVE 2012
- SecureComm 2011, IEEE NAS 2011, IEEE GLOBECOM 2011, ATNAC 2011, IEEE ICCCN 2011, IFIP NTMS 2011, IEEE ISWPC 2011, etc.
- Other Journal and Conference Reviewing Activities
Last updated in May 2022.