Skip to main content

Nicolas Christin

Associate Research Professor, School of Computer Science and Engineering and Public Policy

[Email]

Nicolas Christin

Research Areas

Next Generation Secure and Available Networks, Privacy Protection

Cross Cutting Thrusts

Business Risk Analysis and Economic Implications
Next Generation Threat Prediction and Response
Threat Analysis and Modeling
Usable Privacy and Security

Biography

Nicolas Christin is an Associate Research Professor in the School of Computer Science and in Engineering and Public Policy at Carnegie Mellon University. He is affiliated with the Institute for Software Research, and is a core faculty member of CyLab, the university-wide security institute. He also also courtesy appointments in the Electrical and Computer Engineering department, and in the Information Networking Institute.  He holds a Diplôme d'Ingénieur from École Centrale Lille, and M.S. and Ph.D. degrees in Computer Science from the University of Virginia. He was a researcher in the School of Information at the University of California, Berkeley, prior to joining Carnegie Mellon in 2005. His research interests are in computer and information systems networks; most of his work is at the boundary of systems and policy research, with a slant toward security aspects. He has most recently focused on online crime, security economics, and psychological aspects of computer security. His group's research won several awards including Honorable Mention at ACM CHI 2011, and Best Student Paper Award at USENIX Security 2014. He equally enjoys field measurements and mathematical modeling.

Education

Diplôme d'Ingénieur (1999) from École Centrale de Lille
Master's (2000) and a Ph.D. (2003) in Computer Science from the University of Virginia

Professional Background

In the final year (2002-2003) of his Ph.D., he was working at Nortel. He then spent two years (2003-2005) as a postdoctoral fellow in the School of Information at UC Berkeley, before joining Carnegie Mellon in July 2005.

Research Projects

Online Crime Economics: Modeling Advertising and Retail Operations

Cross Cutting Thrusts: Business Risk Analysis and Economic Implications | Threat Analysis and Modeling
Researcher: Nicolas Christin

Password-Composition Policies and the Security and Usability of Passwords

Research Area: Privacy Protection
Cross Cutting Thrusts: Usable Privacy and Security
Researchers: Lujo Bauer, Nicolas Christin, Lorrie Cranor

Passwords

Cross Cutting Thrusts: Usable Privacy and Security
Researchers: Lujo Bauer, Lorrie Cranor, Nicolas Christin

Studying the Android Malware Ecosystem

Research Area: Mobility
Cross Cutting Thrusts: Software Security
Researcher: Nicolas Christin

Security Behavior Observatory

Research Area: Secure Home Computing | Privacy Protection
Cross Cutting Thrusts: Software Security | Usable Privacy and Security | Threat Analysis and Modeling
Researchers: Alessandro Acquisti, Nicolas Christin, Lorrie Cranor, Rahul Telang

Improving the Security and Usability of Text Passwords

Cross Cutting Thrusts: Usable Privacy and Security
Researchers: Lorrie Cranor, Lujo Bauer, Nicolas Christin

Use Your Illusion: Using Visual Distortion to Secure Image-Based Authentication

Cross Cutting Thrusts: Usable Privacy and Security
Researchers: Jason Hong, Nicolas Christin, Eiji Hayashi

Security and Privacy Risk Management in Organizations

Cross Cutting Thrusts: Business Risk Analysis and Economic Implications
Researchers: Nicolas Christin, Anupam Datta

Understanding User Investments & Response to Security Threats

Cross Cutting Thrusts: Threat Analysis and Modeling | Business Risk Analysis and Economic Implications
Researcher: Nicolas Christin

Publications

"Building the security behavior observatory: an infrastructure for long-term monitoring of client machines". A. Forget, S. Komanduri, A. Acquisti, N. Christin, L. Cranor, and R. Telang, HotSoS ’14: Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, pp. 1–2, 2014.

"A Nearly Four-Year Longitudinal Study of Search-Engine Poisoning". N. Leontiadis, T. Moore, and N. Christin, ACM Conference on Computer and Communications Security Proceedings, pp. 930–941, 2014.

"A5: Automated Analysis of Adversarial Android Applications". T. Vidas, J. Tan, J. Nahata, C.-L. Tan, N. Christin, and P. D. Tague, Proceedings of the 4th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM 2014), 2014.

"Empirically Measuring WHOIS Misuse". N. Leontiadis and N. Christin, European Symposium on Research in Computer Security (ESORICS), pp. 19–36, 2014.

"Automatically detecting vulnerable websites before they turn malicious". K. Soska and N. Christin, USENIX Security Symposium, pp. 625–640, 2014.

"Evading Android Runtime Analysis via Sandbox Detection". T. Vidas and N. Christin, ASIACCS: Proceedings of the ACM Symposium on Information, Computer and Communication Security, 2014.

"Should Payment Card Issuers Reissue Cards in Response to a Data Breach?". J. Graves, A. Acquisti, and N. Christin, WEIS: Workshop on the Economics of Information Security, 2014.

"Can Long Passwords Be Secure and Usable?". R. Shay, S. Komanduri, A. Durity, P. Huh, M. Mazurek, S. Segreti, B. Ur, L. Bauer, N. Christin, and L. Cranor, CHI: Conference Proceedings, Conference on Human Factors in Computing Systems, 2014.

"Commentary on Barratt et al. (2014): Steps towards characterizing online anonymous drug marketplace customers". N. Christin, Addiction, vol. 109, no. 5, pp. 784–785, 2014.

"Android Lemon Markets: Application Repackaging and Malware in Application Marketplaces".

Vidas, T., & Christin, N. (2013).  Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy.

"Beware the Middleman: Empirical Analysis of Bitcoin-Exchange Risk". Moore, T., & Christin, N. (2013). Financial Cryptography and Data Security International Conference.

"Measuring password guessability for an entire university". Mazurek, M. L., Komanduri, S., Vidas, T., Bauer, L., Christin, N., Cranor, L., Kelley, P., Shay, R., & Ur, B. (2013). ACM Conference on Computer and Communications Security Proceedings, 173-186.

"Traveling the Silk Road: A Measurement Analysis of a Large Anonymous Markeplace". Christin, N. (2013). WWW: International World Wide Web Conference, 213-224.