Nicolas Christin
Associate Professor, Engineering and Public Policy, Institute for Software Research
Courtesy Appointment, Electrical and Computer Engineering, Information Networking Institute
Nicolas Christin is an associate professor at Carnegie Mellon University, jointly appointed in the School of Computer Science and the Department of Engineering & Public Policy. He is affiliated with the Institute for Software Research and is a core faculty member in CyLab, the university-wide information security institute. He also has courtesy appointments in the Information Networking Institute and the Department of Electrical and Computer Engineering. Christin holds a Diplôme d'Ingénieur from l'École centrale de Lille, and M.S. and Ph.D. degrees in Computer Science from the University of Virginia. He was a researcher in the School of Information at the University of California, Berkeley, prior to joining Carnegie Mellon in 2005.
Studying Cybercrime for Prevention and Enforcement
Education
2003 Ph.D., Computer Science, University of Virginia
2000 MS, Computer Science, University of Virginia
1999 Diplôme d'Ingénieur, École Centrale Lille, Franc
Affiliations
Research Interests
- AI and ML for security
- anonymity
- Applications of security and privacy
- authentication and passwords
- autonomy
- blockchain
- censorship resistance and measurement
- computer security
- cryptography
- cybersecurity
- information networking
- Measurement and analysis
- measurements of fraud, malware, spam
- ML and AI
- mobile and app security and privacy
- network security
- privacy
- privacy engineering
- privacy policy and regulation
- risk analysis and management
- security analytics
- security and privacy economics
- security of AI and ML
- security policy and regulation
- systems security
- threat analysis and modeling
- Usability and human behavior
- usable privacy and security
- web security
Media mentions
CMU Engineering
Why people (don’t) use password managers effectively
A recent study by a team of CyLab researchers, including Pearman, provides some insight into how ineffectively people may be using password managers, potentially nullifying the benefits the managers are meant to provide.
CMU Engineering
Security and privacy need to be easy
In 2005, Carnegie Mellon hosted a first-of-its-kind conference that brought together researchers from dozens of universities and companies around the world with one mission: make privacy and security tools easier to use. That conference, the Symposium On Usable Privacy and Security (SOUPS), is holding its 15th annual meeting next month. SOUPS, as well as the entire usable privacy and security field, have deep roots at CMU.
WIRED
Christin says dark-web ecosystem undented by law enforcement efforts
CyLab’s Nicolas Christin takes a look at law enforcement officials’ struggle to deter new dark-web marketplaces from growing in the wake of major law enforcement busts.
CMU Engineering
Blame the tech, not the users
A recent study led by researchers in Carnegie Mellon University’s CyLab found that when a personal device has fallen victim to some sort of cyberattack, users often misdiagnose what exactly is going on–but they’re not the ones to blame.
CMU Engineering
2019 Dean’s Early Career Fellows
Three young faculty members have been granted the 2019 Dean’s Early Career Fellowship to enable their continued contributions to their respective fields.
CMU Engineering
Preventing exposure to malicious websites
A team of CyLab researchers have developed a mechanism that detects when users may be about to visit a malicious website.
CMU Engineering
As advertised? Exposing lies about VPN locations
A strange observation led a CyLab researcher to figure out how to detect when VPN services are lying about their location.
The Piper (CMU)
College of Engineering faculty awarded the IEEE Cybersecurity Award
At the IEEE Cybersecurity Development Conference, ECE/CyLab’s Lujo Bauer, EPP/CyLab’s Nicolas Christin, and EPP/CyLab’s Lorrie Cranor received the IEEE Cybersecurity Award for Practice for their research on how to make passwords easier for users but harder for hackers to guess.
CMU Engineering
CyLab study finds users may be over-confident in protections of private browsing
A team of researchers from the CyLab Usable Privacy and Security Lab analyzed 450 consenting users' browsing behaviors over a three-year period. Their study was presented at last month's Symposium on Usable Privacy and Security in Baltimore.
NBC News
Christin quoted on the dangers of typosquatters
CyLab/EPP’s Nicholas Christin spoke with NBC News about criminals known as “typosquatters,” who use people’s common spelling mistakes (such as typing “.cm” instead of “.com”) to take them to fake websites, exposing them to cyber-attacks.
CMU Engineering
What happens when you deploy 2-factor authentication at a university?
“It’s not actually that horrible,” one survey respondent said about using a security feature called 2-factor authentication (2FA) to access their Carnegie Mellon account.
CyLab
CyLab finds 2FA had unexpected positive reception
CyLab researchers investigated CMU faculty and staff's reactions to two-factor authentication and found unexpectedly positive reception.