The Pennsylvania State University
Ph.D. Candidate
Advisor: Dr. Patrick McDaniel
The Pennsylvania State University
M.S. in Computer Science with distinction - Spring 2011
Thesis:
The Load Leveling Approach to Removing Appliance Features from Home Electricity Usage Profiles
Advisor: Dr. Patrick McDaniel
The Pennsylvania State University
B.S. in Computer Science with distinction - Fall 2007
Minor in Mathematics
Research Assistant The Pennsylvania State University
State College, PA: January 2009 - Present
Performed penetration testing of smart metering systems and
published and presented the results at CRITIS 2009
Intern Google
New York, NY: May 2008 - August 2008
Designed implemented and tested a highly scalable parallel
minimum spanning tree algorithm and documented all work
Research Assistant The Pennsylvania State University
State College, PA: March 2007 - April 2008
Designed, prototyped and evaluated novel storage security architectures
and published the results at CCS 2008
Intern IBM - High Performance On Demand Solutions
San Jose, CA: January 2006 - June 2006
Designed and implemented web-services for capacity planning
and data center automation
Journal Publications
Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel.
Semantically Rich Application-Centric Security in Android. Security and Communication Networks, To appear.
Kevin Butler, Stephen McLaughlin, Thomas Moyer, and Patrick McDaniel.
New Security Architectures Based on Emerging Disk Functionality. IEEE Security and Privacy, 8(5), pg. 34-31, Sept./Oct. 2010.
Conference Publications
Stephen McLaughlin, Patrick McDaniel, and William Aiello.
Protecting Consumer Privacy from Electric Load Monitoring. 18th ACM Conference on Computer and Communications Security (CCS). Chicago, IL, USA. October 2011.
Stephen McLaughlin, Dmitry Podkuiko, Sergei Miadzvezhanka, Adam Delozier, and Patrick McDaniel.
Multi-vendor Penetration Testing in the Advanced Metering Infrastructure. 26th Annual Computer Security Applications Conference (ACSAC 2010), Austin, TX, USA. December 2010.
Kevin Butler, Stephen McLaughlin, and Patrick McDaniel,
Kells: A Protection Framework for Portable Data. 26th Annual Computer Security Applications Conference (ACSAC 2010), Austin, TX, USA. December 2010.
Kevin Butler, Stephen McLaughlin, and Patrick McDaniel,
Disk-Enabled Authenticated Encryption.
26th IEEE Symposium on Massive Storage Systems and Technologies (MSST 2010), Lake Tahoe, Nevada.
May, 2010. (Short paper)
(Best Paper)
Machigar Ongtang, Stephen McLaughlin, William Enck, and
Patrick McDaniel,
Semantically Rich Application-Centric
Security in Android. Proceedings of the 25th Annual Computer
Security Applications Conference (ACSAC 2009), Honolulu, HI, USA.
December 2009.
Albert Tannous, Jonathan Trostle, Mohamed Hassan, Stephen McLaughin,
and Trent Jaeger,
New Side Channel Attacks Targeting Passwords.
Proceedings of the 24th Annual Computer Security Applications
Conference (ACSAC 2008), Anaheim, CA, USA. December 2008.
Kevin Butler, Stephen McLaughlin, and Patrick McDaniel,
Rootkit
Resistant Disks. 15th ACM Conference
on Computer and Communications Security (CCS 2008), Alexandria,
VA, USA. November 2008.
Workshop Publications
Stephen McLaughlin,
On Dynamic Malware Payloads Aimed at Programmable Logic Controllers. 6th USENIX Workshop on Hot Topics in Security, San Francisco, CA. August, 2011.
Stephen McLaughlin, Dmitry Podkuiko, Adam Delozier, Sergei Miadzvezhanka, and Patrick McDaniel,
Embedded Firmware Diversity for Smart Electric Meters. Proceedings of the 5th USENIX Workshop on Hot Topics in Security (HotSec 2010), Washington, DC. August, 2010.
Patrick McDaniel, Kevin Butler, Stephen McLaughlin, Radu Sion, Erez Zadok, and Marianne Winslett,
Towards a Secure and Efficient System for End-to-End Provenance.
2nd USENIX Workshop on the Theory and Practice of Provenance (TAPP 2010), San Jose, CA.
February, 2010.
Stephen McLaughlin, Dmitry Podkuiko, and Patrick McDaniel,
Energy Theft in the Advanced Metering Infrastructure.
4th International Workshop on Critical Information
Infrastructure Security (CRITIS 2009), Bonn, Germany.
September, 2009.
Kevin Butler, William Enck, Harri Hursti, Stephen McLaughlin,
Patrick Traynor, and Patrick McDaniel,
Systemic Issues in the Hart InterCivic and Premier Voting Systems:
Reflections Following Project EVEREST.
2008 USENIX/ACCURATE Electronic Voting Technology Workshop
(EVT 2008), San Jose, CA, USA. July 2008.
K. Butler, S. McLaughlin, P. McDaniel,
Non-Volatile Memory and Disks:
Avenues for Policy Architectures.,
1st Computer Security
Architecture Workshop (CSAW 2007), Alexandria, VA, USA. November
2007.
Miscellaneous
Patrick McDaniel and Stephen McLaughlin.
Structured Security Testing in the Smartgrid. 5th International Symposium on Communications, Control, and Signal Processing. Rome, Italy. May 2012.
Energy Theft in the Advanced Metering Infrastructure.
19th USENIX Security Symposium, Washington, DC, USA. August 2010. Poster Presentation.
Embedded Firmware Diversity for Smart Electric Meters.
19th USENIX Security Symposium, Washington, DC, USA. August 2010. Poster Presentation.
Patrick McDaniel and Stephen McLaughlin,
Security and Privacy
Challenges in the Smart Grid.
IEEE Security & Privacy Magazine, 7(3):75--77,
May/June, 2009.
Stephen McLaughlin,
18th USENIX Security Symposium Conference Summaries. USENIX ;login Magazine, December 2009.
Utility Grid Automation Risk Management.
Clean Technology,
Houston, TX, USA. May, 2009. Poster Presentation.
Patrick McDaniel, Kevin Butler, William Enck, Harri Hursti,
Stephen McLaughlin, Patrick Traynor, Matt Blaze, Adam Aviv,
Pavol Cerny, Sandy Clark, Eric Cronin, Gaurav Shah, Micah Sherr,
Giovanni Vigna, Richard Kemmerer, David Balzarotti, Greg Banks,
Marco Cova, Viktoria Felmetsger, William Robertson, Fredrik Valeur,
Joseph Lorenzo Hall, and Laura Quilter,
EVEREST: Evaluation and
Validation of Election-Related Equipment, Standards and Testing.
December 2007
Protecting Consumer Privacy from Electric Load Monitoring. 18th ACM Conference on Computer and Communications Security (CCS). Chicago, IL, USA. October 2011.
Multi-vendor Penentration Testing in the Advanced Metering
Infrastructure: Challenges for Regulation. Carnegie Mellon
Electricity Industry Center. Pittsburgh, PA. August 31,
2011.
Why We Need Standards for Breaking the Smart Grid. The 2011
Technology Management and Policy Graduate Consortium. Penn State
University, University Park, PA. June 27, 2011.
Multi-vendor Penentration Testing in the Advanced Metering
Infrastructure. The 26th Annual Computer Security Applications
Conference. Austin, TX. December 8, 2010.
Multi-vendor Penetration Testing in the Advanced Metering
Infrastructure: Future Challenges. DIMACS Workshop on Algorithmic
Decision Theory for the Smart Grid. Piscataway, NJ. October 26,
2010.
Embedded Firmware Diversity for Smart Electric Meters.
Proceedings of the 5th USENIX Workshop on Hot Topics in Security
(HotSec 2010). Washington, DC. August, 2010.
Energy Theft in the Advanced Metering Infrastructure. 4th
International Workshop on Critical Information Infrastructure Security
(CRITIS 2009). Bonn, Germany. September 2009.
- Recipient ACM CCS Student Travel Grant, 2011
- Recipient Student Scholarship to the TCIPG Summer School on Cyber Security for Smart Energy Systems, 2011
- Recipient ACSAC Student Conferenceship, 2010
- Recipient Travel Grant to the DIMACS Workshop on Algorithmic Decision Theory for the Smart Grid, 2010
- Recipient HotSec Student Travel Grant, 2010
- Recipient USENIX Security Symposium Travel Grant,
2008 and 2009
- Recipient Harry G. Miller Fellowship in the College
of Engineering for the spring 2007 semester
- Recipient R. P. Drenning Memorial Scholarship in the
College of Engineering for the 2007-08 academic year
- Recipient John F. Kray Sr. Memorial Scholarship in the
College of Engineering for the 2006-07 academic year
- Dean's List Fall 2004 - Fall 2007
- Member The Association for Computing Machinery
- Member Institute of Electrical and Electronics Engineers
- Member USENIX The Advanced Computing Systems Association
- Member Tau Bet Pi, the Engineering Honor Society
Reviewer: International Conference on Availability,
Reliability and Security (ARES 2008); International Conference
on Distributed Computing Systems (ICDCS 2008); USENIX Security
2008; IEEE TSE; Data and Applications Security (DBSec 2008);
16th Annual Network and Distributed System Security Symposium
(NDSS 2009); ACM Symposium on Access Control Models and
Technologies (SACMAT 2009); USENIX Security 2009; 3rd
International Conference on Information Security and Assurance
(ISA 2009); Information Security Conference (ISC 2009); ACM
Conference on Computer and Communications Security (CCS 2009);
ACM Cloud Computing Security Workshop (CCSW 2009); Fifth
International Conference on Information Systems Security
(ICISS 2009); 17th ACM Conference on Computer and
Communications Security (CCS 2010); 5th USENIX Workshop on Hot
Topics in Security (HotSec 2010); 26th Annual Computer
Security Applications Conference (ACSAC 2010); Proceedings of
the IEEE; The 17th Annual International Conference on Mobile
Computing and Networking (MOBICOM 2011); IEEE Transactions on
Knowledge and Data Engineering (TKDE); The 18th Annual Network
and Distributed System Security Symposium (NDSS).