Ninghui Li

According to our database1, Ninghui Li authored at least 177 papers between 1999 and 2018.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Other 

Links

Homepage:

On csauthors.net:

Bibliography

2018
PrivPfC: differentially private data publication for classification.
VLDB J., 2018

The description-experience gap in the effect of warning reliability on user trust and performance in a phishing-detection context.
Int. J. Hum.-Comput. Stud., 2018

Enhancing security behaviour by supporting the user.
Computers & Security, 2018

Influence of privacy priming and security framing on mobile app selection.
Computers & Security, 2018

Locally Differentially Private Frequent Itemset Mining.
Proceedings of the 2018 IEEE Symposium on Security and Privacy, 2018

Privacy at Scale: Local Differential Privacy in Practice.
Proceedings of the 2018 International Conference on Management of Data, 2018

AceDroid: Normalizing Diverse Android Access Control Checks for Inconsistency Detection.
Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018

Differential Privacy in the Local Setting.
Proceedings of the Fourth ACM International Workshop on Security and Privacy Analytics, 2018

CALM: Consistent Adaptive Local Marginal for Marginal Release under Local Differential Privacy.
Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018

iOracle: Automated Evaluation of Access Control Policies in iOS.
Proceedings of the 2018 on Asia Conference on Computer and Communications Security, 2018

Precise Android API Protection Mapping Derivation and Reasoning.
Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018

2017
Differentially Private K-Means Clustering and a Hybrid Approach to Private Optimization.
ACM Trans. Priv. Secur., 2017

Understanding the Sparse Vector Technique for Differential Privacy.
PVLDB, 2017

Is Domain Highlighting Actually Helpful in Identifying Phishing Web Pages?
Human Factors, 2017

Locally Differentially Private Heavy Hitter Identification.
CoRR, 2017

Optimizing Locally Differentially Private Protocols.
CoRR, 2017

Locally Differentially Private Protocols for Frequency Estimation.
Proceedings of the 26th USENIX Security Symposium, 2017

SymCerts: Practical Symbolic Execution for Exposing Noncompliance in X.509 Certificate Validation Implementations.
Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017

Use of Phishing Training to Improve Security Warning Compliance: Evidence from a Field Experiment.
Proceedings of the Hot Topics in Science of Security: Symposium and Bootcamp, HoTSoS 2017, 2017

Using Context-Based Password Strength Meter to Nudge Users' Password Generating Behavior: A Randomized Experiment.
Proceedings of the 50th Hawaii International Conference on System Sciences, 2017

Analyzing Operational Behavior of Stateful Protocol Implementations for Detecting Semantic Bugs.
Proceedings of the 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2017

SPOKE: Scalable Knowledge Collection and Attack Surface Analysis of Access Control Policy for Security Enhanced Android.
Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, 2017

Analysis of SEAndroid Policies: Combining MAC and DAC in Android.
Proceedings of the 33rd Annual Computer Security Applications Conference, 2017

2016
Differential Privacy: From Theory to Practice
Synthesis Lectures on Information Security, Privacy, & Trust, Morgan & Claypool Publishers, 2016

Understanding the Sparse Vector Technique for Differential Privacy.
CoRR, 2016

Publishing Graph Degree Distribution with Node Differential Privacy.
Proceedings of the 2016 International Conference on Management of Data, 2016

Tri-Modularization of Firewall Policies.
Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies, 2016

Comparing Password Ranking Algorithms on Real-World Password Datasets.
Proceedings of the Computer Security - ESORICS 2016, 2016

Differentially Private K-Means Clustering.
Proceedings of the Sixth ACM on Conference on Data and Application Security and Privacy, 2016

An Empirical Study of Mnemonic Sentence-based Password Generation Strategies.
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

On the Security and Usability of Segment-based Visual Cryptographic Authentication Protocols.
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

2015
A Probabilistic Discriminative Model for Android Malware Detection with Decompiled Source Code.
IEEE Trans. Dependable Sec. Comput., 2015

Differentially Private $k$-Means Clustering.
CoRR, 2015

Differentially Private Projected Histograms of Multi-Attribute Data for Classification.
CoRR, 2015

Effectiveness of a phishing warning in field settings.
Proceedings of the 2015 Symposium and Bootcamp on the Science of Security, 2015

Towards quantification of firewall policy complexity.
Proceedings of the 2015 Symposium and Bootcamp on the Science of Security, 2015

Learning from Others: User Anomaly Detection Using Anomalous Samples from Other Users.
Proceedings of the Computer Security - ESORICS 2015, 2015

Dimensions of Risk in Mobile Applications: A User Study.
Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, 2015

Differentially Private Publishing of High-dimensional Data Using Sensitivity Control.
Proceedings of the 10th ACM Symposium on Information, 2015

2014
Generating Summary Risk Scores for Mobile Applications.
IEEE Trans. Dependable Sec. Comput., 2014

Effective Risk Communication for Android Apps.
IEEE Trans. Dependable Sec. Comput., 2014

A Study of Probabilistic Password Models.
Proceedings of the 2014 IEEE Symposium on Security and Privacy, 2014

PriView: practical differentially private release of marginal contingency tables.
Proceedings of the International Conference on Management of Data, 2014

User Comment Analysis for Android apps and CSPI Detection with Comment Expansion.
Proceedings of the Proceeding of the 1st International Workshop on Privacy-Preserving IR: When Information Retrieval Meets Privacy and Security co-located with 37th Annual International ACM SIGIR conference, 2014

Detecting Insider Information Theft Using Features from File Access Logs.
Proceedings of the Computer Security - ESORICS 2014, 2014

2013
The Foundational Work of Harrison-Ruzzo-Ullman Revisited.
IEEE Trans. Dependable Sec. Comput., 2013

Understanding Hierarchical Methods for Differentially Private Histograms.
PVLDB, 2013

Differentially private grids for geospatial data.
Proceedings of the 29th IEEE International Conference on Data Engineering, 2013

Efficient and accurate strategies for differentially-private sliding window queries.
Proceedings of the Joint 2013 EDBT/ICDT Conferences, 2013

Membership privacy: a unifying framework for privacy definitions.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

2012
Slicing: A New Approach for Privacy Preserving Data Publishing.
IEEE Trans. Knowl. Data Eng., 2012

PrivBasis: Frequent Itemset Mining with Differential Privacy.
PVLDB, 2012

Differentially Private Grids for Geospatial Data
CoRR, 2012

PrivBasis: Frequent Itemset Mining with Differential Privacy
CoRR, 2012

On XACML's Adequacy to Specify and to Enforce HIPAA.
Proceedings of the 3rd USENIX Workshop on Health Security and Privacy, 2012

Android permissions: a perspective combining risks and benefits.
Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, 2012

Anonymizing Network Traces with Temporal Pseudonym Consistency.
Proceedings of the 32nd International Conference on Distributed Computing Systems Workshops (ICDCS 2012 Workshops), 2012

On practical specification and enforcement of obligations.
Proceedings of the Second ACM Conference on Data and Application Security and Privacy, 2012

Minimizing private data disclosures in the smart grid.
Proceedings of the ACM Conference on Computer and Communications Security, 2012

Recursive partitioning and summarization: a practical framework for differentially private data publishing.
Proceedings of the 7th ACM Symposium on Information, Compuer and Communications Security, 2012

Using probabilistic generative models for ranking risks of Android apps.
Proceedings of the ACM Conference on Computer and Communications Security, 2012

On sampling, anonymization, and differential privacy or, k-anonymization meets differential privacy.
Proceedings of the 7th ACM Symposium on Information, Compuer and Communications Security, 2012

CodeShield: towards personalized application whitelisting.
Proceedings of the 28th Annual Computer Security Applications Conference, 2012

2011
Trust Management.
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

Discretionary Access Control.
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

Combining Discretionary Policy with Mandatory Information Flow in Operating Systems.
ACM Trans. Inf. Syst. Secur., 2011

Introduction to special section SACMAT'08.
ACM Trans. Inf. Syst. Secur., 2011

On the Complexity of Authorization in RBAC under Qualification and Security Constraints.
IEEE Trans. Dependable Sec. Comput., 2011

Security Risk Management Using Incentives.
IEEE Security & Privacy, 2011

Provably Private Data Anonymization: Or, k-Anonymity Meets Differential Privacy
CoRR, 2011

Fine-grained integration of access control policies.
Computers & Security, 2011

Beyond Risk-Based Access Control: Towards Incentive-Based Access Control.
Proceedings of the Financial Cryptography and Data Security, 2011

Attack on the GridCode one-time password.
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, 2011

2010
Analysis Techniques for Information Security
Synthesis Lectures on Information Security, Privacy, and Trust, Morgan & Claypool Publishers, 2010

Closeness: A New Privacy Measure for Data Publishing.
IEEE Trans. Knowl. Data Eng., 2010

Satisfiability and Resiliency in Workflow Authorization Systems.
ACM Trans. Inf. Syst. Secur., 2010

Mining Roles with Multiple Objectives.
ACM Trans. Inf. Syst. Secur., 2010

Minimizing Minimality and Maximizing Utility: Analyzing Method-based attacks on Anonymized Data.
PVLDB, 2010

Nonparametric Bayesian Matrix Factorization by Power-EP.
Proceedings of the Thirteenth International Conference on Artificial Intelligence and Statistics, 2010

EXAM: a comprehensive environment for the analysis of access control policies.
Int. J. Inf. Sec., 2010

Mining roles with noisy data.
Proceedings of the 15th ACM Symposium on Access Control Models and Technologies, 2010

Towards analyzing complex operating system access control configurations.
Proceedings of the 15th ACM Symposium on Access Control Models and Technologies, 2010

2009
Symmetric Encryption.
Proceedings of the Encyclopedia of Database Systems, 2009

Homomorphic Encryption.
Proceedings of the Encyclopedia of Database Systems, 2009

Data Encryption.
Proceedings of the Encyclopedia of Database Systems, 2009

Asymmetric Encryption.
Proceedings of the Encyclopedia of Database Systems, 2009

Resiliency Policies in Access Control.
ACM Trans. Inf. Syst. Secur., 2009

Automated trust negotiation using cryptographic credentials.
ACM Trans. Inf. Syst. Secur., 2009

TIAMAT: a Tool for Interactive Analysis of Microdata Anonymization Techniques.
PVLDB, 2009

Privacy-preserving incremental data dissemination.
Journal of Computer Security, 2009

Denial of service attacks and defenses in decentralized trust management.
Int. J. Inf. Sec., 2009

Policy framework for security and privacy management.
IBM Journal of Research and Development, 2009

Analysis of privacy and security policies.
IBM Journal of Research and Development, 2009

Slicing: A New Approach to Privacy Preserving Data Publishing
CoRR, 2009

An efficient framework for user authorization queries in RBAC systems.
Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, 2009

An algebra for fine-grained integration of XACML policies.
Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, 2009

Evaluating role mining algorithms.
Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, 2009

Trojan horse resistant discretionary access control.
Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, 2009

Access control policy combining: theory meets practice.
Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, 2009

Analyzing and Comparing the Protection Quality of Security Enhanced Operating Systems.
Proceedings of the Network and Distributed System Security Symposium, 2009

On the tradeoff between privacy and utility in data publishing.
Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Paris, France, June 28, 2009


On the (In)Security and (Im)Practicality of Outsourcing Precise Association Rule Mining.
Proceedings of the ICDM 2009, 2009

Modeling and Integrating Background Knowledge in Data Anonymization.
Proceedings of the 25th International Conference on Data Engineering, 2009

Defeating Cross-Site Request Forgery Attacks with Browser-Enforced Authenticity Protection.
Proceedings of the Financial Cryptography and Data Security, 2009

Usable Access Control in Collaborative Environments: Authorization Based on People-Tagging.
Proceedings of the Computer Security, 2009

WORM-SEAL: Trustworthy Data Retention and Verification for Regulatory Compliance.
Proceedings of the Computer Security, 2009

2008
Purpose based access control for privacy protection in relational database systems.
VLDB J., 2008

Towards Formal Verification of Role-Based Access Control Policies.
IEEE Trans. Dependable Sec. Comput., 2008

Algebraic Construction for Zero-Knowledge Sets.
J. Comput. Sci. Technol., 2008

Beyond separation of duty: An algebra for specifying high-level security policies.
J. ACM, 2008

Towards optimal k-anonymization.
Data Knowl. Eng., 2008

Mining roles with semantic meanings.
Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, 2008

Policy decomposition for collaborative access control.
Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, 2008

EXAM: An Environment for Access Control Policy Analysis and Management.
Proceedings of the 9th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2008), 2008

PRECIP: Towards Practical and Retrofittable Confidential Information Protection.
Proceedings of the Network and Distributed System Security Symposium, 2008

How to make Discretionary Access Control secure against trojan horses.
Proceedings of the 22nd IEEE International Symposium on Parallel and Distributed Processing, 2008

Injector: Mining Background Knowledge for Data Anonymization.
Proceedings of the 24th International Conference on Data Engineering, 2008

On the Security of Delegation in Access Control Systems.
Proceedings of the Computer Security, 2008

Access Control Friendly Query Verification for Outsourced Data Publishing.
Proceedings of the Computer Security, 2008

2007
On mutually exclusive roles and separation-of-duty.
ACM Trans. Inf. Syst. Secur., 2007

A theory for comparing the expressive power of access control models.
Journal of Computer Security, 2007

A Critique of the ANSI Standard on Role-Based Access Control.
IEEE Security & Privacy, 2007

A roadmap for comprehensive online privacy policy management.
Commun. ACM, 2007

On the Correctness Criteria of Fine-Grained Access Control in Relational Databases.
Proceedings of the 33rd International Conference on Very Large Data Bases, 2007

Usable Mandatory Integrity Protection for Operating Systems.
Proceedings of the 2007 IEEE Symposium on Security and Privacy (S&P 2007), 2007

t-Closeness: Privacy Beyond k-Anonymity and l-Diversity.
Proceedings of the 23rd International Conference on Data Engineering, 2007

Dynamic Virtual Credit Card Numbers.
Proceedings of the Financial Cryptography and Data Security, 2007

Satisfiability and Resiliency in Workflow Systems.
Proceedings of the Computer Security, 2007

Efficient k -Anonymization Using Clustering Techniques.
Proceedings of the Advances in Databases: Concepts, 2007

Direct static enforcement of high-level security policies.
Proceedings of the 2007 ACM Symposium on Information, Computer and Communications Security, 2007

Administration in role-based access control.
Proceedings of the 2007 ACM Symposium on Information, Computer and Communications Security, 2007

Universal Accumulators with Efficient Nonmembership Proofs.
Proceedings of the Applied Cryptography and Network Security, 5th International Conference, 2007

2006
Safety in automated trust negotiation.
ACM Trans. Inf. Syst. Secur., 2006

Security analysis in role-based access control.
ACM Trans. Inf. Syst. Secur., 2006

OACerts: Oblivious Attribute Certificates.
IEEE Trans. Dependable Sec. Comput., 2006

Understanding SPKI/SDSI using first-order logic.
Int. J. Inf. Sec., 2006

A semantics based approach to privacy languages.
Comput. Syst. Sci. Eng., 2006

Denial of Service Attacks and Defenses in Decentralized Trust Management.
Proceedings of the Second International Conference on Security and Privacy in Communication Networks and the Workshops, 2006

Secure Anonymization for Incremental Datasets.
Proceedings of the Secure Data Management, Third VLDB Workshop, SDM 2006, Seoul, Korea, 2006

Achieving privacy in mesh networks.
Proceedings of the 4th ACM Workshop on Security of ad hoc and Sensor Networks, 2006

Constraint generation for separation of duty.
Proceedings of the 11th ACM Symposium on Access Control Models and Technologies, 2006

Distributed Credential Chain Discovery in Trust Management with Parameterized Roles and Constraints (Short Paper).
Proceedings of the Information and Communications Security, 8th International Conference, 2006

A Construction for General and Efficient Oblivious Commitment Based Envelope Protocols.
Proceedings of the Information and Communications Security, 8th International Conference, 2006

Optimal k-Anonymity with Flexible Generalization Schemes through Bottom-up Searching.
Proceedings of the Workshops Proceedings of the 6th IEEE International Conference on Data Mining (ICDM 2006), 2006

Beyond separation of duty: an algebra for specifying high-level security policies.
Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, USA, Ioctober 30, 2006

Resiliency policies in access control.
Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, USA, Ioctober 30, 2006

2005
Beyond proof-of-compliance: security analysis in trust management.
J. ACM, 2005

Oblivious signature-based envelope.
Distributed Computing, 2005

On Safety in Discretionary Access Control.
Proceedings of the 2005 IEEE Symposium on Security and Privacy (S&P 2005), 2005

Purpose based access control of complex data for privacy protection.
Proceedings of the 10th ACM Symposium on Access Control Models and Technologies, 2005

Policy-hiding access control in open environment.
Proceedings of the Twenty-Fourth Annual ACM Symposium on Principles of Distributed Computing, 2005

Privacy-Preserving Database Systems.
Proceedings of the Foundations of Security Analysis and Design III, 2005

Automated trust negotiation using cryptographic credentials.
Proceedings of the 12th ACM Conference on Computer and Communications Security, 2005

OACerts: Oblivious Attribute Certificates.
Proceedings of the Applied Cryptography and Network Security, 2005

2004
A formal semantics for P3P.
Proceedings of the 1st ACM Workshop On Secure Web Services, 2004

Safety in Automated Trust Negotiation.
Proceedings of the 2004 IEEE Symposium on Security and Privacy (S&P 2004), 2004

Security analysis in role-based access control.
Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, 2004

Comparing the expressive power of access control models.
Proceedings of the 11th ACM Conference on Computer and Communications Security, 2004

On mutually-exclusive roles and separation of duty.
Proceedings of the 11th ACM Conference on Computer and Communications Security, 2004

Securing Java RMI-Based Distributed Applications.
Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC 2004), 2004

A Framework for Role-Based Access Control in Group Communication Systems.
Proceedings of the ISCA 17th International Conference on Parallel and Distributed Computing Systems, 2004

2003
Delegation logic: A logic-based approach to distributed authorization.
ACM Trans. Inf. Syst. Secur., 2003

Distributed Credential Chain Discovery in Trust Management.
Journal of Computer Security, 2003

Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management.
Proceedings of the 2003 IEEE Symposium on Security and Privacy (S&P 2003), 2003

Oblivious signature-based envelope.
Proceedings of the Twenty-Second ACM Symposium on Principles of Distributed Computing, 2003

DATALOG with Constraints: A Foundation for Trust Management Languages.
Proceedings of the Practical Aspects of Declarative Languages, 5th International Symposium, 2003

A Role-based Trust-management Framework.
Proceedings of the 3rd DARPA Information Survivability Conference and Exposition (DISCEX-III 2003), 2003

Understanding SPKI/SDSI Using First-Order Logic.
Proceedings of the 16th IEEE Computer Security Foundations Workshop (CSFW-16 2003), 30 June, 2003

2002
Protecting sensitive attributes in automated trust negotiation.
Proceedings of the 2002 ACM Workshop on Privacy in the Electronic Society, 2002

Design of a Role-Based Trust-Management Framework.
Proceedings of the 2002 IEEE Symposium on Security and Privacy, 2002

Towards Practical Automated Trust Negotiation.
Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY 2002), 2002

2001
Nonmonotonicity, User Interfaces, and Risk Assessment in Certificate Revocation.
Proceedings of the Financial Cryptography, 2001

Distributed credential chain discovery in trust management: extended abstract.
Proceedings of the CCS 2001, 2001

2000
A Practically Implementable and Tractable Delegation Logic.
Proceedings of the 2000 IEEE Symposium on Security and Privacy, 2000

Local Names in SPKI/SDSI.
Proceedings of the 13th IEEE Computer Security Foundations Workshop, 2000

1999
A Logic-based Knowledge Representation for Authorization with Delegation.
Proceedings of the 12th IEEE Computer Security Foundations Workshop, 1999


  Loading...