Simson L. Garfinkel

  • U.S. Department of Homeland Security, Washington, DC, USA
  • U.S. Census Bureau, Center for Disclosure Avoidance Research, Suitland, MD, USA
  • National Institute of Standards and Technology, Gaithersberg, MD, USA
  • Naval Postgraduate School, Washington, DC, USA
  • Massachusetts Institute of Technology, CSAIL, Cambridge, MA, USA

According to our database1, Simson L. Garfinkel authored at least 98 papers between 1995 and 2023.

Collaborative distances:


ACM Fellow

ACM Fellow 2012, "For contributions to digital forensics and to computer security education.".



In proceedings 
PhD thesis 


Online presence:



In Memoriam: Frederick P. Brooks, Jr. 1931-2022.
Commun. ACM, 2023

Sharpening Your Tools: Updating bulk_extractor for the 2020s.
CoRR, 2022

The 2020 Census Disclosure Avoidance System TopDown Algorithm.
CoRR, 2022

In memoriam: Juris Hartmanis 1928-2022.
Commun. ACM, 2022

Charles M. Geschke (1939-2021).
Commun. ACM, 2021

Jack Minker (1927 - 2021).
Commun. ACM, 2021

Edmund M. Clarke (1945 - 2020).
Commun. ACM, 2021

An Uncertainty Principle is a Price of Privacy-Preserving Microdata.
Proceedings of the Advances in Neural Information Processing Systems 34: Annual Conference on Neural Information Processing Systems 2021, 2021

SIGINFO: The Tricky Cryptographic Hash Function.
login Usenix Mag., 2020

SIGINFO: Everything Is a Punch Card.
login Usenix Mag., 2020

A File System For Write-Once Media.
CoRR, 2020

Fran Allen: 1932-2020.
Commun. ACM, 2020

Randomness Concerns when Deploying Differential Privacy.
Proceedings of the WPES'20: Proceedings of the 19th Workshop on Privacy in the Electronic Society, 2020

Understanding database reconstruction attacks on public data.
Commun. ACM, 2019

Issues Encountered Deploying Differential Privacy.
Proceedings of the 2018 Workshop on Privacy in the Electronic Society, 2018

Picking up the trash: Exploiting generational GC for memory analysis.
Digit. Investig., 2017

Toward algorithmic transparency and accountability.
Commun. ACM, 2017

Lessons Learned from Using an Online Platform to Conduct Large-Scale, Online Controlled Security Experiments with Software Developers.
Proceedings of the 10th USENIX Workshop on Cyber Security Experimentation and Test, 2017

Comparing the Usability of Cryptographic APIs.
Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017

Present but Unreachable: Reducing Persistentlatent Secrets in HotSpot JVM.
Proceedings of the 50th Hawaii International Conference on System Sciences, 2017

Organizational practices in cryptographic development and testing.
Proceedings of the 2017 IEEE Conference on Communications and Network Security, 2017

Secure and Usable Enterprise Authentication: Lessons from the Field.
IEEE Secur. Priv., 2016

Privacy-Preserving IR 2016: Differential Privacy, Search, and Social Media.
Proceedings of the 39th International ACM SIGIR conference on Research and Development in Information Retrieval, 2016

The Expanding World of Digital Forensics.
login Usenix Mag., 2015

Hash-based carving: Searching media for complete files and file fragments with sector hashing and hashdb.
Digit. Investig., 2015

Usable Security: History, Themes, and Challenges
Synthesis Lectures on Information Security, Privacy, and Trust, Morgan & Claypool Publishers, 2014

Can We Sniff Wi-Fi?: Implications of Joffe v. Google.
IEEE Secur. Priv., 2014

Leaking Sensitive Information in Complex Document Files-and How to Prevent It.
IEEE Secur. Priv., 2014

Analysis of the Use of XOR as an Obfuscation Technique in a Real Data Corpus.
Proceedings of the Advances in Digital Forensics X, 2014

Book Review: iPhone and iOS Forensic: Investigation, Analysis and Mobile Security for Apple iPhone, iPad and iOS Devices.
J. Digit. Forensics Secur. Law, 2013

Language translation for file paths.
Digit. Investig., 2013

Digital media triage with bulk data analysis and bulk_extractor.
Comput. Secur., 2013

Programming Unicode.
login Usenix Mag., 2012

Column: Factors Affecting Data Decay.
J. Digit. Forensics Secur. Law, 2012

A general strategy for differential forensic analysis.
Digit. Investig., 2012

Lessons learned writing digital forensics tools and managing a 30TB digital evidence corpus.
Digit. Investig., 2012

Digital forensics XML and the DFXML toolset.
Digit. Investig., 2012

Distinct Sector Hashes for Target File Detection.
Computer, 2012

The cybersecurity risk.
Commun. ACM, 2012

Column: File Cabinet Forensics.
J. Digit. Forensics Secur. Law, 2011

Column: Every Last Byte.
J. Digit. Forensics Secur. Law, 2011

Challenges in Monitoring Cyberarms Compliance.
Int. J. Cyber Warf. Terror., 2011

Operations with Degraded Security.
IEEE Secur. Priv., 2011

Forensic carving of network packets and associated data structures.
Digit. Investig., 2011

Extending digital repository architectures to support disk image preservation and access.
Proceedings of the 2011 Joint International Conference on Digital Libraries, 2011

Finding Anomalous and Suspicious Files from Directory Metadata on a Large Corpus.
Proceedings of the Digital Forensics and Cyber Crime - Third International ICST Conference, 2011

An Automated Solution to the Multiuser Carved Data Ascription Problem.
IEEE Trans. Inf. Forensics Secur., 2010

Using purpose-built functions and block hashes to enable small block and sub-file forensics.
Digit. Investig., 2010

Digital forensics research: The next 10 years.
Digit. Investig., 2010

Institutional review boards and your research.
Commun. ACM, 2010

Wouldn't it be nice to have software labels.
Proceedings of the 2010 Annual ACM SIGAda International Conference on Ada, 2010

Global Analysis of Drive File Times.
Proceedings of the Fifth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering, 2010

Providing Cryptographic Security and Evidentiary Chain-of-Custody with the Advanced Forensic Format, Library, and Tools.
Int. J. Digit. Crime Forensics, 2009

New XML-Based Files Implications for Forensics.
IEEE Secur. Priv., 2009

Bringing science to digital forensics with standardized forensic corpora.
Digit. Investig., 2009

Extending the advanced forensic format to accommodate multiple data sources, logical evidence, arbitrary information and forensic workflow.
Digit. Investig., 2009

Invisible HCI-SEC: ways of re-architecting the operating system to increase usability and security.
Proceedings of the 5th Symposium on Usable Privacy and Security, 2009

File Fragment Classification-The Case for Specialized Approaches.
Proceedings of the Fourth International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering, 2009

Automating Disk Forensic Processing with SleuthKit, XML and Python.
Proceedings of the Fourth International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering, 2009

Sharp Figures, Fuzzy Purpose.
IEEE Secur. Priv., 2008

IRBs and Security Research: Myths, Facts and Mission Creep.
Proceedings of the Usability, Psychology, and Security, 2008

Practical Applications of Bloom Filters to the NIST RDS and Hard Drive Triage.
Proceedings of the Twenty-Fourth Annual Computer Security Applications Conference, 2008

Commodity Grid Computing with Amazon's S3 and EC2.
login Usenix Mag., 2007

Complete delete vs. time machine computing.
ACM SIGOPS Oper. Syst. Rev., 2007

Document & Media Exploitation.
ACM Queue, 2007

Carving contiguous and fragmented files with fast object validation.
Digit. Investig., 2007

Bitfrost: the one laptop per child security model.
Proceedings of the 3rd Symposium on Usable Privacy and Security, 2007

Guest Editors' Introduction: Data Surveillance.
IEEE Secur. Priv., 2006

Forensic feature extraction and cross-drive analysis.
Digit. Investig., 2006

AFF: a new format for storing hard drive images.
Commun. ACM, 2006

One Big File Is Not Enough: A Critical Evaluation of the Dominant Free-Space Sanitization Technique.
Proceedings of the Privacy Enhancing Technologies, 6th International Workshop, 2006

Issues in Automatic Provenance Collection.
Proceedings of the Provenance and Annotation of Data, 2006

AFF: An Open Extensible Format for Disk Imaging.
Proceedings of the Advances in Digital Forensics II - IFIP International Conference on Digital Forensics, National Centre for Forensic Science, Orlando, Florida, USA, January 29, 2006

Do security toolbars actually prevent phishing attacks?
Proceedings of the 2006 Conference on Human Factors in Computing Systems, 2006

Design principles and patterns for computer systems that are simultaneously secure and usable.
PhD thesis, 2005

RFID Privacy: An Overview of Problems and Proposed Solutions.
IEEE Secur. Priv., 2005

Johnny 2: a user test of key continuity management with S/MIME and Outlook Express.
Proceedings of the 1st Symposium on Usable Privacy and Security, 2005

Views, Reactions and Impact of Digitally-Signed Mail in e-Commerce.
Proceedings of the Financial Cryptography and Data Security, 2005

How to make secure email easier to use.
Proceedings of the 2005 Conference on Human Factors in Computing Systems, 2005

Guest Editors' Introduction: Secure or Usable?
IEEE Secur. Priv., 2004

Used Disk Drives.
Proceedings of the 18th Conference on Systems Administration (LISA 2004), 2004

Remembrance of Data Passed: A Study of Disk Sanitization Practices.
IEEE Secur. Priv., 2003

Email-Based Identification and Authentication: An Alternative to PKI?
IEEE Secur. Priv., 2003

Leaderless resistance today.
First Monday, 2003

IEEE Security & Privacy: Data Forensics - Rememberance of Data Passed: A Study of Disk Sanitization Practices.
IEEE Distributed Syst. Online, 2003

Enabling Email Confidentiality through the use of Opportunistic Encryption.
Proceedings of the 2003 Annual National Conference on Digital Government Research, 2003

Practical Unix and internet security - securing Solaris, Mac OS X, Linux and FreeBSD: extensivley revised (3. ed.).
O'Reilly, ISBN: 978-0-596-00323-4, 2003

Building Cocoa applications - a step-by-step guide.
O'Reilly, ISBN: 978-0-596-00235-0, 2002

Database nation - the death of privacy in the 21th century.
O'Reilly, ISBN: 978-0-596-00105-6, 2001

Database nation (book excerpts).
Ubiquity, 2000

My net connection approaches light speed with cable, but that doesn't guarantee victory over DSL.
Proceedings of the Tenth Conference on Computers, 2000

Stopping spam - stamping out unwanted email and news postings.
O'Reilly, ISBN: 978-1-56592-388-1, 1998

Secure CGI/API programming.
World Wide Web J., 1997

Cryptography and the Web.
World Wide Web J., 1997

Web security and commerce - risks, technologies, and strategies.
O'Reilly, ISBN: 978-1-56592-269-3, 1997

Practical UNIX and internet security (2. ed.).
O'Reilly, ISBN: 978-1-56592-148-1, 1996

Risks of Social Security Numbers.
Commun. ACM, 1995

PGP - pretty good privacy: encryption for everyone (2. ed.).
O'Reilly, ISBN: 978-1-56592-098-9, 1995