Journal Publications
A systematic analysis of the science of sandboxing
Michael Maass, Adam Sales, Benjamin Chung, and Joshua Sunshine.
PeerJ. January 2016.
Conference Publications
Evaluating the Flexibility of the Java Sandbox
Zach Coker, Michael Maass, Tianyuan Ding, Claire Le Goues, and Joshua Sunshine.
Annual Computer Security Applications Conference. Los Angeles, California, December 2015.
In-Nimbo Sandboxing
Michael Maass, William L. Scherlis, and Jonathan Aldrich.
Symposium and Bootcamp on the Science of Security. Raleigh, North Carolina, April 2014.
Slides (PDF)* Slides (ODP)
*Transparency shifts do not appear in the PDF copy of the slides, which may make some animated figures harder to read.
How does your password measure up? The effect of strength meters on password creation
Blase Ur, Patrick Gage Kelley, Saranga Komanduri, Joel Lee, Michael Maass, Michelle Mazurek, Timothy Passaro, Richard Shay, Timothy Vidas, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor.
In Proceedings of the 21st USENIX Security Symposium. Bellevue, Washington, August 2012.
Slides (by Blase Ur)
Magazine Articles
Helping Users Create Better Passwords
Blase Ur, Patrick Gage Kelley, Saranga Komanduri, Joel Lee, Michael Maass, Michelle L. Mazurek, Timothy Passaro, Richard Shay, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Serge Egelman, Julio López.
USENIX ;login: magazine, Volume 37, Number 6. December 2012.
Technical Reports
Instrumenting V8 to Measure the Efficacy of Dynamic Optimizations on Production Code
Michael Maass, Ilari Shafer.
in Institute for Software Research Technical Reports 2013, Carnegie Mellon University.
See website: Quantifying Optimization Efficacy
Unpublished Research
A Type-safe, TPM Backed TLS Infrastructure with Kuhn Li and Mike Ralph