Research

I am interested in security pedagogy, applied cryptography, efficient secure computation, delegating work securely to untrusted participants, provable security, electronic privacy, trusted component minimization, and the science of building secure systems.

If you are a student and interesting in working with me as an independent study, a senior project, a summer research project, a club activity, etc, then check out my advising page.

Publications

  • Francisco Tacliad, Thuy D. Nguyen and Mark Gondree, "DoS Exploitation of Allen-Bradley's Legacy Protocol through Fuzz Testing," in the Annual Industrial Control System Security (ICSS) Workshop at ACSAC 2017.
  • Peyton Price, Nicholas Leyba, Mark Gondree, Zachary Staples, and Thomas Parker. "Asset Criticality in Mission Reconfigurable Cyber Systems and its Contribution to Key Cyber Terrain," Hawaii International Conference on System Sciences, 2017.
  • Portia Pusey, Mark Gondree, Zachary Peterson. "The Outcomes of Cybersecurity Competitions and Implications for Underrepresented Populations," IEEE Security & Privacy, Volume 14, Issue 6 (Nov/Dec), 2016.
  • Mark Gondree, Zachary Peterson, and Portia Pusey. "Talking about talking about cybersecurity games," USENIX ;login; 41(1):36--39, Spring 2016.
  • Thuy D. Nguyen and Mark Gondree, "Teaching Industrial Control System Security Using Collaborative Projects," in the Conference on Cybersecurity of Industrial Control Systems (CyberICS) at ESORICS, 2015, pp. 16--30.
  • Tanya Flushman, Mark Gondree, and Zachary N.J. Peterson, "This is Not a Game: Early Observations on Using Alternate Reality Games for Teaching Security Concepts to First-Year Undergraduates," in 8th USENIX Workshop on Cyber Security Experimentation and Test (CSET'15), 2015.
  • Thuy D. Nguyen, Mark Gondree, Jean Khosalim, and Cynthia E. Irvine, "Re-thinking Kernelized MLS Database Architectures in the Context of Cloud-Scale Data Stores." International Symposium on Engineering Secure Software and Systems (ESSoS), pp. 86--101, 2015.
  • Timothy Peters, Mark Gondree, and Zachary N.J. Peterson. "DEFY: A Deniable, Encrypted File System for Log-Structured Storage," in Proceedings of the Network and Distributed System Security (NDSS) Symposium, 2015.
  • Mark Gondree, "Capturing Capture the Flag: Further Discussions," USENIX ;login: 39(6), Dec. 2014.
  • Thuy D. Nguyen, Mark A. Gondree, Jean Khosalim, and Cynthia E. Irvine, "Towards a Cross-Domain MapReduce Framework." MILCOM 2013, pp. 1436--1441.
  • Mark Gondree and Zachary N. J. Peterson. "Valuing Security by Getting [d0x3d!]: Experiences with a Network Security Board Game," in 6th USENIX Workshop on Cyber Security Experimentation and Test (CSET'13), 2013.
  • Mark Gondree, Zachary N. J. Peterson, Tamara Denning. "Security through Play," IEEE Security & Privacy, Volume 11, Issue 3 (May/June), pp. 64-67, 2013.
  • Mark Gondree and Zachary N. J. Peterson. "Geolocation of Data in the Cloud," in ACM Conference on Data and Application Security and Privacy (CODASPY), pp. 25-36, 2013.
  • Thuy D. Nguyen, Mark A. Gondree, Jean Khosalim, David J. Shifflett, Timothy Levin and Cynthia Irvine, "An Approach for Cross-Domain Intrusion Detection," International Conference on Information Warfare and Security (ICIW 2012), 2012.
  • Zachary N. J. Peterson, Mark Gondree and Robert Beverly, "A Position Paper on Data Sovereignty: The Importance of Geolocating Data in the Cloud," in 3rd USENIX Workshop on Hot Topics in Cloud Computing (HotCloud'11), 2011.
  • Thuy D. Nguyen, Mark A. Gondree, David J. Shifflett, Jean Khosalim, Timothy E. Levin, Cynthia E. Irvine. "A Cloud-Oriented Cross-Domain Security Architecture." MILCOM 2010, pp. 441--447.
  • Mark Gondree and Payman Mohassel. "Longest Common Subsequence as Private Search." WPES 2009, pp. 81--90.
  • Cynthia E. Irvine, Thuy D. Nguyen, David J. Shifflett, Timothy E. Levin, Jean Khosalim, Charles Prince, Paul C. Clark, Mark Gondree. "MYSEA: the Monterey Security Architecture." Scalable Trusted Computing (STC) 2009, pp. 39-48.
  • Matthew Franklin, Mark Gondree and Payman Mohassel. "Communication-Efficient Private Protocols for Longest Common Subsequence." RSA Conference, Cryptographer's Track (CT-RSA 2009), pp. 265--278.
  • Matthew Franklin, Mark Gondree and Payman Mohassel. "Multi-Party Indirect Indexing and Applications." ASIACRYPT 2007, pp. 283-297.
  • Earl Barr, Matt Bishop and Mark Gondree, "Fixing Federal E-Voting Standards," Communications of the ACM 50(3) pp. 19--24 (Mar. 2007).
  • Matthew Franklin, Mark Gondree and Payman Mohassel. "Improved Efficiency for Private Stable Matching." RSA Conference, Cryptographer's Track (CT-RSA 2007), pp. 163--177.

Technical Reports, Miscellany

  • E. Barr, M. Bishop, D. DeFigueiredo, M. Gondree, P. Wheeler. "Toward Clarifying Election Systems Standards," CSE-2005-21, Sept. 2005.
  • M. Gondree, P. Wheeler, D. DeFigueiredo. "A critique of the 2002 FEC VSPT E-Voting Standards," CSE-2005-20, Sept. 2005.
  • Benjamin J. Culpepper and Mark Gondree. "SVMs for Improved Branch Prediction," report for Computer Architecture, Fall 2004. (Relatedly, Jimenez's piecewise linear predictor [Dec 2004] does a good job with less overhead in learning approximations of non-linear behavior, than the scheme proposed in this class project.)