I am an Assistant Professor at the University of Illinois at Chicago in the Department of Computer Science.

Contact information:

What I look like
Research interests

I conduct research on the socio-technical aspects of cybersecurity. My current work includes analysis of gains and losses due to undesirable activity on the Internet, investigating human factors in effective Internet security mechanisms, and building new technological primitives with the goal of increasing the practical security and privacy of Internet users.

I am very interested in new collaborations, motivated students, and lively conversation regarding security research - please reach out via email or twitter if you’d like to chat!

Selected media coverage

Our feature usage paper on The Provocateur Podcast, July 31 2017
Cloudsweeper on Science Friday, July 12 2013
Show Me the Money in The Economist, Oct 15th 2011
Click Trajectories in The New York Times (and the editorial), May 2011
Spamalytics in Wired magazine, March 2011

Active Projects

Cloudsweeper allows users to audit, encrypt, and redact sensitive information within cloud storage accounts. This project helps us better understand the role of cleartext password emailing, the underground value of stolen accounts, and new ways to improve the security of sensitive, globally accessible information.

The CRISP project is building a new web front end language and paradigm to enable rich document publishing while providing greatly increased privacy and security over traditional HTML/JS/CSS based sites.

Our Harm Measurement research effort aims to characterize and quantify the damage experienced by victims of cybercrime.

Students

Ph.D. students:

Alums:

Advice for prospective students

Teaching
Professional Activities

This year I’m chairing the Second Workshop on Targeted Attacks co-located with the Financial Cryptography conference in Curaçao on March 2, 2018. I encourage you to submit any research that focuses on targeted attacks, whether it’s their methods, targets, defenses, impacts, or any other aspect. The paper submission deadline is December 12th.

Beyond that, I do/have done:

Selected publications
  1. Peter Snyder, Cynthia Taylor, and Chris Kanich, “Most Websites Don’t Need to Vibrate: A Cost–Benefit Approach to Improving Browser Security,” in Proceedings of the 2017 ACM Conference on Computer and Communications Security, 2017.
  2. Peter Snyder, Periwinkle Doerfler, Chris Kanich, and Damon McCoy, “Fifteen Minutes of Unwanted Fame: Detecting and Characterizing Doxing,” in Proceedings of the 2017 Internet Measurement Conference, 2017.
  3. Ivan Brugere, Chris Kanich, and Tanya Berger-Wolf, “Evaluating Social Networks Using Task-Focused Network Inference,” in Proceedings of the 2017 Workshop on Mining and Learning with Graphs, 2017. PDF
  4. Pete Snyder, Laura Waitker, Cynthia Taylor, and Chris Kanich, “CDF: Predictably Secure Web Documents,” in Proceedings of the Workshop on Technology and Consumer Protection, 2017. PDF
  5. Mohammad Taha Khan and Chris Kanich, “Old is Still Gold: A Comparison of Cyber and Traditional Consumer Fraud in The United States,” in Proceedings of the Workshop on Technology and Consumer Protection, 2017. PDF
  6. Sara Amini and Chris Kanich, “Characterizing Malware Infection and Remediation Through Support Forum Analysis,” in Proceedings of the Symposium on Electronic Crime Research (IEEE), 2017. PDF
  7. Peter Snyder, Lara Ansari, Cynthia Taylor, and Chris Kanich, “Browser Feature Usage on the Modern Web,” in Proceedings of the 2016 Internet Measurement Conference, 2016. PDF
  8. Peter Snyder and Chris Kanich, “Characterizing Fraud and Its Ramifications in Affiliate Marketing Networks,” Journal of Cybersecurity, 2016.
  9. Peter Snyder, Michael K. Reiter, and Chris Kanich, “The Effect of Repeated Login Prompts on Phishing Susceptibility,” in Proceedings of the Workshop on Learning from Authoritative Security Experiment Results, 2016. PDF
  10. Mohammad Taha Khan and Chris Kanich, “High Fidelity, High Risk, High Reward: Using High-Fidelity Networking Data in Ethically Sound Research,” in Proceedings of the ACM SIGCOMM Workshop on Ethics in Networked Systems, 2015. PDF
  11. Peter Snyder and Chris Kanich, “No Please, After You: Detecting Fraud in Affiliate Marketing Networks,” in Workshop on the Economics of Information Security, 2015. PDF
  12. Mohammad Taha Khan, Xiang Huo, Zhou Li, and Chris Kanich, “Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting,” in Proceedings of the 36th IEEE Symposium on Security and Privacy, 2015. PDF
  13. Jason W. Clark, Peter Snyder, Damon McCoy, and Chris Kanich, “I Saw Images I Didn’t Even Know I Had: Understanding User Perceptions of Cloud Storage Privacy,” in Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, 2015. PDF
  14. Peter Snyder and Chris Kanich, “One Thing Leads to Another: Credential Based Privilege Escalation,” in Proceedings of the 5th ACM Conference on Data and Application Security and Privacy (Poster Session), 2015. PDF
  15. Sruti Bhagavatula, Christopher Dunn, Chris Kanich, Minaxi Gupta, and Brian Ziebart, “Leveraging Machine Learning to Improve Unwanted Resource Filtering,” in Proceedings of the 7th ACM Workshop on Artificial Intelligence and Security, 2014. PDF
  16. Janos Szurdi, Balazs Kocso, Gabor Cseh, Jonathan Spring, Mark Felegyhazi, and Chris Kanich, “The Long ‘Taile’ of Typosquatting Domain Names,” in Proceedings of the USENIX Security Symposium, 2014. PDF
  17. Peter Snyder and Chris Kanich, “Cloudsweeper and Data-Centric Security,” ACM SIGCAS Computers and Society, vol. 44, no. 2, pp. 8–10, Jul. 2014. PDF
  18. Peter Snyder and Chris Kanich, “Cloudsweeper: Enabling Data-Centric Document Management for Secure Cloud Archives,” in Proceedings of the ACM Cloud Computing Security Workshop, 2013. PDF
  19. Kirill Levchenko, Andreas Pitsillidis, Neha Chachra, Brandon Enright, Mark Felegyhazi, Chris Grier, Tristan Halvorson, Chris Kanich, Christian Kreibich, He Liu, Damon McCoy, Nicholas Weaver, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, “Click Trajectories: End-to-End Analysis of the Spam Value Chain,” in Proceedings of the IEEE Symposium on Security and Privacy, 2011. PDF
  20. Marti Motoyama, Kirill Levchenko, Chris Kanich, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage, “Re: CAPTCHAs – Understanding CAPTCHA Solving from an Economic Context,” in Proceedings of the 19th USENIX Security Symposium, 2010. PDF
  21. Chris Kanich, Christian Kreibich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage, “Spamalytics: An Empirical Analysis of Spam Marketing Conversion,” in Proceedings of the 15th ACM Conference on Computer and Communications Security, 2008. PDF

I maintain a local full publication list and I also try to keep my Google Scholar profile free of false positives and dupes.

view site source