Office: ENGR 194
Tel: (719) 255-5155
University of Colorado Colorado Springs
Department of Computer Science
1420 Austin Bluffs Parkway
Colorado Springs, CO 80918
Chuan Yue is an Assistant Professor of Computer Science at the University of Colorado Colorado Springs (UCCS). His current research focuses on Web browsing security and collaborative browsing. His broad research interests include Computer and Information Security, Web-based Systems, Human-Computer Interaction, Collaborative Computing, Distributed and Parallel Computing, and Cloud Computing. He received his B.E. and M.E. degrees in Computer Science from the Xidian University, China, in 1996 and 1999, respectively, and his Ph.D. in Computer Science from the College of William and Mary in 2010. He worked as a Member of Technical Staff at Bell Labs China, Lucent Technologies for four years from 1999 to 2003, mainly on the development of Web-based Distributed Service Management System for Intelligent Network.
- UCCS has been designated as a National Center of Academic Excellence in Information Assurance Education (CAEIAE), April 2012. Approval Letter
- UCCS has received the Information Assurance Courseware Evaluation (IACE) Program Certificate, November 2011. Approval Letter
- Graduated Master Students: Jeff Hinson, Christopher Shuster, Derrick Erickson, Anitha Tadimalla, Alex Renger
- I am looking for motivated undergraduate and graduate students to work with me on Web Security and Web-based systems research.
Please stop by my office or send me an email with a brief introduction of yourself. Thank you!
- CS 5920 Applied Cryptography, Spring 2011, Spring 2012, Spring 2013, Spring 2014
- CS 4700/5700 Computability, Automata and Formal Languages, Fall 2012, Fall 2013, Spring 2014
- CS 4910 Introduction to Computer Security, Fall 2013
- CS 6930 Advanced Topics in Web Security and Privacy, Spring 2011, Spring 2013
- CS 5910 Fundamentals of Computer/Network Security, Fall 2011
- CS 1150 Principles of Computer Science, Fall 2010, Fall 2011, Fall 2012
Selected Recent Publications (full list)
- An Analysis of the Virtual Machine Migration Incurred Security Problems in the Cloud.
By Beaulah Navamani, Chuan Yue, Xiaobo Zhou, Edward Chow. To appear in Proceedings of the 3rd ASE International Conference on Cyber Security (CyberSecurity), 2014.
- Vulnerability and Risk Analysis of Two Commercial Browser and Cloud Based Password Managers.[pdf]
By Rui Zhao, Chuan Yue, and Kun Sun. In ASE (Academy of Science and Engineering) Science Journal, 1(4): 1--15, 2013.
(This is an extended version of our PASSAT'13 conference paper "A Security Analysis of Two Commercial Browser and Cloud Based Password Managers".)
(This work was reported by The Oregonian in March 2014, and it has prompted at least one vendor to make some important changes in its password manager.)
- Unveiling Privacy Setting Breaches in Online Social Networks.[pdf]
By Xin Ruan, Chuan Yue, and Haining Wang. In proceedings of the 9th International Conference on Security and Privacy in Communication Networks (SecureComm), 2013.
- The Devil is Phishing: Rethinking Web Single Sign-On Systems Security.[pdf]
By Chuan Yue. In proceedings of the 6th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), 2013.
- Toward Secure and Convenient Browsing Data Management in the Cloud.[pdf]
By Chuan Yue. In proceedings of the 5th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud), 2013.
- All Your Browser-saved Passwords Could Belong to Us: a Security Analysis and a Cloud-based New Design.
By Rui Zhao and Chuan Yue. In proceedings of the ACM Conference on Data and Applications Security (CODASPY), 2013.
(We offered a demonstration of our attack tools and our Cloud-based solution at the conference! Think at least twice before you use any existing password managers!)
By Chuan Yue and Haining Wang. In ACM Transactions on the Web (TWEB), 7(2): 1--39, 2013.
- Preventing the Revealing of Online Passwords to Inappropriate Websites with LoginInspector. (Awarded Best Paper!) [pdf]
By Chuan Yue. In proceedings of the USENIX Large Installation System Administration Conference (LISA), 2012.
- Using Amazon EC2 in Computer and Network Security Lab Exercises: Design, Results, and Analysis.[pdf]
By Chuan Yue, Weiying Zhu, Greg Williams, Edward Chow. In proceedings of the 119th ASEE Annual Conference and Exposition, 2012.
(This is an educational research paper based on my Fall 2011 CS 5910 course. Lab manuals and the related materials are available.)
- Mitigating Cross-Site Form History Spamming Attacks with Domain-based Ranking.[pdf]
By Chuan Yue. In proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2011.
(As mentioned in the paper, the instrumented browser is available for download, and the source code is available upon request.)
- BogusBiter: A Transparent Protection Against Phishing Attacks.
By Chuan Yue and Haining Wang. In ACM Transactions on Internet Technology (TOIT), 10(2): 1--31, 2010.
(This is an extended version of our ACSAC'08 conference paper "Anti-Phishing in Offense and Defense".)
(One U.S. utility patent has been granted to us for this anti-phishing work!)
- An Automatic HTTP Cookie Management System.[pdf]
By Chuan Yue, Mengjun Xie, and Haining Wang. In Journal of Computer Networks (COMNET), Elsevier, 54(13): 2182--2198, 2010.
(This is an extended version of our DSN'07 conference paper "Automatic Cookie Usage Setting with CookiePicker".)
- SessionMagnifier: A Simple Approach to Secure and Convenient Kiosk Browsing.
By Chuan Yue and Haining Wang. In proceedings of the International Conference on Ubiquitous Computing (Ubicomp), 2009.
(One U.S. utility patent has been granted to us for this kiosk browsing work!)
- RCB: A Simple and Practical Framework for Real-time Collaborative Browsing.[pdf]
By Chuan Yue, Zi Chu, and Haining Wang. In proceedings of the USENIX Annual Technical Conference (USENIX ATC), 2009.
(This work was reported by MIT's Technology Review and the Computer Power User magazine.)
- ACM CODASPY 2014, ICNP 2014, IFIP NTMS 2014, IEEE ICC 2014, IEEE GLOBECOM 2014, IEEE NAS 2014
- IEEE GLOBECOM 2013, IEEE ICC 2013, IEEE ICCCN 2013, CTS 2013, IEEE/CIC ICCC 2013, IEEE NAS 2013, InterCloud-HPC 2013, ICCVE 2013
- IEEE GLOBECOM 2012, IEEE ICCCN 2012, COMPSAC 2012, ISSRE 2012, IEEE ISWPC 2012, IEEE NAS 2012, CTS 2012, IFIP NTMS 2012, ICCVE 2012
- SecureComm 2011, IEEE NAS 2011, IEEE GLOBECOM 2011, ATNAC 2011, IEEE ICCCN 2011, IFIP NTMS 2011, IEEE ISWPC 2011, etc.
- Other Journal and Conference Reviewing Activities
Last updated in April 2014.