Office: ENGR 194
Tel: (719) 255-5155
University of Colorado Colorado Springs
Department of Computer Science
1420 Austin Bluffs Parkway
Colorado Springs, CO 80918
Chuan Yue is an Assistant Professor of Computer Science at the University of Colorado Colorado Springs (UCCS). His current research focuses on Web, Cloud, and Mobile Systems Security and Privacy. His broad research interests include Security and Privacy, Web-based Systems, Human-Computer Interaction, Collaborative Computing, Distributed and Parallel Computing, Cloud Computing, and Mobile Computing. His research and educational activities are currently supported by the National Science Foundation (a big Thanks!), and he received the 2014 Outstanding Teacher of the Year Award from the College of Engineering and Applied Science at UCCS. He received his B.E. and M.E. degrees in Computer Science from the Xidian University, China, in 1996 and 1999, respectively, and his Ph.D. in Computer Science from the College of William and Mary in 2010. He worked as a Member of Technical Staff at Bell Labs China, Lucent Technologies for four years from 1999 to 2003, mainly on the design and development of the Web-based Distributed Service Management System for Intelligent Network.
- Ph.D. student Rui Zhao will do an internship at the NEC Research Labs in this summer in Princeton, NJ (thanks a lot NEC Labs researchers), March 2015
- Ph.D. student Rui Zhao was selected (with the highest number of votes, thanks a lot my colleagues) to receive one of this year's Outstanding CS Ph.D. Student Awards, March 2015
- UCCS has been designated as a National Center of Academic Excellence in Information Assurance Education (CAEIAE), April 2012. Approval Letter
- UCCS has received the Information Assurance Courseware Evaluation (IACE) Program Certificate, November 2011. Approval Letter
- Graduated Master Students: Jeff Hinson, Christopher Shuster, Derrick Erickson, Anitha Tadimalla, Alex Renger
- I am looking for motivated undergraduate and graduate students to work with me on Web and Cloud systems security research.
Please stop by my office or send me an email with a brief introduction of yourself. Thank you!
- CS 6930 Advanced Topics in Web Security and Privacy, Spring 2011, Spring 2013, Summer 2015
- CS 4700/5700 Computability, Automata and Formal Languages, Fall 2012, Fall 2013, Spring 2014, Fall 2014, Spring 2015
- CS 4920/5920 Applied Cryptography, Spring 2011, Spring 2012, Spring 2013, Spring 2014, Spring 2015
- CS 4910 Introduction to Computer Security, Fall 2013
- CS 5910 Fundamentals of Computer/Network Security, Fall 2011
- CS 1150 Principles of Computer Science, Fall 2010, Fall 2011, Fall 2012
Selected Recent Publications (full list)
- Automatic Detection of Information Leakage Vulnerabilities in Browser Extensions.[pdf]
By Rui Zhao, Chuan Yue, and Qing Yi. In proceedings of the International World Wide Web Conference (WWW), 2015.
- Toward A Secure and Usable Cloud-based Password Manager for Web Browsers.[pdf]
By Rui Zhao and Chuan Yue. In Journal of Computers & Security (COMPSEC), Elsevier, 46(3): 32--47, 2014.
(This is an extended version of our CODASPY'13 conference paper "All Your Browser-saved Passwords Could Belong to Us: a Security Analysis and a Cloud-based New Design", which was reported by The Oregonian in March 2014, and has prompted at least one top Web browser vendor to make some important changes in its password manager feature.)
- An Analysis of the Virtual Machine Migration Incurred Security Problems in the Cloud.[pdf]
By Beaulah Navamani, Chuan Yue, Xiaobo Zhou, and Edward Chow. In Proceedings of the 3rd ASE International Conference on Cyber Security (CyberSecurity), 2014.
- Vulnerability and Risk Analysis of Two Commercial Browser and Cloud Based Password Managers.[pdf]
By Rui Zhao, Chuan Yue, and Kun Sun. In ASE (Academy of Science and Engineering) Science Journal, 1(4): 1--15, 2013.
(This is an extended version of our PASSAT'13 conference paper "A Security Analysis of Two Commercial Browser and Cloud Based Password Managers".)
(This work was reported by The Oregonian in March 2014, and it has prompted at least one vendor to make some important changes in its password manager.)
- Unveiling Privacy Setting Breaches in Online Social Networks.[pdf]
By Xin Ruan, Chuan Yue, and Haining Wang. In proceedings of the 9th International Conference on Security and Privacy in Communication Networks (SecureComm), 2013.
- The Devil is Phishing: Rethinking Web Single Sign-On Systems Security.[pdf]
By Chuan Yue. In proceedings of the 6th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), 2013.
- Toward Secure and Convenient Browsing Data Management in the Cloud.[pdf]
By Chuan Yue. In proceedings of the 5th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud), 2013.
By Chuan Yue and Haining Wang. In ACM Transactions on the Web (TWEB), 7(2): 1--39, 2013.
- Preventing the Revealing of Online Passwords to Inappropriate Websites with LoginInspector. (Awarded Best Paper!) [pdf]
By Chuan Yue. In proceedings of the USENIX Large Installation System Administration Conference (LISA), 2012.
- Using Amazon EC2 in Computer and Network Security Lab Exercises: Design, Results, and Analysis.[pdf]
By Chuan Yue, Weiying Zhu, Greg Williams, and Edward Chow. In proceedings of the 119th ASEE Annual Conference and Exposition, 2012.
(This is an educational research paper based on my Fall 2011 CS 5910 course. Lab manuals and the related materials are available.)
- Mitigating Cross-Site Form History Spamming Attacks with Domain-based Ranking.[pdf]
By Chuan Yue. In proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2011.
(As mentioned in the paper, the instrumented browser is available for download, and the source code is available upon request.)
- BogusBiter: A Transparent Protection Against Phishing Attacks.
By Chuan Yue and Haining Wang. In ACM Transactions on Internet Technology (TOIT), 10(2): 1--31, 2010.
(This is an extended version of our ACSAC'08 conference paper "Anti-Phishing in Offense and Defense".)
(One U.S. utility patent has been granted to us for this anti-phishing work!)
- An Automatic HTTP Cookie Management System.[pdf]
By Chuan Yue, Mengjun Xie, and Haining Wang. In Journal of Computer Networks (COMNET), Elsevier, 54(13): 2182--2198, 2010.
(This is an extended version of our DSN'07 conference paper "Automatic Cookie Usage Setting with CookiePicker".)
- SessionMagnifier: A Simple Approach to Secure and Convenient Kiosk Browsing.
By Chuan Yue and Haining Wang. In proceedings of the International Conference on Ubiquitous Computing (Ubicomp), 2009.
(One U.S. utility patent has been granted to us for this kiosk browsing work!)
- RCB: A Simple and Practical Framework for Real-time Collaborative Browsing.[pdf]
By Chuan Yue, Zi Chu, and Haining Wang. In proceedings of the USENIX Annual Technical Conference (USENIX ATC), 2009.
(This work was reported by MIT's Technology Review and the Computer Power User magazine.)
- ACM CODASPY 2015, ACM CCS 2015, IEEE ICC 2015, IEEE GLOBECOM 2015, IEEE ICCCN 2015, MobiSPC 2015, IEEE NAS 2015, IFIP NTMS 2015
- ACM CODASPY 2014, IEEE ICNP 2014, IFIP NTMS 2014, IEEE ICC 2014, IEEE GLOBECOM 2014, IEEE NAS 2014, MobiSPC 2014, REUNS 2014
- IEEE GLOBECOM 2013, IEEE ICC 2013, IEEE ICCCN 2013, CTS 2013, IEEE/CIC ICCC 2013, IEEE NAS 2013, InterCloud-HPC 2013, ICCVE 2013
- IEEE GLOBECOM 2012, IEEE ICCCN 2012, COMPSAC 2012, ISSRE 2012, IEEE ISWPC 2012, IEEE NAS 2012, CTS 2012, IFIP NTMS 2012, ICCVE 2012
- SecureComm 2011, IEEE NAS 2011, IEEE GLOBECOM 2011, ATNAC 2011, IEEE ICCCN 2011, IFIP NTMS 2011, IEEE ISWPC 2011, etc.
- Other Journal and Conference Reviewing Activities
Last updated in June 2015.