"Practice and Prevention of Home-Router Mid-Stream Injection Attacks", Steven A. Myers and Sid Stamm. In proceedings of the 2008 APWG eCrime Researcher's Summit. October 15-16, 2008. Atlanta, GA, USA.

"HTTP Fences: Immigration Control for Web Pages", Sid Stamm. Indiana University Computer Science Technical Report TR669. July, 2008.

Contributing author for portions of "Crimeware: Understanding New Attacks and Defenses", Markus Jakobsson (Editor), Zulfikar Ramzan (Editor). Paperback, 608 pages. Addison-Wesley Professional, April 28, 2008. ISBN: 0321501950

"Drive-by Pharming" Sid Stamm, Zulfikar Ramzan, and Markus Jakobsson. In Proceedings of Sihan Qing, Hideki Imai, Guilin Wang (Eds.): Information and Communications Security, 9th International Conference, ICICS 2007, Zhengzhou, China, December 12-15, 2007. Lecture Notes in Computer Science 4861 Springer 2008, ISBN 978-3-540-77047-3. Pages 495-506.

"Implementing Trusted Terminals with a TPM and SITDRM" Sid Stamm, Nicholas Paul Sheppard, Reihaneh Safavi-Naini. In the First International Workshop on Run-Time Enforcement for Mobile and Distributed Systems (REM'07).

"Fighting Unicode-Obfuscated Spam" Changwei Liu and Sid Stamm. In proceedings of the 2007 APWG eCrime Researcher's Summit.

"Web Camouflage: Protecting Your Clients from Browser Sniffing Attacks," Markus Jakobsson and Sid Stamm. In the IEEE Security & Privacy Magazine. November/December 2007.

"Combatting Click Fraud via Premium Clicks," Ari Juels, Sid Stamm, and Markus Jakobsson. Proceedings of the 16th USENIX Security Symposium, August 6-10 2007.

"Web 2.0 Security Position Paper: JavaScript Breaks Free!" Markus Jakobsson, Zulfikar Ramzan and Sid Stamm. In the W2SP: Web 2.0 Security Workshop, held in conjunction with the 2007 Symposium on Security and Privacy (Oakland'07). May 24, 2007.

Contributing author for portions of "Phishing and Countermeasures : Understanding the Increasing Problem of Electronic Identity Theft", Markus Jakobsson (Editor), Steven Myers (Editor). Hardcover, 739 pages. Wiley, November 2006. ISBN: 978-0-471-78245-2

"Invasive Browser Sniffing and Countermeasures" Markus Jakobsson and Sid Stamm. Proceedings of The 15th annual World Wide Web Conference, (WWW2006).

"Privacy-Preserving Polling using Playing Cards" Sid Stamm and Markus Jakobsson. Cryptology ePrint Archive, Report 2005/444. 2005.

"Privacy on the Internet"Kay Connelly, Katie Moor, Tom Jagatic, Ashraf Khalil, Yong Liu and Sid Stamm. Proceedings of WWW @ 10 Conference (www@10 '04), 2004.
(I led this paper and presented it at the conference on October 1st, 2004. Slides with notes here)

"Java Engagement for Teacher Training: An Experience Report" Raja Sooriamurtthi, Arijit Sengupta, Suzanne Menzel, Katie Moor, Sid Stamm, and Katy Börner. Proceedings of the Frontiers in Education (FIE'04), 2004.

"Mixed Nuts: Atypical Classroom Techniques for Computer Science Courses" Sid Stamm. ACM Crossroads issue 10.4, Summer 2004.
(Originally written for my undergraduate thesis at Rose-Hulman, this paper shows the benefit of using unusual tactics in the classroom when teaching new Computer Science students. Previous version available here (v2) or here (v1).)

The state of the art in Phishing and Pharming (online identity fraud), why current countermeasures fail, the human factor, and the future of phishing and pharming.
21 May 2008 -- AusCERT 2008 Information Security Conference.
16 October 2007 -- CFCA Global Educational Event.

Web Application abuses, especially to compromise routers and screw with DNS.
12 July 2007 -- Talk to security group at PARC
28 June 2007 -- Tech Talk at Google, Inc.

Discussion of my recent phishing work
30 Aug 2006 -- The Security Seminar in CERIAS at Purdue University.
9 May 2006 -- ISI Seminar at Queensland University of Technology, Australia.
22 Feb 2006 -- Crypt Seminar at University of Wollongong, Australia.

Private polling using playing cards and other secure protocol visualizations.
April 2005 -- ACM Computer Security/Privacy Lecture Series at University of Minnesota.

How does Java 1.5 affect APCS?
Fall 2004 -- JETT 04 at Indiana University.

How do you keep them interested?
Based on the Mixed Nuts paper.
Fall 2003 -- JETT 03 at Indiana University.

browser-recon.info shows how you can sniff URLs out of a client's browsing history. This translating proxy software protects a service provider's clients by making the URLs really hard to guess. For more information, see the paper on invasive sniffing.

It's not hard to calculate driver's license numbers when you know the algorithm. What information can be obtained with your Name, DOB and DL number? Good question.

Most of the time, we can tell which online bank you use! It's kind of scary, but with a CSS trick, we can record where you've been, and with that guess who you use for online banking. (See this page). Developed with Tom Jagatic and Markus Jakobsson

A catalog of strange graffiti and tags in Bloomington's public areas. Uses Google's Maps to display locations in a pictoral tour of some of the town's tags.

a fossil "hunt" exhibit that is going to be prototyped and tested at WonderLab in Bloomington, Indiana. Fossil Hunt consists of the FlashFidgets! software and some content produced by Telecom. I am in charge of installing and testing the software platform and hardware for deployment on the museum floor. The exhibit should be ready for initial testing soon.
Awarded "Best Interactive Conversation" in IDEAS 2005

A Phidgets / Flash 5.0 interface. This plays flash movie files and lets them interact with phidgets. You can get a Plist Editor here. New features in 2.0 include multiple trigger sources and support for digital outputs. (Updated 3/3/2005)
Note: This uses a very rough driver, the one provided by the Phidgets site work much better -- new version should appear some day.