Please visit Yao Group Website to learn about our work on cybersecurity.

Daphne's short bio, CV, key publications, complete list, research, iMentor, CyberW


iMentor ACM CCS 2020 logo Check out iMentor, the new Individualized Cybersecurity Research Mentoring Workshop, co-locating with ACM CCS for multiple years. Calling for the 2020 iMentor cohort! Submit HERE.

Daphne's keynote on defense in depth for CPS is on YouTube. Slides are HERE. Abstract at IEEE CPS-Sec.


Our paper on data breach prevention was the No. 1 most downloaded in 2019 at WIREs Data Mining and Knowledge Discovery.

Daphne's keynotes on data breach prevention at Brown's Executive Master Program in Cybersecurity in Part 1 and Part 2, and IEEE SPS.



Call for deployable and impactful security work at ACSAC 2020.


Daphne's ACM SACMAT '18 keynote slides on data breach are HERE.

Daphne's talk (slides here) on impostor syndrome and strategies for researchers to overcome it.


Keynote slides on cloud data analytics at the ACM ASIACCS Cloud Security Workshop (SCC) are HERE.


ACM SIGSAC Women in Cybersecurity Research Workshop (CyberW) 2020 was a success!!
Check out the videos and slides and the inaugural CyberW Early Career Award winners!


Daphne's ACM CCS '16 tutorial on program anomaly detection . Slides are here.


Continue on to Yao Group Website to learn about our research and publications.


Key Publications


(* indicates Yao group members)

  • [BOOK] Anomaly Detection as a Service: Challenges, Advances, and Opportunities.
    Danfeng Yao, Xiaokui Shu*, Long Cheng*, and Salvatore J. Stolfo. In Information Security, Privacy, and Trust Series. Morgan & Claypool. Oct. 2017.

  • [ACM CCS 2020] Methodologies for Quantifying (Re-)randomization Security and Timing under JIT-ROP.
    Salman Ahmed*, Ya Xiao*, Kevin Z. Snow, Gang Tan, Fabian Monrose, and Danfeng (Daphne) Yao.
    In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (CCS'20). November 9–13, 2020.

  • [ACM CCS 2019] CryptoGuard: High Precision Detection of Cryptographic Vulnerabilities in Massive-sized Java Projects.
    Sazzadur Rahaman*, Ya Xiao*, Sharmin Afrose*, Fahad Shaon, Ke Tian*, Miles Frantz*, Murat Kantarcioglu, and Danfeng (Daphne) Yao.
    ACM Conference on Computer and Communications Security (CCS). London, UK. Nov. 2019.

  • [arXiv 2020] Industrial Experience of Finding Cryptographic Vulnerabilities in Large-scale Codebases.
    Ya Xiao*, Yang Zhao, Nicholas Allen, Nathan Keynes, Danfeng (Daphne) Yao, and Cristina Cifuentes.
    arXiv:2007.06122. 2020.

  • [ACM CCS 2019] Security Certification in Payment Card Industry: Testbeds, Measurements, and Recommendations.
    Sazzadur Rahaman*, Gang Wang, and Daphne Yao.
    ACM Conference on Computer and Communications Security (CCS). London, UK. Nov. 2019.

  • [ACM ASIACCS 2017] Collusive Data Leak and More: Large-scale Threat Analysis of Inter-app Communications.
    Amiangshu Bosu*, Fang Liu*, Danfeng Yao, and Gang Wang.
    In Proceedings of ACM Symposium on Information, Computer & Communication Security (ASIACCS) Apr. 2017.

  • [ACM TOPS 2017] Long-Span Program Behavior Modeling and Attack Detection.
    Xiaokui Shu*, Danfeng Yao, Naren Ramakrishnan, and Trent Jaeger
    ACM Transactions on Privacy and Security (TOPS). May 2017.

  • [ACM CCS 2015] Unearthing Stealthy Program Attacks Buried in Extremely Long Execution Paths
    Xiaokui Shu*, Danfeng Yao, and Naren Ramakrishnan.
    In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS). Denver, Colorado. Oct. 2015.

  • [IEEE CSF 2015] Probabilistic Program Modeling for High-Precision Anomaly Classification.
    Kui Xu*, Danfeng Yao, Barbara Ryder, and Ke Tian*.
    In Proceedings of the 2015 IEEE Computer Security Foundations Symposium (CSF). Verona, Italy. Jul. 2015.

  • [Computers & Security 2016] Causality Reasoning about Network Events for Detecting Stealthy Malware Activities.
    Hao Zhang*, Danfeng Yao, Naren Ramakrishnan, and Zhibin Zhang.
    Computers & Security (C&S). 58: 180-198. Elsevier. 2016.

  • [IEEE TIFS 2015] Privacy-Preserving Detection of Sensitive Data Exposure.
    Xiaokui Shu*, Danfeng Yao, and Elisa Bertino.
    IEEE Transactions on Information Forensics & Security (TIFS). 10(5). 1092-1103. May 2015.

  • [SECURECOMM 2012] Data Leak Detection As a Service.
    Xiaokui Shu* and Danfeng Yao.
    In Proceedings of the 8th International Conference on Security and Privacy in Communication Networks (SECURECOMM). Padua, Italy. Sep. 2012.

  • [ACM ASIACCS 2014] Detection of Stealthy Malware Activities with Traffic Causality and Scalable Triggering Relation Discovery.
    Hao Zhang*, Danfeng Yao and Naren Ramakrishnan.
    In Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS). Kyoto, Japan. Jun. 2014.

  • [IEEE TDSC 2012] Data-Provenance Verification For Secure Hosts.
    Kui Xu*, Huijun Xiong*, Chehai Wu*, Deian Stefan*, and Danfeng Yao.
    IEEE Transactions on Dependable and Secure Computing (TDSC). 9(2), 173-183. March/April 2012.

  • [ACM TISSEC 2008] Private Information: To Reveal or Not To Reveal.
    Danfeng Yao, Keith Frikken, Mike Atallah, Roberto Tamassia.
    ACM Transactions on Information and System Security (TISSEC). 12(1). Feb. 2008.

  • [ACM CCS 2004] ID-Based Encryption for Complex Hierarchies with Applications to Forward Security and Broadcast Encryption.
    Danfeng Yao, Nelly Fazio, Yevgeniy Dodis, and Anna Lysyanskaya.
    In Proceeding of the ACM Conference on Computer and Communications Security (CCS). Washington DC, 2004.