Skip to Content


Refereed Publications

Anas Almajali, Eric Rice, Arun Viswanathan, Kymie Tan, Clifford Neuman. A Systems Approach to Analyzing Cyber-Physical Threats in the Smart Grid. In IEEE Smart Grid Communications Conference (IEEE SmartGridComm), Vancouver, Canada (Oct 2013). Paper Slides
Arun Viswanathan, Kymie Tan, Clifford Neuman. Deconstructing the Assessment of Anomaly-based Intrusion Detectors for Critical Applications. Proceedings of Research in Attacks, Intrusions and Defenses (RAID) Symposium, St. Lucia, Oct 2013. Paper Slides
Anas Almajali, Arun Viswanathan, Clifford Neuman. Analyzing Resiliency of the Smart Grid Communication Architectures Under Cyber Attack. Proceedings of 5th ACM USENIX Workshop on Cyber Security Experimentation and Test (USENIX CSET 2012), Aug 2012. Paper Bibliography entry
Alefiya Hussain, Arun Viswanathan. Multiresolution Semantic Visualization of Network Traffic. In Proceedings of IEEE First International Conference on Semantic Computing, pp. 364-367, 2011 Paper Bibliography entry
Arun Viswanathan, Alefiya Hussain, Jelena Mirkovic, Stephen Schwab and John Wroclawski. A Semantic Framework for Data Analysis in Networked Systems. In Proceedings of the 8th USENIX Symposium on Networked Systems Design and Implementation (NSDI), April 2011. Paper Bibliography entry Slides Website,software, documentation

Technical Reports

Arun Viswanathan, Clifford Neuman (January 2009). Secure System Views: A New Paradigm for Secure Usable Systems USC/ISI Technical Report ISI-TR-654. [ Abstract ]

The general purpose computer has become pervasive and we find it supporting an increasing number of functions including music, video, gaming, communications, banking and business. This multi-functional use reduces the isolation between functions which ultimately results in easy system breaches. A key reason for this insecurity, in spite of security, is perceived to be system complexity and the complexity in managing security by the average user. Security is unusable by most users and is typically turned off or completely ignored. Building on key themes of providing usable security and reducing complexity, this work proposes a new design paradigm called Secure System Views. A View is defined as an active instance of the system for performing a specific function. The paradigm provides a function-centric and security-centric approach for building general purpose systems using views. Views in SSV reduce the system complexity and also isolate the various functions of a user. The end-result is a usably secure system in which the user still performs his normal functions but in a secure way.

Arun Viswanathan, Jelena Mirkovic, Karen Sollins (Mar 2010). Demo Abstract: ThirdEye: Diagnostics and Analytics Framework for Testbed Experiments Infocomm 2010 Demo Abstract. [ Abstract ]

Testbed experiments are distributed by nature, which makes problem detection, diagnosis and remediation challenging and time consuming. Large-scale experiments are difficult to monitor manually and complex experiments fail due to the smallest misconfiguration or unforeseen problems which ultimately impact their correctness, repeatability and analysis. Traditional practices of monitoring, debugging and analyzing experiments are experiment-specific, consume valuable experimenter time and increase the barrier for complex experimentation. We propose ThirdEye, an extensible, experiment-independent, diagnostics and analytics framework providing a unified interface to monitor, diagnose, analyze and visualize testbed experiments.

Arun Viswanathan, Jelena Mirkovic. ThirdEye: Diagnostics and Analytics Framework for Testbed Experiments. INFOCOMM 2010 Poster.

Conference/Workshop Summaries

Session Summaries for Workshop on Cyber Security Experimentation and Test (CSET'09) August 2009, Montreal, Canada. Published in the Usenix ;login issue of December 2009.

Miscellaneous Papers and Presentations

Arun Viswanathan, B. C. Neuman (2010). Survey of Isolation Techniques (unpublished draft). [Abstract]

The general purpose computer has become pervasive and is supporting an increasing number of functions, including music,
video, gaming, communications, banking, business, process control, and critical infrastructure. The use of a single computer for
multiple functions, and the interconnection of multiple computers through a common network have reduced the isolation that
protected such functions in the past. If we are to use common systems for multiple functions, we need mechanisms that provide
the isolation needed to protect each function from interference by others. Without such isolation, vulnerabilities and mistrust
in any part of the system can propagate and compromise the rest of the system. Isolation techniques form an integral part of
security in systems and networks. This work surveys isolation techniques for operating systems and networks and describes
systems built using those techniques. An intuitive taxonomy is proposed for organizing these techniques. The paper aims to
provide a critical understanding of what already exists and what needs to be done with respect to isolation security for building
next-generation secure systems.

NOTE: This version supersedes the following earlier version of this paper located at

Arun Viswanathan (2009). Hacking the Web.
Given as part of Web Technologies course at USC in Spring 2009. Intention was to make it a sort of reference manual and thus it tries to cover a lot of vocabulary related to web security and provides relevant pointers.

Arun Viswanathan (2007). Virtualization with XEN.
Given as part of Trusted Computing course in Spring 2007.

Arun Viswanathan (2007). Design of softtpm.
Given as part of Trusted Computing course project in Spring 2007. This presentation details my TPM emulator implementation on the linux kernel.

Arun Viswanathan (2007). Leveraging the Trusted Platform Module for improving authentication systems. USC CSCI-555 Term Paper [Abstract]

Authentication has been the goal of authorization in security. Security researchers over the years have proposed several authentication systems like Kerberos, Andrew Secure RPC, Ottway-Rees,CCITT X.509 and others. These have proven to be extremely Robust and attacker safe for a lot of practical purposes inspite of the flaws found in them. Authentication protocols have traditionally based their threat models on the assumption that the end hosts are largely secure and have focused on handling attacks against the protocol on wire. Unfortunately, with the continuous rise in threats from rootkits, keyloggers and other exotic types of malware, the threat of the end host being easily compromised and modified is no more unreal. Such malware has the potential of hiding surreptitiously inside a system and stealing user credentials like keys and passwords, thus rendering the authentication services meaningless.Solutions don’t exist yet to address the above threats. Trusted Computing, an evolving computing paradigm, promises solutions to the above problems by providing a more secure and trusted environment for implementing such protocols. The paper evaluates the authentication systems in the light of new threats and proposes solutions for addressing the same using trusted computing concepts. A brief discussion on problems and possible solutions for threats e against authentication in ad-hoc networks is also presented at the end. The paper focuses merely on the functionality aspects and not on the performance implications of using trusted computing.

Arun Viswanathan (2006). Architectural requirements for a next generation Trusted Operating System (TrOS). USC CSCI-530 Term Paper [Abstract]

This paper surveys the research done in both areas of Trusted Computing and Virtual Machines and presents a list of requirements for a next generation trusted operating system. Additionally, the paper tries to present a concept of “Plug and Play security” which implies security with minimal fuss and configuration. Broadly, the paper tries to nail down the specifications for a next generation Trusted Operating System with the following objectives: a) Provide high assurance b) Provide resilience to malicious code c) Provide isolation and containment for different applications d) Provide seamless and “plug and play security” to the common user.