Steve Sheng's Publications

Referred Journal and Conference Papers

• Steve Sheng, Mandy Holbrook, Ponnurangam Kumaraguru, Lorrie Faith Cranor, and Julie Downs. 2010. Who falls for phish?: a demographic analysis of phishing susceptibility and effectiveness of interventions. In Proceedings of the 28th international conference on Human factors in computing systems (CHI '10). ACM, New York, NY, USA, 373-382.
  [Authors' PDF] [copyright]


• Julie S. Downs, Mandy B. Holbrook, Steve Sheng, and Lorrie Faith Cranor. 2010. Are your participants gaming the system?: screening mechanical turk workers. In Proceedings of the 28th international conference on Human factors in computing systems (CHI '10). ACM, New York, NY, USA, 2399-2402
  [Authors' PDF] [copyright]
  


• Ponnurangam Kumaraguru, Steve Sheng, Alessandro Acquisti, Lorrie Faith Cranor, and Jason Hong. 2010. Teaching Johnny not to fall for phish. ACM Trans. Internet Technology. 10, 2, Article 7 (June 2010), 31 pages.
  [Authors' PDF] [copyright]
  


• Sheng, S., Kumaraguru, P. Acquisti, A., Cranor, L. Hong, J., "Improving phishing countermeasures: An analysis of expert interviews," In the Proceedings of eCrime Researchers Summit, 2009. eCRIME '09.vol., no., pp.1-15, Sept. 20 2009-Oct. 21 2009
  [Authors' PDF] [copyright]


• Sheng, S., Wardman, B., Warner, G., Cranor, L., Hong, J ., And Zhang, C. An empirical analysis of phishing blacklists. In Proceedings of the 6th Conference in Email and Anti-Spam (Mountain view, CA, July 16 - 17 2009). CEAS 2009.
  [Authors' PDF]


• Lorrie Faith Cranor, Serge Egelman, Steve Sheng, Aleecia M. McDonald, and Abdur Chowdhury. P3P Deployment on Websites. Electronic Commerce Research and Applications, Volume 7, Issue 3, Autumn 2008, Pages 274-293.
  [Authors' Preprint Version]


• Ponnurangam Kumaraguru, Steve Sheng, Alessandro Acquisti, Lorrie Faith Cranor, and Jason Hong. 2008. Lessons From a Real World Evaluation of Anti-Phishing Training. In Proceedings of the anti-phishing working groups 3rd annual eCrime researchers summit (eCrime '08).
  [Authors' PDF] [copyright]


• Ponnurangam Kumaraguru, Yong Rhee, Steve Sheng, Sharique Hasan, Alessandro Acquisti, Lorrie Faith Cranor, and Jason Hong. 2007. Getting users to pay attention to anti-phishing education: evaluation of retention and transfer. In Proceedings of the anti-phishing working groups 2nd annual eCrime researchers summit (eCrime '07). ACM, New York, NY, USA, 70-81.
  [Authors' PDF] [copyright]


• Steve Sheng, Bryant Magnien, Ponnurangam Kumaraguru, Alessandro Acquisti, Lorrie Faith Cranor, Jason Hong, and Elizabeth Nunge. 2007. Anti-Phishing Phil: the design and evaluation of a game that teaches people not to fall for phish. In Proceedings of the 3rd symposium on Usable privacy and security (SOUPS '07). ACM, New York, NY, USA, 88-99.
  [Authors' PDF] [copyright]


• Sheng, S. and L. Cranor, “An Evaluation of the Effectiveness of US Financial Privacy Legislation Through the Analysis of Privacy Policies,” In I/S: A Journal of Law and Policy for the Information Society, Volume 2, Number 3, Fall 2006, pp. 943-979.
  [Authors' PDF]

Other Publications (Technical Reports, Policy Briefings, Conference Posters)

• Sheng, S., L. Broderick, J. Hyland, and C. Koranda. Why Johnny Still Cant Encrypt: Evaluating the Usability of Email Encryption Software. In Proceedings of the 6th Symposium on Usable Privacy and Security: SOUPS 06, 2006.
  [PDF]


• Peha, J., Gilden, B., Savage, R., Sheng, S., Yankiver, B. Finding an Effective Sustainable Model for a Wireless Metropolitan-Area Network: Analyzing the Case of Pittsburgh. In The 35rd Research Conference on Communication, Information and Internet Policy (TPRC), Sep 29 - Sep 30, 2007
  [PDF]


• Lorrie Faith Cranor, Aleecia M. McDonald, Serge Egelman, and Steve Sheng. Privacy Policy Trends Report. Carnegie Mellon University, January 31, 2007
  [PDF] [Presentation]


• P. Kumaraguru, Steve Sheng, Alessandro Acquisti, Lorrie Faith Cranor, and Jason Hong. 2010. Teaching Johnny not to fall for phish. Technical Report, Carnegie Mellon University, CMU-CyLab-07-003, February 8, 2007
  [PDF]


• Dave Piscitello, Steve Sheng, Ryan Su, Nicolas Christian, Misuse of Domain Privacy Protection Services by Spammers. The anti-phishing working groups 5th annual eCrime researchers summit (eCrime '10).
  [PDF]


• Andrew Newton, Dave Piscitello, Benedetto Fiorelli and Steve Sheng, A RESTful Web Service for Internet Names and Address Directory Services. USENIX ;login, October 2011, Volume 36, Number 5. [PDF]
• For ICANN papers I wrote since Sep. 2009, please contact me directly.

Copyright notices

© ACM, 2010. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution.

©2009 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

©2008 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

© ACM, 2007. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution.

©2007 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.