Excited to share that our lightning fast EDR alert triage system, Carbon Filter, has been (conditionally) accepted to appear at #RAID2025!.

Congrats to our student author @MuhammadAdilIn1 and collaborators at Broadcom Carbon Black. Preprint available here:

What do you want to know?.

We demonstrate comparable alert triage rates to costly provenance analysis -- 84% global reduction in false alerts -- by examining an alert-triggering process' *instantaneous* context. By foregoing provenance, we are able to process thousands of alerts per sec.

Don’t know where you’re sitting but Stefan complimented our research agenda. ; ) #JustSaying #ieeesp25 @IEEESSP.

IEEE S&P 2027 will take place in Montreal, Canada 🤯.

Context: My department has been in the loop on this for years now. I certainly hope to have the opportunity to stay at UIUC! But there are no sure bets in US academia today. With my students and colleagues all fully in the know, I’d rather be transparent about my family’s needs!.

Hi #ieeesp25. Next year I’ll be exploring new job opportunities to resolve my family’s 2 body problem. Looking for schools in English or German speaking countries strong in both CS & Psych. If you’re at such a program and interested, I’d love to talk to you this week at @ieeessp!.

#ieeesp2025 program statistics -- 1740 paper submissions in 2025, 251 accepted papers, 14.8% acceptance rate. Best acceptance rates by subfield for OS security and security for at-risk populations.

#ieeesp2025 code of conduct (and instructions for reporting violations):

Full paper is now available in proceedings. Find our first author Jason Liu at the Q&A poster session!

Appearing today at @IEEESSP -- "What we talk about when we talk about logs" -- an investigation of how the threat detection datasets we evaluate against (e.g., DARPA TC) dictate the results of intrusion detection research. In Track 1 (10:15a), Grand Ballroom BC! #ieeesp2025.

Check out this list of the coolest, most amazing and impactful and important computing researchers I found. So much respect for those whose work is important enough for f@scists to try and silence.

It seems like @NSF is not releasing information about cancelled grants and rationale at this time. Please encourage colleagues to disclose cancellations and stop-work orders at . A public tracker of cancellations will be made available shortly.

Fucking hell.

Interestingly, we do not find any effect of social identity on appropriate mitigations to these risks, suggesting that "one size fits all" solutions to fitness privacy may not be serving all users.

Thematic analysis sources 8 categories of perceived fitness tracking risks spanning physical (e.g., attack monitoring) and digital (e.g., data brokerage) harms. We also find that the distribution of participants' brainstormed risks varies with identity (Race, Age).

We find that identity facets (Gender, Race, Age) impact participant comfort ratings sharing fitness data with institutional groups (Employers, Insurers, etc.); further, 64% of participants self-report that some facet of their identity informs their comfort.

Yeeun Jo, Camille Cobb and I survey 322 highly athletic Prolific users about their comfort sharing fitness data with different groups, perceived risks of harm, and possible mitigations, **balancing data collection across 4 facets of social identity (Gender, Age, Race, LGBTQ+).**.

Appearing soon at @acm_chi'25 -- We've seen that fitness trackers like @Strava can sometimes pose serious privacy and safety risks. But are these risks and harms uniformly distributed across all users?.

Returning to the Twitter cesspit for some compulsory paper acceptance bragging!.