William R. Cheswick

Research Summary is here.

Some Current Research Interests:

Integrating the computer in the home environment, for the past fifteen years.
Solving the problem of technical documents in an epub world (iTeX).
Using the iPhone and iPad as platform for new experiments and ideas.
Address whitening (i.e. NAT) for large IPv6 communities to frustrate traffic analysis.
ZoomAuth - an iPhone app investigating non-tedious high-entropy user-supplied passwords.
Visualization of large datasets.
Living outside a firewall: confining important servers in jails, and related technologies.
Rethinking passwords, intranets, and other security defenses.
The digital house: explorations into integrating computing and networking technologies in the home, in a pleasant, non-geeky fashion. Mostly.
Open source hands-on science museum exhibit software. Finishing an update for the popular Digital Darkroom exhibit for the Liberty Science Center's reopening this summer, updating the Chattanooga Children's Discovery Museum Portrait Style Station, and a new exhibit showing the effects of various color vision deficits.

Selected Projects:

iTeX, a free app for the iPad for reading previously formatted Tex and LaTex documents. Includes browsing and automatic translation of ebooks and publications from Project Gutenberg and arXiv.org.
A new way to see a movie: massive use of high-resolution thumbnails showing every frame of a movie, and every image in a photo library.
An easy system to backup and present very large Aperture photo libraries.
Using the Wii wand for controlling TV/MythTV.
The Digital Darkroom, a hands-on science exhibit at the Liberty Science Center; with Gerard Holzmann, 1992. A variation is at the Children's Discovery Museum in Chattanooga. Now undergoing expansion and updating.
Pass-algorithms (2002, 2006),
Search engine first responders (2006),
Internet and intranet mapping and visualization; with Hal Burch and Steve Branigan, 1999.
Tracing anonymous Internet packets by selective denial-of-service probes; with Hal Burch, 1997.
Safe Internet services for secure servers in insecure environments, 1996.
Application-level switch and gateway for DNS queries (dnsproxy), with Steve Bellovin, 1995.
Hacker monitoring: the Berferd project; with Diana D'angelo and Paul Glick, 1991.
Challenge/response authentication system for telnet, ssh, and system administration.
Internet gateway: an IP-transparent gateway with associated application-level filters, 1992.
Internet gateway: a double-layered circuit gateway with associated application-level filters, 1989.
PC virus studies, 1988.

Talks:

For more details, slides, and videos, click through the header.

Rethinking Passwords, current stump speech.
Unix on My Mind, invited talk for SANE 2006 (Delft).
My Dad's Computer, Microsoft, and the Future of Internet Security.
Pondering Network Perimeters, a stump talk about perimeter defenses and Lumeta's intranet technology (2003).
Internet Security: an Optimist Gropes for Hope. Usenix Security invited talk, August 2003.
Mapping the Internet and Intranets.
Some Computer and Internet Forensic Tricks, High Tech Crime Investigation Assoc., 1999.
What Does the Internet Look Like?, CAIDA, 1999.
The Internet: How it Works, What it Looks like, and How it is Abused. Bell Labs Science Series, Feb. 1999.
Security Lessons From All Over. Keynote, Usenix Security Conference (San Antonio), 1998.
Internet Security: the Gory Details; TISC 1997, SANE 98, NLUUG 98.
Intranet Challenges, 1997.
Internet Security Overview;
SYN Attacks and Denial-of-Service;
Stupid Net Tricks; Keynote, 1996 Usenix LISA conference; invited talk at Usenix '97 (summary).

Books:

Firewalls and Internet Security; Repelling the Wily Hacker, second edition. W. Cheswick, S. Bellovin, and A. Rubin; Addison Wesley Longman, 2003.
Firewalls and Internet Security; Repelling the Wily Hacker. W. Cheswick and S. Bellovin; Addison Wesley, 1994.

Papers:

William Cheswick. Rethinking Passwords. ACM Queue, January 2013. DOI:10.1145/2408776.2408790. http://queue.acm.org/detail.cfm?id=2422416
William Cheswick, David Kormann, and Amy Reibman. Vulnerability assessment of image and video quality estimators. Fifth International Workshop on Video Processing and Quality Metrics for Consumer Electronics. Scottsdale, Arizona, January 2010.
Steven M. Bellovin and William R. Cheswick. Privacy-Enhanced Searches Using Encrypted Bloom Filters, Technical Report, Department of Computer Science, Columbia University, CUCS-034-07.
William Cheswick. Johnny Can Obfuscate: Beyond Mother's Maiden Name, Usenix Workshop on Hot Topics in Security, Vancouver, BC. 2006.
Angelos D. Keromytis, Steven M. Bellovin and Bill Cheswick. Worm Propagation Strategies in an IPv6 Internet, In USENIX ;login, vol. 31, no. 1, pp. 70 - 76, February 2006.
William R. Cheswick. Internet Security 2003, The Bridge, National Academy of Engineering, Winter 2003, pages 25-30.
S. Branigan, H. Burch, W.R. Cheswick, and F. Wojcik., What Can You Do with Traceroute? 2001, Internet Computing, September/October 2001, Vol. 5, No. 5, page 96.
H. Burch and W.R. Cheswick, Tracing Anonymous Packets to Their Approximate Source. Best paper award at 2000 Usenix LISA (New Orleans).
H. Burch, S. Branigan and W.R. Cheswick, Mapping and Visualizing the Internet, Usenix 2000 general conference (San Diego).
H. Burch and W.R. Cheswick, Mapping the Internet, IEEE Computer, pp. 97--98, April 1999.
W. R. Cheswick and S. M. Bellovin, How Computer Security Works, Scientific American, Vol. 279, 4, pp. 106--107, October 1998.
W. R. Cheswick, Cget Cput and Stage Safe File Transport Tools for the Internet, Proceedings of the Usenix Winter 97 Conference, January 1997.
W. R. Cheswick and S. M. Bellovin, A DNS Filter and Switch for Packet-filtering Gateways, Proceedings of the 6th UNIX Security Symposium, July 1996.
W. R. Cheswick, An Evening with Berferd In Which a Hacker is Lured Endured and Studied, Proceedings of the Usenix Winter 92 Conference, January 1992.
W. R. Cheswick, The Design of a Secure Internet Gateway, Proceedings of the Usenix Summer 90 Conference, June 1990.
W. R. Cheswick, A Permuted Index for TeX and LaTeX Commands, February 1990, (145) , Comp. Sci. Tech. Rep. No. 145.
W. R. Cheswick, A Permuted Index for TeX and LaTeX Commands, Tugboat Volume 10 number 4, December 1989.

Patents and SIRs:

There are a number more patents working their way through the patenting process. Shannon Lab provided a rich environment and strong support for pursuing these ideas.

US 8,988,458, (2015). System and method for generating media thumbscapes.
This is my movie thumbnail idea: a new way to see a movie, by printing all the images in the movie in tiny, hi-res thumbnails on a single (long) sheet of paper. See more details here.
US 8,457,366, (2013). System and Method for Matching Faces, also US 8,891,835.
That person looks familiar. Do I know him? Take a picture, and the invention spots likely matches from my own address book. I sure could use this.
US 8,261,069, (2012). Privacy-Enhanced Searches Using Encryption, with Steve Bellovin.
How one spook can search another spook's information without either reveiling too much information. Steve figured all this out, I just said "could we use a Bloom filter for this?"
US 8,255,997; US 8,595,838, (2012,2014), Contextual alert of an invasion of a computer system.
I like to call this groan alarm. The idea is that it may be easier to detect a machine compromise than to prevent one. The instant a grandma's client machine has been subverted, it issues an audible alarm, perhaps letting her link the invasion to something she just did.
US 8,181,029; US 8,578,474, , (2012,2014), Apparatus, Methods, and Computer Program Products for Entering Secure Passwords.
This is the zoom authentication idea I have been mentioning in talks.
US 7,813,344, (2010), End User Circuit Diversity Auditing Method.
A technique that helps an end-user determine if the diverse circuits he set up are still diverse. Hats off to the Patent Office: this one was issued in under two years!
US 7,558,970, (2009). Privacy-Enhanced Searches Using Encryption, with Steve Bellovin.
How one spook can search another spook's information without either reveiling too much information.
US 7,356,689, (2008), with Hal Burch. Method and apparatus for tracing packets in a communications network.
Traceback of DoS packets to an attack source. This covers seminal packet traceback work we did in the late 1990s. You probably don't want to use this technique: it is not very nice.
US 7,299,489, (2007), with Hal Burch and Steve Branigan. Method and Apparatus for Host Probing.
This is a technique that can efficiently detect distant hosts that have connectivity across a security perimeter using spoofed packets.
US 6,397,270, (2002). System for indirect communication between two computers, each having write access to its own portion of a dual-access disk drive and read access to the entire drive.
Use a disk drive with an old-fashioned dual controllers as a no-man's land for sharing large datasets. This is a very simple and easily-audited interface without all that newfangled networking stuff to worry about.
I came up with this idea while giving a talk to a room full of engineers in Allentown, PA.
US H1,944, (2001), with Ed Whitten. Firewall security method and apparatus.
This is a kind of firewall dongle. Ed and I came up with this while I was giving a security talk. Ed was on the speakerphone: we had never met face-to-face.
US 5,958,052, (1999), with Steve Bellovin. Method and apparatus for restricting access to private information in domain name systems by filtering information.
This is one of two dnsproxy patents.
US 5,805,820, (1998), with Steve Bellovin. Method and apparatus for restricting access to private information in domain name systems by redirecting query requests.
The other dnsproxy patent.
US 4,290,105, (1981), with Richard Cichelli and Michael Thompson. Method and apparatus for testing membership in a set through hash coding with allowable errors.
A hardware-based spelling checker, truly an idea after its time! My first of many professional encounters with Bloom filters.

Committees and Organizations:

National Security Telecommunications Advisory Committee (NSTAC).
New York Electronic Crimes Task Force (NYECTF)

Popular Publications and media appearances:

A nice article by Nick Summers.
Various appearances on the Hugh Thompson Show (2007), and with Hugh at RSA (2008--2011).
Several appearances on Screen Savers 2002-2005.
National Geographic, "Cartography", Jan. 2000.
Internet map appeared in Dec. 1998 Wired, April 1999 Konr@d (Germany), and several others.
Profiled in Wired, April 1995.
CBC interniew on authentication devices, 1997.
CNN interview on PC viruses, 1989.
Internet maps, no longer available.
Numerous quotes in many newspapers and magazines, including NY Times, Washington Post, LA Times, San Jose Mercury News, Wall Street Journal, Barrons, Forbes, Fortune, Time, Newsweek, New Scientist, AP News, Reuters.

Program Committees:

NSPW, 2012 - 2014.
EUROSEC2012.
Usenix Security, 1995, 2006 - 2011.
SOUPS, 2006 - 2010.
VIZsec, 2010 - 2011.
LISA (Dallas), 2007.
ISOC NDSS (San Diego), 2000, 2001, 2004, 2007.
Asilomar Microcomputer Workshop (2004-present).
ACM Fifth CCS (San Francisco), 1998.
Program Chair, Fourth Usenix Security Conference (Santa Clara), 1993.
Usenix Technical Conference (San Antonio), 1992?.

Education:

Lehigh University; B.S., Fundamental Science; 1975
Lawrenceville School; 1970

Career:

Lead Member of Technical Staff, AT&T Labs, Florham Park, NJ. 2007 - April 2012.
Chief Scientist, Lumeta Corporation, Somerset, NJ. 2000-2006
Member Technical Staff, Bell Laboratories, Murray Hill, NJ. 1987-2000
Systems programmer and consultant, Systems and Computer Technology Corp., 1978-1987
Systems programmer, Computer Sciences Corp., Warminster, PA. 1977-1978
Programmer, American Newspaper Publishers Association/Research Institute, Easton, PA. 1976-1977
Contracting, Bethlehem, PA. 1975-1977

Avocations:

Interactive exhibits for science museums
Geek tourism
Time lapse photography
Flying RC aircraft
SCUBA diving
Yes, I am a rocket scientist: Level 1 high powered rocket certified