Publications by Stephen Chong

Conference and highly-selective workshop publications

  1. Guess & Sketch: Language Model Guided Transpilation
    Celine Lee, Abdulrahman Mahmoud, Michal Kurek, Simone Campanoni, David Brooks, Stephen Chong, Gu-Yeon Wei, and Alexander Rush.
    The Twelfth International Conference on Learning Representations (ICLR), June 2024.
    To appear.
    BibTeX ]
  2. Expressive Authorization Policies using Computation Principals
    Anitha Gollamudi and Stephen Chong.
    Proceedings of the 28th ACM on Symposium on Access Control Models and Technologies (ACM SACMAT), June 2023.
    BibTeX | DOI ]
  3. Quantitative Robustness Analysis of Sensor Attacks on Cyber-Physical Systems
    Stephen Chong, Ruggero Lanotte, Massimo Merro, Simone Tini, and Jian Xiang.
    26th ACM International Conference on Hybrid Systems: Computation and Control (HSCC), May 2023.
    Abstract | PDF | BibTeX ]
  4. From SMT to ASP: Solver-Based Approaches to Solving Datalog Synthesis-as-Rule-Selection Problems
    Aaron Bembenek, Michael Greenberg, and Stephen Chong.
    Proceedings of the 50th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL),  2023.
    Abstract | PDF | BibTeX ]
  5. Fast Incremental PEG Parsing
    Zachary Yedidia and Stephen Chong.
    Proceedings of the 14th ACM SIGPLAN International Conference on Software Language Engineering (SLE), October 2021.
    (Best Research Paper Award)
    Abstract | PDF | BibTeX ]
  6. Assuage: Assembly Synthesis Using a Guided Exploration
    Jingmei Hu, Priyan Vaithilingam, Stephen Chong, Margo Seltzer, and Elena L. Glassman.
    Proceedings of the 34th ACM Symposium on User Interface Software and Technology (UIST), October 2021.
    Abstract | PDF | BibTeX ]
  7. Relational Analysis of Sensor Attacks on Cyber-Physical Systems
    Jian Xiang, Nathan Fulton, and Stephen Chong.
    Proceedings of the 34th IEEE Computer Security Foundations Symposium (CSF), June 2021.
    Abstract | PDF | BibTeX ]
  8. Coupled Relational Symbolic Execution for Differential Privacy
    Gian Pietro Farina, Stephen Chong, and Marco Gaboardi.
    European Symposium on Programming (ESOP), March 2021.
    Abstract | arXiv | BibTeX ]
  9. Co-Inflow: Coarse-grained Information Flow Control for Java-like Languages
    Jian Xiang and Stephen Chong.
    Proceedings of the 2021 IEEE Symposium on Security and Privacy (Oakland), May 2021.
    Abstract | PDF | Implementation | Coq formalization | BibTeX ]
  10. Formulog: Datalog for SMT-based Static Analysis
    Aaron Bembenek, Michael Greenberg, and Stephen Chong.
    Proceedings of the 2020 ACM SIGPLAN International Conference on Object-Oriented Programming Languages, Systems, Languages, and Applications (OOPSLA), November 2020.
    Abstract | PDF | BibTeX | Artifact | Extended version | Web site ]
  11. Fine-Grained, Language-Based Access Control for Database-Backed Applications
    Ezra Zigmond, Stephen Chong, Christos Dimoulas, and Scott Moore.
    The Art, Science, and Engineering of Programming 4(2), March 2020.
    Abstract | PDF | BibTeX | DOI ]
  12. Trials and Tribulations in Synthesizing Operating Systems
    Jingmei Hu, Eric Lu, David A. Holland, Ming Kawaguchi, Stephen Chong, and Margo I. Seltzer.
    Proceedings of the 10th Workshop on Programming Languages and Operating Systems (PLOS), October 2019.
    Abstract | PDF | BibTeX ]
  13. Relational Symbolic Execution
    Gian Pietro Farina, Stephen Chong, and Marco Gaboardi.
    Proceedings of the 21st International Symposium on Principles and Practice of Declarative Programming (PPDP), October 2019.
    Abstract | PDF | BibTeX ]
  14. Information Flow Control for Distributed Trusted Execution Environments
    Anitha Gollamudi, Stephen Chong, and Owen Arden.
    Proceedings of the 32nd IEEE Computer Security Foundations Symposium (CSF), June 2019.
    Abstract | PDF | BibTeX ]
  15. Programming with Flow-Limited Authorization: Coarser is Better
    Mathias V. Pedersen and Stephen Chong.
    4th IEEE European Symposium on Security and Privacy (EuroS&P), June 2019.
    Abstract | PDF | BibTeX ]
  16. Cryptographically Secure Information Flow Control on Key-Value Stores
    Lucas Waye, Pablo Buiras, Owen Arden, Alejandro Russo, and Stephen Chong.
    Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS), November 2017.
    Abstract | PDF | arXiv (with proofs) | BibTeX ]
  17. Whip: Higher-Order Contracts for Modern Services
    Lucas Waye, Christos Dimoulas, and Stephen Chong.
    Proceedings of the 22nd ACM SIGPLAN International Conference on Functional Programming (ICFP), September 2017.
    Abstract | PDF | Web site | BibTeX ]
  18. Automatic Enforcement of Expressive Security Policies using Enclaves
    Anitha Gollamudi and Stephen Chong.
    Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming Languages, Systems, Languages, and Applications (OOPSLA), October 2016.
    Abstract | PDF | Technical Report | BibTeX ]
  19. Extensible Access Control with Authorization Contracts
    Scott Moore, Christos Dimoulas, Matthew Flatt, Robert Bruce Findler, and Stephen Chong.
    Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming Languages, Systems, Languages, and Applications (OOPSLA), October 2016.
    Abstract | PDF | Technical Report | BibTeX ]
  20. A Progress-Sensitive Flow-Sensitive Inlined Information-Flow Control Monitor
    Andrew Bedford, Stephen Chong, Josèe Desharnais, and Nadia Tawbi.
    Proceedings of the 31st IFIP TC 11 International Information Security and Privacy Conference (IFIP SEC), pages 352–366, May 2016.
    Abstract | PDF | BibTeX ]
  21. Precise, Dynamic Information Flow for Database-Backed Applications
    Jean Yang, Travis Hance, Thomas H. Austin, Armando Solar-Lezama, Cormac Flanagan, and Stephen Chong.
    Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), June 2016.
    Abstract | PDF | BibTeX ]
  22. Correct Audit Logging: Theory and Practice
    Sepehr Amir-Mohammadian, Stephen Chong, and Christian Skalka.
    5th International Conference on Principles of Security and Trust (POST), April 2016.
    Abstract | PDF | BibTeX ]
  23. It’s My Privilege: Controlling Downgrading in DC-Labels
    Lucas Waye, Pablo Buiras, Dan King, Stephen Chong, and Alejandro Russo.
    Proceedings of the 11th International Workshop on Security and Trust Management (STM), September 2015.
    Abstract | PDF | BibTeX ]
  24. Hybrid Monitors for Concurrent Noninterference
    Aslan Askarov, Stephen Chong, and Heiko Mantel.
    Proceedings of the 28th IEEE Computer Security Foundations Symposium (CSF), July 2015.
    Abstract | PDF | Technical Report | BibTeX ]
  25. Cryptographic Enforcement of Language-Based Erasure
    Aslan Askarov, Scott Moore, Christos Dimoulas, and Stephen Chong.
    Proceedings of the 28th IEEE Computer Security Foundations Symposium (CSF), July 2015.
    Abstract | PDF | GitHub | BibTeX ]
  26. Exploring and Enforcing Security Guarantees via Program Dependence Graphs
    Andrew Johnson, Lucas Waye, Scott Moore, and Stephen Chong.
    Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 291–302, June 2015.
    Abstract | PDF | Video abstract | Software | BibTeX ]
  27. Shill: A Secure Shell Scripting Language
    Scott Moore, Christos Dimoulas, Dan King, and Stephen Chong.
    11th USENIX Symposium on Operating Systems Design and Implementation (OSDI), October 2014.
    Abstract | PDF | Shill web site | OSDI presentation | BibTeX ]
  28. Declarative Policies for Capability Control
    Christos Dimoulas, Scott Moore, Aslan Askarov, and Stephen Chong.
    Proceedings of the 27th IEEE Computer Security Foundations Symposium (CSF), June 2014.
    Abstract | PDF | BibTeX ]
  29. Truthful Mechanisms for Agents that Value Privacy
    Yiling Chen, Stephen Chong, Ian Kash, Tal Moran, and Salil Vadhan.
    Proceedings of the 14th ACM Conference on Electronic Commerce (EC), June 2013.
    Abstract | PDF | BibTeX ]
  30. Asynchronous Functional Reactive Programming for GUIs
    Evan Czaplicki and Stephen Chong.
    Proceedings of the 34th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 411–422, June 2013.
    Abstract | Elm web site | PDF | BibTeX ]
  31. Towards Fully Automatic Placement of Security Sanitizers and Declassifiers
    Benjamin Livshits and Stephen Chong.
    Proceedings of the 40th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), pages 385–398, January 2013.
    Abstract | PDF | BibTeX ]
  32. Towards a Practical Secure Concurrent Language
    Stefan Muller and Stephen Chong.
    Proceedings of the 25th Annual ACM SIGPLAN Conference on Object-Oriented Programming Languages, Systems, Languages, and Applications (OOPSLA), pages 57–74, October 2012.
    Abstract | PDF | Technical Report | BibTeX ]
  33. Precise Enforcement of Progress-Sensitive Security
    Scott Moore, Aslan Askarov, and Stephen Chong.
    Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS), pages 881–893, October 2012.
    Errata: This PDF corrects a typo in the typing rule for While that is present in the archival CCS version of the paper.
    Abstract | PDF | BibTeX ]
  34. Learning is Change in Knowledge: Knowledge-based Security for Dynamic Policies
    Aslan Askarov and Stephen Chong.
    Proceedings of the 25th IEEE Computer Security Foundations Symposium (CSF), pages 308–322, June 2012.
    Abstract | PDF | Technical Report | BibTeX ]
  35. Static Analysis for Efficient Hybrid Information-Flow Control
    Scott Moore and Stephen Chong.
    Proceedings of the 24th IEEE Computer Security Foundations Symposium (CSF), pages 146–160, June 2011.
    Abstract | PDF | Technical Report | BibTeX ]
  36. Inference of Expressive Declassification Policies
    Jeffrey A. Vaughan and Stephen Chong.
    Proceedings of the 2011 IEEE Symposium on Security and Privacy (Oakland), pages 180–195, May 2011.
    Abstract | PDF | BibTeX ]
  37. Required Information Release
    Stephen Chong.
    Proceedings of the 23rd IEEE Computer Security Foundations Symposium (CSF), pages 215–227, July 2010.
    PDF | Technical Report | BibTeX ]
  38. Self-Identifying Sensor Data
    Stephen Chong, Christian Skalka, and Jeffrey A. Vaughan.
    Proceedings of the Ninth International Conference on Information Processing in Sensor Networks (IPSN), pages 82–93, April 2010.
    PDF | Journal version | BibTeX ]
  39. Deriving Epistemic Conclusions from Agent Architecture
    Stephen Chong and Ron van der Meyden.
    Proceedings of the Twelfth Conference on Theoretical Aspects of Rationality and Knowledge (TARK), pages 61–70, July 2009.
    PDF | BibTeX ]
  40. End-to-End Enforcement of Erasure and Declassification
    Stephen Chong and Andrew C. Myers.
    Proceedings of the 21st IEEE Computer Security Foundations Symposium (CSF), pages 98–111, June 2008.
    Abstract | PDF | Technical Report | BibTeX ]
  41. Civitas: Toward a Secure Voting System
    Michael R. Clarkson, Stephen Chong, and Andrew C. Myers.
    Proceedings of the 2008 IEEE Symposium on Security and Privacy (Oakland), pages 354–368, May 2008.
    PDF | Technical Report | Web site | BibTeX ]
  42. Secure Web Applications via Automatic Partitioning
    Stephen Chong, Jed Liu, Andrew C. Myers, Xin Qi, K. Vikram, Lantian Zheng, and Xin Zheng.
    Proceedings of the 21st ACM Symposium on Operating Systems Principles (SOSP), pages 31–44, October 2007.
    (Best paper award.)
    PDF | Web site | BibTeX ]
  43. SIF: Enforcing Confidentiality and Integrity in Web Applications
    Stephen Chong, K. Vikram, and Andrew C. Myers.
    Proceedings of the 16th USENIX Security Symposium, pages 1–16, August 2007.
    PDF | Web site | BibTeX ]
  44. Decentralized Robustness
    Stephen Chong and Andrew C. Myers.
    Proceedings of the 19th IEEE Computer Security Foundations Workshop (CSFW), pages 242–253, July 2006.
    PDF | PS | Slides (ppt) | BibTeX ]
  45. Information-Flow Security for Interactive Programs
    Kevin R. O’Neill, Michael R. Clarkson, and Stephen Chong.
    Proceedings of the 19th IEEE Computer Security Foundations Workshop (CSFW), pages 190–201, July 2006.
    PDF | PS | Technical Report | BibTeX ]
  46. Language-Based Information Erasure
    Stephen Chong and Andrew C. Myers.
    Proceedings of the 18th IEEE Computer Security Foundations Workshop (CSFW), pages 241–254, June 2005.
    PDF | PS | BibTeX ]
  47. Security Policies for Downgrading
    Stephen Chong and Andrew C. Myers.
    Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS), pages 189–209, October 2004.
    PDF | PS | BibTeX ]
  48. Scalable Extensibility via Nested Inheritance
    Nathaniel Nystrom, Stephen Chong, and Andrew C. Myers.
    Proceedings of the 19th Annual ACM SIGPLAN Conference on Object-Oriented Programming Languages, Systems, Languages, and Applications (OOPSLA), pages 99–115, October 2004.
    PDF | PS | Technical Report | Web site | BibTeX ]
  49. Owned Policies for Information Security
    Hubie Chen and Stephen Chong.
    Proceedings of the 17th IEEE Computer Security Foundations Workshop (CSFW), pages 126–138, June 2004.
    PDF | PS | Slides (ppt) | BibTeX ]
  50. Static Analysis of Accessed Regions in Recursive Data Structures
    Stephen Chong and Radu Rugina.
    Proceedings of the 10th International Static Analysis Symposium (SAS), June 2003.
    PDF | PS | Slides (PDF) | BibTeX ]
  51. Using Replication and Partitioning to Build Secure Distributed Systems
    Lantian Zheng, Stephen Chong, Andrew C. Myers, and Steve Zdancewic.
    Proceedings of the 2003 IEEE Symposium on Security and Privacy (Oakland), pages 236–250, May 2003.
    PDF | BibTeX ]

Workshop papers

  1. Formulog: Datalog + SMT + FP
    Aaron Bembenek, Michael Greenberg, and Stephen Chong.
    Proceedings of the 4th International Workshop on the Resurgence of Datalog in Academia and Industry (Datalog 2.0), September 2022.
    Abstract | PDF | BibTeX ]
  2. Using architecture to reason about information security
    Stephen Chong and Ron van der Meyden.
    Proceedings of the 6th Layered Assurance Workshop (LAW), pages 1–11,  2012.
    Abstract | BibTeX ]
  3. A More Precise Security Type System for Dynamic Security Tests
    Gregory Malecha and Stephen Chong.
    Proceedings of the ACM SIGPLAN Fifth Workshop on Programming Languages and Analysis for Security (PLAS), June 2010.
    PDF | Technical Report | BibTeX ]
  4. Provenance: A Future History
    James Cheney, Stephen Chong, Nate Foster, Margo Seltzer, and Stijn Vansummeren.
    Companion to the 24th Annual ACM SIGPLAN Conference on Object-Oriented Programming Languages, Systems, Languages, and Applications: Onward! Session (OOPSLA Onward!), pages 957–964, October 2009.
    PDF | BibTeX ]
  5. Towards Semantics for Provenance Security
    Stephen Chong.
    Proceedings of the 1st Workshop on the Theory and Practice of Provenance (TaPP), February 2009.
    PDF | Slides (PDF) | BibTeX ]
  6. A Framework for Creating Natural Language User Interfaces for Action-Based Applications
    Stephen Chong and Riccardo Pucella.
    Proceedings of the Third International AMAST Workshop on Algebraic Methods in Language Processing, TWLT Report 21 (AMiLP-3), August 2003.
    PDF | BibTeX ]

Journal articles

  1. Towards Porting Operating Systems with Program Synthesis
    Jingmei Hu, Eric Lu, David A. Holland, Ming Kawaguchi, Stephen Chong, and Margo I. Seltzer.
    ACM Transactions on Programming Languages and Systems, September 2022.
    Abstract | PDF | BibTeX | DOI ]
  2. Expressing Information Flow Properties
    Elisavet Kozyri, Stephen Chong, and Andrew C. Myers.
    Foundations and Trends in Privacy and Security 3(1):1–102,  2022.
    Abstract | PDF | BibTeX | Publisher website ]
  3. A Progress-Sensitive Flow-Sensitive Inlined Information-Flow Control Monitor
    Andrew Bedford, Stephen Chong, Josèe Desharnais, Elisavet Kozyri, and Nadia Tawbia.
    Computers & Security 71:114–131, November 2017.
    Abstract | PDF | BibTeX ]
  4. Truthful Mechanisms for Agents That Value Privacy
    Yiling Chen, Stephen Chong, Ian A. Kash, Tal Moran, and Salil P. Vadhan.
    ACM Transactions on Economics and Computation 4(3):13:1–13:30,  2016.
    BibTeX ]
  5. Using Architecture to Reason about Information Security
    Stephen Chong and Ron van der Meyden.
    ACM Transactions on Information and System Security 18(2), December 2015.
    Abstract | ACM DL | BibTeX ]
  6. Self-Identifying Data for Fair Use
    Stephen Chong, Christian Skalka, and Jeffrey A. Vaughan.
    Journal of Data and Information Quality 5(3), December 2014.
    Abstract | BibTeX ]
  7. Required Information Release
    Stephen Chong.
    Journal of Computer Security 20(6):637–676,  2012.
    Abstract | IOS Press | BibTeX ]

Technical reports and manuscripts

  1. Automatic Enforcement of Expressive Security Policies using Enclaves
    Anitha Gollamudi and Stephen Chong.
    Harvard University Technical Report TR-02-16,  2016.
    DASH | BibTeX ]
  2. Extensible Access Control with Authorization Contracts
    Scott Moore, Christos Dimoulas, Matthew Flatt, Robert Bruce Findler, and Stephen Chong.
    Harvard University Technical Report TR-03-16,  2016.
    DASH | BibTeX ]
  3. Report on the NSF Workshop on Formal Methods for Security
    Stephen Chong, Joshua Guttman, Anupam Datta, Andrew Myers, Benjamin Pierce, Patrick Schaumont, Tim Sherwood, and Nickolai Zeldovich.
    August 2016.
    Abstract | Summary | Full Report (ACM DL) | Full Report (arXiv) | BibTeX ]
  4. Higher-order Behavioral Contracts for Distributed Components
    Lucas Waye, Christos Dimoulas, and Stephen Chong.
    Harvard University Technical Report TR-03-15,  2015.
    DASH | BibTeX ]
  5. Global and Local Monitors to Enforce Noninterference in Concurrent Programs
    Aslan Askarov, Stephen Chong, and Heiko Mantel.
    Harvard University Technical Report TR-02-15,  2015.
    Abstract | PDF | BibTeX ]
  6. Exploring and Enforcing Application Security Guarantees via Program Dependence Graphs
    Andrew Johnson, Lucas Waye, Scott Moore, and Stephen Chong.
    Harvard University Technical Report TR-04-14,  2014.
    Abstract | PDF | BibTeX ]
  7. Enforcing Language Semantics Using Proof-Carrying Data
    Stephen Chong, Eran Tromer, and Jeffrey A. Vaughan.
    August 2013.
    http://eprint.iacr.org/2013/513
    Abstract | IACR ePrint Archive | BibTeX ]
  8. Towards a Practical Secure Concurrent Language
    Stefan Muller and Stephen Chong.
    Harvard University Technical Report TR-05-12, August 2012.
    PDF | BibTeX ]
  9. Learning is Change in Knowledge: Knowledge-based Security for Dynamic Policies
    Aslan Askarov and Stephen Chong.
    Harvard University Technical Report TR-02-12,  2012.
    PDF | BibTeX ]
  10. Static Analysis for Efficient Hybrid Information-Flow Control
    Scott Moore and Stephen Chong.
    Harvard University Technical Report TR-05-11, May 2011.
    PDF | BibTeX ]
  11. Required Information Release
    Stephen Chong.
    Harvard University Technical Report TR-04-10, April 2010.
    PDF | BibTeX ]
  12. A More Precise Security Type System for Dynamic Security Tests
    Gregory Malecha and Stephen Chong.
    Harvard University Technical Report TR-05-10, June 2010.
    PDF | BibTeX ]
  13. Secure Web Applications via Automatic Partitioning
    Stephen Chong, Jed Liu, Andrew C. Myers, Xin Qi, K. Vikram, Lantian Zheng, and Xin Zheng.
    Communications of the ACM 52(2):79–87, February 2009.
    ACM Portal | BibTeX ]
  14. Expressive and Enforceable Information Security Policies
    Stephen Chong.
    Ph.D. thesis, Cornell University, August 2008.
    PDF | BibTeX ]
  15. Civitas: Toward a Secure Voting System
    Michael R. Clarkson, Stephen Chong, and Andrew C. Myers.
    Cornell University Computing and Information Science Technical Report 2007-2081, May 2008.
    URI | BibTeX ]
  16. End-to-End Enforcement of Erasure and Declassification
    Stephen Chong and Andrew C. Myers.
    Cornell University Computing and Information Science Technical Report http://hdl.handle.net/1813/10504, April 2008.
    URI | BibTeX ]
  17. Information-Flow Security for Interactive Programs
    Kevin R. O’Neill, Michael R. Clarkson, and Stephen Chong.
    Cornell University Computing and Information Science Technical Report 2006-2022, April 2006.
    URI | BibTeX ]
  18. Scalable Extensibility via Nested Inheritance
    Nathaniel Nystrom, Stephen Chong, and Andrew C. Myers.
    Cornell University Computing and Information Science Technical Report 2004-1940,  2004.
    PDF | BibTeX ]
  19. Word Alignment of Proof Verbalizations Using Generative Statistical Models
    Stephen Chong.
    Cornell University Computer Science Department Technical Report 2002-1864, May 2002.
    PDF | PS | BibTeX ]

Books

  1. Proceedings of the 2009 Workshop on Programming Languages and Analysis for Security
    Stephen Chong and David A. Naumann, editors.
    ACM, June 2009. ISBN 978-1-60558-645-8.
    BibTeX ]

Distributing papers

The papers available here have been provided by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.