Click on the links below to read work published by CSPRI researchers. If you do not have Adobe Reader, you can install it here (opens a new window)


Toregas et al, "Exploring Ways to Give Engineering Cyber Security Students a Stronger Policy and Management Perspective," GW-CSPRI-2016-01.

Hoffman et al. "Cross-disciplinary Collaboration in Cybersecurity: A Workshop Report," GW-CSPRI-2016-02

Masood, R., "Assessment of Cyber Security Challenges in Nuclear Power Plants: Security Incidents, Threats, and Initiatives, Report GW-CSPRI-2016-03, August 15, 2016.



Lance Hoffman and Sam Klein, "A New Privacy Framework with Criteria Inspired by Fair Information Practice Principles," Report GW-CSPRI-2015-2.

Costis Toregas, "Your Data Is Compromised. (Yes, Yours.) What Now?," National Journal, July 14, 2015.

Trey Herr, "Prepare for breaches," The Hill, July 9, 2015.

Trey Herr and Eric Armbrust.  Milware:  Identification and Implications of State Authored Malicious Software,"  2015.

Landwehr, Carl.  "Workshop to Develop a Building Code and Research Agenda For Medical Device Software Security," Report GW-CSPRI-2015-1.

Hoffman, Lance.  "How to defuse a simmering crypto war," The Christian Science Monitor, March 11, 2015.


Berliner, Jonathan.  "An Intelligence, Economic, Political, and Technological Cost/Benefit Analysis of Cyber Surveillance Techniques," Report GW-CSPRI-2014-4.

Allan Friedman and Lance Hoffman, "The Internet of (Whose) Things:  Business Models, Computer Architectures, and Privacy," Report GW-CSPRI-2014-3.

Rachelle Heller, "What approaches work best for teaching secure coding practices?”, presented at the 2014 HUIC Education and STEM Conference

CSPRI Fact Sheet (May 5, 2014):  Big Data and Privacy (General)

CSPRI Fact Sheet (May 5, 2014):  PCAST-Specific

Susan Aaronson, "Musing on Netmundial," special report, April 26, 2014.

"Getting to the Heart(bleed) of the Problem," (Trey Herr and Allan Friedman cited as sources) GW Today, April 16, 2014.

Costis Toregas, Nicolas Zahn, "Insurance for Cyber Attacks:  The Issue of Setting Premiums in Context," Report GW-CSPRI-2014-1, January 7, 2014.


Allan Friedman, "Cyber Theft of Competitive Data: Asking the Right Questions" Brookings Institution, 2013.

Allan Friedman, Austen Mack-Crane, and Ross Hammond, "Cyber-enabled Competitive Data Theft: A Framework for Modeling Long-Run Cybersecurity Consequences" Working Paper, 2013.

Allan Friedman, "Cybersecurity and Trade: National Policies, Global and Local Consequences" Brookings Institution, 2013.

Allan Friedman, "Why Wasn't the NSA Prepared?" The Atlantic, 2013. 

Anna Choromanska, Krzysztof Choromanski, Geetha Jagannathan, and Claire Monteleoni, Differentially-Private Learning of Low Dimensional Manifolds.

Geetha, Jagannathan, Claire Monteleoni, and Krishnan Pillaipakkamnatt, A Semi-Supervised Learning Approach to Differential Privacy.

Lance Hoffman, Social Science, Computer Science, and Cybersecurity Workshop Summary Report, Proceedings of the Integrating the Social Sciences into the Design of Cybersecurity Systems Workshop.

Carl Landwehr & Lance J. Hoffman, Secure and Trustworthy Cyberspace First PI Meeting Summary Report, Report GW-CSPRI-2013-01, Mar. 25, 2013. 

Andrew K. Hirsch, Michael R. Clarkson, “Belief Semantics of Authorization Logic”, to appear in Proc. ACM Conference on Computer and Communications Security, 2013.


Mingyang Zhang, Nan Zhang, and Gautam Das, Aggregate Suppression for Enterprise Search Engines, Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD) 2012.

Ronald C Dodge, Costis Toregas, Lance Hoffman, Cybersecurity Workforce Development Directions, Proceedings of the Sixth International Symposium on Human Aspects of Information Security and Assurance HAISA 2012.

Lisa Ugelow and Lance J. Hoffman, "Fighting On a New Battlefield Armed with Old Laws: How to Monitor Terrorism In the Virtual World", Journal of Constitutional Law, Vol. 14, No. 4, March 2012.


2010-2011 Seminar Series Report: Developing Cyber Security Synergy

Allan Friedman, Tyler Moore, and Ariel Procaccia, "Cyber-sword vs. cyber-shield: The Dynamics of US Cybersecurity Policy Priorities" Working paper, 2011.

Allan Friedman, "Cybersecurity in the Balance: Weighing the Risks of the PROTECT IP Act and the Stop Online Piracy Act" Brookings Institution, 2011.

Allan Friedman, "Economic and Policy Frameworks for Cybersecurity Risks" Issues in Technology Innovation, 2011.

Allan Friedman, Patrick Crowley, and Darrell West, "Online Identity and Consumer Trust: Assessing Online Risk" Brookings Report, 2011.

Diana L. Burley, Ph.D. Recruiting, Educating, and Retaining Cyber Security Professionals in the Federal Workforce: Lessons Learned but not yet Applied, Report GW-CSPRI-2011-1, February 2, 2011.

Diana L. Burley and Matt Bishop, Summit on Education in Secure Software, Report GW-CSPRI-2011-7, June 30, 2011.

Lance J. Hoffman, Diana L. Burley, and Costis Toregas, Thinking Across Stovepipes: Using a Holistic Development Strategy to Build a Cybersecurity Workforce, Report GW-CSPRI-2011-8, November 1, 2011. Revised and Published in IEEE Security & Privacy vol. 10, no. 2 (March/April 2012), pp. 33-39, as "Holistically Building the Cybersecurity Workforce",

Kamalika Chaudhuri, Claire Monteleoni, Anand Sarwate, Differentially Private Empirical Risk Minimization, JMLR 2011.

Joseph J. Cordes An Overview of the Economics of Cybersecurity and Cybersecurity Policy, Report GW-CSPRI-2011-6, June 1, 2011.

Amitai Etzioni, Cybersecurity in the Private Sector, Issues in Science and Technology, Fall 2011, pp. 58-62.

Charles L. Glaser, Deterrence of Cyber Attacks and U.S. National Security, Report GW-CSPRI-2011-5, June 1, 2011

Frederic Lemieux, Ph.D. Investigating Cyber Security Threats: Exploring National Security and Law Enforcement Perspectives, Report GW-CSPRI-2011-2, April 7, 2011.

Paul Rosenzweig, The Data Minefield (external link)

Julie Ryan, D.Sc. Cyber Security: The Mess We're In: And Why it's Going to Get Worse, Report GW-CSPRI-2011-4, April 11, 2011.

Neal Sikka, M.D. Security and Privacy: Clinical Case Studies, Report GW-CSPRI-2011-3, April 8, 2011.

Hoeteck Wee, Threshold and Revocation Cryptosystems via Extractable Hash Proofs, Eurocrypt 2011.

Nan Zhang, Xin Jin, Aditya Mone, and Gautam Das, Randomized Generalization for Aggregate Suppression Over Hidden Web Databases, Proceedings of the VLDB Endowment (PVLDB), Volume 4, 2011.


Allan Friedman and Darrell West, "Privacy and Security in Cloud Computing." Issues in Technology Innovation Vol. 3, 2010. 

Tyler Moore, Allan Friedman, and Ariel Procaccia, ”Would a ’Cyber Warrior’ Protect Us? Exploring Trade-offs Between Attack and Defense of Information Systems” New Security Paradigms Workshop. 2010.

Michael R. Clarkson and Fred B. Schneider, Hyperproperties, Journal of Computer Security, 18(6): 1157-1210, 2010.

Michael R. Clarkson and Fred B. Schneider, Quantification of Integrity, Proc. IEEE Computer Security Foundations Symposium, pages 28-43, July 2010.

David Alan Grier, Sabatoge!, Nov. 2010

Lance J. Hoffman, Building the Cyber Security Workforce of the 21st Century: Report of a Workshop on Cyber Security Education and Workforce Development, Report GW-CSPRI-2010-3, December 15, 2010.

Ross A. Lumley, Cyber Security and Privacy in Cloud Computing: Multidisciplinary Research Problems in Business,Report GW-CSPRI-2010-4, December 18, 2010.

Patricia MacTaggart and Stephanie Fiore, Healthcare Reform and Medical Data Security and Privacy, Report GW-CSPRI-2010-1, December 13, 2010.

Jeffrey Rosen, From Perfect Citizen to Naked Bodyscanners: When is Surveillance Reasonable? Report GW-CSPRI-2010-2, December 14, 2010.

Hoeteck Wee, Black-Box Round-Efficient Secure Computation via Non-Malleability Amplification, FOCS 2010.


David Alan Grier, Honor Among Thieves, Dec. 2009.


Kamalika Chaudhuri and Claire Monteleoni, Privacy-Preserving Logistic Regression, 2008.


Allan Friedman, Alessandro Acquisti, and Rahul Telang, "Is There a Cost to Privacy Breaches?" International Conference on Information Systems, 2006. 

Lance J. Hoffman and Costis Toregas. Towards Increasing the IT Security Capacity of the Workforce in the United States Intergovernmental System. Report GW-CSPRI-2006-01, January 2006.