| [CS06] | Comparing Java and .NET Security: Lessons Learned and Missed |
| Nathanael Paul, David Evans. Computers & Security, Volume 25, Issue 5, July 2006. | |
| [MSST06] | Thermal Attacks on Storage Systems |
| Nathanael Paul, Sudhanva Gurumurthi, and David Evans. NASA/IEEE Conference on Mass Storage Systems and Technologies (MSST), May 2006. | |
| [COBASSA05] | Towards Disk-level Malware Detection |
| Nathanael Paul, Sudhanva Gurumurthi, and David Evans. Workshop on Code Based Software Security Assessments (CoBaSSA), November 2005. For more information, go to: http://www.cs.virginia.edu/malware |
|
| [USENIX05] | Where's the FEEB? The Effectiveness of Instruction Set Randomization (PDF, HTML) |
| Ana Sovarel, David Evans, Nathanael Paul. Fourteenth USENIX Security Conference. August 1-5, 2005, Baltimore, MD. | |
| [ACSAC04] | .NET Security: Lessons Learned and Missed from Java |
| Nathanael Paul, David Evans. Twentieth Annual Computer Security Applications Conference (ACSAC). December 6-10, 2004, Tucson, AZ. (slides: PPT) |
|
| [IEEESP04] | Election Security: Perception and Reality |
| David Evans, Nathanael Paul. IEEE Security and Privacy, January-February 2004. | |
| [HCI03] | Authentication for Remote Voting |
| Nathanael Paul, David Evans, Avi Rubin, Dan Wallach. Workshop on Human-Computer Interaction and Security Systems. April 6, 2003, Ft. Lauderdale, FL. |
 |
| The Rotunda From http://www.itc.virginia.edu/pubs/uva-images/ |