I am an Associate Professor at the University of Illinois at Chicago in the Department of Computer Science. As of Fall 2022 I also serve as the Director of Undergraduate Studies.

Contact information:

• in person:

  • room 908 SEO
  • Fall 2024 office hours: 3:30-4:30 Tuesdays and Wednesdays.

• snail mail:

  • University of Illinois at Chicago
    Dept. Computer Science
    Room 1120 SEO (M/C 152)
    Chicago, IL 60607
• email: ckanich@uic.edu
• phone: 312-355-0950 (email is vastly preferred)
• twitter: @kaytwo
• github: @kaytwo
• YouTube: chriskanich
• TikTok: @ProfessorKanich

Dick Simpson, Kathleen Yang-Clayton, and I wrote an op-ed in the Tribune about Chicago’s decennial redistricting.

Our work on Favicon tracking was written up on Ars Technica

I talked to Jacob Goldstein about CAPTCHAs for Planet Money Episode 908: I Am Not A Robot

Our SSO security paper was covered in WIRED Magazine.

Our feature usage paper on The Provocateur Podcast, July 31 2017
Cloudsweeper on Science Friday, July 12 2013
Show Me the Money in The Economist, Oct 15th 2011
Click Trajectories in The New York Times (and the editorial), May 2011
Spamalytics in Wired magazine, March 2011

Ph.D. students:

• Mir Masood Ali
• John Kristoff
• Joel Miller
• Shubham Singh

Ph.D. alums:

• Mohammad Ghasemisharif 2023
• Sara Amini 2020 -> Microsoft Corporation
• Mohammad Taha Khan 2020 -> Washington & Lee University
• Peter Snyder 2018 -> Brave Software

Undergrads:

• Adithya Prasad
• Carson Zhang

Alums:

• Funmilola Akintoye
• Sruti Bhagavatula -> CMU PhD -> Assistant Professor of Instruction at Northwestern University
• Joshua Castor
• Alex Chomiak -> UIUC MS, Senior Software Engineer at Fetch Rewards
• Sangeeta Chowdhary -> Rutgers -> AMD
• Bradley Golden
• Oliver Hui
• Awais Jafar -> Uber
• Lubna Mirza
• Dan Moreno
• Arshad Narmawala -> Associate Software Engineer at Lockheed Martin RMS
• Alex Pieczynski
• Srishti Pyasi
• Natasha Rice
• Jamie Rodica -> Associate Software Engineer at Morningstar
• Weiheng Alex Ruan
• Ameesha Saxena
• Rayaan Siddiqi -> SPEDxchange
• Arthur Smirnov
• Moin Vahora

Advice for prospective students

• CS 361: Systems Programming Spring 2021 Fall 2020 Fall 2019 Fall 2018 Spring 2016 Spring 2015
• CS 450: Computer Networks Spring 2018 Spring 2017 Fall 2015 Fall 2014 Fall 2013 Spring 2013
• CS 484: Secure Web Application Development Fall 2024 Fall 2023 Fall 2022 Spring 2020 Fall 2017
• CS 568: Advanced Security & Online Privacy Spring 2019
• CS 594: Beyond the Dark Side of Data Spring 2014
• CS 594: Empirical Analysis Fall 2016

I do/have done:

• Program Committee, ACM IMC: 2024
• Program Committee, ACM CCS: 2015, 2016, 2024
• Associate Chair, ACM CHI: 2019, 2020, 2021, 2024
• Organizing / Steering Committee, Midwest Security Workshop 2018, 2019, 2020, 2023
• Program Committee, IEEE Symposium on Security and Privacy: 2015, 2016, 2019
• Program Committee, eCrime Symposium: 2016, 2017, 2018
• Program Committee, ConPro: 2018, 2019, 2020, 2023, 2024
• Program Committee, NDSS: 2014, 2018
• Program Committee, ACSAC: 2013, 2017
• Program Committee, USENIX Security: 2014, 2017, 2021, 2022
• Program Committee, WEIS: 2017
• Program Committee, LASER Workshop: 2016
• Program Committee, WWW Conference: 2016
• Area Editor, ACM SIGCAS Computers and Society newsletter: 2015-2018
• Program Committee, RAID Symposium: 2015
• Program Co-Chair, CSET: 2013, 2014
• Program Committee, DIMVA Conference: 2014
• Publicity Chair, IEEE Security & Privacy Workshops: 2014
• Program Committee, HotCloud: 2013
• Program Committee, CSET: 2012

1. Mir Masood Ali†, Peter Snyder, Chris Kanich, and Hamed Haddadi, “Unbundle-Rewrite-Rebundle: Runtime Detection and Rewriting of Privacy-Harming Code in JavaScript Bundles,” in Proceedings of ACM CCS, 2024.
2. Niels ten Oever, Clément Perarnaud, John Kristoff†, Moritz Muller, Max Resing, Arturo Filasto, and Chris Kanich, “Sanctions and Infrastructural Ideologies: Assessing the Material Shaping of EU Digital Sovereignty in Response to the War in Ukraine,” Policy & Internet, 2024.
3. Mir Masood Ali†, David G. Balash, Monica Kodwani, Chris Kanich, and Adam J. Aviv, “Honesty is the Best Policy: On the Accuracy of Apple Privacy Labels Compared to Apps’ Privacy Policies,” in Proceedings of the Privacy Enhancing Technologies Symposium, 2024.
4. David G. Balash, Mir Masood Ali†, Chris Kanich, and Adam J. Aviv, “‘I would not install an app with this label’: Privacy Label Impact on Risk Perception and Willingness to Install iOS Apps,” in Symposium on Usable Privacy and Security, 2024.
5. John Kristoff, Max Resing, Moritz Mueller, Arturo Filastò, Chris Kanich, and Niels ten Oever, “Internet Sanctions on Russian Media: Implementation and Effects,” in The proceedings of Free and Open Communications on the Internet (FOCI), 2024.
6. Mir Masood Ali, Mohammad Ghasemisharif, Chris Kanich, and Jason Polakis, “Rise of Inspectron: Automated Black-box Auditing of Cross-platform Electron Apps,” in Proceedings of the USENIX Security Symposium, 2024.
7. Rayaan Siddiqi, Shubham Singh, Lenore Zuck, and Chris Kanich, “Tracking, But Make It Offline: The Privacy Implications of Scanning QR Codes Found in the World,” in Proceedings of the Workshop on Technology and Consumer Protection, 2023.
8. Marcin Nawrocki, John Kristoff, Raphael Hiesgen, Chris Kanich, Thomas C Schmidt, and Matthias Wählisch, “SoK: A Data-driven View on Methods to Detect Reflective Amplification DDoS Attacks Using Honeypots,” in Proceedings of Euro S&P, 2023. PDF
9. Mir Masood Ali, Binoy Chitale, Mohammad Ghasemisharif, Chris Kanich, Nick Nikiforakis, and Jason Polakis, “Navigating Murky Waters: Automated Browser Feature Testing for Uncovering Tracking Vectors,” in Proceedings of NDSS, 2023.
10. ChangSeok Oh, Chris Kanich, Damon McCoy, and Paul Pearce, “Cart-Ology: Intercepting Targeted Advertising via Ad Network Identity Entanglement,” in Proceedings of ACM CCS, 2022.
11. Shubham Singh, Bhuvni Shah, Chris Kanich, and Ian A Kash, “Fair decision-making for food inspections,” in Equity and Access in Algorithms, Mechanisms, and Optimization, 2022.
12. Tanya Berger-Wolf, Allison Howell, Chris Kanich, Ian A Kash, Moniba Keymanesh, Barbara Kowalcyk, Gina Nicholson Kramer, Andrew Perrault, and Shubham Singh, “Open Problems in (Un) fairness of the Retail Food Safety Inspection Process,” in ICML Workshop on Responsible Decision Making in Dynamic Environments, 2022.
13. Pamela J Gampetro, John P Segvich, Ashley M Hughes, Chris Kanich, Judith M Schlaeger, and Barbara L McFarlin, “Associations between safety outcomes and communication practices among pediatric nurses in the United States,” Journal of Pediatric Nursing, vol. 63, pp. 20–27, 2022.
14. Mohammad Ghasemisharif, Chris Kanich, and Jason Polakis, “Towards Automated Auditing for Account and Session Management Flaws in Single Sign-On Deployments,” in 2022 IEEE Symposium on Security and Privacy (SP), 2022.
15. Anthony E Felder, Betul Bilgin, Joe Hummel, Farzad Mashayek, Renata A Revelo, Vahe Caliskan, Anthony Flowers, Chris Kanich, Susan Lee, Krishna Reddy, and others, “Online Engineering Education in Response to COVID-19: Overview of Challenges in the United States and Proposed Active Learning Strategies,” International Journal of Engineering Education, 2021.
16. Mohammad Taha Khan, Christopher Tran, Shubham Singh, Dimitri Vasilkov, Chris Kanich, Blase Ur, and Elena Zheleva, “Helping Users Automatically Find and Manage Sensitive, Expendable Files in Cloud Storage,” in Proceedings of the USENIX Security Symposium, 2021.
17. John Kristoff, Mohammad Ghasemisharif, Chris Kanich, and Jason Polakis, “Plight at the End of the Tunnel: Legacy IPv6 Transition Mechanisms in the Wild,” in Proceedings of the Passive and Active Measurement Conference, 2021.
18. Konstantinos Solomos, John Kristoff, Chris Kanich, and Jason Polakis, “Tales of Favicons and Caches: Persistent Tracking in Modern Browsers,” in Proceedings of the Network and Distributed System Security Symposium, 2021.
19. John Kristoff, Randy Bush, Chris Kanich, George Michaelson, Amreesh Phokeer, Thomas C Schmidt, and Matthias Wählisch, “On Measuring RPKI Relying Parties,” in Proceedings of the ACM Internet Measurement Conference, 2020, pp. 484–491. PDF
20. Huixin Tian, Chris Kanich, Jason Polakis, and Sameer Patil, “Tech Pains: Characterizations of Lived Cybersecurity Experiences,” in 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 2020, pp. 250–259. PDF
21. Mainack Mondal, Günce Su Yilmaz, Noah Hirsch, Mohammad Taha Khan, Michael Tang, Christopher Tran, Chris Kanich, Blase Ur, and Elena Zheleva, “Moving Beyond Set-It-And-Forget-It Privacy Settings on Social Media,” in Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019, pp. 991–1008. PDF
22. Mohammad Taha Khan, Joe DeBlasio, Chris Kanich, Geoffrey M. Voelker, Alex C. Snoeren, and Narseo Vallina-Rodriguez, “An Empirical Analysis of the Commercial VPN Ecosystem,” in Proceedings of the ACM Internet Measurement Conference, 2018. PDF
23. Mohammad Ghasemisharif, Amrutha Ramesh, Stephen Checkoway, Chris Kanich, and Jason Polakis, “O Single Sign-Off, Where Art Thou? An Empirical Analysis of Single Sign-On Account Hijacking and Session Management on the Web,” in Proceedings of the 27th USENIX Security Symposium, 2018. PDF
24. Ameya Hanamsagar, Simon Woo, Chris Kanich, and Jelena Mirkovic, “Leveraging Semantic Transformation to Investigate Password Habits and Their Causes,” in Proceedings of the ACM Conference on Human Factors in Computing Systems, 2018. PDF
25. Mohammad Taha Khan, Maria Hyun, Chris Kanich, and Blase Ur, “Forgotten But Not Gone: Identifying the Need for Longitudinal Data Management in Cloud Storage,” in Proceedings of the ACM Conference on Human Factors in Computing Systems, 2018. PDF
26. Rashid Tahir, Ali Raza, Faizan Ahmad, Jehangir Kazi, Fareed Zaffar, Chris Kanich, and Matthew Caesar, “It’s All in the Name: Why Some URLs are More Vulnerable to Typosquatting,” in Proceedings of the IEEE Conference on Computer Communications (INFOCOM), 2018. PDF
27. Sara Amini, Vahid Noroozi, Sara Bahaadini, S Yu Philip, and Chris Kanich, “DeepFP: A Deep Learning Framework For User Fingerprinting via Mobile Motion Sensors,” in 2018 IEEE International Conference on Big Data (Big Data), 2018, pp. 84–91. PDF
28. Sara Amini, Vahid Noroozi, Amit Pande, Satyajit Gupte, Philip S Yu, and Chris Kanich, “DeepAuth: A Framework for Continuous User Re-authentication in Mobile Apps,” in Proceedings of the 27th ACM International Conference on Information and Knowledge Management, 2018, pp. 2027–2035. PDF
29. Peter Snyder, Cynthia Taylor, and Chris Kanich, “Most Websites Don’t Need to Vibrate: A Cost–Benefit Approach to Improving Browser Security,” in Proceedings of the 2017 ACM Conference on Computer and Communications Security, 2017. PDF
30. Peter Snyder, Periwinkle Doerfler, Chris Kanich, and Damon McCoy, “Fifteen Minutes of Unwanted Fame: Detecting and Characterizing Doxing,” in Proceedings of the 2017 Internet Measurement Conference, 2017. PDF
31. Ivan Brugere, Chris Kanich, and Tanya Berger-Wolf, “Evaluating Social Networks Using Task-Focused Network Inference,” in Proceedings of the 2017 Workshop on Mining and Learning with Graphs, 2017. PDF
32. Pete Snyder, Laura Waitker, Cynthia Taylor, and Chris Kanich, “CDF: Predictably Secure Web Documents,” in Proceedings of the Workshop on Technology and Consumer Protection, 2017. PDF
33. Mohammad Taha Khan and Chris Kanich, “Old is Still Gold: A Comparison of Cyber and Traditional Consumer Fraud in The United States,” in Proceedings of the Workshop on Technology and Consumer Protection, 2017. PDF
34. Sara Amini and Chris Kanich, “Characterizing Malware Infection and Remediation Through Support Forum Analysis,” in Proceedings of the Symposium on Electronic Crime Research (IEEE), 2017. PDF
35. Peter Snyder, Lara Ansari, Cynthia Taylor, and Chris Kanich, “Browser Feature Usage on the Modern Web,” in Proceedings of the 2016 Internet Measurement Conference, 2016. PDF
36. Peter Snyder and Chris Kanich, “Characterizing Fraud and Its Ramifications in Affiliate Marketing Networks,” Journal of Cybersecurity, 2016.
37. Peter Snyder, Michael K. Reiter, and Chris Kanich, “The Effect of Repeated Login Prompts on Phishing Susceptibility,” in Proceedings of the Workshop on Learning from Authoritative Security Experiment Results, 2016. PDF
38. Mohammad Taha Khan and Chris Kanich, “High Fidelity, High Risk, High Reward: Using High-Fidelity Networking Data in Ethically Sound Research,” in Proceedings of the ACM SIGCOMM Workshop on Ethics in Networked Systems, 2015. PDF
39. Peter Snyder and Chris Kanich, “No Please, After You: Detecting Fraud in Affiliate Marketing Networks,” in Workshop on the Economics of Information Security, 2015. PDF
40. Mohammad Taha Khan, Xiang Huo, Zhou Li, and Chris Kanich, “Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting,” in Proceedings of the 36th IEEE Symposium on Security and Privacy, 2015. PDF
41. Jason W. Clark, Peter Snyder, Damon McCoy, and Chris Kanich, “I Saw Images I Didn’t Even Know I Had: Understanding User Perceptions of Cloud Storage Privacy,” in Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, 2015. PDF
42. Peter Snyder and Chris Kanich, “One Thing Leads to Another: Credential Based Privilege Escalation,” in Proceedings of the 5th ACM Conference on Data and Application Security and Privacy (Poster Session), 2015. PDF
43. Sruti Bhagavatula, Christopher Dunn, Chris Kanich, Minaxi Gupta, and Brian Ziebart, “Leveraging Machine Learning to Improve Unwanted Resource Filtering,” in Proceedings of the 7th ACM Workshop on Artificial Intelligence and Security, 2014. PDF
44. Janos Szurdi, Balazs Kocso, Gabor Cseh, Jonathan Spring, Mark Felegyhazi, and Chris Kanich, “The Long ‘Taile’ of Typosquatting Domain Names,” in Proceedings of the USENIX Security Symposium, 2014. PDF
45. Peter Snyder and Chris Kanich, “Cloudsweeper and Data-Centric Security,” ACM SIGCAS Computers and Society, vol. 44, no. 2, pp. 8–10, Jul. 2014. PDF
46. Peter Snyder and Chris Kanich, “Cloudsweeper: Enabling Data-Centric Document Management for Secure Cloud Archives,” in Proceedings of the ACM Cloud Computing Security Workshop, 2013. PDF
47. Kirill Levchenko, Andreas Pitsillidis, Neha Chachra, Brandon Enright, Mark Felegyhazi, Chris Grier, Tristan Halvorson, Chris Kanich, Christian Kreibich, He Liu, Damon McCoy, Nicholas Weaver, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, “Click Trajectories: End-to-End Analysis of the Spam Value Chain,” in Proceedings of the IEEE Symposium on Security and Privacy, 2011. PDF
48. Marti Motoyama, Kirill Levchenko, Chris Kanich, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage, “Re: CAPTCHAs – Understanding CAPTCHA Solving from an Economic Context,” in Proceedings of the 19th USENIX Security Symposium, 2010. PDF
49. Chris Kanich, Christian Kreibich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage, “Spamalytics: An Empirical Analysis of Spam Marketing Conversion,” in Proceedings of the 15th ACM Conference on Computer and Communications Security, 2008. PDF

I maintain a local full publication list and I also try to keep my Google Scholar profile free of false positives and dupes.