Publications

Dr. Centonze's Peer-Reviewed Journal Articles and Conference Papers, Organized in Reverse Chronological Order

1. 3D Printing Security: Using UUID-based Text Watermarking to Secure GCODE Files. International Journal of Cyber-Security and Digital Forensics (IJCSDF), Vol. 11, No. 2, 2023, pp. 11-19

2. Blueprint Key: A Tool for a Novel Layer of XML Encryption. International Journal of Cyber-Security and Digital Forensics (IJCSDF), Vol. 9, No. 2, 2023, ­­­pp. 102-112­­­

3. Comparative Malware Testing Analyses for Android Mobile Apps. International Journal of Cyber-Security and Digital Forensics (IJCSDF), Vol. 9, No. 1, 2023, pp. 55-70

4. Security and Privacy Frameworks for Access Control of Big Data Systems. Full research paper. In the Proceedings of the 5th International Conference on Artificial Intelligence and Security (ICAIS 2019), New York University, New York, USA. July 26-28, 2019

5. Security and Privacy Frameworks for Access Control of Big Data Systems.  In the Proceedings of the Computers, Materials & Continua Journal (CMC), Vol. 59, No. 2, pp. 361-374, 2019

6. GPS Spoofing for Android and iOS Mobile Systems.  The Fourteenth International Conference on Internet Monitoring and Protection (ICIMP), Nice, France, 2019

7. Program Analysis for Database Injections.  International Journal of Computers and Technology (IJCT). ISSN-2277-3061, Vol. 16, No. 6, pages 6977-6987, September 2017

8. Multi-Layered Dynamic Encryption Security Scheme for Cloud Data Storage.  International Journal of Computers and Technology (IJCT).  ISSN-2277-3061, Vol. 16, No. 3, pages 6233-6239, June 2017.

9. Dynamic Encryption Key Security Scheme (DEKSS) for Mobile and Cloud Systems.  Proceedings of the Fourth IEEE/ACM International Conference on Mobile Software Engineering and Systems (MOBILESoft), Buenos Aires, Argentina, May 2017

10. Cloud Auditing and Compliance.  Peer-reviewed Book Chapter, included in the Book: Security, Privacy, and Digital Forensics in the Cloud and Big Data Era, Editors: Lei Chen and Hassan Takabi, John Wiley and Sons (USA) and HEP (China), November 2017

11. Cross-platform Access-rights Analysis of Mobile Applications.  Proceedings of the 3rd IEEE/ACM International Conference on Mobile Software Engineering and Systems (MOBILESoft 2016), Austin, Texas, May 201.

12. Detection, Correction and Visualization of Security Vulnerabilities in Mobile Apps. Proceedings of the Third International Workshop on Mobile Development Lifecycle (MobileDeLi), Pittsburgh, PA, October 2015

13. Access-rights Analysis in the Presence of Subjects. Proceedings of the 29th European Conference on Object-Oriented Programming (ECOOP), Prague, Czech Republic, July 2015

14. Labyrinth: Mobile Data-leakage Detection with Visually Configurable Confidentiality Sources.  Proceedings of the 16th IEEE International Conference on Mobile Data Management (MDM), Pittsburgh, PA, June 2015

15. Application and User-Sensitive Privacy Enforcement in Mobile Systems.  Proceeding of the Second ACM International Conference on Mobile Software Engineering and Systems (MOBILESoft), Florence, Italy, May 2015

16. Carbon Management in Assembly Manufacturing Logistics.  IBM Journal on Research and Development, Yorktown Heights, NY, Vol. 53, No. 3, 2009

17. A Heuristic to Enable Auditing Decisions in Travel and Entertainment Expense Management. In Poster Proceedings of the Third Annual Machine Learning Symposium. The New York Academy of Sciences, New York, NY, October 2008

18. An Algebra for Access Control.  Ph.D. Dissertation.  New York University (NYU), Department of Mathematics, May 2008

19. Combining Static and Dynamic Analysis for Automatic Identification of Precise Access-Control Policies.  In Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC 2007), Miami Beach, FL, December 2007

20. Role-Based Access Control Consistency Validation.  In Proceedings of the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2006), Portland, ME, July 2006

21. Static Analysis of Role-Based Access Control in J2EE Applications. ACM SIGSOFT Software Engineering Notes, 29(5):1-10, September 2004.  Also in Proceedings of the Workshop on Testing, Analysis and Verification of Web Services (TAV-WEB 2004), co-located with ISSTA 2004, Boston, MA, July 2004

22. Static Analysis for J2EE Role-Based Access Control Policy Validation.  Master of Science Research Thesis.  New York University, Department of Computer Science, New York, NY, May 2005

23. Extracting Security Role Requirements From Enterprise Applications.  Security and Privacy Technology Conference, IBM T.J. Watson Research Center, Hawthorne, NY, May 2004

24. Role-Based Access Control Consistency Validation.  IBM Research Report, RC23876 (W0602-110), Yorktown Heights, NY, February 2006

Dr. Centonze's Peer-Reviewed Conference Tutorials, Organized in Reverse Chronological Order

1. John Millar and Paolina Centonze. Examples of Using NTRU Cryptosystems in Modern Developments for 5G Authentication. Proceedings of the 37th Annual Computer Security Applications Conference (ACSAC 2021), Work In Progress (WiP) track, December 2021

2. Paolina Centonze. Security Flows in Apache Dig Data System. Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC), San Juan, Puerto Rico, December 2018

3.  Joshua Gitter and Paolina Centonze. Comparative Analyses and New Solutions to Reduce SQL Injections.  Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC), San Juan, Puerto Rico, December 2018

4.  Chelsea Ramsingh and Paolina Centonze.  Program Analysis for Database Injections.  Proceedings of the 4th National Science Foundation (NSF) Women in Cybersecurity (WiCyS) Conference, Tucson, AZ, March 2017

5. Paolina Centonze. Cyber Threats Attacks, Challenges and Analyses in the Dig Data Era.  Full Day Professional Tutorial. Proceedings of the 33rd Annual Computer Security Applications Conference (ACSAC), Orlando, FL, December 2017

6. John Rocco and Paolina Centonze. Static Detection of Integrity and Confidentiality in Mobile Applications. Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC 2016), Work in Progress (WiP) track. Los Angeles, CA, December 2016

7. Stephen Rodriguez and Paolina Centonze. Dynamic Encryption Strategy (DEKSS): A New Security Model for Securing Customer Data with Cloud Services. Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC 2016), Working In Progress (WiP) track. Los Angeles, CA, December 2016

8. Paolina Centonze. Program Analysis and Machine Learning to Improve Security and Privacy. Tutorial Proceedings of the 32nd Annual Computer Security Applications Conference (ACSAC 2016), Los Angeles, CA, December 2016

9. Paolina Centonze.  Security and Privacy Analysis for Next Generation Malware. Tutorial Proceedings of the 31st Annual Computer Security Applications Conference (ACSAC 2015), Los Angeles, CA. December 2015

10. Paolina Centonze.  Cloud Security and Privacy.  Peer-reviewed Conference Tutorial.  Tutorial Proceedings of the 30th Annual Computer Security Applications Conference (ACSAC 2014), New Orleans, LA, December 2014 

University and Industry Seminars

1. Paolina Centonze. Cybersecurity Skills Required for Academic Programs. Proceedings of the 5th NSF National Women in Cybersecurity (WiCyS) Conference, Chicago, IL on March 23-24th, 2018

2. Paolina Centonze.  Analysis of WikiCentral.  Poster Presentation.  IBM Academy of Technology (AoT).  IBM T. J. Watson Research Center, New York, June 2009

3. Paolina Centonze.  The Mathematical Theory of Partially Ordered Sets and Lattices and Its Applicability to Computer Science.  Seminar Series, IBM Thomas J. Watson Research Center, New York, May-September 2007 (for a total of 12 seminars)

4. Paolina Centonze.  Access Control Explorer (ACE).  University Seminar.  Department of Computer and Information Science, New York University, New York, NY, October 2007

5. Paolina Centonze.  Static Analysis for Role-Based Access Control Policy Validation.  University Seminar, University of Maryland, Electrical and Computer Engineering Department, College Park, MD, USA, March 2007

6. Paolina Centonze.  Static Analysis for Role-Based Access Control Policy Validation. University Seminar, Programming Languages Research Group (PROLANGS), Rutgers University, Piscataway, NJ, USA, February 2007

7. Paolina Centonze.  Role-Based Access Control Consistency Validation.  University Seminar., Stevens Institute of Technology, Computer Science Department, Hoboken, NJ, USA, May 2006

8. Paolina Centonze.  An Algebra for Access Control.  University Seminar,  New York University, Department of Computer and Information Science, March 2006

9. Paolina Centonze.  Using Static Program Analysis for Stack-Inspection- and Role-Based Access Control Systems Security.  University Seminar, École Normale Supérieure, Paris, France, October 2005

10. Paolina Centonze.  Automatic Verification of the Security Principle of Complete Mediation Using Static Analysis.  Industry Seminar.  IBM T.J. Watson Research Center,, New York, August 2005

11. Paolina Centonze.  Using Program Analysis to Extend J2EE Access Control from Methods to Data.  Invited Industry Seminar.  IBM T. J. Watson Research Center, Hawthorne, NY, September 2004

12. Paolina Centonze. Static Analysis of Role-Based Access Control in J2EE Applications.  Workshop Presentation.  ACM TAV-WEB Workshop co-located with ISSTA Conference, Boston, MA, July 2004

13. Paolina Centonze.  J2SE and J2EE Security.  University Seminar.  New York University, September 2003