Debin Liu

PhD in Security Informatics at Indiana University

Debin Liu is a PhD candidate at School of Informatics and Computing, Indiana University, Bloomington, Indiana since Fall 2005 with major in Security Informatics and minor in Finance and HCI.
 
His study focuses on Usable Security and Fraud Prevention. His PhD dissertation title is "Incentive, Behavior and Information Security Management", advised by Dr. L. Jean Camp.
 
He also has much collaborations with Dr. Markus Jakobsson and Dr. XiaoFeng Wang. Debin received his M.S. degree in Physics from Texas A&M University, College Station, Texas in 2005. Before the study in United States, Debin received his B.S. degree in Modern Physics from University of Sci. & Tech. of China, Hefei, China in 2003. 

 

He is actively seeking a full-time position to apply his research and analytical skills in Information Security to help secure systems and applications: reviewing actual and perceived security vulnerabilities, identifying consumer experience trouble spots, analyzing and detecting online frauds, assessing risk and outlining remediation strategies.

 

His latest CV in PDF format can be found here.

 
 
 

Research Interests

 

*  Fraud Detection and Prevention

*  User Security Experience and Behavior

*  Data Research and Machine Learning

*  Access Control and Risk Management

*  Insider Threats

*  IT Risk Assessment and Analysis

*  Human-Computer Interaction Design 

 
 
 

Employment

 

Security Consultant


Extricatus, LLC                                                                                         March 2010-present

  • Research on internal control mechanism in banking organizations
  • Research on payment card fraud survey data 
  • Research on payment card customer fraud experience and behavior
  • Study of payment fraud
  • Received trainings of banking examination

 

Research Intern

 

Research Department in Federal Reserve Bank at Kansas City                     June 2009-September 2009


  • Research on internal control mechanism in banking organizations
  • Research on payment card fraud survey data 
  • Research on payment card customer fraud experience and behavior
  • Study of payment fraud
  • Received trainings of banking examination


Doctoral Research Assistant


School of Informatics at Indiana University                                                    August 2006-present


  • Research on incentive-based access control to manage operational risk
  • Modeling and analysis of insider threats
  • Data mining and machine learning
  • Usable privacy and user-centered security design
  • Human-subject studies of security behavior and experience
  • Information security risk modeling and analysis


Associate Instructor


School of Informatics at Indiana University                                                    August 2006-May 2007


  • Undergraduate course “Information Representation
  • Undergraduate course “Logic and Mathematical of Informatics


Teaching Assistant


Department of Physics at Texas A&M University                                         August 2003-August 2005


  • Various undergraduate courses in Physics
  • Leading student discussion and laboratory sessions

 

 

 

Publications
 

Journals


Debin Liu, L. Jean Camp, XiaoFeng Wang and Lusha Wang, “Using Budget-Based Access Control to Manage Operational Risks Caused by Insiders", Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, Vol. 1, No. 1, pp. 29-45.


Debin Liu, XiaoFeng Wang and L. Jean Camp, “Game Theoretic Modeling and Analysis of Insider Threats, International Journal of Critical Infrastructure Protection, Volume 1, December 2008, pp. 75-80.


Debin Liu, “The Economics of Proof-of-Work. Peer reviewed and accepted. I/S: A Journal of Law and Policy for the Information Society, Winter 2007.


Alexey Belyanin, Feng Xie, Debin Liu, Federico Capasso and Mariano Troccoli, “Coherent nonlinear optics with quantum cascade structures”. Peer reviewed. Journal of Modern Optics, Vol. 52, No. 16, November 2005.

 

Peer Reviewed Conferences

 

Markus Jakobsson and Debin Liu, “Bootstrapping Mobile PINs Using Passwords”. Oakland 2010, submitted.

 

Debin Liu, Ninghui Li, XiaoFeng Wang, and L. Jean Camp, “Beyond Risk-Based Access Control: Towards Incentive-Based Access Control”. FC 2011, St. Lucia, February 2011.

Debin Liu, L. Jean Camp, XiaoFeng Wang and Lusha Wang, “Using Budget-Based Access Control to Manage Operational Risks Caused by Insiders", JMIST10, Morioka, Iwate, Japan, June 2010.

 

Debin Liu, L. Jean Camp and XiaoFeng Wang, Mitigating Inadvertent Insider Threats with Incentives”. Peer reviewed. FC09, Barbados, February 2009.


Debin Liu, L. Jean Camp and XiaoFeng Wang, Game Theoretic Modeling and Analysis of Insider Threats”. IFIP WG 11.10, Arlington, Virginia, March 2008.


Farzeneh Asgapour, Debin Liu and L. Jean Camp, “Mental Models of Computer Security Risks”. WEIS 2007, Pittsburgh, PA, 7-8 June 2007.


Debin Liu, Farzaneh Asgharpour and L. Jean Camp, “Risk Communication in Security using Mental Models”, Usable Security 07, Tobago, February 2007.


Debin Liu and L. Jean Camp, “Proof of Work Can Work”. Peer reviewed. WEIS 2006, Cambridge, MA, 26-28 June 2006.


L. Jean Camp and Debin Liu, “Proof of Work {cannot, can, does currently} Work”, TPRC, Arlington, VA, September 30 2007.


Vivek Anandpara, Andrem Dingman, Markus Jakobsson, Debin Liu and Heather Roinestad, “Phishing IQ Tests Measure Fear, Not Ability”, Usable Security 07, Tobago, February 2007.


Presentations

 

"Using Budget-Based Access Control to Manage Operational Risks Caused by Insiders". MIST10, Morioka, Iwate, Japan, June 2010.

 

"Analysis and Mitigation of Insider Threats", Federal Reserve Bank of Kansas City, Kansas City, MO, June 2009.


"Information Security and Risk Management using Incentive Contract", Federal Reserve Bank of Kansas City, Kansas City, MO, September 2009.


"Mitigating Inadvertent Insider Threats with Incentives", Financial Cryptography and Data Security 09, Barbados, February 2009.


"Game Theoretic Modeling and Analysis of Insider Threats", The Second Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, Arlington, Virginia, March 2008.


"Game Theoretic Fight against Insider Threat", The Fourth Midwest Security Workshop, Chicago, Illinois, October 2007.


"Proof of Work can Work", The Fifth Workshop on the Economics of Informatics Security, Cambridge, U.K., June 2006.