Cyberspace of Shujun LI



Usable Security/HCI in General: NIST Visualization and Usability Group (NIST Usability and Security, Biometrics and Usability, Industry Usability Reporting/Standards, Industry USability Reporting (IUSR) Project) BCS Usability News emotion icon Richard Conlan's Blog on Usable Security emotion icon HCISec Bibliography SOUPS - Symposium On Usable Privacy and Security Soups-announce -- Announcements related to the Symposium On Usable Privacy and Security (SOUPS) emotion icon HCI Bibliography User Experience Professionals Association (UXPA) (Usability Body of Knowledge; Journal of Usability Studies (JUS); UK Chapter of the User Experience Professionals' Association) Interaction Design Foundation Human-Computer Interaction Resource Network Human-Centered Computing Education Digital Library

Human Cognitive Architectures and Models: ACT-R (ACT-R users primary mailing list) jACT-R CCMSuite (Python ACT-R) Soar OpenCog emotion icon CogTool (@github; CogTool-Explorer) Cogulator Apex (Documentation Wiki) SANLab-CM (Old Project Page) emotion icon AutoCWW2
Eye-Tracking: Tobii SensoMotoric Instruments (SMI) Pupil Labs Visual Interaction (myGaze) Smart Eye Interactive Minds Gazepoint

User Authentication and Identity Management

General: Open Credentials W3C CCG (Credentials Community Group) (@W3C) W3C WebID emotion icon FIDO (Fast IDentity Online) Alliance OATH - Initiative for Open Authentication OpenID Foundation OAuth Central Authentication Service (CAS) OASIS Identity and Trusted Infrastructure (IDtrust) Member Section Kantara Initiative (Liberty Alliance) Identity Commons Internet Identity Workshop (IIW) emotion icon Ping Identity Corporation Identity Woman Risk-based Authentication @ Ruhr University Bochum emotion icon National Strategy for Trusted Identities in Cyberspace (NSTIC) Deidentification@NIST.GOV

Password Checkers, Meters, Crackers and Analyzers: Research Papers on Password-based Cryptography Xato - Passwords & Security emotion icon Have I been pwned? (Pwned Passwords, API) Firefox Monitor SecLists (Passwords) Skull Security Wiki (Passwords) Yahoo Password Frequency Corpus emotion icon PARS (Password Analysis and Research System) Password Hashing Competition Password Multi-Checker Tool @ Concordia emotion icon zxcvbn (Dropbox's Password Meter) CMU-CUPS-CHI2017 data-driven password meter (@github) passwdqc Google Password Strength API The Password Meter ( Oracle Password Checker Javascript Password Strength Meter Password Checker @ My1Login Kaspersky Password Checker Password Checker @ Password strength checker @ ProPrivacy emotion icon hashcat HashView Hashcat GUI John the Ripper password cracker John the Ripper (JtR) ophcrack THC-Hydra OMEN (Ordered Markov ENumerator) RainbowCrack Cain & Abel Medusa Parallel Network Login Auditor fgdump L0phtCrack Phraser emotion icon The Sprawl (PACK - Password Analysis and Cracking Toolkit, automatic password rule analysis and generation) AccessData Password Recovery Toolkit® (PRTK®) Pipal (Password Analyser) (@Github) Passpal Cain and Abel
Password Cracking Corpra: Mark Kantrowitz's Name Corpus Oxford Reference "Name Studies" dictionaries Lists of most common surnames @ Wikipedia emotion icon Chinese-Names-Corpus @ GitHub family_name_handle @ GitHub 汉姓罗马字标注 @ Wikipedia 中国姓氏排名 @ Wikipedia
Password Management and Generation: Password Safe KeePass LastPass RoboForm Clipperz (@Github) Dashlane emotion icon PasswordMaker pa55 Passphrase Generator @

User Authentication: Graphical User Authentication emotion icon fastword Blue Moon Authentication True Key AGSES Group (myAGSES Services) Giesecke & Devrient GmbH SecuTech KOBIL Systems (mIDentity Series; Card Readers, IDToken; SecOPTIC, SecoVID; AST - Application Security Technology) VASCO Data Security International, Inc. PassWindow SyferLock (Grid2Form™, GridSoftToken™, GridAdvanced™) Device Authority Yubico Session Juggler BlueProximity emotion icon How unique are your usernames?

Mobile Security and Privacy: TaintDroid AntiTaintDroid (ScrubDroid) DroidBox Android-Application-SandBox (AASandbox) Mobile-Sandbox Agrigento emotion icon SuSi – Sources and Sinks (@GitHub) Android-specific components of FlowDroid DroidForce DroidSafe AppAudit: Uncover Hidden Data Leaks in Apps (@GitHub) AppGuardian Device Analyzer ScanDal: Static Analyzer for Detecting Privacy Leaks in Android Applications Intent Fuzzer MindMac's IntentFuzzer LinkDroid (@Github) emotion icon DroidBench Stanford SecuriBench (Stanford SecuriBench Micro) emotion icon UI/Application Exerciser Monkey monkeyrunner droidRunner Dare: Dalvik Retargeting PATDroid (A Program Analysis Toolkit for Android) Androguard APKinspector Apktool Dedexer Soot DECAF (Dynamic Executable Code Analysis Framework) + DroidScope Simplify: Generic Android Deobfuscator PlayDrone: A Measurement Study of Google Play ProGuard DexGuard XSI-Android Purple Robot emotion icon CopperDroid EdgeMiner Tracedroid Dexter SandDroid @ XJTU Akana - Android App Interactive Analysis Enviroment (Eacus) NowSecure, Inc Lookout, Inc. VERACODE's Mobile Application Security solution VisualThreat Joe Sandbox Mobile Android Malware Genome Project emotion icon PrivMetrics emotion icon PlayDrone (@Github,

Human vs. Security

Human Computation: Human Computation Institute AAAI Conference on Human Computation and Crowdsourcing (HCOMP) Crowdsourcing and Human Computation @ Google Groups Journal of Artificial Intelligence Research's Special Track on Human Computation and AI
Human Interactive Proofs (HIPs) and Visual Analytics for Security: HIPs @ Aladdin.CMU emotion icon CAPTCHA VizSec (IEEE Symposium on Visualization for Cyber Security) SecVis - Security Visualization (The DAVIX Live CD) Visualisation work @ TREsPASS project emotion icon SecHCI GATE (Graphic Access Tabular Entry) SEa AUF Image Project

Social Engineering: Anti-Phishing Working Group (APWG) (APWG.EU) 中国反钓鱼网站联盟 Anti-Phishing Alliance of China (APAC) PhishTank OpenPhish Jose Nazario's Phishing Corpus (Nov 2004 - June 2005) Google Safe Browsing API (Protocolv2Spec: Client specification for the Google Safe Browsing v2.2 protocol) Report Suspected Phishing Sites to Symantec UAB PhishIQ™ Tool FraudWatch International Pty Ltd. Phishing and Pharming Information Site AA419 (Artists Against 419) emotion icon Identity Theft Surveys and Studies @ Privacy Rights Clearinghouse Identity Theft @ Federal Trade Commission (US) Identity Theft Resource Center Putting an End to Account-Hijacking Identity Theft @ FDIC (US) Financial Fraud Action UK emotion icon RSA Online Fraud Resource Center Cisco IronPort Phishing Overview MarkMonitor AntiFraud Websense (Security Labs, Attack Information Center) Trustwave Holdings, Inc. (SpiderLabs) Phishing Security Info @ Panda Security proofpoint (Wombat Security Technologies) Javelin Strategy & Research (Security, Risk & Fraud) PhishLabs PhishMe emotion icon Web Password Hashing (PwdHash) SpoofGuard Stanford SafeCache Stanford SafeHistory SpyBlock Netcraft Anti-Phishing Toolbar (Netcraft Phishing Site Feed)

Privacy, Anonymity and Internet Censorship

Data Protection and Privacy Laws: DLA Piper Global Data Protection Laws of the World - World Map Data Protection and Privacy Legislation Worldwide @ UNCTAD Data protection around the world @ CNIL emotion icon European Data Protection Board (EDPB) APEC Cross Border Privacy Rules System (CBPR)
Projects, Campaigns and Working Groups: Privacy By Design (PbD) W3C Privacy Page (P3P: The Platform for Privacy Preferences) IETF Geographic Location/Privacy Working Group MozPETs: Mozilla Privacy Enhancement Technologies Free Heaven Project (Anonymity Bibliography) Terms of Service; Didn't Read (ToS;DR) TOSBack - The Terms-Of-Service Tracker Usable Privacy Policy Project (Anonymity Bibliography) PrivacyCheck Privee
Organizations and Networks: Electronic Frontier Foundation (EFF) Electronic Privacy Information Center (EPIC) (, Online Guide to Practical Privacy Tools) International Association of Privacy Professionals (IAPP) DataGuidance Privacy International Open Rights Group (ORG) ProPrivacy Global Privacy Enforcement Network (GPEN) OECD Working Party on Information Security and Privacy (WPISP) Future of Privacy Forum (FPF) Privacy Rights Clearinghouse (PRC) Kantara Initiative Center for Democracy and Technology (CDT) Data Protection Network (DPN) emotion icon Cookie Clearinghouse The Economics of Privacy Pandab TRUSTe German BigBrotherAwards

Privacy Enhancing Technologies and Products: Mozilla - *privacy not included emotion icon Onoin Routing Tor Vidalia Talis (The Amnestic Incognito Live System) GNUnet Psiphon Ultrasurf Freegate Obscure Me: A Toolbox for Online Privacy Visual Privacy Advisor emotion icon U.S.-EU & U.S.-Swiss Safe Harbor Frameworks ( U.S.-EU Safe Harbor List, U.S.-Swiss Safe Harbor List) Do Not Track All About Do Not Track (DNT) Mobile Location Analytics Opt Out NAI (Network Advertising Initiative) Opt-out Tool Digital Advertising Alliance (DAA)Consumer Opt Out Page Google Ads Settings Microsoft Personalized Ad Preferences Yahoo! Ad Interest Manager BlueKai (Oracle) Consumers Opt-Out Page emotion icon Mozilla Lightbeam for Firefox AVG PrivacyFix Abine, Inc (DoNotTrackMe, DeleteMe, MaskMe) Princeton Web Transparency & Accountability Project (WebTAP) Ghostery, Inc. EFF's Privacy Badger Privacy Bird® PrivacyScore PrivySeal Panopticlick - How Unique is Your Web Browser? IBM Anonymization (EDDI) Library Cover Your Tracks @ EFF AmIUnique ASDUS (Automatic Segment Detection using Unsupervised and Supervised Learning) emotion icon International Workshop on Genome Privacy and Security iDASH Privacy & security workshop

Internet Censorship and Control: Collections of Peer-Reviewed Papers on Internet Censorship and Control emotion icon Internet Governance Forum (IGF) Global Network Initiative Citizen Lab Berkman Klein Center for Internet & Society at Harvard University Internet & Democracy Project OpenNet Initiative (ONI) Freedom House (Global Internet Freedom Program) Reporters Without Borders (RWB)/Reporters Sans Frontières (RSF) (Internet Freedom) Golden Shield Project @ Wikipedia emotion icon Chinese Firewall Test @

Valid XHTML 1.0 Transitional


Germany (CET)