Prof Photo

Ariana Mirian

Email:

Curriculum Vitae or Resume

I currently work as a Senior Security Researcher at Censys. I completed my Ph.D in 2023 in Computer Science and Engineering at the University of California - San Diego.

I am broadly interested in quantifying and improving security processes using data and research science methods. Most recently, I've been exploring questions related to the Web and Internet scanning. In the past, I used large-scale empirical analyses to understand and improve security processes within an enterprise, examine user behaviors via network traffic, and answer Web related questions from the perspective of Chrome.

News
2024-11-23 --- Our paper titled "Understanding the Efficacy of Phishing Training in Practice" was accepted to IEEE S&P 2025! I am especially proud of this paper as it was the culmination of multiple years of work across many groups, and is a fantastic example of how and why we should be empirically quantifying security phenomenon.
2024-08-06 --- I presented two talks at Bsides Las Vegas! The first was an overview of some preliminary findings examining Internet Ephemerality (stay tuned for more!), and the second impromtu talk was a rehash of why we should be using Internet Measurement to answer our burning security questions, and some examples of how this plays out in practice.
2024-05-27 --- I presented at my first Bsides in Vancouver! I presented an argument of why we should be using Internet Measurement to answer our burning security questions, and some examples of how this plays out in practice.
Publications

Understanding the Efficacy of Phishing Training in Practice

Grant Ho, Ariana Mirian, Elisa Luo, Khang Tong, Euyhyun Lee, Lin Liu, Christopher A. Longhurst, Christian Dameff, Stefan Savage, Geoffrey M. Voelker

46th IEEE Symposium on Security and Privacy, San Francisco, California, 2025

An Empirical Analysis of Enterprise-Wide Mandatory Password Updates

Ariana Mirian, Grant Ho, Stefan Savage, Geoffrey M. Voelker

Annual Computer Security Applications Conference (ACSAC), Austin, Texas, 2023

Prioritizing Security Practices via Large-Scale Measurement of User Behavior

Ariana Mirian, advised by Stefan Savage and Geoff Voelker

Ph.D Dissertation, University of California, San Diego 2023

Defense Slides

Defense Video ("celebration" ends and slides begin at 11:00)

In the Line of Fire: Risks of DPI-triggered Data Collection

Ariana Mirian, Alisha Ukani, Ian Foster, Gautam Akiwate, Taner Halicioglu, Cynthia T. Moore, Alex C. Snoeren, Geoffrey M. Voelker, Stefan Savage

16th Cyber Security Experimentation and Test Workshop (CSET), Marina Del Rey, California, 2023

Forward Pass: On the Security Implications of Email Forwarding Mechanism and Policy

Enze Liu, Gautam Akiwate, Mattijs Jonker, Ariana Mirian, Grant Ho, Geoffrey M. Voelker, Stefan Savage

8th IEEE European Symposium on Security and Privacy (EuroS&P), Delft, Netherlands, 2023
Distinguished Paper Award Winner

Locked-In in During Lock-Down: Undergraduate Life on the Internet in a Pandemic

Alisha Ukani, Ariana Mirian, Alex C. Snoeren

21st Internet Measurement Conference (IMC), Virtual, November 2021

Who’s Got Your Mail? Characterizing Mail Service Provider Usage

Enze Liu, Gautam Akiwate, Mattijs Jonker, Ariana Mirian, Stefan Savage, Geoffrey M. Voelker

21st Internet Measurement Conference (IMC), Virtual, November 2021

CoResident Evil: Covert Communication in the Cloud With Lambdas

Anil Yelam, Shibani Subbareddy, Keerthana Ganesan, Stefan Savage, Ariana Mirian

The Web Conference, Ljubljana, Slovenia, April 2021

Hack for Hire: Investigating the Black Market of Retail Email Account Hacking Services

Ariana Mirian

ACM Queue, Volume 17 Issue 4, October 2019

Communications of the ACM, Volume 62 No. 12, December 2019

Measuring Security Practices and How They Impact Security

Louis DeKoven, Audrey Randall, Ariana Mirian, Gautam Akiwate, Ansel Blume, Lawrence K. Saul, Aaron Schulman, Geoffrey M.Voelker, Stefan Savage

19th Internet Measurement Conference (IMC), Amsterdam, Netherlands, October 2019

Web Feature Deprecation: A Case Study for Chrome

Ariana Mirian, Nikunj Bhagat, Caitlin Sadowski, Adrienne Porter Felt, Stefan Savage, Geoffrey M. Voelker

41st International Conference for Software Engineering, Software Engineering in Practice (ICSE SEIP), Montreal, Canada, May 2019

Hack for Hire: Exploring the Emerging Market for Account Hijacking

Ariana Mirian, Joe DeBlasio, Stefan Savage, Geoffrey M. Voelker, Kurt Thomas

The Web Conference, San Francisco, United States, May 2019

HTTPS Adoption in the Longtail

Ariana Mirian, Christopher Thompson, Stefan Savage, Geoffrey M. Voelker, Adrienne Porter Felt

Google Tech Report, 2018

Security Challenges in an Increasingly Tangled Web

Deepak Kumar, Zane Ma, Zakir Durumeric, Ariana Mirian, Joshua Mason, J. Alex Halderman, Michael Bailey

26th International World Wide Web Conference, Perth, Australia, April 2017

An Internet-Wide View of ICS Devices

Ariana Mirian, Zane Ma, David Adrian, Matthew Tischer, Thasphon Chuenchujit, Tim Yardley, Robin Berthier, Josh Mason, Zakir Durumeric, J. Alex Halderman, and Michael Bailey

14th Annual Privacy, Security and Trust Conference (PST), Auckland, NZ, December 2016

A Search Engine Backed by Internet Wide Scanning

Zakir Durumeric, David Adrian, Ariana Mirian, Michael Bailey, J. Alex Halderman

22nd ACM Computer and Communications Security (CCS), Denver, CO, October 2015

Neither Snow Nor Rain Nor MITM…An Empirical Analysis of Mail Delivery Security

Zakir Durumeric, David Adrian, Ariana Mirian, James Kasten, Kurt Thomas, Vijay Eranti, Nicolas Lidzborski, Elie Bursztein, Michael Bailey, J. Alex Halderman

15th ACM Internet Measurement Conference (IMC), Tokyo, October 2015
IRTF Applied Networking Research Prize (ANRP)

Industry Experience

Researcher ITS Security Team, ITS Security Team, 2021-2023

Assessed problems with security processes collaboration with IT employees around: vulnerability remediation, phishing training, security policy communications, and security education training effects on outcome.

Software Engineering Intern Metrics team, Google Chrome, 2018

Mentor: Nik Bhagat, Caitlin Sadowski, and Adrienne Porter Felt

Examined web feature deprecation process via Chrome, and developed a new set of guidelines and corresponding (internal) tool to better the deprecation process

Software Engineering Intern Enamel team, Google Chrome Security, 2017

Mentor: Adrienne Porter Felt and Emily Stark

Explored HTTPS adoption hurdles for small (longtail) site owners, which culminated in a publication submission.

Product Manager Intern RetailMeNot, 2014

Mentors: Jaimee McCord and Sonia Nagar

Successfully led a team of three other interns towards completion of a product (now deprecated) for the company.

Other Writings
2023-12-05 On Novelty
2023-06-28 On Finishing My PhD
2023-06-28 On Writing
Service
Usenix Security PC Member: 2021 - 2023
Usenix CSET PC Member: 2019 - 2021
Department Leadership
CSE Diversity, Equity, and Inclusion committee, 2018-2021
CSE Graduate Women in Computing, 2017-2021
CSE PhD Admissions Committee, 2017-2020
CSE Social Hour and Coffee Hour Chair, 2016-2017