| 2012 | A move in the security measurement stalemate: elo-style ratings to quantify vulnerability. Wolter Pieters, Sanne H. G. van der Ven, Christian W. Probst |
| 2012 | All your base are belong to US. Richard Ford, Liam M. Mayron |
| 2012 | Argumentation logic to assist in security administration. Jeff Rowe, Karl N. Levitt, Simon Parsons, Elizabeth Sklar, Andy Applebaum, Sharmin Jalal |
| 2012 | Beyond the blacklist: modeling malware spread and the effect of interventions. Benjamin Edwards, Tyler Moore, George Stelle, Steven A. Hofmeyr, Stephanie Forrest |
| 2012 | Holographic vulnerability studies: vulnerabilities as fractures in interpretation as information flows across abstraction boundaries. Jedidiah R. Crandall, Daniela Oliveira |
| 2012 | Point-and-shoot security design: can we build better tools for developers? Sven Türpe |
| 2012 | Pools, clubs and security: designing for a party not a person. Zheng Dong, Vaibhav Garg, L. Jean Camp, Apu Kapadia |
| 2012 | Privacy is a process, not a PET: a theory for effective privacy practice. Anthony Morton, Martina Angela Sasse |
| 2012 | Someone to watch over me. Heather Richter Lipford, Mary Ellen Zurko |
| 2012 | The New Security Paradigms Workshop, NSPW '12, Bertinoro, Italy - September 18 - 21, 2012 Richard Ford, Mary Ellen Zurko, Cormac Herley, Tara Whalen |
| 2012 | The need for application-aware access control evaluation. William C. Garrison III, Adam J. Lee, Timothy L. Hinrichs |
| 2012 | Turtles all the way down: a clean-slate, ground-up, first-principles approach to secure systems. Sean Peisert, Edward B. Talbot, Matt Bishop |
| 2012 | Video-passwords: advertising while authenticating. Julie Thorpe, Amirali Salehi-Abari, Robert Burden |