The posters presented at HoTSoS 2017 are listed below. Posters relating to a specific Science of Security Hard Problem have the relevant icon following the title. Please see the legend to the right.
A VALUE MODEL FOR IMPLEMENTING CYBER METRICS AND BEST PRACTICES 
*Natalie Scala, *Emil Manuel, and †Paul Goethals
*Towson University, †United States Military Academy
ADVANCED METRICS FOR RISK-BASED ATTACK SURFACE APPROXIMATION
Christopher Theisen
North Carolina State University
AN INSTRUCTION SET RANDOMIZATION FRAMEWORK FOR DEVELOPING SECURE AND RESILIENT CPS 
Brad Potteiger
Vanderbilt University
ANALYSIS OF TWO PARALLEL SURVEYS ON CYBERSECURITY: USERS & SECURITY ADMINISTRATORS---
NOTABLE SIMILARITIES & DIFFERENCES 
*Sean Smith, *Vijay Kothari, †Jim Blythe, and ‡Ross Koppel
*Dartmouth College, †ISI, University of Southern California, ‡University of Pennsylvania
CYBER KNOWLEDGE IS HERE, BUT NOT EVENLY DISTRIBUTED
Susan Campbell, Sunhee Kim, Valerie Karuzis, Scott Jackson, Meredith Hughes, and Alison Tseng University of Maryland
EXPLORING DEFECT CATEGORIES FOR INFRASTRUCTURE AS CODE
Akond Rahman and Laurie Williams
North Carolina State University
FACTORS FOR DIFFERENTIATING HUMAN FROM AUTOMATED ATTACKS
Kelly Greeling, Alex Withers, and Masooda Bashir
University of Illinois at Urbana-Champaign
FARM: A TOOLKIT FOR FINDING THE APPROPRIATE LEVEL OF REALISM FOR MODELING
Jim Blythe
ISI at University of Southern California
FLAWED MENTAL MODELS LEAD TO BAD CYBER SECURITY DECISIONS: LET’S DO A BETTER JOB 
*Sean Smith, *Vijay Kothari, †Jim Blythe, and ‡Ross Koppel
*Dartmouth College, † ISI, University of Southern California,, ‡ University of Pennsylvania
FORMULATING A METHOD FOR USING SEARCH QUERY TRENDS AS A MEASURE OF MASS-USER INTEREST
Shaown Sarker, Andrew McNamara, and Jessica Staddon
North Carolina State University
IS THE GUARDIAN CAPABLE? A ROUTINE ACTIVITY THEORY APPROACH TO CYBER INTRUSION
ON HONEYPOT SYSTEMS
WINNING POSTER
Michael H. Becker, Michel Cukier, and David Maimon
University of Maryland
LEADING THE CONVOY: WHAT HAPPENS WHEN THEY KNOW WHAT THEY'RE DOING?
Carl Pearson, Allaire K. Welk, and Christopher B. Mayhorn
North Carolina State University
LEARNING FACTOR GRAPHS FOR PREEMPTING MULTI-STAGE ATTACKS IN CLOUD INFRASTRUCTURE
Phuong Cao, Zbigniew Kalbarczyk, and Ravishankar Iyer
University of Illinois at Urbana Champaign
MULTI-AGENT SYSTEM FOR DETECTING FALSE DATA INJECTION ATTACKS AGAINST THE POWER GRID
Esther Amullen
Tennessee State University
NO (PRIVACY) NEWS IS GOOD NEWS: AN ANALYSIS OF PRIVACY NEWS IN THE U. S. AND U. K. FROM 2010-2016
Karthik Sheshadri, Nirav Ajmeri, and Jessica Staddon
North Carolina State University
OBSIDIAN: A SAFER BLOCKCHAIN PROGRAMMING LANGUAGE
Jonathan Aldrich, Michael Coblenz, Tyler Etzel, Joshua Sunshine, Brad Myers, Eli Kanal, and Mark Sherman
Carnegie Mellon University
ON THE DISCONNECT BETWEEN CVSS SCORES AND VULNERABILITY BOUNTIES
Nuthan Munaiah and Andrew Meneely
Rochester Institute of Technology
SEMANTIC SIMILARITY IN SECURITY REGULATIONS
Sarah Elder, Hui Guo, Munindar Singh, and Laurie Williams
North Carolina State University
TOWARD EFFECTIVE ADOPTION OF SECURITY PRACTICES
Shams Al-Amin, Nirav Ajmeri, Emily Berglund, Jon Doyle, and Munindar P. Singh
North Carolina State University
TOWARD NORMATIVE THREAT MODELS TO PREVENT MISUSE
Özgür Kafalı, Munindar P. Singh, and Laurie Williams
North Carolina State University
TOWARDS PRIVACY-PRESERVING MOBILE APPS: A BALANCING ACT
*Dengfeng Li, *Wing Lam, *Wei Yang, *Zhengkai Wu, †Xusheng Xiao, and *Tao Xie
*University of Illinois at Urbana-Champaign and †Case Western Reserve University
USER INTERACTIONS AND PERMISSION USE ON ANDROID
Kristopher Micinski, Daniel Votipka, Rock Stevens, Nikolaos Kofinas, Jeff Foster, and Michelle L. Mazurek
University of Maryland
WHAT MAKES AIR FORCE CYBER WARFARE TRAINING HARD?
Lelyn Saner, Amber N. Bloomfield and Susan G. Campbell
University of Maryland