Michel Cukier is the director for the Advanced Cybersecurity Experience for Students (ACES) and the associate director for education for the Maryland Cybersecurity Center. He also an associate professor of reliability engineering with a joint appointment in the Department of Mechanical Engineering.
His research covers dependability and security issues. His latest research focuses on the empirical quantification of cybersecurity. He has published more than 70 papers in journals and refereed conference proceedings in those areas.
He was the program chair of the 21st IEEE International Symposium on Software Reliability Engineering (ISSRE 2010) and the program chair of the Dependable Computing and Communication Symposium of the IEEE International Conference on Dependable Systems and Networks (DSN-2012).
Cukier is the primary investigator of a National Science Foundation REU Site on cybersecurity in collaboration with Women in Engineering, where more than 85 percent of the participants are female students. He co-advises the UMD Cybersecurity Club, which has a membership of more than 400 students.
He received a degree in physics engineering from the Free University of Brussels, Belgium, in 1991, and a doctorate in computer science from the National Polytechnic Institute of Toulouse, France, in 1996. From 1996 to 2001, he was a researcher in the Perform research group in the Coordinated Science Laboratory at the University of Illinois, Urbana-Champaign. He joined the University of Maryland in 2001 as an assistant professor.
2011. How secure are networked office devices? :465-472.
2011. Characterizing Attackers and Attacks: An Empirical Study. :174-183.
2009. Prioritizing Vulnerability Remediation by Determining Attacker-Targeted Vulnerabilities. Security Privacy, IEEE. 7(1):42-48.
2009. Evaluating Attack Resiliency for Host Intrusion Detection Systems. Journal of Information Assurance and Security. 4(1):001-009.
2009. An evaluation of connection characteristics for separating network attacks. International Journal of Security and Networks. 4(1):110-124.
2009. Analyzing the process of installing rogue software. :560-565.
2008. Experiences with building an intrusion-tolerant group communication system. Software: Practice and Experience. 38(6):639-666.
2008. Finding Corrupted Computers Using Imperfect Intrusion Prevention System Event Data. Computer Safety, Reliability, and Security. 5219:221-234.
2007. Profiling Attacker Behavior Following SSH Compromises. :119-124.
2007. Password Changes: Empirical Results. Computers and Software Engineering.
2007. Applying Software Reliability Models on Security Incidents. :159-168.
2007. A Comparison between Internal and External Malicious Traffic. :109-114.
2007. Archetypal behavior in computer security. Journal of Systems and Software. 80(10):1594-1606.
2006. An architecture for adaptive intrusion-tolerant applications. Software: Practice and Experience. 36(11-12):1331-1354.
2006. Modeling and Simulation of the Escalation Archetype in Computer Security. Symposium on Simulation Software Security (SSSS 06). 38(2):495-495.
2006. Modeling the Symptomatic Fixes Archetype in Enterprise Computer Security. 1:178-188.
2006. Assessing the Attack Threat due to IRC Channels. :467-472.
2006. A Statistical Analysis of Attack Data to Separate Attacks. :383-392.
2005. Automated checking for Windows host vulnerabilities. :10pp.-148-10pp.-148.
2004. Ferret: a host vulnerability checking tool. :389-394.
2004. A global-state-triggered fault injector for distributed system evaluation. Parallel and Distributed Systems, IEEE Transactions on. 15(7):593-605.
2003. Formal verification of an intrusion-tolerant group membership protocol. IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS E SERIES D. 86(12):2612-2622.
2003. AQuA: an adaptive architecture that provides dependable distributed objects. Computers, IEEE Transactions on. 52(1):31-50.
2003. An adaptive quality of service aware middleware for replicated services. Parallel and Distributed Systems, IEEE Transactions on. 14(11):1112-1125.
2002. Experimental Evaluation of the Unavailability Induced by a Group Membership Protocol. Dependable Computing EDCC-4. 2485:644-648.
2002. Passive replication schemes in AQuA. :125-130.
2002. Probabilistic validation of intrusion tolerance. :78-79.
2001. A dynamic replica selection algorithm for tolerating timing faults. :107-116.
2001. An adaptive algorithm for tolerating value faults and crash failures. Parallel and Distributed Systems, IEEE Transactions on. 12(2):173-192.
2001. Intrusion tolerance approaches in ITUA. 64
2000. Loki: a state-driven fault injector for distributed systems. :237-242.
1999. Building dependable distributed applications using AQUA. :189-196.
1999. Coverage estimation methods for stratified fault-injection. Computers, IEEE Transactions on. 48(7):707-723.
1998. Frequentist and Bayesian Coverage Estimations for Stratified Fault-Injection. DEPENDABLE COMPUTING AND FAULT TOLERANT SYSTEMS. 11:43-62.
1996. On stratified sampling for high coverage estimations. Dependable Computing — EDCC-2. 1150:35-54.
1994. Software reliability analysis of three successive generations of a Switching System. Dependable Computing — EDCC-1. 852:471-490.