Kevin Lee kvnl@duck.com

Hello, I'm Kevin! I'm a research scientist at J.P. Morgan AI Research. My interests are in usable security and technology policy.

I earned my Ph.D. in Computer Science from Princeton University, where I was advised by Arvind Narayanan. I was also affiliated with the Center for Information Technology Policy. My dissertation was about the gap between research and practice in user authentication.

My CV is available upon request.

Publications (Google Scholar)

Shortchanged: Uncovering and Analyzing Intimate Partner Financial Abuse in Consumer Complaints
Arkaprabha Bhattacharya, Kevin Lee, Vineeth Ravi, Jessica Staddon, and Rosanna Bellini.
ACM CHI Conference on Human Factors in Computing Systems. 2024.
[arXiv] [Citation]

The Digital-Safety Risks of Financial Technologies for Survivors of Intimate Partner Violence
Rosanna Bellini, Kevin Lee, Megan A. Brown, Jeremy Shaffer, Rasika Bhalerao, and Thomas Ristenpart.
USENIX Security Symposium. 2023.
[PDF] [Citation]

Security Policy Audits: Why and How
Arvind Narayanan and Kevin Lee.
IEEE Security & Privacy, Volume 21, Issue 2, March-April 2023, pp 77-81.
[arXiv (full)] [Publisher] [Citation]

The Research-Practice Gap in User Authentication
Kevin Lee.
Doctoral dissertation.
[DataSpace]

Password policies of most top websites fail to follow best practices
Kevin Lee, Sten Sjöberg, and Arvind Narayanan.
Symposium on Usable Privacy and Security (SOUPS). 2022.
[PDF] [Citation] [Project website]

Security and Privacy Risks of Number Recycling at Mobile Carriers in the United States
Kevin Lee and Arvind Narayanan.
APWG Symposium on Electronic Crime Research (eCrime). 2021.
Awarded best student paper.
[PDF] [Publisher] [Citation] [Project website]

Adapting Security Warnings to Counter Online Disinformation
Ben Kaiser, Jerry Wei, Eli Lucherini, Kevin Lee, J. Nathan Matias, and Jonathan Mayer.
USENIX Security Symposium. 2021.
[PDF] [Citation]

BlockSci: Design and applications of a blockchain analysis platform
Harry Kalodner, Malte Möser, Kevin Lee, Steven Goldfeder, Martin Plattner, Alishah Chator, and Arvind Narayanan.
USENIX Security Symposium. 2020.
[PDF] [Citation] [Code]

An Empirical Study of Wireless Carrier Authentication for SIM Swaps
Kevin Lee, Ben Kaiser, Jonathan Mayer, and Arvind Narayanan.
Symposium on Usable Privacy and Security (SOUPS). 2020.
Cited in FCC proposed rulemaking.
[PDF] [Citation] [Project website]

An Empirical Analysis of Traceability in the Monero Blockchain
Malte Möser, Kyle Soska, Ethan Heilman, Kevin Lee, Henry Heffan, Shashvat Srivastava, Kyle Hogan, Jason Hennessey, Andrew Miller, Arvind Narayanan, and Nicolas Christin.
Proceedings on Privacy Enhancing Technologies, Volume 2018, Issue 3, pp 143-163.
[arXiv] [Publisher] [Citation] [Code]

Authenticated Data Structures for Privacy-Preserving Monero Light Clients
Kevin Lee and Andrew Miller.
IEEE Security & Privacy on the Blockchain (IEEE S&B). 2018.
[Publisher] [Citation]

Talks

The Research-Practice Gap in User Authentication
1st Workshop on User Safety in AI and Finance, Virtual Conference.
November 2, 2022.

The Research-Practice Gap in User Authentication
Doctoral dissertation defense.
June 30, 2022.
[Slides]

Fee Market Analysis Using BlockSci
UBRI Connect, Berkeley, CA, USA.
October 2019.