SPAM Lab

spam.png

Security and People At Mines (SPAM)

The SPAM lab focuses on improving security and privacy by studying how people interact with technology. Our research exists at the intersection of human behavior and security and privacy, employing a wide range of methodologies including surveys, interviews, vulnerability analysis, system design and evaluation, and large-scale data measurement.

Our goal is to enhance individuals’ understanding of and interactions with security and privacy by empirically evaluating their experiences, knowledge, and behaviors. Current research in the lab explores:

  • Security and privacy education at the K-12 level
  • Impacts of AI on security and privacy across diverse contexts, including education, software development, and research design
  • Adoption of secure tools and programming languages, such as fuzzers and Rust

Through this work, we provide evidence-based recommendations to advance secure software development, improve security and privacy education, and guide the responsible use of emerging AI technologies.

news

May 14, 2026 GOOD NEWS: Katy’s paper analyzing and characterizing the security and privacy topics covered by US K-12 teaching standards has been accepted at USENIX Security 2026!

selected publications

  1. USENIX
    Characterizing Security and Privacy Teaching Standards for Schools in the United States
    Katherine Limes, Nathan Malkin, and Kelsey R Fulton
    In USENIX Security Symposium, 2026
    PDF
  2. SOUPS
    Write, Read, or Fix? Exploring Alternative Methods for Secure Development Studies
    Kelsey R Fulton, Joseph Lewis, Nathan Malkin, and 1 more author
    In Symposium on Usable Privacy and Security, 2024
    PDF Slides
  3. CCS
    Understanding the How and the Why: Exploring Secure Development Practices through a Course Competition
    Kelsey R Fulton, Daniel Votipka, Desiree Abrokwa, and 3 more authors
    In ACM SIGSAC Conference on Computer and Communications Security, 2022
    PDF Slides
  4. SOUPS
    Benefits and Drawbacks of Adopting a Secure Programming Language: Rust as a Case Study
    Kelsey R Fulton, Anna Chan, Daniel Votipka, and 2 more authors
    In Symposium on Usable Privacy and Security, 2021
    PDF Slides