University of Illinois at Urbana-Champaign
Illinois Advanced Research Center at Singapore (Illinois ARCS)

Dr. Carmen Cheh

Dr. Carmen Cheh
Dr. Carmen Cheh

Dr. Carmen Cheh
Research Scientist

Ph.D. in Computer Science from University of Illinois at Urbana-Champaign, Bachelor of Computing (Hons) from National University of Singapore

Research Interest:

Cyber-physical system security, threat modelling, critical infrastructure resilience

Research Grants:

  •  Co-Principal Investigator of ``Integrative Threat Modeling, Risk Assessment, and Security Control Management for Government Settings" project (2023-2024)
  • Co-Principal Investigator of ``Real-Time Deep Learning Networks for Fraud Detection in Modern E-Marketplace Systems" project (2022-2025)

Selected Publications:

  •  From Hindsight to Foresight: Enhancing Design Artifacts for Business Logic Flaw Discovery. C. Cheh, N. Tay, and B. Chen. Proceedings of the 38th Annual Computer Security Applications Conference (ACSAC 2022), Austin, Texas, December 5-9, 2022, pp. 400-411.
  • Design and User Study of a Constraint-based Framework for Business Logic Flaw Discovery. C. Cheh, N. Tay, and B. Chen. Proceedings of the IEEE Secure Development Conference (SecDev 2022), Atlanta, Georgia, October 18-20, 2022, pp. 91-99.
  • CyberSAGE: The Cyber Security Argument Graph Evaluation Tool. W. G. Temple, Y. Wu, C. Cheh, Y. Li, B. Chen, Z. T. Kalbarczyk, W. H. Sanders, and D. Nicol. Empirical Software Engineering, vol. 28, no. 1, article no. 18, December 2022.
  • CoToRu: Automatic Generation of Network Intrusion Detection Rules from Code. H. Tan, C. Cheh, and B. Chen. Proceedings of the IEEE International Conference on Computer Communications (INFOCOM 2022), pp. 720-729.
  • From Application Security Verification Standard (ASVS) to Regulation Compliance: A Case Study in Financial Services Sector. V. Tan, C. Cheh, and B. Chen. Proceedings of the 11th IEEE International Workshop on Software Certification (IWSC 2021), Wuhan, China, October 25, 2021, pp. 69-76.
  • Analyzing OpenAPI Specifications for Security Design Issues. C. Cheh and B. Chen. Proceedings of the IEEE Secure Development Conference (SecDev 2021), Atlanta, Georgia, October 18-20, 2021, pp. 15-22.
  • Data-Driven Model-Based Detection of Malicious Insiders via Physical Access Logs. C. Cheh, U. Thakore, A. Fawaz, B. Chen, W. Temple, and W. H. Sanders. ACM Transactions on Modeling and Computer Simulation 2019, vol. 29, no. 4, article no. 26, December 2019.
  • Determining the Tolerable Attack Surface that Preserves Safety of Cyber-Physical Systems. C. Cheh, A. Fawaz, M. A. Noureddine, B. Chen, W. Temple, and W. H. Sanders. Proceedings of the 23rd IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2018), Taipei, Taiwan, December 4-7, 2018, pp. 125-134.
  • Developing Models for Physical Attacks in Cyber-Physical Systems. C. Cheh, K. Keefe, B. Feddersen, B. Chen, W. G. Temple, and W. H. Sanders. Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy (CPS-SPC), Dallas, Texas, Nov. 3, 2017, pp. 49-55.