Faculty & Adjuncts

Tyler Moore is an Associate Professor of Computer Science at the University of Tulsa, where he holds the Tandy Chair of Cyber Security and Information Assurance. His research focuses on security economics, cybercrime measurement, and cybersecurity policy. Dr. Moore serves as Director of StopBadware, a non-profit anti-malware organization. He is a founding Editor in Chief of the Journal of Cybersecurity, a new interdisciplinary journal published by Oxford University Press. He was a 2016-17 New America Cybersecurity Fellow. Prior to joining TU, he was a postdoctoral fellow at the Center for Research on Computation and Society (CRCS) at Harvard University, the Hess Visiting Assistant Professor of Computer Science at Wellesley College, and an assistant professor at Southern Methodist University. A British Marshall Scholar, Prof. Moore completed his PhD at the University of Cambridge, while he holds BS degrees in Computer Science and Applied Mathematics from the University of Tulsa.

Security Economics, Cybercrime Measurement, Critical Infrastructure Protection, Digital Currencies, Cybersecurity Policy, Wireless Network Security

All core undergraduate and graduate computer science courses, and advanced courses in my research specialties. Courses of special interest include Secure Electronic Commerce, Security Economics, Data Structures and Algorithms, Introduction to Cyber Security, Foundations of Cyber Security.

Journal Articles

• M. Jhaveri, O. Cetin, C. Ganán, T. Moore, and M. Eeten, “Abuse Reporting and the Fight Against Cybercrime,” ACM Computing Surveys (CSUR), vol. 49, no. 4, p. 68, 2017.

• M. Vasek, J. Wadleigh, and T. Moore, “Hacking is not random: a case-control study of webserver-compromise risk,” IEEE Transactions on Dependable and Secure Computing, vol. 13, no. 2, pp. 206–219, 2016.

• M. Riek, R. Böhme, and T. Moore, “Measuring the Influence of Perceived Cybercrime Risk on Online Service Avoidance,” IEEE Transactions on Dependable and Secure Computing, vol. 13, no. 2, pp. 261–273, 2016.

• O. Cetin, M. Jhaveri, C. Ganán, M. van Eeten, and T. Moore, “Understanding the role of sender reputation in abuse reporting and cleanup,” Journal of Cybersecurity, vol. 2, no. 1, pp. 83–98, 2016.

• [1]

  R. Böhme and T. Moore, “The ‘Iterated Weakest Link’ Model of Adaptive Security Investment”, vol. 7, pp. 81–102, 2016.
• [1]

  O. Cetin, M. Jhaveri, C. Ganan, M. van Eeten, and T. Moore, “Understanding the role of sender reputation in abuse reporting and cleanup”, in Workshop on the Economics of Information Security, 2015.
• [1]

  R. Böhme, N. Christin, B. Edelman, and T. Moore, “Bitcoin: Economics, Technology, and Governance”, vol. 29, pp. 213-38, 2015.
• [1]

  J. Drew and T. Moore, “Optimized Combined Clustering Methods for Finding Replicated Criminal Websites”, vol. 2014, 2014.
• [1]

  S. Papa, W. Casper, and T. Moore, “Securing wastewater facilities from accidental and intentional harm: a cost-benefit analysis”, vol. 6, pp. 96-106, 2013.
• [1]

  T. Moore, “The promise and perils of digital currencies”, vol. 6, pp. 147–149, 2013.
• [1]

  S. Landau and T. Moore, “Economic tussles in federated identity management”, vol. 17, 2012.
• [1]

  S. Landau and T. Moore, “Economic tussles in federated identity management”, in 10th Annual Workshop on the Economics of Information Security (WEIS), 2011.
• [1]

  T. Moore and R. Clayton, “The Impact of Public Information on Phishing Attack and Defense”, vol. 1, pp. 45-68, 2011.
• [1]

  T. Moore, “Investigating the abuse of search engines to promote illicit online pharmacies”, 2011.
• [1]

  T. Moore, “The economics of cybersecurity: Principles and policy options”, vol. 3, pp. 103 – 117, 2010.
• [1]

  R. Böhme and T. Moore, “The Iterated Weakest Link”, vol. 8, pp. 53-55, 2010.
• [1]

  T. Moran and T. Moore, “The Phish-Market Protocol: Secure Sharing Between Competitors”, vol. 8, pp. 40-45, 2010.
• [1]

  T. Moore, R. Clayton, and R. Anderson, “The Economics of Online Crime”, vol. 23, pp. 3–20, 2009.
• [1]

  T. Moore, “How wise are crowds when assessing phishing websites?”, 2008.
• [1]

  T. Moore, “Phishing and the Economics of E-crime”, vol. 4, pp. 34–37, 2007.
• [1]

  J. Clulow and T. Moore, “Suicide for the common good: a new strategy for credential revocation in self-organizing systems”, vol. 40, pp. 18-21, 2006.
• [1]

  R. Anderson and T. Moore, “The Economics of Information Security”, vol. 314, pp. 610-613, 2006.
• [1]

  T. Moore and R. Anderson, “Trends in Security Economics”, vol. 1, pp. 6–7, 2005.

Conference Proceedings

• T. Moore, S. Dynes, and F. Chang, “Identifying how firms manage cybersecurity investment,” in 15th Workshop on the Economics of Information Security (WEIS), 2016.

• M. Vasek, M. Weeden, and T. Moore, “Measuring the Impact of Sharing Abuse Data with Web Hosting Providers,” in ACM Workshop on Information Sharing and Collaborative Security, 2016, pp. 71–80.

• [1]

  M. Vasek, J. Bonneau, R. Castellucci, C. Keith, and T. Moore, “The Bitcoin brain drain: Examining the Use and Abuse of Bitcoin Brain Wallets”, in Financial Cryptography and Data Security, 2016.

• A. Feder, N. Gandal, J. T. Hamrick, and T. Moore, “The Impact of DDoS and Other Security Shocks on Bitcoin Currency Exchanges: Evidence from Mt. Gox,” in 15th Workshop on the Economics of Information Security (WEIS), 2016.

• [1]

  J. Drew, M. Hahsler, and T. Moore, “Polymorphic Malware Detection Using Sequence Classification Methods”, in Workshop on Bio-inspired Security, Trust, Assurance and Resilience (BioStar), IEEE Security and Privacy Workshops (SPW), 2016, pp. 81–87.
• [1]

  O. Cetin, M. Jhaveri, C. Ganan, M. van Eeten, and T. Moore, “Understanding the role of sender reputation in abuse reporting and cleanup”, in Workshop on the Economics of Information Security, 2015.
• [1]

  R. Clayton, T. Moore, and N. Christin, “Concentrating Correctly on Cybercrime Concentration”, in Workshop on the Economics of Information Security, 2015.
• [1]

  F. Moore and R. Sullivan, “The Economics of Retail Payments Security”, in Fifth International Payments Policy Conference: The Puzzle of Payments Security, Federal Reserve Bank of Kansas City, 2015.
• [1]

  T. Moore and R. Clayton, “Which Malware Lures Work Best? Measurements from a Large Instant Messaging Worm”, in APWG Symposium on Electronic Crime Research, 2015.
• [1]

  J. Wadleigh, J. Drew, and T. Moore, “The E-Commerce Market for ‘Lemons’: Identification and Analysis of Websites Selling Counterfeit Goods”, in International World Wide Web Conference (Security and Privacy Track), 2015, pp. 1188-1197.
• [1]

  M. Vasek and T. Moore, “There’s no free lunch, even using Bitcoin: Tracking the Popularity and Profits of Virtual Currency Scams”, in Financial Cryptography and Data Security, 2015, vol. 8975, pp. 44-61.
• [1]

  N. Leontiadis, T. Moore, and N. Christin, “A Nearly Four-Year Longitudinal Study of Search-Engine Poisoning”, in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014, pp. 930–941.
• [1]

  J. Drew and T. Moore, “Automatic Identification of Replicated Criminal Websites Using Combined Clustering”, in International Workshop on Cyber Crime (IWCC), IEEE Security and Privacy Workshops, 2014.
• [1]

  “Financial Cryptography and Data Security – 18th International Conference, FC 2014, Revised Selected Papers”, in Financial Cryptography and Data Security, 2014, vol. 8438.
• [1]

  M. Riek, R. Böhme, and T. Moore, “Understanding the Influence of Cybercrime Risk on the E-Service Adoption of European Internet Users”, in 13th Annual Workshop on the Economics of Information Security (WEIS), 2014.
• [1]

  M. Vasek, M. Thornton, and T. Moore, “Empirical Analysis of Denial-of-Service Attacks in the Bitcoin Ecosystem”, in 1st Workshop on Bitcoin Research, 2014, vol. 8438, pp. 57–71.
• [1]

  B. Johnson, A. Laszka, J. Grossklags, M. Vasek, and T. Moore, “Game-Theoretic Analysis of DDoS Attacks Against Bitcoin Mining Pools”, in 1st Workshop on Bitcoin Research, 2014, vol. 8438, pp. 72–86.
• [1]

  M. Vasek and T. Moore, “Identifying Risk Factors for Webserver Compromise”, in Financial Cryptography and Data Security, 2014, vol. 8437, pp. 326–345.
• [1]

  T. Moore and R. Clayton, “The Ghosts of Banking Past: Empirical Analysis of Closed Bank Websites”, in Financial Cryptography and Data Security, 2014, vol. 8437, pp. 33–48.
• [1]

  M. Vasek and T. Moore, “Empirical Analysis of Factors Affecting Malware URL Detection”, in 8th APWG eCrime Researchers Summit (eCrime), 2013.
• [1]

  N. Leontiadis, T. Moore, and N. Christin, “Pick Your Poison: Pricing and Inventories at Unlicensed Online Pharmacies”, in ACM Conference on Electronic Commerce (EC), 2013, pp. 621-638.
• [1]

  T. Moore and N. Christin, “Beware the Middleman: Empirical Analysis of Bitcoin-Exchange Risk”, in Financial Cryptography and Data Security, 2013, vol. 7859, pp. 25-33.
• [1]

  B. Edwards, T. Moore, G. Stelle, S. Hofmeyr, and S. Forrest, “Beyond the Blacklist: Modeling Malware Spread and the Effect of Interventions”, in Proceedings of the New Security Paradigms Workshop,
  Bertinoro, Italy, September 19-21, 2012, 2012.
• [1]

  M. Vasek and T. Moore, “Do malware reports expedite cleanup? An experimental study”, in Proceedings of the 5th USENIX Workshop on Cyber Security Experimentation and Test, 2012.
• [1]

  R. Anderson, “Measuring the Cost of Cybercrime”, in 11th Annual Workshop on the Economics of Information Security (WEIS), 2012.
• [1]

  T. Moore, J. Han, and R. Clayton, “The Postmodern Ponzi Scheme: Empirical Analysis of High-Yield Investment Programs”, in Financial Cryptography and Data Security, 2012, vol. 7397, pp. 41-56.
• [1]

  T. Moore and R. Clayton, “Discovering Phishing Dropboxes Using Email Metadata”, in 7th APWG eCrime Researchers Summit (eCrime), 2012.
• [1]

  R. Böhme and T. Moore, “How Do Consumers React to Cybercrime?”, in APWG eCrime Researchers Summit (eCrime), 2012.
• [1]

  S. Landau and T. Moore, “Economic tussles in federated identity management”, in 10th Annual Workshop on the Economics of Information Security (WEIS), 2011.
• [1]

  T. Moore and R. Clayton, “Ethical Dilemmas in Take-Down Research”, in Workshop on the Ethics of Computer Security Research (Financial Cryptography Workshops), 2011, vol. 7126, pp. 154-168.
• [1]

  T. Moore, N. Leontiadis, and N. Christin, “Fashion crimes: trending-term exploitation on the web”, in ACM Conference on Computer and Communications Security (CCS), 2011, pp. 455-466.
• [1]

  N. Leontiadis, T. Moore, and N. Christin, “Measuring and Analyzing Search-Redirection Attacks in the Illicit Online Prescription Drug Trade”, in USENIX Security Symposium, 2011.
• [1]

  S. Hofmeyr, T. Moore, S. Forrest, B. Edwards, and G. Stelle, “Modeling Internet-Scale Policies for Cleaning up Malware”, in 10th Annual Workshop on the Economics of Information Security (WEIS), 2011.
• [1]

  “Critical Infrastructure Protection IV – Fourth Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, ICCIP 2010, Washington, DC, USA, March 15-17, 2010, Revised Selected Papers”, 2010, vol. 342.
• [1]

  T. Moore and B. Edelman, “Measuring the Perpetrators and Funders of Typosquatting”, in Financial Cryptography and Data Security, 2010, vol. 6052, pp. 175-191.
• [1]

  T. Moran and T. Moore, “The Phish-Market Protocol: Securely Sharing Attack Data between Competitors”, in Financial Cryptography and Data Security, 2010, vol. 6052, pp. 222-237.
• [1]

  T. Moore, A. Friedman, and A. Procaccia, “Would a ’cyber warrior’ protect us: exploring trade-offs between attack and defense of information systems”, in New Security Paradigms Workshop (NSPW), 2010, pp. 85-94.
• [1]

  T. Moore and R. Clayton, “Evil Searching: Compromise and Recompromise of Internet Hosts for Phishing”, in Financial Cryptography and Data Security, 2009, vol. 5628, pp. 256-272.
• [1]

  T. Moore, R. Clayton, and H. Stern, “Temporal correlations between spam and phishing websites”, in Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more, 2009.
• [1]

  R. Böhme and T. Moore, “The Iterated Weakest Link – A Model of Adaptive Security Investment”, in 8th Annual Workshop on the Economics of Information Security (WEIS), 2009.
• [1]

  T. Moore and R. Clayton, “Evaluating the Wisdom of Crowds in Assessing Phishing Websites”, in Financial Cryptography and Data Security, 2008, vol. 5143, pp. 16-30.
• [1]

  T. Moore, M. Raya, J. Clulow, P. Papadimitratos, R. Anderson, and J.-P. Hubaux, “Fast Exclusion of Errant Devices from Vehicular Networks”, in Proceedings of the Fifth Annual IEEE Communications Society
  Conference on Sensor, Mesh and Ad Hoc Communications and
  Networks (SECON), 2008, pp. 135-143.
• [1]

  R. Anderson, R. Böhme, R. Clayton, and T. Moore, “Security Economics and European Policy”, in Information Security Solutions Europe (ISSE), 2008, pp. 57-76.
• [1]

  T. Moore and R. Clayton, “The Consequence of Non-Cooperation in the Fight Against Phishing”, in APWG eCrime Researchers Summit, 2008, pp. 1-14.
• [1]

  T. Moore and R. Clayton, “An Empirical Analysis of the Current State of Phishing Attack and Defence”, in 6th Annual Workshop on the Economics of Information Security (WEIS), 2007.
• [1]

  T. Moore and R. Clayton, “Examining the impact of website take-down on phishing”, in APWG eCrime Researchers Summit, 2007, vol. 269, pp. 1-13.
• [1]

  R. Anderson and T. Moore, “Information Security Economics – and Beyond”, in 27th Annual International Cryptology Conference (CRYPTO), 2007, vol. 4622, pp. 68-91.
• [1]

  T. Moore, J. Clulow, S. Nagaraja, and R. Anderson, “New Strategies for Revocation in Ad-Hoc Networks”, in 4th European Workshop on Security and Privacy in Ad-hoc and Sensor Networks (ESAS), 2007, vol. 4572, pp. 232-246.
• [1]

  T. Moore and J. Clulow, “Secure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks”, in Proceedings of the IFIP TC-11 22nd International
  Information Security Conference (IFIP SEC), 2007, vol. 232, pp. 157-168.
• [1]

  “Security and Privacy in Ad-hoc and Sensor Networks, 4th European Workshop, ESAS 2007, Cambridge, UK, July 2-3, 2007, Proceedings”, 2007, vol. 4572.
• [1]

  T. Moore, “A Collusion Attack on Pairwise Key Predistribution Schemes for Distributed Sensor Networks”, in 4th IEEE Conference on Pervasive Computing and Communications Security (PerSec), 2006, pp. 251-255.
• [1]

  J. Clulow, G. Hancke, M. Kuhn, and T. Moore, “So Near and Yet So Far: Distance-Bounding Attacks in Wireless Networks”, in 3rd European Workshop on Security and Privacy in Ad-hoc and Sensor Networks (ESAS), 2006, vol. 4357, pp. 83-97.
• [1]

  T. Moore, “The Economics of Digital Forensics”, in 5th Annual Workshop on the Economics of Information Security (WEIS), 2006.
• [1]

  T. Moore, “Countering Hidden-Action Attacks on Networked Systems”, in 4th Annual Workshop on the Economics of Information Security (WEIS), 2005.
• [1]

  T. Kosloff, T. Moore, J. Keller, G. Manes, and S. Shenoi, “Attacks on public telephone networks: technologies and challenges”, in SPIE 5071, Sensors, and Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Defense and Law Enforcement II, 72, 2003, pp. 72-83.
• [1]

  T. Kosloff, T. Moore, J. Keller, G. Manes, and S. Shenoi, “SS7 Messaging Attacks on Public Telephone Networks: Attack Scenarios and Detection”, in Workshop on the Scientific Aspects of Cyber Terrorism, 2002.
• [1]

  “Securing SS7 Telecommunications Networks”, in Second IEEE Systems, Man and Cybernetics Information Assurance Workshop, 2001.

Books

• [1]

  Economics of Information Security and Privacy. Springer, 2010.

Book Chapters

• [1]

  T. Moore and R. Anderson, “Internet Security”, in The Oxford Handbook of the Digital Economy, Oxford University Press, 2012, pp. 572-599.
• [1]

  T. Moore, “The economics of cybersecurity: Principles and policy options”, in Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy, The National Academies Press, 2010, pp. 3–23.
• [1]

  T. Moore, “The economics of cybersecurity: Principles and policy options”, vol. 3, pp. 103 – 117, 2010.
• [1]

  R. Anderson, T. Moore, S. Nagaraja, and A. Ozment, “Incentives and Information Security”, in Algorithmic Game Theory, Cambridge University Press, 2007, pp. 633-649.
• [1]

  C. Swenson, T. Moore, and S. Shenoi, “GSM Cell Site Forensics”, in Advances in Digital Forensics II, vol. 222, Springer, 2006, pp. 259-272.
• [1]

  T. Moore, A. Meehan, G. Manes, and S. Shenoi, “Using Signaling Information in Telecom Network Forensics”, in Advances in Digital Forensics, vol. 194, Springer, 2005, pp. 177-188.

Other

• [1]

  T. Moore, “Workshop Report: DIMACS Workshop on Information Security Economics”. 2007.

• Research and Dissertation
• Research and Thesis
• Secure Electronic Commerce
• Introduction to Cyber Security
• Foundations of Cyber Security
• Programming Languages and Structures
• Security Economics
• Data Structures
• Independent Study