Home Schedule notes Assignment
In-Class Paper Presentation Paper List:
1. (Edwin Lopez) "DART: directed automated random testing", Godefroid, Patrice; Klarlund, Nils; Sen, Koushik. ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), 2005.
2. (Mayur Radha Jayaram) "EXE: automatically generating inputs of death", Cadar, Cristian and Ganesh, Vijay and Pawlowski, Peter M. and Dill, David L. and Engler, Dawson R. ACM Transaction on Information System Security, 2008.
3. () "Under-Constrained Symbolic Execution: Correctness Checking for Real Code", David A. Ramos, Stanford University; Dawson Engler, Stanford University, Usenix Security Symposium, 2015.
4. () "IntPatch: Automatically Fix Integer-Overflow-to-Buffer-Overflow Vulnerability at Compile-Time", Chao Zhang, Tielei Wang, Tao Wei, Yu Chen, and Wei Zou
Proc. of the 15th European Symposium on Research in Computer Security (ESORICS 2010), Athen, Greece, Sep. 2010
1. (Kiran George) "Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software", James Newsome, Dawn Song, Network and Distributed Systems Security Symposium (NDSS), 2005.
2. (Sahana Vishwanath) "DTA++: Dynamic Taint Analysis with Targeted Control-Flow Propagation". Min Gyung Kang, Stephen McCamant, Pongsin Poosankam, and Dawn Song. Proceedings of the 18th Annual Network and Distributed System Security Symposium (NDSS), 2011.
3. (Dushyant Sharma) "TaintEraser: protecting sensitive data leaks using application-level taint tracking". David (Yu) Zhu, Jaeyeon Jung, Dawn Song, Tadayoshi Kohno, and David Wetherall. SIGOPS Oper. Syst. Rev.,vol. 45(1), page(s): 142-154. January 2011.
1. (Anand Sundaresan) "Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds", Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security (CCS), Chicago, IL, November 2009.
2. (Shivkumar Murthy) "Verifiable privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking," W. Sun, B. Wang, N. Cao, M. Li, W. Lou, Y.T. Hou, and H. Li, IEEE Transactions on Parallel and Distributed Systems (TPDS), 2014.
3. (Soham Ganguly) "Privacy-preserving public auditing for data storage security in cloud computing", Cong Wang, Qian Wang, Kui Ren, Wenjing Lou, IEEE INFOCOM, 2010.
4. (Madhura Joshi) "Large-Scale Privacy-Preserving Mapping of Human Genomic Sequences on Hybrid Clouds", Yangyi Chen, Bo Peng, Xiaofeng Wang and Haixu Tang, NDSS Symposium 2012
5. (Tajreen Khan) "Shielding Applications from an Untrusted Cloud with Haven", Andrew Baumann, Microsoft Research; Marcus Peinado, Microsoft Research; Galen Hunt, Microsoft Research, OSDI '14.
1. (Ala'a Amarin) Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee. "BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection." In Proceedings of the 17th USENIX Security Symposium (Security'08), San Jose, CA, 2008.
2. (Liangding Li) Ping Wang, Sherri Sparks, Cliff C. Zou. "An Advanced Hybrid Peer-to-Peer Botnet", IEEE Transactions on Dependable and Secure Computing, 7(2), 113-127, April-June,2010.
3. (Cody Carty) "P2PWNED: Modeling and Evaluating the Resilience of Peer-to-Peer Botnets", Rossow, C.; Andriesse, D.; Werner, T.; Stone-Gross, B.; Plohmann, D.; Dietrich, C.J.; Bos, H., IEEE Symposium on Security and Privacy, 2013.
4. (Alvaro Velasquez) Guofei Gu, Junjie Zhang, and Wenke Lee. "BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic." In Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS'08), San Diego, CA, February 2008.
1. (Tanuj Palghamol) Yajin Zhou, Xuxian Jiang, "Detecting Passive Content Leaks and Pollution in Android Applications," Proceedings of the 20th Network and Distributed System Security Symposium (NDSS 2013), San Diego, CA, February 2013.
2. (Hari Raghav) "A Study of Android Application Security", William Enck, Damien Octeau, Patrick McDaniel,and Swarat Chaudhuri, USENIX Security Symposium, August 2011.
3. (Gaurav Kataria) Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu, Xuxian Jiang, "The Impact of Vendor Customizations on Android Security," Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS 2013), Berlin, Germany, November 2013.
4. (Alex Paul) Yuan Zhang, Min Yang, Bingquan Xu, Zhemin Yang, Guofei Gu, Peng Ning, X. Sean Wang and Binyu Zang. "Vetting Undesirable Behaviors in Android Apps with Permission Use Analysis." In Proc. of the 20th ACM Conference on Computer and Communications Security (CCS’13), Berlin, Germany, November 2013.
Social Networking Security
1. (Heather Lawrence) Chao Yang, Robert Harkreader, Jialong Zhang, Suengwon Shin, and Guofei Gu. "Analyzing Spammers' Social Networks For Fun and Profit -- A Case Study of Cyber Criminal Ecosystem on Twitter." in Proceedings of the 21st International World Wide Web Conference (WWW'12), Lyon, France, April 2012.
2. (Divyasree Sadhukhan) "Preserving Link Privacy in Social Network Based Systems". Prateek Mittal, Charalampos Papamanthou, Dawn Song. Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS). February 2013.
3. (Shriram Ganesh) "Efficient and Scalable Socware Detection in Online Social Networks", Md Sazzadur Rahman, Ting-Kai Huang, Harsha V. Madhyastha, Michalis Faloutsos, USENIX Security Symposium 2012 .
Virtual Machine Security
1. (Jerice McDonald) Garfinkel, Tal and Pfaff, Ben and Chow, Jim and Rosenblum, Mendel and Boneh, Dan. "Terra: A Virtual Machine-based Platform for Trusted Computing", Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles (SOSP'03), 2003.
2. (Somnath Saha) Payne, Bryan D. and Carbone, Martim and Sharif, Monirul and Lee, Wenke, "Lares: An Architecture for Secure Active Monitoring Using Virtualization", Proceedings of the 2008 IEEE Symposium on Security and Privacy (SP '08), 2008.
3. () Ryan Riley, Xuxian Jiang, Dongyan Xu, "Guest-Transparent Prevention of Kernel Rootkits with VMM-based Memory Shadowing," Proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection (RAID 2008), Boston, MA, September 2008.
4. () Zhi Wang, Xuxian Jiang, "HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity," Proceedings of the 31st IEEE Symposium on Security and Privacy (Oakland 2010), Oakland, CA, May 2010.
1. (Amiya Chakraborty) "Timing Analysis of Keystrokes and Timing Attacks on SSH". Song, Dawn Xiaodong and Wagner, David and Tian, Xuqing, USENIX Security Symposium, 2001.
2. (Xiaoyi Zhao) "On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces", Ivan Martinovic, Doug Daviesy, Mario Franky, Daniele Peritoy, Tomas Rosz, Dawn Song, USENIX Security Symposium 2012.
3. (Pavan Kamepalli) Zhenyu Wu, Zhang Xu, and Haining Wang, "Whispers in the Hyper-space: High-bandwidth and Reliable Covert Channel Attacks inside the Cloud", To appear in IEEE/ACM Transactions on Networking, 2014.
4. () Jeyavijayan Rajendran and Michael Sam , "Security Analysis of Integrated Circuit Camouflaging", ACM CCS 2013.
1. (Younis Othman) "Protecting Browsers from Extension Vulnerabilities", Adam Barth , Adrienne Porter Felt, Prateek Saxena, Aaron Boodman, NDSS Symposium 2010.
2. (Austin Jerome) "Automatically Detecting Vulnerable Websites Before They Turn Malicious", Kyle Soska, Carnegie Mellon University; Nicolas Christin, Carnegie Mellon University, USENIX Security '14.
1. (Ahmed Alhazmi) He, C., & Mitchell, J. C. "Security Analysis and Improvements for IEEE 802.11 i," In The 12th annual network and distributed system security symposium (NDSS'05), pp. 90-110, 2005.
1. (Kaveh Shamsi) C. Song, M. Alam, H. Moon, T. Kim. W. Lee "HDFI: Hardware Assisted Data Flow Isolation", S&P(Oakland), 2016.
2. (Dean Sullivan) "Enabling Client-Side Crash-Resistance to Overcome Diversification and Information Hiding" by Robert Gawlik, Benjamin Kollenda, Philipp Koppe, Behrad Garmany and Thorsten Holz, NDSS 2016.