| "HI-CFG: Construction by Binary Analysis, and Application to Attack
Polymorphism" Dan Caselden, Alex Bazhanyuk, Mathias Payer, Stephen McCamant and Dawn Song. ESORICS'13: European Symp. on Research in Comp. Security. September 2013. | BIB | |||||
| "Hot-Patching a Web Server: a Case Study of ASAP Code Repair" Mathias Payer and Thomas R. Gross In PST'13: Proc. Conf. on Privacy, Security, and Trust, 2013. * Conference Best Paper Award | ||||||
| "DynSec: On-the-fly Code Rewriting and Repair" Mathias Payer, Boris Bluntschli, and Thomas R. Gross In HotSWUp'13: 5th Usenix Workshop on Hot Topics in Software Upgrades, 2013. | ||||||
| "Practical Control Flow Integrity & Randomization for Binary Executables" Chao Zhang, Tao Wei, Zhaofeng Chen, Lei Duan, Stephen McCamant, Laszlo Szekeres, Dawn Song, Wei Zou. Proceedings of the 34rd IEEE Symposium on Security and Privacy (Oakland), May 2013. | ||||||
| "SoK: Eternal War In Memory" Laszlo Szekeres, Mathias Payer, Tao Wei, Dawn Song. To appear in Proceedings of the 34rd IEEE Symposium on Security and Privacy (Oakland), May 2013. | BIB | |||||
| "A Framework to Eliminate Backdoors from Response Computable Authentication" Shuaifu Dai, Tao Wei, Chao Zhang, Tielei Wang, Yu Ding, Wei Zou, Zhenkai Liang. In Proceedings of the 33rd IEEE Symposium on Security and Privacy (Oakland), May 2012. | ||||||
| "Path-Exploration Lifting: Hi-Fi Tests for Lo-Fi Emulators" Lorenzo Martignoni, Stephen McCamant, Pongsin Poosankam, Dawn Song, and Petros Maniatis. In Proceedings of the 17th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), March 2012. | BIB | |||||
| "MACE: Model-inference-Assisted Concolic Exploration for Protocol and Vulnerability Discovery" Chia Yuan Cho, Domagoj Babic, Pongsin Poosankam, Kevin Zhijie Chen, Edward XueJun Wu, and Dawn Song. In Proceedings of the 20th USENIX Security Symposium, August 2011. | BIB | |||||
| "Take Two Software Updates and See Me in the Morning: The Case for Software Security Evaluations of Medical Devices" Steve Hanna, Rolf Rolles, Andres Molina-Markham, Pongsin Poosankam, Kevin Fu, and Dawn Song. In Proceedings of the 2nd USENIX Workshop on Health Security and Privacy (HealthSec), August 2011. | BIB | |||||
| "Malware Analysis with Tree Automata Inference" Domagoj Babic, Daniel Reynaud, and Dawn Song. In Proceedings of the the 23rd Int. Conference on Computer Aided Verification (CAV), July 2011. | BIB | |||||
| "Statically-Directed Dynamic Automated Test Generation" Domagoj Babic, Lorenzo Martignoni, Stephen McCamant, and Dawn Song. In Proceedings of the ACM/SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), July 2011. | BIB | |||||
| "Differential Slicing: Identifying Causal Execution Differences for Security Applications" Noah M. Johnson, Juan Caballero, Kevin Zhijie Chen, Stephen McCamant, Pongsin Poosankam, Daniel Reynaud, and Dawn Song. In Proceedings of the IEEE Symposium on Security and Privacy, May 2011. | BIB | |||||
| "DTA++: Dynamic Taint Analysis with Targeted Control-Flow Propagation" Min Gyung Kang, Stephen McCamant, Pongsin Poosankam, and Dawn Song. In Proceedings of the 18th Annual Network and Distributed System Security Symposium, February 2011. | BIB | |||||
| "Inference and Analysis of Formal Models of Botnet Command and Control Protocols" Chia Yuan Cho, Domagoj Babic, Richard Shin and Dawn Song. In Proceedings of the 17th ACM Conference on Computer and Communication Security, October 2010. | BIB | |||||
| "Input Generation via Decomposition and Re-Stitching: Finding Bugs in Malware" Juan Caballero, Pongsin Poosankam, Stephen McCamant, Domagoj Babic, Dawn Song. In Proceedings of the 17th ACM Conference on Computer and Communication Security, October 2010. | BIB | Project | ||||
| "HookScout: Proactive Binary-Centric Hook Detection" Heng Yin, Pongsin Poosankam, Steve Hanna, and Dawn Song. In the Proceedings of the 7th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA'10), July 2010. | BIB | |||||
| "Insights from the Inside: A View of Botnet Management from Infiltration" Chia Yuan Cho, Juan Caballero, Chris Grier, Vern Paxson, Dawn Song. In Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, April 2010. | BIB | |||||
| "Binary Code Extraction and Interface Identification for Security Applications" Juan Caballero, Noah M. Johnson, Stephen McCamant, and Dawn Song. In Proceedings of the 17th Annual Network and Distributed System Security Symposium, February 2010. | BIB | |||||
| "Dispatcher: Enabling Active Botnet Infiltration using Automatic Protocol Reverse-Engineering" Juan Caballero, Pongsin Poosankam, Christian Kreibich, and Dawn Song. In Proceedings of the 16th ACM Conference on Computer and Communication Security, November 2009. | BIB | Project | ||||
| "Emulating Emulation-Resistant Malware" Min Gyung Kang, Heng Yin, Steve Hanna, Steve McCamant, and Dawn Song. In Proceedings of the 2nd Workshop on Virtual Machine Security, November 2009. | BIB | |||||
| "Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration" Juan Caballero, Zhenkai Liang, Pongsin Poosankam, and Dawn Song.. In Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection, September 2009. | BIB | Project | ||||
| "Loop-Extended Symbolic Execution on Binary Programs" Prateek Saxena, Pongsin Poosankam, Stephen McCamant, and Dawn Song. In Proceedings of the ACM/SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), July 2009. |
BIB | Project | ||||
| "Measuring Channel Capacity to Distinguish Undue Influence" James Newsome, Stephen McCamant, and Dawn Song. In Proceedings of the Fourth ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, June 2009. |
BIB | Project | ||||
| "Secure Content Sniffing for Web Browsers or How to Stop Papers from Reviewing Themselves" Adam Barth, Juan Caballero, and Dawn Song. In Proceedings of the IEEE Symposium on Security and Privacy, May 2009. |
BIB | Project | ||||
| "BinHunt: Automatically Finding Semantic Differences in Binary Programs" Debin Gao, Michael K. Reiter, and Dawn Song. In Proceedings of the 10th International Conference on Information and Communications Security (ICICS), October 2008. |
BIB | |||||
| "BitBlaze: A New Approach to Computer Security via Binary Analysis" Dawn Song, David Brumley, Heng Yin, Juan Caballero, Ivan Jager, Min Gyung Kang, Zhenkai Liang, James Newsome, Pongsin Poosankam, and Prateek Saxena. In Proceedings of the 4th International Conference on Information Systems Security (ICISS), December 2008. * Keynote Invited Paper |
BIB | |||||
| "Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications" David Brumley, Pongsin Poosankam, Dawn Song, and Jiang Zheng. In Proceedings of the IEEE Symposium on Security and Privacy, May 2008. |
BIB | Project | ||||
| "HookFinder: Identifying and Understanding Malware Hooking Behaviors" Heng Yin, Zhenkai Liang, and Dawn Song. In Proceedings of the 15th Annual Network and Distributed System Security Symposium, February 2008. |
BIB | Project | ||||
| "Polyglot: Automatic Extraction of Protocol Message Format
using Dynamic Binary Analysis." Juan Caballero, Heng Yin, Zhenkai Liang, and Dawn Song. In Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS), October 2007. |
BIB | Project | ||||
| "Panorama: Capturing System-wide Information Flow for
Malware Detection and Analysis." Heng Yin, Dawn Song, Manuel Egele, Christopher Kruegel, and Engin Kirda. In Proceedings of ACM Conference on Computer and Communication Security, Oct 2007. |
BIB | Project | ||||
| "Renovo: A Hidden Code Extractor for Packed Executables." Min Gyung Kang, Pongsin Poosankam, and Heng Yin. In Proceedings of the 5th ACM Workshop on Recurring Malcode (WORM), Oct 2007. |
BIB | Project | ||||
| "Towards Automatic Discovery of Deviations in Binary Implementations with
Applications to Error Detection and Fingerprint Generation." David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, and Dawn Song. In Proceedings of USENIX Security Symposium, Aug 2007. * Conference Best Paper Award |
BIB | Project | ||||
| "Creating Vulnerability Signatures Using Weakest Pre-conditions." David Brumley, Hao Wang, Somesh Jha, and Dawn Song. In Proceedings of Computer Security Foundations Symposium, Jul 2007. |
BIB | Project | ||||
| "Dynamic Spyware Analysis." Manuel Egele, Christopher Kruegel, Engin Kirda, Heng Yin, and Dawn Song. In Proceedings of USENIX Annual Technical Conference, Jun 2007. |
BIB | Project | ||||
| "Sweeper: a Lightweight End-to-End System for Defending against Fast Worms." Joseph Tucek, James Newsome, Shan Lu, Chengdu Huang, Spiros Xanthos, David Brumley, Yuanyuan Zhou, and Dawn Song. In Proceedings of European Conference on Computer Systems (EuroSys), Mar 2007. |
BIB | Project | ||||
| "Replayer: Automatic Protocol Replay by Binary Analysis." James Newsome, David Brumley, Jason Franklin, and Dawn Song. In Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS), October 2006. |
BIB | Project | ||||
| "Towards Automatic Generation of Vulnerability Signatures." David Brumley, James Newsome, Dawn Song, Hao Wang, and Somesh Jha. In Proceedings of the IEEE Symposium on Security and Privacy, May 2006. |
BIB | Project | ||||
| "Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software." James Newsome, David Brumley, and Dawn Song. In Proceedings of the 13th Annual Network and Distributed Systems Security Symposium (NDSS), 2006. |
BIB | Project | ||||
| "Dynamic Taint Analysis: Automatic Detection, Analysis, and Signature Generation of Exploit Attacks on Commodity Software" James Newsome and Dawn Song. In Proceedings of the Network and Distributed Systems Security Symposium, Feb 2005. |
BIB | Project |
| "Automatically Identifying Trigger-based Behavior in Malware" David Brumley, Cody Hartwig, Zhenkai Liang James Newsome, Dawn Song, and Heng Yin. Book chapter in "Botnet Analysis and Defense", Editors Wenke Lee et. al., 2007. |
BIB | Project | ||||
| "Sting: an End-to-End Self-healing System for Defending against Internet Worms" David Brumley, James Newsome, and Dawn Song. Book chapter in "Malware Detection and Defense", Editors Christodorescu, Jha, Maughn, Song, 2007. |
BIB | Project |
| "Transformation-Aware Symbolic Execution for System Test Generation" Stephen McCamant, Mathias Payer, Dan Caselden, Alex Bazhanyuk, and Dawn Song. UCB/EECS-2013-125, EECS Department, University of California, Berkeley, June 21, 2013. |
||||||
| "Transformation-aware Exploit Generation using a HI-CFG" Dan Caselden, Alex Bazhanyuk, Mathias Payer, Laszlo Szekeres, Stephen McCamant and Dawn Song. UCB/EECS-2013-85, EECS Department, University of California, Berkeley, May 16, 2013. |
||||||
| "Extracting Models of Security-Sensitive Operations using String-Enhanced White-Box Exploration on Binaries" Juan Caballero, Stephen McCamant, Adam Barth, and Dawn Song. UCB/EECS-2009-36, EECS Department, University of California, Berkeley, March 6, 2009. |
BIB | |||||
| "BitScope: Automatically Dissecting Malicious Binaries" David Brumley, Cody Hartwig, Min Gyung Kang, Zhenkai Liang James Newsome, Pongsin Poosankam, Dawn Song, and Heng Yin. CS-07-133, School of Computer Science, Carnegie Mellon University, March 18, 2007. |
BIB | Project | ||||
| "Sting: an End-to-End Self-healing System for Defending against Zero-day Worm Attacks on Commodity Software." James Newsome, David Brumley, and Dawn Song. Technical Report CMU-CS-05-191. |
BIB | Project |