The papers are separated by topic area.

Analysis of x86 Binaries

Recency-abstraction for heap-allocated storage.
Gogul Balakrishnan and Thomas Reps.
In 13th International Static Analysis Symposium (SAS).
Seoul, Korea, August 2006.

Intermediate-representation recovery from low-level code.
Thomas Reps, Gogul Balakrishnan, and Junghee Lim.
In Workshop on Partial Evaluation and Program Manipulation (PEPM).
Charleston, South Carolina, January 2006.
Invited paper.

Next-generation platform for analyzing executables.
Thomas Reps, Gogul Balakrishnan, Junghee Lim, and Tim Teitelbaum.
In 3rd Asian Symposium on Programming Languages and Systems.
Tsukuba, Japan, November 2005.
Invited paper.

WYSINWYX: What you see is not what you execute.
Gogul Balakrishnan, Thomas Reps, David Melski, and Tim Teitelbaum.
In IFIP Working Conference on Verified Software: Theories, Tools, Experiments.
Zurich, Switzerland, October 2005.

String analysis for x86 binaries.
Mihai Christodorescu, Nicholas Kidd, and Wen-Han Goh.
In 6th Workshop on Program Analysis for Software Tools and Engineering (PASTE).
Lisbon, Portugal, September 2005.
All student authors.

Recovery of variables and heap structure in x86 executables.
Gogul Balakrishnan and Thomas Reps.
Technical Report #1533, Computer Sciences Department, University of Wisconsin, Madison, Wisconsin, September 2005.

Model checking x86 executables with Codesurfer/x86 and WPDS++.
Gogul Balakrishnan, Thomas Reps, Nicholas Kidd, Akash Lal, Junghee Lim, David Melski, Radu Gruian, Suan Yong, Chi-Hua Chen, and Tim Teitelbaum.
In 17th International Conference on Computer Aided Verification (CAV).
Edinburgh, Scotland, July 2005.

CodeSurfer/x86—A platform for analyzing x86 executables.
Gogul Balakrishnan, Radu Gruian, Thomas Reps, and Tim Teitelbaum.
In 14th International Conference on Compiler Construction (CC).
Edinburgh, Scotland, April 2005.

Analyzing memory accesses in x86 executables.
Gogul Balakrishnan and Thomas Reps.
In 13th International Conference on Compiler Construction (CC).
Barcelona, Spain, April 2004.
Awarded best paper.

Alternate version:

Analyzing memory accesses in x86 binary executables.
Gogul Balakrishnan and Thomas Reps.
Technical Report #1486, Computer Sciences Department, University of Wisconsin, Madison, Wisconsin, July 2003.

Authorization

Mining security-sensitive operations in legacy code using concept analysis.
Vinod Ganapathy, David King, Trent Jaeger, and Somesh Jha.
In 29th International Conference on Software Engineering (ICSE'07).
Minneapolis, Minnesota, May 2007.

Reducing the dependence of SPKI/SDSI on PKI.
Hao Wang, Somesh Jha, Thomas Reps, Stefan Schwoon, and Stuart Stubblebine.
In 11th European Symposium on Research in Computer Security (ESORICS).
Hamburg, Germany, September 2006.

Retrofitting legacy code for authorization policy enforcement.
Vinod Ganapathy, Trent Jaeger, and Somesh Jha.
In 2006 IEEE Symposium on Security and Privacy.
Oakland, California, May 2006.

Alternate version:

Retrofitting legacy code for authorization policy enforcement.
Vinod Ganapathy, Trent Jaeger, and Somesh Jha.
Technical Report #1544, Computer Sciences Department, University of Wisconsin, Madison, Wisconsin, November 2005.

Distributed certificate-chain discovery in SPKI/SDSI.
Somesh Jha, Stefan Schwoon, Hao Wang, and Thomas W. Reps.
In 12th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS).
Vienna, Austria, March 2006.
Invited paper.

Alternate version:

Distributed certificate-chain discovery in SPKI/SDSI.
Stefan Schwoon, Hao Wang, Somesh Jha, and Thomas W. Reps.
Technical Report #1526, Computer Sciences Department, University of Wisconsin, Madison, Wisconsin, August 2005.

Towards automated authorization policy enforcement.
Vinod Ganapathy, Trent Jaeger, and Somesh Jha.
In 2nd Security Enhanced Linux Symposium.
Baltimore, Maryland, March 2006.

Automatic placement of authorization hooks in the Linux security modules framework.
Vinod Ganapathy, Trent Jaeger, and Somesh Jha.
In 12th ACM Conference on Computer and Communications Security (CCS).
Alexandria, Virginia, November 2005.

Reducing the dependence of trust-management systems on PKI.
Hao Wang, Somesh Jha, Thomas W. Reps, Stefan Schwoon, and Stuart Stubblebine.
Technical Report #1527, Computer Sciences Department, University of Wisconsin, Madison, Wisconsin, August 2005.

Security policy reconciliation in distributed computing environments.
Hao Wang, Somesh Jha, Miron Livny, and Patrick D. McDaniel.
In 5th International Workshop on Policies for Distributed Systems and Networks.
Yorktown Heights, New York, June 2004.

Alternate version:

Security policy reconciliation in distributed computing environments.
Hao Wang, Somesh Jha, Miron Livny, and Patrick D. McDaniel.
Technical Report #1499, Computer Sciences Department, University of Wisconsin, Madison, Wisconsin, May 2004.

Model checking SPKI/SDSI.
Somesh Jha and Thomas Reps.
In Journal of Computer Security 12, 3–4 (2004), 317–353.

On generalized authorization problems.
Stefan Schwoon, Somesh Jha, Thomas Reps, and Stuart Stubblebine.
In 16th IEEE Computer Security Foundations Workshop (CSFW).
Pacific Grove, California, June/July 2003.

Analysis of SPKI/SDSI certificates using model checking.
Somesh Jha and Thomas Reps.
In 15th IEEE Computer Security Foundations Workshop (CSFW).
Cape Breton, Nova Scotia, June 2002.

Invited for special submission to the Journal of Computer Security.

Fraud Detection

An auctioning reputation system based on anomaly detection.
Shai Rubin, Mihai Christodorescu, Vinod Ganapathy, Jonathon T. Giffin, Louis Kruger, Hao Wang, and Nicholas Kidd.
In 12th ACM Conference on Computer and Communications Security (CCS).
Alexandra, Virginia, November 2005.
All student authors.

Interprocedural Program Analysis

Path optimization in programs and its application to debugging.
Akash Lal, Junghee Lim, Marina Polishchuk, and Ben Liblit.
In 15th European Symposium on Programming (ESOP).
Vienna, Austria, March 2006.

Extended weighted pushdown systems.
Akash Lal, Thomas Reps, and Gogul Balakrishnan.
In 17th International Conference on Computer Aided Verification (CAV).
Edinburgh, Scotland, July 2005.

Weighted pushdown systems and their application to interprocedural dataflow analysis.
Thomas Reps, Stefan Schwoon, and Somesh Jha.
In 10th International Static Analysis Symposium.
San Diego, California, June 2003.

Intrusion Detection

Automated discovery of mimicry attacks.
Jonathon T. Giffin, Somesh Jha, and Barton P. Miller.
In 9th International Symposium on Recent Advances in Intrusion Detection (RAID).
Hamburg, Germany, September 2006.

On the completeness of attack mutation algorithms.
Shai Rubin, Somesh Jha, and Barton P. Miller.
In 19th Computer Security Foundations Workshop (CSFW).
Venice, Italy, July 2006.

Towards automatic generation of vulnerability-based signatures.
David Brumley, James Newsome, Dawn Song, Hao Wang, and Somesh Jha.
In IEEE Symposium on Security and Privacy.
Oakland, California, May 2006.

On effective model-based intrusion detection.
Jonathon T. Giffin, Somesh Jha, and Barton P. Miller.
Technical report #1543, Computer Sciences Department, University of Wisconsin, Madison, Wisconsin, November 2005.

Environment-sensitive intrusion detection.
Jonathon T. Giffin, David Dagon, Somesh Jha, Wenke Lee, and Barton P. Miller.
In 8th International Symposium on Recent Advances in Intrusion Detection (RAID).
Seattle, Washington, September 2005.

An architecture for generating semantics-aware signatures.
Vinod Yegneswaran, Jonathon T. Giffin, Paul Barford, and Somesh Jha.
In 14th USENIX Security Symposium.
Baltimore, Maryland, August 2005.

Alternate version:

Internet sieve: An architecture for generating resilient signatures.
Vinod Yegneswaran, Jonathon T. Giffin, Paul Barford, and Somesh Jha.
Technical Report #1507, Computer Sciences Department, University of Wisconsin, Madison, Wisconsin, May 2004.

Language-based generation and evaluation of NIDS signatures.
Shai Rubin, Somesh Jha, and Barton P. Miller.
In IEEE Symposium on Security and Privacy.
Oakland, California, May 2005.

Using attack mutation to test a high-end NIDS.
Shai Rubin, Somesh Jha, and Barton P. Miller.
In Information Security Bulletin 10, April 2005.

Automatic generation and analysis of NIDS attacks.
Shai Rubin, Somesh Jha, and Barton P. Miller.
In 20th Annual Computer Security Applications Conference (ACSAC).
Tuscon, Arizona, December 2004.
Awarded best paper and best student paper.

Alternate version:

Attack generation for NIDS testing using natural deduction.
Shai Rubin, Somesh Jha, and Barton P. Miller.
Technical Report #1496, Computer Sciences Department, University of Wisconsin, Madison, Wisconsin, January 2004.

Formalizing sensitivity in static analysis for intrusion detection.
Henry Hanping Feng, Jonathon T. Giffin, Yong Huang, Somesh Jha, Wenke Lee, and Barton P. Miller.
In IEEE Symposium on Security and Privacy.
Oakland, California, May 2004.

Efficient context-sensitive intrusion detection.
Jonathon T. Giffin, Somesh Jha, and Barton P. Miller.
In 11th Network and Distributed System Security Symposium (NDSS).
San Diego, California, February 2004.

Detecting manipulated remote call streams.
Jonathon T. Giffin, Somesh Jha, and Barton P. Miller.
In 11th USENIX Security Symposium.
San Francisco, California, August 2002.

Playing inside the black box: using dynamic instrumentation to create security holes.
B.P. Miller, M. Christodorescu, R. Iverson, T. Kosar, A. Mirgorodskii, and F. Popovici.
In Parallel Processing Letters 11, 2/3, pp. 267-280, June/September 2001.
Also appeared in the Second Los Alamos Computer Science Institute Symposium, Sante Fe, New Mexico, October 2001.

Malicious Code Detection

Malware normalization.
Mihai Christodorescu, Johannes Kinder, Somesh Jha, Stefan Katzenbeisser, and Helmut Veith.
Technical Report #1539, Computer Sciences Department, University of Wisconsin, Madison, Wisconsin, November 2005.

Semantics-aware malware detection.
Mihai Christodorescu, Somesh Jha, Sanjit Seshia, Dawn Song, and Randal E. Bryant.
In IEEE Symposium on Security and Privacy.
Oakland, California, May 2005.

Testing malware detectors.
Mihai Christodorescu and Somesh Jha.
In International Symposium on Software Testing and Analysis (ISSTA 2004).
Boston, Massachusetts, July 2004.
Awarded best paper.

Static analysis of executables to detect malicious patterns.
Mihai Christodorescu and Somesh Jha.
In 12th USENIX Security Symposium.
Washington, DC, August 2003.

Alternate version:

Static analysis of executables to detect malicious patterns.
Mihai Christodorescu and Somesh Jha.
Technical Report #1467, Computer Sciences Department, University of Wisconsin, Madison, Wisconsin, February 2003.

Privacy

Privacy preserving clustering.
Somesh Jha, Louis Kruger, and Patrick McDaniel.
In 10th European Symposium on Research in Computer Security (ESORICS).
Milan, Italy, September 2005.

Software Tamper Resistance

Strengthening software self-checksumming via self-modifying code.
Jonathon T. Giffin, Mihai Christodorescu, and Louis Kruger.
In 21st Annual Computer Security Applications Conference (ACSAC).
Tucson, Arizona, December 2005.
All student authors.

An expanded version of the paper is available as UW-Madison Computer Sciences Technical Report 1531.

Alternate version:

Strengthening software self-checksumming via self-modifying code.
Jonathon T. Giffin, Mihai Christodorescu, and Louis Kruger.
Technical Report #1531, Computer Sciences Department, University of Wisconsin, Madison, Wisconsin, September 2005.
All student authors.

Static Vulnerability and Exploit Detection

Automatic discovery of API-level exploits.
Vinod Ganapathy, Sanjit A. Seshia, Somesh Jha, Thomas W. Reps, and Randal E. Bryant.
In 27th International Conference on Software Engineering (ICSE 2005).
St. Louis, Missouri, May 2005.

Alternate version:

Automatic discovery of API-level vulnerabilities.
Vinod Ganapathy, Sanjit A. Seshia, Somesh Jha, Thomas W. Reps, and Randal E. Bryant.
Technical Report #1512, Computer Sciences Department, University of Wisconsin, Madison, Wisconsin, July 2004.

The technical report is superseded by the ICSE 2005 paper above.

Source code:

Source code to generate WiSA format-string exploit benchmarks.

Buffer overrun detection using linear programming and static analysis.
Vinod Ganapathy, Somesh Jha, David Chandler, David Melski, and David Vitek.
In 10th ACM Conference on Computer and Communications Security (CCS 2003).
Washington, DC, October 2003.

A more detailed version of the paper is available as UW-Madison Computer Sciences Technical Report 1488.

Alternate version:

Buffer overrun detection using linear programming and static analysis.
Vinod Ganapathy, Somesh Jha, David Chandler, David Melski, and David Vitek.
Technical Report #1488, Computer Sciences Department, University of Wisconsin, Madison, Wisconsin, 2003.

This page updated January 21, 2007.