Selected publications:
- An In-Depth Analysis of Disassembly on Full-Scale x86/x64 Binaries
USENIX Security’16, Austin, Texas, August 2016 - Practical Context-Sensitive CFI
CCS’15, Denver, Colorado, October 2015 - Parallax: Implicit Code Integrity Verification Using Return-Oriented Programming
DSN’15, Rio de Janeiro, Brazil, June 2015 - StackArmor: Comprehensive Protection From Stack-based Memory Error Vulnerabilities for Binaries
NDSS’15, San Diego, California, February 2015 - Dowsing for overflows: A guided fuzzer to find buffer boundary violations
USENIX Security’13, Washington, DC, August 2013 [PDF] [Bibtex] - Body armor for binaries: preventing memory corruption without recompilation
USENIX ATC’12, Boston, MA, June 2012 [PDF] [Bibtex] - A Design for the World’s Fastest Taint Tracker
RAID’11, Menlo Park, California, September 2011 [PDF] [Bibtex] - Howard: a Dynamic Excavator for Reverse Engineering Data Structures
NDSS’11, San Diego, California, February 2011 [PDF] [Bibtex] - Pointer tainting still pointless (but we all see the point of tainting)
ACM SIGOPS Operating Systems Review (OSR), July 2010 [PDF] [Bibtex] - Pointless tainting? Evaluating the practicality of pointer tainting
ACM SIGOPS EUROSYS’09, Nuremberg, Germany, April 2009 [PDF] [Bibtex] - The Age of Data: pinpointing guilty bytes in polymorphic buffer overflows on heap or stack
23rd Annual Computer Security Applications Conference (ACSAC’07), Miami, FLA, December 2007 [PDF] [Bibtex] - SafeCard: a Gigabit IPS on the network card
RAID’06, Hamburg, Germany, September 2006 [PDF] [Bibtex] - Argos: an Emulator for Fingerprinting Zero Days Attacks
ACM SIGOPS EUROSYS’06, Leuven, Belgium, April 2006 [PDF] [Bibtex]
Other publications:
- Scalable Data Structure Detection and Classification for C/C++ Binaries,
Empirical Software Engineering (EMSE), February 2015 - On the detection of custom memory allocators in C binaries,
Empirical Software Engineering (EMSE), February 2015 - Dowser: A Guided Fuzzer for Finding Buffer Overflow Vulnerabilities,
USENIX;login: Magazin, Volume 38, Number 6, December 2013 - Who allocated my memory? Detecting custom memory allocators in C binaries – Distinguished Paper Award!
20th Working Conference on Reverse Engineering (WCRE’13), Koblenz, Germany, October 2013 - MemPick: High-level data structure detection in C/C++ binaries
20th Working Conference on Reverse Engineering (WCRE’13), Koblenz, Germany, October 2013 - Dowser: a guided fuzzer to find buffer overflow vulnerabilities
EuroSec’13, Prague, Czech Republic, April 2013 [PDF] [Bibtex] - System-level Support for Intrusion Recovery
DIMVA’12, Heraklion, Crete, Greece, July 2012 - Howard: Excavating Data Structures from Stripped Binaries
HITBSecConf’11, Amsterdam, the Netherlands, May 2011 - Excavating data structures from stripped binaries – Best Paper Award!
16th Annual Conference of the Advanced School for Computing and Imaging (ASCI’10), The Netherlands, November 2010, - DDE: Dynamic Data Structure Excavation
First ACM Asia-Pacific Workshop on Systems (APSys’10), New Delhi, India, August 2010 [PDF] [Bibtex] - Precise data structure excavation
Technical Report IR-CS-55, Vrije Universiteit Amsterdam, February 2010 [PDF] - Tales from the Crypt: fingerprinting attacks on encrypted channels by way of retainting
3rd European Conference on Computer Network Defense (EC2ND’07),
Heraklion, Greece, October 2007 [PDF] [Bibtex] - Optimal Streams of Premiums in Multiperiod Credibility Models
Applicationes Mathematicae (Institute of Mathematics, Polish Academy of Sciences),
Vol. 34, No. 2, pp. 223-235, July 2007 [Available on request] - Prospector: What Bytes Contributed to Buffer Overflow on Heap or Stack?
13th Annual Conference of the Advanced School for Computing and Imaging (ASCI’07), Heijen, The Netherlands, June 2007 - Argos: Emulated Hardware Support to Fingerprint Zero-Day Attacks by means of Dynamic Data Flow Analysis
12th Annual Conference of the Advanced School for Computing and Imaging (ASCI’06), Belgium, June 2006