Selected publications:

  • An In-Depth Analysis of Disassembly on Full-Scale x86/x64 Binaries
    USENIX Security’16, Austin, Texas, August 2016
  • Practical Context-Sensitive CFI
    CCS’15, Denver, Colorado, October 2015
  • Parallax: Implicit Code Integrity Verification Using Return-Oriented Programming
    DSN’15, Rio de Janeiro, Brazil, June 2015
  • StackArmor: Comprehensive Protection From Stack-based Memory Error Vulnerabilities for Binaries
    NDSS’15, San Diego, California, February 2015
  • Dowsing for overflows: A guided fuzzer to find buffer boundary violations
    USENIX Security’13, Washington, DC, August 2013 [PDF] [Bibtex]
  • Body armor for binaries: preventing memory corruption without recompilation
    USENIX ATC’12, Boston, MA, June 2012 [PDF] [Bibtex]
  • A Design for the World’s Fastest Taint Tracker
    RAID’11, Menlo Park, California, September 2011 [PDF] [Bibtex]
  • Howard: a Dynamic Excavator for Reverse Engineering Data Structures
    NDSS’11, San Diego, California, February 2011 [PDF] [Bibtex]
  • Pointer tainting still pointless (but we all see the point of tainting)
    ACM SIGOPS Operating Systems Review (OSR), July 2010 [PDF] [Bibtex]
  • Pointless tainting? Evaluating the practicality of pointer tainting
    ACM SIGOPS EUROSYS’09, Nuremberg, Germany, April 2009 [PDF] [Bibtex]
  • The Age of Data: pinpointing guilty bytes in polymorphic buffer overflows on heap or stack
    23rd Annual Computer Security Applications Conference (ACSAC’07), Miami, FLA, December 2007 [PDF] [Bibtex]
  • SafeCard: a Gigabit IPS on the network card
    RAID’06, Hamburg, Germany, September 2006 [PDF] [Bibtex]
  • Argos: an Emulator for Fingerprinting Zero Days Attacks
    ACM SIGOPS EUROSYS’06, Leuven, Belgium, April 2006 [PDF] [Bibtex]

Other publications:

  • Scalable Data Structure Detection and Classification for C/C++ Binaries,
    Empirical Software Engineering (EMSE), February 2015
  • On the detection of custom memory allocators in C binaries,
    Empirical Software Engineering (EMSE), February 2015
  • Dowser: A Guided Fuzzer for Finding Buffer Overflow Vulnerabilities,
    USENIX;login: Magazin, Volume 38, Number 6, December 2013
  • Who allocated my memory? Detecting custom memory allocators in C binaries – Distinguished Paper Award!
    20th Working Conference on Reverse Engineering (WCRE’13), Koblenz, Germany, October 2013
  • MemPick: High-level data structure detection in C/C++ binaries
    20th Working Conference on Reverse Engineering (WCRE’13), Koblenz, Germany, October 2013
  • Dowser: a guided fuzzer to find buffer overflow vulnerabilities
    EuroSec’13, Prague, Czech Republic, April 2013 [PDF] [Bibtex]
  • System-level Support for Intrusion Recovery
    DIMVA’12, Heraklion, Crete, Greece, July 2012
  • Howard: Excavating Data Structures from Stripped Binaries
    HITBSecConf’11, Amsterdam, the Netherlands, May 2011
  • Excavating data structures from stripped binaries – Best Paper Award!
    16th Annual Conference of the Advanced School for Computing and Imaging (ASCI’10), The Netherlands, November 2010,
  • DDE: Dynamic Data Structure Excavation
    First ACM Asia-Pacific Workshop on Systems (APSys’10), New Delhi, India, August 2010 [PDF] [Bibtex]
  • Precise data structure excavation
    Technical Report IR-CS-55, Vrije Universiteit Amsterdam, February 2010 [PDF]
  • Tales from the Crypt: fingerprinting attacks on encrypted channels by way of retainting
    3rd European Conference on Computer Network Defense (EC2ND’07),
    Heraklion, Greece, October 2007 [PDF] [Bibtex]
  • Optimal Streams of Premiums in Multiperiod Credibility Models
    Applicationes Mathematicae (Institute of Mathematics, Polish Academy of Sciences),
    Vol. 34, No. 2, pp. 223-235, July 2007 [Available on request]
  • Prospector: What Bytes Contributed to Buffer Overflow on Heap or Stack?
    13th Annual Conference of the Advanced School for Computing and Imaging (ASCI’07), Heijen, The Netherlands, June 2007
  • Argos: Emulated Hardware Support to Fingerprint Zero-Day Attacks by means of Dynamic Data Flow Analysis
    12th Annual Conference of the Advanced School for Computing and Imaging (ASCI’06), Belgium, June 2006