John Knight Career Enhancement Assistant Professor Computer Science
Bio
Ph.D. in Computer Science, Purdue University, 2018
My research interests include software systems security (i.e., securing software to prevent cyber attacks), cyber forensics (i.e., recovering cyber forensic evidence from data/programs), and software engineering (software testing and reverse engineering).
Awards
NSF CAREER Award 2022
ACM SIGPLAN Distinguished Paper Award2019
National Science Foundation CRII Award2019
Maurice H. Halstead Memorial Award2017
ACM SIGSOFT Distinguished Paper Award2013
IEEE ASE (Automated Software Engineering) Best Paper Award2013
Microsoft Most Valuable Professional2008-2012
Research Interests
Software Systems Security
Software Engineering
Cyber Forensics
Internet of Things/Cyber Physical Systems (IoT/CPS) Security
Reverse-engineering
Selected Publications
PyFET: Forensically Equivalent Transformation for Python Binary Decompilation In Proc. of the 44th IEEE Symposium on Security and Privacy (S&P'23)
SwarmFlawFinder: Discovering and Exploiting Logic Flaws of Swarm Algorithms In Proc. of the 43rd IEEE Symposium on Security and Privacy (S&P'22)
MalMax: Multi-Aspect Execution for Automated Dynamic Web Server Malware Analysis ABSIn Proc. of the 26th ACM Conference on Computer and Communications Security (CCS'19),
PMP: Cost-effective Forced Execution with Probabilistic Memory Pre-planning In Proc. of the 41st IEEE Symposium on Security and Privacy (S&P'20)
TARDIS: Rolling Back The Clock On CMS-Targeting Cyber Attacks In Proc. of the 41st IEEE Symposium on Security and Privacy (S&P'20)
BDA: Practical Dependence Analysis for Binary Executables by Unbiased Whole-program Path Sampling and Per-path Abstract Interpretation In Proc. of the 2019 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA'19), Distinguished Paper Award
Probabilistic Disassembly In Proc. of the 41st International Conference on Software Engineering (ICSE'19)
MCI: Modeling-based Causality Inference in Audit Logging for Attack Investigation ABSIn Proc. of the 25th Network and Distributed System Security Symposium (NDSS'18)
A2C: Self Destructing Exploit Executions via Input Perturbation ABSIn Proc. of the 24th Network and Distributed System Security Symposium (NDSS'17)
LDX: Causality Inference by Lightweight Dual Execution ABSIn Proc. of the 21st International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS'16)
PIEtrace: Platform Independent Executable Trace ABSIn Proc. of the 28th IEEE/ACM International Conference on Automated Software Engineering (ASE'13), Distinguished Paper Award
