Categories

•   papers65
•   paper65
•   news78
•   misc3
•   home1
•   projects4
•   project4
•   team22
•   brags1

papers

• How does Endpoint Detection use the MITRE ATT&CK Framework?
• R-CAID: Embedding Root Cause Analysis within Provenance-based Intrusion Detection
• DrSec: Flexible Distributed Representations for Efficient Endpoint Security.
• GRASP: Hardening Serverless Applications through Graph Reachability Analysis of Security Policies
• More than just informed: The importance of consent facets in smart homes
• SoK: History is a Vast Early Warning System: Auditing the Provenance of System Intrusions
• Characterizing Everyday Misuse of Smart Home Devices
• Sometimes, You Aren't What You Do: Mimicry Attacks against Provenance Graph Host Intrusion Detection Systems
• FAuST: Striking a Bargain between Forensic Auditing's Security and Throughput
• Towards Efficient Auditing for Real-Time Systems
• Equivocal URLs: Understanding the Fragmented Space of URL Parser Implementations
• ALASTOR: Reconstructing the Provenance of Serverless Intrusions
• Transparent DIFC: Harnessing Innate Application Event Logging for Fine-Grained Decentralized Information Flow Control
• Users Can Deduce Sensitive Locations Protected by Privacy Zones on Fitness Tracking Apps
• Forensic Analysis of Configuration-based Attacks
• Validating the Integrity of Audit Logs Against Execution Repartitioning Attacks
• muSCOPE: A Methodology for Analyzing Least-Privilege Compartmentalization in Large Software Artifacts
• Causal Analysis for Software-Defined Networking Attacks
• SCIFFS: Enabling Secure Third-Party Security Analytics using Serverless Computing
• Workflow Integration Alleviates Identity and Access Management in Serverless Computing
• This is Why We Can't Cache Nice Things: Lightning-Fast Threat Hunting using Suspicion-Based Hierarchical Storage
• On the Forensic Validity of Approximated Audit Logs
• Logging to the Danger Zone: Race Condition Attacks and Defenses on System Audit Frameworks
• Provenance for Intent-Based Networking
• Tactical Provenance Analysis for Endpoint Detection and Response Systems
• Valve: Securing Function Workfows on Serverless Computing Platforms
• UNICORN: Runtime Provenance-Based Detector for Advanced Persistent Threats
• OmegaLog: High-Fidelity Attack Investigation via Transparent Multi-layer Log Analysis
• CUSTOS: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution
• Automated Discovery of Cross-Plane Event-Based Vulnerabilities in Software-Defined Networking
• Charting the Attack Surface of Trigger-Action IoT Platforms
• Emerging Threats in IoT Voice Services
• Can Data Provenance Put an End to the Data Breach?
• NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage
• Runtime Analysis of Whole-System Provenance
• Cross-App Poisoning in Software-Defined Networking
• Analysis of Privacy Protections in Fitness Tracking Social Networks -or- You can run, but can you hide?
• Skill Squatting Attacks on Amazon Alexa
• AliDrone: Enabling Trustworthy Proof-of-Alibi for Commercial Drone Compliance
• SoK: 'Plug and Pray' Today -- Understanding USB Insecurity in Versions 1 through C
• Towards Scalable Cluster Auditing through Grammatical Inference over Provenance Graphs
• Fear and Logging in the Internet of Things
• Taming the Costs of Trustworthy Provenance through Policy Reduction
• Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications
• A Provenance Model for the European Union General Data Protection Regulation
• Towards an Accountable Software-Defined Networking Architecture
• Transparent Web Service Auditing via Network Provenance Functions
• Leveraging Data Provenance to Enhance Cyber Resilience
• ProvUSB: Block-level Provenance-Based Data Protection for USB Storage Devices
• Secure and Trustworthy Provenance Collection for Digital Forensics
• Making USB Great Again with USBFILTER
• Defending Against Malicious USB Firmware with GoodUSB
• Boxed Out: Blocking Cellular Interconnect Bypass Fraud at the Network Edge
• Trustworthy Whole-System Provenance for the Linux Kernel
• Mo(bile) Money, Mo(bile) Problems:Analysis of Branchless Banking Applications in the Developing World
• Take Only What You Need:Leveraging Mandatory Access Control Policy to Reduce Provenance Storage Costs
• Accountable Wiretapping -or- I Know They Can Hear You Now
• Securing SSL Certificate Validation through Dynamic Linking
• Forced Perspectives: Evaluating an SSL Trust Enhancement at Scale
• On Detecting Co-Resident Cloud Instances Using Network Flow Watermarking Techniques
• Leveraging USB to Establish Host Identity Using Commodity Devices
• Let SDN Be Your Eyes: Secure Forensics in Data Center Networks
• Towards Secure Provenance-based Access Control in Cloud Environments
• Detecting Co-Residency with Active Traffic Analysis Techniques
• Accountable Wiretapping -or- I Know They Can Hear You Now

paper

• How does Endpoint Detection use the MITRE ATT&CK Framework?
• R-CAID: Embedding Root Cause Analysis within Provenance-based Intrusion Detection
• DrSec: Flexible Distributed Representations for Efficient Endpoint Security.
• GRASP: Hardening Serverless Applications through Graph Reachability Analysis of Security Policies
• More than just informed: The importance of consent facets in smart homes
• SoK: History is a Vast Early Warning System: Auditing the Provenance of System Intrusions
• Characterizing Everyday Misuse of Smart Home Devices
• Sometimes, You Aren't What You Do: Mimicry Attacks against Provenance Graph Host Intrusion Detection Systems
• FAuST: Striking a Bargain between Forensic Auditing's Security and Throughput
• Towards Efficient Auditing for Real-Time Systems
• Equivocal URLs: Understanding the Fragmented Space of URL Parser Implementations
• ALASTOR: Reconstructing the Provenance of Serverless Intrusions
• Transparent DIFC: Harnessing Innate Application Event Logging for Fine-Grained Decentralized Information Flow Control
• Users Can Deduce Sensitive Locations Protected by Privacy Zones on Fitness Tracking Apps
• Forensic Analysis of Configuration-based Attacks
• Validating the Integrity of Audit Logs Against Execution Repartitioning Attacks
• muSCOPE: A Methodology for Analyzing Least-Privilege Compartmentalization in Large Software Artifacts
• Causal Analysis for Software-Defined Networking Attacks
• SCIFFS: Enabling Secure Third-Party Security Analytics using Serverless Computing
• Workflow Integration Alleviates Identity and Access Management in Serverless Computing
• This is Why We Can't Cache Nice Things: Lightning-Fast Threat Hunting using Suspicion-Based Hierarchical Storage
• On the Forensic Validity of Approximated Audit Logs
• Logging to the Danger Zone: Race Condition Attacks and Defenses on System Audit Frameworks
• Provenance for Intent-Based Networking
• Tactical Provenance Analysis for Endpoint Detection and Response Systems
• Valve: Securing Function Workfows on Serverless Computing Platforms
• UNICORN: Runtime Provenance-Based Detector for Advanced Persistent Threats
• OmegaLog: High-Fidelity Attack Investigation via Transparent Multi-layer Log Analysis
• CUSTOS: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution
• Automated Discovery of Cross-Plane Event-Based Vulnerabilities in Software-Defined Networking
• Charting the Attack Surface of Trigger-Action IoT Platforms
• Emerging Threats in IoT Voice Services
• Can Data Provenance Put an End to the Data Breach?
• NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage
• Runtime Analysis of Whole-System Provenance
• Cross-App Poisoning in Software-Defined Networking
• Analysis of Privacy Protections in Fitness Tracking Social Networks -or- You can run, but can you hide?
• Skill Squatting Attacks on Amazon Alexa
• AliDrone: Enabling Trustworthy Proof-of-Alibi for Commercial Drone Compliance
• SoK: 'Plug and Pray' Today -- Understanding USB Insecurity in Versions 1 through C
• Towards Scalable Cluster Auditing through Grammatical Inference over Provenance Graphs
• Fear and Logging in the Internet of Things
• Taming the Costs of Trustworthy Provenance through Policy Reduction
• Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications
• A Provenance Model for the European Union General Data Protection Regulation
• Towards an Accountable Software-Defined Networking Architecture
• Transparent Web Service Auditing via Network Provenance Functions
• Leveraging Data Provenance to Enhance Cyber Resilience
• ProvUSB: Block-level Provenance-Based Data Protection for USB Storage Devices
• Secure and Trustworthy Provenance Collection for Digital Forensics
• Making USB Great Again with USBFILTER
• Defending Against Malicious USB Firmware with GoodUSB
• Boxed Out: Blocking Cellular Interconnect Bypass Fraud at the Network Edge
• Trustworthy Whole-System Provenance for the Linux Kernel
• Mo(bile) Money, Mo(bile) Problems:Analysis of Branchless Banking Applications in the Developing World
• Take Only What You Need:Leveraging Mandatory Access Control Policy to Reduce Provenance Storage Costs
• Accountable Wiretapping -or- I Know They Can Hear You Now
• Securing SSL Certificate Validation through Dynamic Linking
• Forced Perspectives: Evaluating an SSL Trust Enhancement at Scale
• On Detecting Co-Resident Cloud Instances Using Network Flow Watermarking Techniques
• Leveraging USB to Establish Host Identity Using Commodity Devices
• Let SDN Be Your Eyes: Secure Forensics in Data Center Networks
• Towards Secure Provenance-based Access Control in Cloud Environments
• Detecting Co-Residency with Active Traffic Analysis Techniques
• Accountable Wiretapping -or- I Know They Can Hear You Now

news

• Akul's start-up is gaining steam!
• Apurva strikes at Security'24!
• Akul's work to appear at SP'24!
• Distinguished Paper at SP'23!
• Akul's first-authored work to appear at NDSS'23!
• A second Oakland'23 paper!
• ESORICS'22 Best Paper!
• Prof. Bates appears on The 21st!
• Two new papers at ESORICS'22!
• Provnenance Lit survey at Oakland'23!
• Jason's first-authored work to appear at EuroSP'22!
• Pubali's paper accepted to Sec'22!
• Our first CHI paper to appear at CHI'22!
• Collaboration with Georgia Tech to appear at CCS'21!
• Introducing Professor Doctor Hassan!
• Prof. Ujcich lands another major!
• Pubali is a Rising Star!!
• Three New Papers at ACSAC'20!
• New paper at CCS'20!
• Wajih is a Future Faculty Fellow!
• Introducing Professor Ujcich!
• Wajih's paper accepted to Oakland'20!
• Another accept at NDSS'20!
• New paper at WWW'20!
• Three New Papers at NDSS'20!
• Prof. Bates discusses dangers in facial recognition
• Riccardo is a Masters Graduate!
• New Paper at CCS'19!
• Another article in S&P magazine!
• Wajih is an HLFF Young Researcher!
• New paper in S&P magazine!
• Wajih is a Symantec Fellow!
• New paper at NDSS'19!
• Two Factor Authentication rollout at Illinois
• Riccardo is a Siebels Scholar!
• Ars Technica warns of our research on 'Mad Skillz!'
• Fitness Tracking Privacy is the talk of the town!
• Fitness Research featured on local NBC affiliate
• Media Coverage of Fitness Privacy Research (Part 1)
• Illinois Innovators Podcast
• 2018 Grand Slam!
• Two New Papers at CCS'18!
• New Paper at IPAW'18!
• Two New Papers at Security'18!
• NSF Career Award!
• New Paper at ICDCS'18!
• Prof. Bates to serve on Oakland PC.
• New paper at Oakland'18!
• Prof. Bates to serve on WiSec PC.
• SIGSAC Dissertation Runner-Up
• Two New Papers at NDSS'18!
• Prof. Bates to serve on USENIX Security PC.
• Prof. Bates to serve on NDSS PC.
• Prof. Bates awarded NSF CRII.
• Prof. Bates to serve on USENIX Annual PC.
• Prof. Bates to serve on ACSAC PC.
• Prof. Bates to serve on CCS PC.
• New Paper at WWW'17!
• Prof. Bates to chair TaPP'17.
• New Paper at SecDev'16!
• New Paper at CCS'16!
• New Paper at Security'16!
• Prof. Bates to serve on Oakland OC.
• Prof. Bates to serve on NDSS PC.
• Dr. Bates defends dissertation.
• Faculty Position
• Poster Awards
• ACSAC Session Chair
• Penn State Invited Talk
• LPM Source Code
• Research in the News
• New Paper at ACSAC'15!
• New Paper at TaPP'15
• Oakland OC
• New Papers at Security'15!
• Disseration Proposal
• Summer Internship
• Carleton University Invited Talk

misc

• Participate
• The Secure & Transparent Systems Laboratory
• About

home

• The Secure & Transparent Systems Laboratory

projects

• Detecting and Investigating Intrusions
• Consumer Device Security
• Network and Communications Security
• USB and Peripheral Device Security

project

• Detecting and Investigating Intrusions
• Consumer Device Security
• Network and Communications Security
• USB and Peripheral Device Security

team

• Yeeun Jo
• Mahnoor Jameel
• Apurva Virkud
• Kim Westfall
• Andy Riddle
• Ayoosh Bansal
• Uma Pal
• Adil Inam
• Sneha Gaur
• Anant Kandikuppa
• Jason Liu
• Jaron Mink
• Akul Goyal
• Noor Michael
• Saad Hussain
• Nuraini Aguse
• Jai Pandey
• Riccardo Paccagnella
• Pubali Datta
• Benjamin E. Ujcich
• Wajih Ul Hassan
• Adam Bates

brags

• The Year in Brags -- 2018