❝
I'm a Professor in the Department of Computer Science at the University of Arizona. Prior to arriving in Tucson I worked at the University of Auckland, New Zealand, and before that I got my Ph.D. from Lund University, Sweden. I have also held a visiting position a the Chinese Academy of Sciences in Beijing, China.
My main research interest is computer security, in particular the so-called Man-At-The-End Attack which occurs in settings where an adversary has physical access to a device and compromises it by tampering with its hardware or software. My current research focuses on remote man-at-the-end attacks which occur in distributed systems where untrusted clients are in frequent communication with trusted servers over a network, and a malicious user can get an advantage by compromising an untrusted device.Show Less
VOSviewer
Courses
- CSComputer Security
- PCPrinciples of Compilation
- CPLComparative Programming Languages
Grants
- SaTC: TTP: Medium: The Tigress Endpoint Protection Tool
Principal Investigator (PI)
2021
$950.2K
Active - SaTC:EDU: LIGERLabs: Educational Modules for (Anti-) Reverse Engineering
Principal Investigator (PI)
2020
$400.0K
Active - TWC: Small: Understanding Anti-Analysis Defenses in Malicious Code
Co-Investigator (COI)
2015
$531.9K
- A Longitudinal Study of Sharing of Research Artifacts in Computer Science
Principal Investigator (PI)
2015
$357.6K
- TWC TTP: Small: Mitigating Insider Attacks in Provenance Systems
Principal Investigator (PI)
2013
$496.1K
- Putting Network Security on the Map (Phase II)
Co-Investigator (COI)
2012
$3.6M
- Putting Network Security on the Map: Visualizing Network Security with a Unified Map Metaphor
Co-Investigator (COI)
2011
$363.8K
- EAGER: Man-at-the-End Attacks: Defenses and Evaluation Techniques
Principal Investigator (PI)
2011
$280.9K
- Theoretical and Practical Approaches to Remote White-Box Security
Principal Investigator (PI)
2009
$22.3K
Technologies / Patents
News
- The World of Computer Science
2013
- UA Faculty Member Earns Humboldt Fellowship
2011
- New Lecture Series Centers on Security Issues
2009
- Professor Publishes Book on Software Security
2009
Publications (51)
Recent
- Code Obfuscation: Why is This Still a Thing? (Keynote Address)
2018
- Probabilistic Obfuscation through Covert Channels
2017
- Predicting the Resilience of Obfuscated Code Against Symbolic Execution Attacks via Machine Learning
2017
- A Tool for Teaching Reverse Engineering
2016
- Engineering Code Obfuscation (Invited Talk)
2016
- Code obfuscation against symbolic execution attacks
2016
- Repeatability in computer systems research
2016
- Pinpointing and Hiding Surprising Fragments in an Obfuscated Program
2015
- Code artificiality: A metric for the code stealth based on an n-gram model
2015
- A Possible Solution for Privacy Preserving Cloud Data Storage
2015
- A Method to Evaluate CFG Comparison Algorithms
2014
- Provenance of exposure: Identifying sources of leaked documents
2013
- Distributed application tamper detection via continuous software updates
2012
- Guest editors' introduction: Software protection
2011
- Toward digital asset protection
2011
- More on graph theoretic software watermarks: Implementation, analysis, and attacks
2009
- Trading-off security and performance in barrier slicing for remote software entrusting
2009
- A semi-dynamic multiple watermarking scheme for java applications
2009
- An empirical study of Java bytecode programs
2007
- Barrier slicing for remote software trusting
2007
- Dynamic graph-based software fingerprinting
2007
- Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics: Preface
2007
- Surreptitious software: Models from Biology and History
2007
- Software watermarking via opaque predicates: Implementation, analysis, and attacks
2006
- Browser Toolbars
2006
- Self-plagiarism in computer science
2005
- The evaluation of two software watermarking algorithms
2005
- K-gram software birthmarks
2005
- Rights and wrongs in scientific publications (multiple letters) [1]
2005
- Software watermarking in the frequency domain: Implementation, analysis, and attacks
2005
- Dynamic path-based software watermarking
2004
- AlgoVista: An algorithmic search tool in an educational setting
2004
- Problem identification using program checking
2004
- The obfuscation executive
2004
- Software watermarking through register allocation: Implementation, analysis, and attacks
2004
- Graph Theoretic Software Watermarks: Implementation, Analysis, and Attacks
2004
- Detecting software theft via whole program path birthmarks
2004
- Error-correcting graphs for software watermarking
2003
- Sandmark - A tool for software protection research
2003
- A System for Graph-Based Visualization of the Evolution of Software
2003
- Graph-Based Approaches to Software Watermarking
2003
- Watermarking, tamper-proofing, and obfuscation - Tools for software protection
2002
- Automatic derivation of compiler machine descriptions
2002
- A fuzzy visual query language for a domain-specific web search engine
2002
- Language-agnostic program rendering for presentation, debugging and visualization
2000
- Software watermarking: Models and dynamic embeddings
1999
- Manufacturing cheap, resilient, and stealthy opaque constructs
1998
- Breaking abstractions and unstructuring data structures
1998
- Reverse Interpretation + Mutation Analysis = Automatic Retargeting
1997
- Reverse interpretation+mutation analysis = automatic retargeting
1997
- DESIGN AND IMPLEMENTATION OF MODULAR LANGUAGES SUPPORTING INFORMATION HIDING.
1987