I am an Professor of Computer Science and Engineering at The Pennsylvania State University. My main research interests include tools and techniques for software, systems, and networks to develop and deploy higher integrity systems.

Research News

Professor Jaeger is the Consortium Lead for the CCDC - Army Research Lab's Cyber Security Collaborative Research Alliance, a joint government-industry-academia research project exploring the Science of Cybersecurity through 2023.

Our recent paper at VEE 2020 was awarded Best Paper. Also, see our recent papers on on automated software patching (Oakland 2019), on controlling sensor use on mobile devices (USENIX Sec 2019), and optimizing privilege separation (ACM CCS 2019).

Community Service News

Professor Jaeger is the General Chair for the Network and Distributed Systems Security Symposium for 2021. Also, he is an organizer of the CORONA-Def Workshop at NDSS 2021. Please see the submissions site.

Professor Jaeger has been selected to join the Editorial Board for the Communications of the ACM for contributions. Look forward to this great opportunity!

More News

Current Research Highlights

Software Security

Recent research in software security has explored methods for automated software patching from safety properties at 2019 IEEE S&P, automated exploit generation against strong defenses at 2018 ACM CCS, and automating performance/security trade-offs for privilege separation at 2019 ACM CCS. Also, see papers on exploiting access control in provenance in ACM TOIT (2017), intrusion detection for long attack paths in ACM TOPS (2017), and securing CFI enforcement in 2017 NDSS.

Mobile Security

Research in mobile systems security has focused on two main problems: (1) protecting users from apps that misuse mobile device sensors, including papers in 2019 USENIX Security Symposium, in 2017 USENIX Security Symposium and 2015 ACSAC and (2) providing a trusted computing base for mobile systems and critical apps, including papers in 2019 IEEE TDSC and 2017 MobiSys. Also, see TrustZone Sprobes paper for a method to prevent kernel code injection.

Systems Security

Our recent research in systems security includes: (1) kernel security, improving CFI (IEEE Euro S&P) and privilege separation (VEE 2020); (2) cloud and container security, including security namespaces (USENIX Security 2018) and DIFC cloud (ACSAC 2016); (3) hardware-based security mechanisms, for tracing using Intel PT (ASPLOS 2017) and bounds enforcement (IEEE TCAD 2020); and (4) trusted execution environments for TrustZone (MobiSys 2017) and its extension (IEEE TDSC 2019).

Operating Systems Security Book

My book, Operating System Security, was published by Morgan & Claypool in 2008. This book examines the concepts and techniques applied in the construction of "secure operating systems." It has been taught in security courses around the world. Also, see Morrie Gasser's book Building a Secure Computer System from 1988 for more. Please let me know if you have comments.