I am an Professor of Computer Science and Engineering at The Pennsylvania State University. I am also co-director of the Systems and Internet Infrastructure Security (SIIS) Lab, which is focused on the study of security in diverse network and computer environments. My main research area is computer security. I am interested in tools and techniques to enable developers to build higher integrity computer systems.

Recent News

Professor Jaeger has recently been selected for the Ruth and Joel Spira Excellence in Teaching Award at Penn State for 2017.

Professor Jaeger completed his four-year term as the Chair of the ACM Special Interest Group on Security, Audit, and Control (SIGSAC) in July 2017. Thanks to everyone who contributed to SIGSAC during my term!

Professor Jaeger has been selected to serve on the International Academic Advisor for the Cyber Security Body of Knowledge Project.

Professor Jaeger has been selected to serve as the General Chair for the Network and Distributed Systems Security Symposium for 2019 and 2020.

And my students do great work which produced the news items and highlights below. I am always looking for motivated students interested in software and systems security.

More News

Current Research Highlights

Android Security

Giuseppe Petracca has led work on controlling app's ability to access the sensors on mobile devices to protect user privacy. See his recent papers in the 2017 USENIX Security Symposium, MILCOM 2016, ACSAC 2016 (Cloud Security), and ACSAC 2015. Giuseppe is currently interning at Google and has previously interned at Intel Labs and Samsung Research. He is scheduled to graduate in the Spring of 2018.

Giuseppe Petracca

Execution Integrity

Xinyang Ge has led work on "execution integrity," which aims to ensure that only approved code is executed according to only legal control flows system-wide. See how to limit kernels to execute approved code only, MoST 2014, enforce CFI on kernel software, IEEE Euro S&P 2016, and enforce CFI on user-space programs using Intel PT, ASPLOS 2017. Xinyang graduated in 2016 in now works at Microsoft Research. See also his papers in NDSS 2017 and MobiSys 2017.

Xinyang Ge

Cloud Security

Yuqiong Sun has led work in enhancing the security mechanisms of cloud platforms to prevent tampering of user's cloud commands using per-request services. See how to run services under information flow control, ACSAC 2016, run services under least privilege, IEEE Cloud 2015, and prevent threats to cloud platforms, ACM CCSW 2014. See also his paper to create channels to VMs bound to trusted computing integrity validation. Yuqiong graduated in 2016 and now works for Symantec Labs.

Yuqiong Sun

Operating Systems Security Book

My book, Operating System Security, was published by Morgan & Claypool in 2008. This book examines the concepts and techniques applied in the construction of "secure operating systems." Morrie Gasser published Building a Secure Computer System in 1988, which covers the foundations that we envisioned would be used to build secure computer systems (which I highly recommend), but my book covers experiences with those foundations and the subsequent concepts and techniques that have been developed in the following 20 years. Please let me know if you have comments.