News Items

July 2017: Trent has been informed he is a winner of the Ruth and Joel Spira Execllence in Teaching Award!

June 2017: Trent has completed his four-year term as the Chair of the ACM Special Interest Group for Security, Audit, and Control (SIGSAC). Thank to the members and volunteers of SIGSAC for all their efforts!

May 2017: Trent gave a keynote address at the ACM Turing 50th Celebration Conference (SIGSAC China) titled "Fixing Security Problems for and with Programmers."

May 2017: Trent participated in a panel at the IEEE Custom Integrated Circuits Conference on "Hardware and Software Security; Gaps and Synergies." He also gave a talk in the Computer Science Department of UT Austin titled "Kernel Enforcement of Control-Flow Integrity."

May 2017: The paper "Aware: Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings" has been accepted into the 2017 USENIX Security Symposium.. The lead author is Giuseppe Petracca. Other authors are Ahmad-Atamli Reineh (Oxford), Yuqiong Sun, Jens Grossklags (TU Munich), and Trent Jaeger.

April 2017: We had two papers accepted on the topic of evaluating the effectiveness of authorization hook placements using auditing - "On Risk in Access Control Enforcement" will appear in the 22nd ACM Symposium on Access Control Models and Technologies (SACMAT) and "AccessProv: Tracking the Provenance of Access Control Decisions" will appear in the 9th International Workshop on Theory and Practice of Provenance. The authors of the papers are Giuseppe Petracca (SACMAT only), Frank Capobianco, and Christian Skalka (University of Vermont).

April 2017: Congrats to Stefan! His paper "Adversarial Network Forensics in Software Defined Networking" in SOSR 2017 was voted "Best Student Paper."

March 2017: Trent has accepted to serve as a PC Co-Chair for the 2nd IEEE Secure Development Conference to be held in Boston, MA in September 2017. Please submit your best work!

March 2017: Trent had two journal papers accepted this month. The first paper "Taming the Costs of Trustworthy Provenance through Policy Reduction" was accepted into the ACM Transactions on Internet Technology (TOIT). The lead author is Adam Bates (U Illinois), and other authors are Dave (Jing) Tian, Grant Hernandez, Kevin Butler (Florida), Trent Jaeger, Thomas Moyer (MIT Lincoln Lab).

The second paper "Long-Span Program Behavior Modeling and Attack Detection" was accepted into the ACM Transactions on Privacy and Security (TOPS). The lead author is Xiaokui Shu (now at IBM Research), and the other authors are Naren Ramakrishnan, Danfeng (Daphne) Yao (Virginia Tech), and Trent Jaeger.

February 2017: The paper "TrustShadow: Secure Execution of Unmodified Applications with ARM TrustZone" to the 15th ACM International Conference on Mobile Systems, Applications, and Services (MobiSys). The lead author is Le Guan of Penn State, who is a PostDoc working for Peng Liu. Other authors are Xinyu Xing, Xinyang Ge, Shengzhi Zhang, Meng Yu, Trent Jaeger of Penn State.

January 2017: The paper "Adversarial Network Forensics in Software Defined Networking" to the ACM Symposium on SDN Research. The paper's authors are Stefan Achleitner, Tom La Porta, Patrick McDaniel, and Trent Jaeger.

November 2016: The paper "GRIFFIN: Guarding Control Flows Using Intel Processor Trace" has been accepted for the 22nd ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). The paper's authors are Xinyang Ge, Weidong Cui, and Trent Jaeger. This is one of four ASPLOS papers from Penn State's CSE Department this year!

October 2016: The paper "An Evil Copy: How the Loader Betrays You" has been accepted for the 2017 Network and Distributed System Security Symposium (NDSS). The paper's authors are Xinyang Ge, Mathias Payer, and Trent Jaeger.

October 2016: Trent gave two keynote addresses. One at ACM SafeConfig titled "Configuring Software and Systems for Defense-in-Depth" and one at CPS-Sec-International Workshop on Cyber-Physical Systems Security titled "Software and Systems Security for Cyber-Physical Systems."

October 2016: Yuqiong Sun passed his thesis defense, titled "Protecting IaaS Clouds through Control of Cloud Services." Yuqiong is still considering his offers. Congratulations, Yuqiong!

August 2016: The paper "Pileus: Protecting User Resources from Compromised Cloud Services" has been accepted for the 2016 Annual Computer Security Applications Conference (ACSAC). The paper's authors are Yuqiong Sun, Giuseppe Petracca, Xinyang Ge, and Trent Jaeger.

August 2016: The paper "Leveraging Data Provenance to Enhance Cyber Resilience" has been accepted for the 1st IEEE Cybersecurity Development Conference (SecDev). The paper's authors are Thomas Moyer (Lincoln Lab), Patrick Cable (LL), Karishma Chadha (LL), Robert Cunningham (LL), Nabil Schear (LL), Warren Smith (LL), Adam Bates (UIUC), Kevin Butler (Florida), Frank Capobianco, and Trent Jaeger.

August 2016: Xinyang Ge passed his thesis defense, titled "Enforcing Execution Integrity for Software Systems." Xinyang has accepted an offer at Microsoft Research. Congratulations, Xinyang!

August 2016: I have been invited to give a keynote lecture at the SafeConfig 2016 Workshop at part ACM CCS in Vienna, Austria. Please plan to come to CCS and SafeConfig!

July 2016: The paper "Agility Maneuvers to Mitigate Inference Attacks on Sensed Location Data" has been accepted for MILCOM 2016. The paper's authors are Giuseppe Petracca, Trent Jaeger, Lisa Marvel, Ananthram Swami.

May 2016: My students are starting their summer internships. Giuseppe Petracca will intern at Samsung Research USA and Frank Capobianco will intern at Lincoln Lab.

April 2016: Yuqiong Sun passed his comprehensive exam entitled "Protecting IaaS Clouds through Control of Cloud Services." Congratulations, Yuqiong!

March/April 2016: Xinyang Ge presented our paper "Fine-Grained Control-Flow Integrity for Kernel Software" at the IEEE European Symposium on Security and Privacy. Trent also presented that work at Stony Brook University. The slides for the Stony Brook talk are here.

February 2016: Xinyang Ge passed his comprehensive exam entitled "Enforcing Execution Integrity for Software Systems." Congratulations, Xinyang!

December 2015: Xinyang Ge contributed support for Intel TSX instructions to the open-source x86 disassembler distorm. This support has been upstreamed into the distorm version 3.3.

October 2015: The paper "Fine-Grained Control-Flow Integrity for Kernel Software" has been accepted for the 1st IEEE European Symposium on Security and Privacy. The paper's authors are Xinyang Ge, Nirupama Talele, Mathias Payer (Purdue), and Trent Jaeger.

September 2015: The paper "AuDroid: Preventing Attacks on Audio Channels in Mobile Devices" has been accepted for the Annual Computer Security Applications Conference (ACSAC) . The paper's authors are Giuseppe Petracca, Yuqiong Sun, Trent Jaeger, and Ahmad Atamli (Oxford).

August 2015: The paper "Security-as-a-Service for Microservices-Based Cloud Applications" has been accepted for the IEEE International Conference on Cloud Computing Technology and Science (CloudCom) . The paper's authors are Yuqiong Sun, Susanta Nanda (Symantec), and Trent Jaeger.

July 2015: Trent presented three lectures at the International Summer School on Information Security in Bilbao, Spain.

June 2015: Trent presented the Keynote Address at the ACM Symposium on Access Control Models and Technologies (SACMAT) in Vienna, Austria.

May 2015: My students are starting their summer internships. Xinyang Ge will intern at Microsoft Research Redmond and Yuqiong Sun will intern at IBM Research Watson.

April 2015: The paper "CloudArmor: Protecting Cloud Commands from Compromised Cloud Services" has been accepted for the IEEE International Conference on Cloud Computing (CLOUD 2015) . The paper's authors are Yuqiong Sun, Giuseppe Petracca, and Trent Jaeger.

February 2015: Trent is attending the PC meeting for the 36th IEEE Symposium on Security and Privacy.

November 2014: The paper "Producing Hook Placements to Enforce Expected Access Control Policies" has been accepted for the International Symposium on Engineering Secure Software and Systems (ESSoS). The paper's authors are Divya Muthukumaran, Nirupama Talele, Trent Jaeger, and Gang Tan.

October 2014: The paper "Assurance for Defense in Depth via Retrofitting" has been accepted for the Layer Assurance Workshop (at ACSAC). The paper's authors are Vinod Ganapathy, Trent Jaeger, Christian Skalka, and Gang Tan.

September 2014: The paper "Inevitable Failure: The Flawed Assumption in the Cloud" has been accepted for the ACM Cloud Computing Security Workshop (at CCS). The paper's authors are Yuqiong Sun, Giuseppe Petracca, and Trent Jaeger.

September 2014: We have released the Process Firewall mechanism as open source. The Process Firewall is integrated as part of the Linux 3.2 kernel.

August 2014: We have been awarded a National Science Foundation (NSF) SaTC Medium grant for the project Retrofitting Software for Defense-in-Depth. I am the PI and the co-PIs are Vinod Ganapathy (Rutgers), Christian Skalka (Vermont), and Gang Tan (Lehigh).

May 2014: My students are starting their summer internships. Xinyang Ge will intern at Microsoft Research Redmond, Giuseppe Petracca will intern at Intel, and Yuqiong Sun will intern at Symantec Research.

May 2014: The paper "JIGSAW: Protecting Resource Access by Inferring Programmer Expectations" has been accepted for the USENIX Security Symposium. The paper's authors are Hayawardh Vijayakumar, Xinyang Ge, Mathias Payer, and Trent Jaeger.

April 2014: The paper "Policy Models to Protect Resource Retrieval" has been accepted for the ACM Symposium on Access Control Models and Technologies. The paper's authors are Hayawardh Vijayakumar, Xinyang Ge, and Trent Jaeger.

April 2014: The paper "Monitor Placement for Large-Scale Networks" has been accepted for the ACM Symposium on Access Control Models and Technologies. The paper's authors are Nirupama Talele, Jason Teutsch, Robert Erbacher, and Trent Jaeger.

April 2014: The paper "Sprobes: Enforcing Kernel Code Integrity on the TrustZone Architecture" has been accepted for the Mobile Security Technology Workshop, associated with Oakland. The paper's authors are Xinyang Ge, Hayawardh Vijayakumar, and Trent Jaeger.

February 2014: Hayawardh Vijayakumar passed his thesis defense. Congratulations, Hayawardh!

January 2014: I started my sabbatical semester at HP Labs in Bristol, working with their malware lab.

November 2013: David Schmidt passed his Masters' defense. Congratulations, David!

September 2013: A Penn State-led team has been awarded a Collaborative Research Alliance (CRA) grant from the Army Research Lab. Patrick McDaniel of Penn State is the project's PI.

August 2013: Divya Muthukumaran passed her thesis defense. Congratulations, Divya!

August 2013: The paper "Pitfalls in the Automated Strengthening of Passwords" has been accepted for the 29th Annual Computer Security Applications Conference (ACSAC 2013). The paper's authors are David Schmidt (an M.S. advisee) and Trent Jaeger.

June 2013: Trent Jaeger has been elected Chair of the ACM Special Interest Group on Security, Audit, and Control (SIGSAC) effective July 1, 2013. Thanks for your support! I look forward to working with you all on a variety of topics of interest.

June 2013: We held the 2013 Trusted Infrastructure Workshop at Penn State from June 2-6, 2013. 20 experts in hardware, systems, and network security from industry, government, and academia lectured and ran hands-on labs, including a Capture-the-Flag, covering a variety of security topics. TIW 2013 was attended by approximately 50 students whose attendance was sponsors by the NSF and several companies.

May 2013: Trent Jaeger has been promoted to Professor of Computer Science and Engineering effective July 1, 2013.

April 2013: Divya Muthukumaran and Hayawardh Vijayakumar have accepted summer internships at HP Labs (CA) and NEC Labs (NJ), respectively. Divya will evaluate her thesis approach as applied to the HP Fortify product, whose integration she completed last year. Hayawardh will examine using runtime logs to find vulnerabilities in software in the context of systems.

May 2013: The paper "Cloud Verifier: Verifiable Auditing Service for IaaS Clouds" has been accepted for the 2013 Cloud Security Auditing Workshop. The paper's authors are Joshua Schiffman, Yuqiong Sun, Hayawardh Vijayakumar, and Trent Jaeger.

March 2013: Our Defense Advanced Research Projects Agency (DARPA) proposal "Vetting Whole COTS Systems for Safety Against Malicious Functionality" was selected for awarding, starting in October 2013. The PIs are David Brumley (PI), Virgil Gligor, and Trent Jaeger.

January 2013: The paper "Process Firewalls: Protecting Processes during Resource Access" has been accepted for the EuroSys 2013 Conference. The paper's authors are Hayawardh Vijayakumar, Joshua Schiffman, and Trent Jaeger.

December 2012: Hayawardh Vijayakumar has passed his thesis proposal (we call it a comprehensive exam at Penn State) entitled "Protecting Programs from Resource Access Attacks." Congratulations, Haya!

November 2012: The paper "Using Security Policies to Automate Monitor Placement" has been accepted for the 5th International Symposium on Engineering Secure Software and Systems (ESSoS 2013). The paper's authors are Nirupama Talele, Jason Teutsch, Trent Jaeger, and Robert Erbacher.

October 2012: Trent Jaeger was awarded an Army CERDEC subcontract via Applied Communication Sciences (formerly Telcordia) as part of the Secure Mobile Communications (SMC) program, exploring Root-of-Trust for mobile devices.

September 2012: Trent Jaeger was awarded Phase Two of his Army Research Laboratory (ARL) grant "Automating Intrusion Monitor Placement for Defensive Mediation in Attack Graphs."

September 2012: The paper "Right Files at the Right Time" has been accepted for the 5th Symposium on Configuration Analytics and Automation (SafeConfig 2012). The paper's authors are Hayawardh Vijayakumar and Trent Jaeger.

August 2012: The paper "Transforming Commodity Security Policies to Enforce Clark-Wilson Integrity" has been accepted for the 28th Annual Computer Security Applications Conference. The paper's authors are Divya Muthukumaran, Sandra Rueda, Nirupama Talele, Hayawardh Vijayakumar, Jason Teutsch, Trent Jaeger, and Nigel Edwards.

July 2012: The paper "Leveraging 'Choice' for Automating Authorization Hook Placement" has been accepted for the 19th ACM Conference on Computer and Communications Security. The paper's authors are Divya Muthukumaran, Trent Jaeger, and Vinod Ganapathy.

July 2012: Joshua Schiffman successfully defended his Ph.D. thesis entitled "Practical System Integrity Verification in Cloud Computing Environments." Congratulations, Josh!

June 2012: Trent Jaeger was awarded a renewal of his HP Labs Innovation Research Award, "Towards Mostly-Automatic, System-Wide Integrity Policy Generation."

May 2012: Adam Smith, Jonathan Katz, and Trent Jaeger co-hosted a Joint Summer School on Cryptography and Principles of Software Security. I thank all the speakers for their fine work!

May 2012: Divya Muthukumaran has passed her thesis proposal (we call it a comprehensive exam at Penn State) entitled "Leveraging Choice for Automating Security Mediation Placement in Programs." Congratulations, Divya!

May 2012: Joshua Schiffman has accepted a job offer from Advanced Micro Devices (AMD) in a new security research group headed by Ron Perez. Congratulations, Josh!

April 2012: The paper "STING: Finding Name Resolution Vulnerbailities in Programs" has been accepted for the 21st USENIX Security Symposium. The paper's authors are Hayawardh Vijayakumar, Joshua Schiffman and Trent Jaeger.

April 2012: Trent Jaeger was awarded a grant from the Air Force Office of Sponsored Research (AFOSR) for his proposal "Information Flow Integrity for Systems of Independently-Developed Components."

March 2012: The paper "Verifying System Integrity by Proxy" has been accepted for presentation in the 5th International Conference on Trust and Trustworthy Computing (TRUST 2012). The paper's authors are Joshua Schiffman, Hayawardh Vijayakumar, and Trent Jaeger.

March 2012: Divya Muthukumaran has accepted a summer research internship offer (for 2012) at HP Labs, Bristol, UK. Congratulations, Divya!

February 2012: The paper "Integrity Walls: Finding Attack Surfaces from Mandatory Access Control Policies" has been accepted for the the 7th ACM Symposium on Information, Computer, and Communications Security (ASIACCS). The paper's authors are Hayawardh Vijayakumar, Guruprasad Jakka, Sandra Rueda Rodriguez, Joshua Schiffman and Trent Jaeger.

November 2011: Trent Jaeger was awarded an Army Research Laboratory (ARL) grant for his proposal "Automating Intrusion Monitor Placement for Defensive Mediation in Attack Graphs."

September 2011: The paper A Rose by Any Other Name or an Insane Root? Adventures in Namespace Resolution has been presented at the 7th European Conference on Computer Network Defense (EC2ND) by Hayawardh Vijayakumar.

August 2011: Trent Jaeger was awarded a National Science Foundation grant for his proposal "Towards Customer-Centric Utility Computing."

July 2011: Sandra Rueda Rodriguez defended her Ph.D. thesis entitled "Methods for Constructing, Evaluating, and Resolving system-wide Policy Compliance Problems." She is now taking an Assistant Professor position at Universidad de Los Andes in Bogota, Colombia. Congratulations, Sandra!

June 2011: Trent Jaeger was awarded an HP Labs Innovation Research Award for his proposal "Towards Mostly-Automatic, System-Wide Integrity Policy Generation."