My research area is computer security. Specifically, my interests include systems security, program analysis for security, virtualization, trusted computing, and access control. I have published over 150 peer-reviewed papers on these subjects. See DBLP and Google Scholar or "See My Publications" below.

My work has been funded by the National Science Foundation ( CNS-0627551, CNS-0721579, CNS-0905343, CNS-0931914, CNS-1117692, CNS-1408880, CNS-1801534, and CNS-1816282 ), Defense Advanced Research Projects Agency, Air Force Research Lab, Army Research Lab, Office of Naval Research, Air Force Office of Scientific Research, and a number of industrial sponsors, including HP Labs, IBM Research, Samsung, and Applied Communication Sciences. Their support is gratefully acknowledged.

See My Publications

Current Research Highlights

Software Security

Recent research in software security has explored methods for automated software patching from safety properties at the 2019 IEEE S&P, automated exploit generation against strong defenses at the 2018 ACM CCS, automated privilege separation accounting for pointers at the 2017 ACM CCS. Also, see papers on exploiting access control in provenance in ACM TOIT (2017), intrusion detection for long attack paths in ACM TOPS (2017), and securing CFI enforcement in 2017 NDSS.

Mobile Security

Research in mobile systems security has focused on two main problems: (1) protecting users from apps that misuse mobile device sensors, including papers in 2019 USENIX Security Symposium, in 2017 USENIX Security Symposium and 2015 ACSAC and (2) providing a trusted computing base for mobile systems and critical apps, including papers in 2019 IEEE TDSC and 2017 MobiSys. Also, see TrustZone Sprobes paper for a method to prevent kernel code injection.

Systems Security

Our recent research in systems security includes: (1) kernel security, improving CFI (IEEE Euro S&P) and privilege separation (VEE 2020); (2) cloud and container security, including security namespaces (USENIX Security 2018) and DIFC cloud (ACSAC 2016); (3) hardware-based security mechanisms, for tracing using Intel PT (ASPLOS 2017) and bounds enforcement (IEEE TCAD 2020); and (4) trusted execution environments for TrustZone (MobiSys 2017) and its extension (IEEE TDSC 2019).