News Items

November 2023: Our paper “Talisman: Tamper Analysis for Reference Monitors” has been accepted to the 2024 Network and Distributed Systems Security Symposium. This paper describes an information flow analysis for detecting tampering in security-critical code. Authors are Frank Capobianco, Quan Zhou, Aditya Basu, Trent Jaeger, and Danfeng Zhang.

October 2023: I have told many folks already, but I am moving to UC Riverside in January 2024. We closed on a house in CA.

September 2023: Our paper “PolyScope: Multi-policy Access Control Analysis to Triage Android Scoped Storage” has been accepted to the 2023 IEEE Transactions on Dependable and Secure Computing. This paper extends our 2021 USENIX Security Symposium paper to show how to extend the analysis to reason about Android's recent Scoped Storage defense (see our 2021 IEEE S&P paper). Hint: pretty easy since the policies are intersected. Authors are Yu-Tsung Lee, Haining Chen, William Enck, Hayawardh Vijayakumar, Ninghui Li, Zhiyun Qian, Giuseppe Petracca, and Trent Jaeger.

August 2023: We have two papers accepted to the 2023 IEEE Secure Development Conference titled “Assessing the Impact of Efficiently Protecting Ten Million Stack Objects from Memory Errors Comprehensively” and “Triaging Android Systems Using Bayesian Attack Graphs”. The former paper assesses the impact of memory safety validation (NDSS 2022), authored by Kaiming Huang, John Sampson, and Trent Jaeger. The latter paper generates inter-process attack graphs from access control policies to detect vulnerabilities, authored by Yu-Tsung Lee, Haining Chen, Kevin Chan, Tina Eliassi-Rad, and Trent Jaeger.

July 2023: The paper “Nimble: Rollback Protection for Confidential Cloud Services” was presented at the 17th USENIX Symposium on Operating Systems Design and Implementation (OSDI). This paper is a collaboration with Microsoft Research that was initiated during my sabbatical and continued during Aditya Basu's internship. Authors are Sebastian Angel, Aditya Basu (Penn State), Weidong Cui, Trent Jaeger (Penn State), Stella Lau, Srinath Setty, and Sudheesh Singanamalla..

June 2023: The paper “Synchronization Storage Channels (S2C): Timer-less Cache Side-Channel Attacks on the Apple M1 via Hardware Synchronization Instructions” was accepted by the 32nd USENIX Security Symposium. Authors are Jiyong Yu (UIUC), Aishani Dutta (UIUC), Trent Jaeger, David Kohlbrenner (Washington), and Christopher Fletcher (UIUC).

May 2023: My column "On Bridges and Software" appears in the IEEE Security and Privacy magazine. Compares challenges in the engineering discipline of bridge construction to software engineering to saatisfy security challenges.

April 2023: The paper “Evolving Operating System Kernels Towards Secure Kernel-Driver Interfaces” was accepted by the Workshop on Hot Topics in Operating Systems (HotOS) XIX. Authors are Anton Burstev (Utah), Vikram Narayanan (UCI), Yongzhe Huang, Kaiming Huang, Gang Tan, and Trent Jaeger.

March 2023: The panel summary from the 2022 NSF SaTC PI meeting on “Looking Backwards (and Forwards): NSF Secure and Trustworthy Computing 20-Year Retrospective Panel Transcription” has been published in the IEEE Security and Privacy magazine. Panelists include Mike Reiter, Laurie Williams, Gen Tsudik, Trent Jaeger, Apu Kapadia, Yoshi Kohno. SaTC, the panel, and the panel summary publication was organized by Carl Landwehr. Thanks for all your efforts, Carl!

February 2023: The paper “All your PC are belong to us: Exploiting Non-control-transfer Instruction BTB Updates for Dynamic PC Extraction” has been accepted for publication by the 2023 International Symposium on Computer Architecture (ISCA). Authors are Jiyong Yu (UIUC), Trent Jaeger, and Christopher Fletcher (UIUC).

December 2022: The paper "“Unsafe at Any Copy: Name Collisions from Mixing Case Sensitivities” has been accepted for publication by the 21st USENIX Conference on File and Storage Technologies. Authors are Aditya Basu, John Sampson, Zhiyun Qian, and Trent Jaeger.

November 2022: Professor Jaeger made two presentations at the AvengerCon VIII meeting. One presentation in collaboration with IBM Research presented future techniques for intrusion detection using provenance tracking. The other presentation provided at overview of the Army's Collaborative Research Alliance for Cyber Security.

October 2022: Professor Jaeger has been recognized as a Distinguished Member of the ACM and a Senior Member of the IEEE.

September 2022: We held a "bootcamp" meeting for the Army's Collaborative Research Alliance for Cyber Security at UC Riverside. This is our first in-person meeting for the project since the pandemic.

August 2022: Professor Jaeger is leading a Special Issue for the IEEE Security and Privacy magazine on the "Impact of Emerging Hardware on Security and Privacy" for publication in 2023.

July 2022: We presented the paper "KSplit: Automating Device Driver Isolation" at 16th USENIX Symposium on Operating Systems Design and Implementation (OSDI '22). The KSplit system is available as open source at https://github.com/ksplit/ksplit-artifacts. The KSplit system artifact has been evaluated as Available, Functional, and Reproduced.

June 2022: Trent presented at a panel at the SaTC PI meeting on the SaTC retrospective with Gene Tsudik (University of California, Irvine), Laurie Williams (North Carolina State University), Yoshi Kohno (University of Washington), and Apu Kapadia (Indiana University). We are working on an IEEE Security \& Privacy article summarizing the panel.

May 2022: The paper "Enforcing Multilevel Security Policies in Unstable Networks" has been accepted for publication by the IEEE Transactions on Network and Service Management. Authors are Quinn Burke, Fidan Mehmeti, Rahul George, Kyle Ostrowski, Trent Jaeger, Thomas La Porta, and Patrick McDaniel.

April 2022: We presented two papers at the 2022 Network and Distributed Systems Security (NDSS) Symposium. The DataGuard system has been released as open source at https://github.com/Lightninghkm/DataGuard.

March 2022: The paper "KSplit: Automating Device Driver Isolation" has been accepted for publication by the 16th USENIX Symposium on Operating Systems Design and Implementation (OSDI '22). Authors are Yongzhe Huang, Vikram Narayanan, David Detweiler, Kaiming Huang, Gang Tan, Trent Jaeger, and Anton Burtsev.

January 2022: The paper "Iota: A Framework for Analyzing System-Level Security of IoTs" has been accepted for publication by the 7th ACM/IEEE Conference on Internet of Things Design and Implementation (IoTDI '22). Authors are Zheng Fang, Hao Fu, Tainbo Gu, Pengfei Hu, Jinyue Song, Trent Jaeger, and Prasant Mohapatra.

January 2022: The paper "Progressive Scrutiny: Incremental Detection of UBI bugs in the Linux Kernel" has been accepted for publication by the 2022 Network and Distributed Systems Security (NDSS) Symposium. Authors are Yizhuo Zhai, Yu Hao, Zheng Zhang, Weiteng Chen, Guorern Li, Zhiyun Qian, Chengyu Song, Manu Sridharan, Srikanth V. Krishnamurthy, Trent Jaeger, and Paul Yu. Yizhuo is a recent Ph.D. graduate.

December 2021: Professor Jaeger presented a keynote at the 8th International Conference on Networking, Systems and Security titled "Can Security Risk Management Become Practical?" Thanks to the organizers for the opportunity and the partipants for the discussion!

November 2021: Professor Jaeger's first column for the IEEE Security and Privacy magazine titled "Towards Fail Safety for Security Decisions" was published in November/December issue. The column is available online for free!

November 2021: Professor Jaeger and Professor Zhiyun Qian co-chaired the ACM Moving Target Defense (MTD) Workshop. Lots of great work was presented. Thanks to all the participants!

October 2021: The paper "The Taming of the Stack: Isolating Stack Data from Memory Errors" has been accepted for publication by the 2022 Network and Distributed Systems Security (NDSS) Symposium. Authors are Kaiming Huang, Yongzhe Huang, Mathias Payer, Zhiyun Qian, Jack Sampson, Gang Tan, Trent Jaeger. Congrats to Kaiming for his first major!

September 2021: Professor Jaeger presented a virtual talk for an audience at Worchester Polytechnic Institute (WPI) titled "Utilizing Safety Validation in Systems and Programs" hosted by Robert Walls. Thanks for the opportunity, Robert!

August 2021: Eddy presented the talk for our 2021 USENIX Security Symposium paper "PolyScope: Multi-Policy Access Control Analysis to Compute Authorized Attack Operations in Android Systems". Take a look at the video online!

July 2021: The paper "Demystifying Android’s Scoped Storage Defense," which describes the new Android Scoped Storage filesystem defense has been accepted for publication in IEEE Security and Privacy magazine. A good reference to learn about this new defense! Authors are Yu-Tsung Lee, Haining Chen, Trent Jaeger.

June 2021: The paper "A Model Checking-Based Security Analysis Framework for IoT Systems" has been published in the inaugural issue of Elsevier High-Confidence Computing magazine. Authors are Zheng Fang, Hao Fu, Tainbo Gu, Zhiyun Qian, Trent Jaeger, Pengfei Hu, Prasant Mohapatra.

May 2021: The paper "A Survey on Sensor-based Threats and Attacks to Smart Devices and Applications" has been published in the IEEE Communications Surveys and Tutorials. Authors are Amit Kumar Sikder, Giuseppe Petracca, Hidayet Aksu, Trent Jaeger, and A. Selcuk Uluagac.

April 2021: Zhiyun Qian of UC Riverside and I have been selected to co-chair the ACM Moving Target Defense (MTD) Workshop for 2021. Please submit your papers!

March 2021: The paper "PolyScope: Multi-Policy Access Control Analysis to Compute Authorized Attack Operations in Android Systems" has been accepted for publication by the 2021 USENIX Security Symposium. Authors are Yu-Tsung Lee, William Enck, Haining Chen, Hayawardh Vijayakumar, Ninghui Li, Zhiyun Qian, Daimeng Wang, Giuseppe Petracca, Trent Jaeger. Congrats to Eddy (Yu-Tsung) for his first major!

February 2021: The paper "Analyzing the Overhead of File Protection by Linux Security Modules" has been accepted fo the 2021 ACM AsiaCCS. Authors are Wenhui Zhang, Trent Jaeger, and Peng Liu. Congrats, Wenhui!

January 2021: Professor Jaeger and Fabio Massacci have co-authored a column about the SolarWinds attack for the March/April 2021 edition of the IEEE Security and Privacy magazine titled "SolarWinds and the Challenges of Patching: Can We Ever Stop Dancing with the Devil?"

December 2020: Professor Jaeger has been selected to serve as an Associate Editor-in-Chief for the IEEE Security and Privacy magazine. Please contribute articles and columns!

December 2020: The paper "A Policy Complying Multilevel Security Framework for Software Defined Networking" has been accepted for publication in the IEEE Transactions on Network and Service Management. Authors include Stefan Achleitner, Quinn Burke, Patrick McDaniel, Trent Jaeger, Thomas La Porta, (all of Penn State) and Srikanth Krishnamurthy (UC Riverside).

December 2020: Our paper "Using Safety Properties to Generate Vulnerability Patches" has been accepted to appear inn USENIX ;login. Authors are Zhen Huang, David Lie, Gang Tan, and Trent Jaeger.

November 2020: Professor Jaeger has been awarded the ACM SIGSAC Outstanding Contributions Award for 2020. Thanks to all that have helped me to achieve this honor!

November 2020: Professor Jaeger presented a keynote talk at the Moving Target Defense Workshop held in conjunction with the ACM CCS 2020 titled "Static Analysis Opportunities for Improving Agile and Moving Target Defenses."

October 2020: Professor Jaeger has been awarded a Google ASPIRE Award for 2020. Thanks to my student Eddy Lee whose work led to this award.

September 2020: Professor Jaeger presented an invited talk at the Security of Software/Hardware Interfaces Workshop held in conjunction with the Euro S\&P 2020 titled "Adventures with Hardware-Based Control-Flow Tracing."

August 2020: Professor Jaeger has begun his sabbatical at Microsoft Research (virtually). I am working Weidong Cui and his group and others at MSR. Lookig forward to this opportunity!

July 2020: Two of our project whitepapers were selected for the next two-year phase of the Army Research Lab's Cyber Security Collaborative Research Alliance titled "Optimal IDS Monitoring Using Attack Graphs" and "Hypothesis Generation and Validation Using Evidence Correlation."

June 2020: The paper "Types and Abstract Interpretation for Authorization Hook Advice" was presented in the IEEE Computer Security Foundations Symposium (CSF). Authors are Christian Skalka and David Darais (both of the University of Vermont) and Trent Jaeger and Frank Capobianco (of Penn State).

May 2020: Along with Ahmad-Reza Sadeghi and Farinaz Koushanfar, I am an organizer of the CORONA Defcon Workshop that will be held as part of NDSS 2021. Please submit your contributions!

April 2020: Trent has been selected to join the Editorial Board for Contributions for the Communications of the ACM (CACM). This subgroup of the CACM Editorial Board solicits and curates peer-reviewed contributions to this journal, provided to all ACM members.

March 2020: The paper "Hardware Assisted Buffer Protection Mechanisms for Embedded RISC-V" was accepted for publication in the IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems. Authors include Asmit De, Aditya Basu, Trent Jaeger, and Swaroop Ghosh. Congrats to the students Asmit and Aditya!

March 2020: Our paper "Lightweight Kernel Isolation with Virtualization and VM Functions" has been the Best Paper Award at the 2020 International Conference on Virtual Execution Environments (VEE).. Congrats to the authors, especially the students, Vikram Narayanan and Yongzhe Huang!

February 2020: Trent was General Chair of the 2020 Network and Distributed Systems Security Symposium (NDSS). Was a great meeting, so please check out the papers and talk videos.

January 2020: The paper "Lightweight Kernel Isolation with Virtualization and VM Functions" has been accepted into the 2020 International Conference on Virtual Execution Environments (VEE).. Authors are Vikram Narayanan, Yongzhe Huang, Gang Tan, Trent Jaeger, and Anton Burtsev.

November 2019: Dongrui Zeng presented our paper "Program-mandering: Quantitative Privilege Separation" at the 2019 ACM CCS Conference. available for view.

October 2019: Professor Jaeger presented a keynote at the The Cyber Security Body Of Knowledge meeting on "Cyber Security at-Scale: Challenges for Research, Education and Training", titled "Challenges in Leveraging Available Defenses to Improve Detection."

September 2019: Professor Jaeger presented a keynote at the 2019 seL4 Summit titled "Developing Software to Leverage seL4’s Formal Correctness for Achieving Security Guarantees."

August 2019: Trent Jaeger has begun a SBIR project on Information Flow Control for Microkernels related to the seL4 microkernel, working with TrustedST.

July 2019: Trent Jaeger and Gang Tan of Penn State were in a team selected for a DARPA GAPS project led by Perspecta Labs, along with researchers from Penn and Columbia.

July 2019: The paper "Program-mandering: Quantitative Privilege Separation" has been accepted into the 2019 ACM CCS.. Authors are Shen Liu, Dongrui Zeng, Yongzhe Huang, Frank Capobianco, Stephen McCamant, Trent Jaeger, Gang Tan.

June 2019: The paper "Employing Attack Graphs for Intrusion Detection" has been accepted into the 2019 New Security Paradigms Workshop. Authors are Frank Capobianco, Rahul George, Kaiming Huang, Trent Jaeger, Mathias Payer, Srikanth Krishnamurthy, Zhiyun Qian, Paul Yu.

May 2019: The paper "EnTrust: Regulating Sensor Access by Cooperating Programs via Delegation Graphs" has been accepted into the 2019 USENIX Security Symposium.. The lead author is Giuseppe Petracca. Other authors are Ahmad-Atamli Reineh (Oxford), Yuqiong Sun, Jens Grossklags (TU Munich), Patrick McDaniel, and Trent Jaeger.

April 2019: Professor Jaeger presented a keynote at the Hot Topics in the Science of Security titled "The Science of Attack Surfaces and Its Applications."

February 2019: Our paper "Using Safety Properties to Generate Vulnerability Patches" has been accepted into the 40th IEEE Symposium on Security & Privacy. The lead author is Zhen (James) Huang (postdoc at Penn State). Other authors are David Lie (University of Toronto and James's advisor) and Gang Tan (PSU) and Trent Jaeger (PSU).

January 2019: Professor Jaeger has accepted a position as an Associate Editor for the IEEE Security & Privacy magazine. Please send your best submissions!

December 2018: Our paper "FIXER: Flow Integrity Extensions for Embedded RISC-V" has been accepted into the 2019 Design, Automation, and Test in Europe Conference & Exhibition (DATE). The lead author is Asmit De in collaboration with my student Aditya Basu. Other authors are Swaroop Ghosh and Trent Jaeger (all from Penn State).

November 2018: Professor Jaeger delivered one of the invited addresses at the First seL4 Summit titled, "The Evolution of Secure Operating Systems." I look forward to further research on the seL4 platform.

October 2018: Professor Jaeger has assumed the role of Consortium Lead on the Army Research Lab's Cybersecurity Collaborative Resesarch Alliance (CSEC-CRA) for the second phase of the project (five years) remain. Look forward to working with the Army Research Lab and Consortium members!

August 2018: Professor Jaeger has been awarded two NSF grants for Threat-Aware (Program) Defenses, CNS-1801534 with Gang Tan of PSU and Mathias Payer of Purdue/EPFL and Information Flow Control for Single-Use Services, CNS-1816282 with Danfeng Zhang of PSU.

August 2018: Our paper "Mission-oriented Security Model, Incorporating Security Risk, Cost and Payout" has been awarded "Best Paper" of the International Conference on Security and Privacy in Communication Networks (SecureComm). Congrats all!

July 2018: The paper "Block Oriented Programming: Automating Data-Only Attacks" has been accepted into the 2018 ACM Conference on Computer and Communications Security (ACM CCS).. The authors are Kyriakos Ispoglou (Purdue), Bader Al Bassam (Purdue), Trent Jaeger, and Mathias Payer (Purdue/EPFL).

June 2018: Giuseppe Petracca passed his thesis defense, titled "Regulating Programs’ Access to Privacy-Sensitive Sensors" Giuseppe has accepted a security research position at Lyft. Congratulations, Giuseppe!

May 2018: The paper "Security Namespace : Making Linux Security Frameworks Available to Containers" has been accepted into the 2018 USENIX Security Symposium.. The lead author is Yuqiong Sun (PhD 2017). Other authors are David Safford (GE Research), Mimi Zohar (IBM Research), Dimitrios Pendarakis (IBM Research), Zhongshu Gu (IBM Research), and Trent Jaeger.

April 2018: The paper "Mission-oriented Security Model, Incorporating Security Risk, Cost and Payout" has been accepted into the International Conference on Security and Privacy in Communication Networks (SecureComm). The authors are Sayed Saghaian, Thomas La Porta, Trent Jaeger, Z. Berkay Celik, Patrick McDaniel.

March 2018: I have joined the Steering Committee for the IEEE Secure Development Conference. Please submit your best work on improving the security development process - even a summary of prior work is of interest to us.

February 2018: I am presenting a lecture "Enforcing Control-Flow Integrity System-Wide" at the University of Florida as part of its ECE Florida's Distinguished Speaker Series.

January 2018: This semester I am teaching a new course on Software Security this semester. It is an experimental course this semester, but will be regular course (tentatively, CMPSC 447) in the future.

December 2017: The paper "Jaal: Towards Network Intrusion Detection at ISP Scale" has been presented at the 2017 The 13th International Conference on emerging Networking EXperiments and Technologies (CoNext).. The authors are Azeem Aqil, Karim Khalil, Ahmed O.F. Atya, Evangelos E. Papalexakis, Srikanth V. Krishnamurthy, Trent Jaeger, K.K. Ramakrishnan, Paul Yu, and Ananthram Swami.

November 2017: Presenting an invited lecture at the University of North Carolina, Charlotte on "Enforcing Control-Flow Integrity System-Wide."

October 2017: The paper "PtrSplit: Supporting General Pointers in Automatic Program Partitioning" has been presented at ACM CCS 2017. The authors are Shen Liu, Gang Tan, and Trent Jaeger.

September 2017: Thanks to everyone who participated in the IEEE Secure Development Conference held in Boston, MA. I served as the PC Chair, and over 150 attendees made this a great event. Look forward to the future!

August 2017: We have kicked off our project for the Office of Naval Research (ONR) titled "Data-driven Vulnerability Repair in Programs with a Cloud Analytics Architecture for Practical Deployment." The PI is Daphne Yao of Virginia Tech and the other co-PI is Na Meng also of Virginia Tech.

July 2017: Trent has been informed he is a winner of the Ruth and Joel Spira Execllence in Teaching Award!

June 2017: Trent has completed his four-year term as the Chair of the ACM Special Interest Group for Security, Audit, and Control (SIGSAC). Thank to the members and volunteers of SIGSAC for all their efforts!

May 2017: Trent gave a keynote address at the ACM Turing 50th Celebration Conference (SIGSAC China) titled "Fixing Security Problems for and with Programmers."

May 2017: Trent participated in a panel at the IEEE Custom Integrated Circuits Conference on "Hardware and Software Security; Gaps and Synergies." He also gave a talk in the Computer Science Department of UT Austin titled "Kernel Enforcement of Control-Flow Integrity."

May 2017: The paper "Aware: Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings" has been accepted into the 2017 USENIX Security Symposium.. The lead author is Giuseppe Petracca. Other authors are Ahmad-Atamli Reineh (Oxford), Yuqiong Sun, Jens Grossklags (TU Munich), and Trent Jaeger.

April 2017: We had two papers accepted on the topic of evaluating the effectiveness of authorization hook placements using auditing - "On Risk in Access Control Enforcement" will appear in the 22nd ACM Symposium on Access Control Models and Technologies (SACMAT) and "AccessProv: Tracking the Provenance of Access Control Decisions" will appear in the 9th International Workshop on Theory and Practice of Provenance. The authors of the papers are Giuseppe Petracca (SACMAT only), Frank Capobianco, and Christian Skalka (University of Vermont).

April 2017: Congrats to Stefan! His paper "Adversarial Network Forensics in Software Defined Networking" in SOSR 2017 was voted "Best Student Paper."

March 2017: Trent has accepted to serve as a PC Co-Chair for the 2nd IEEE Secure Development Conference to be held in Boston, MA in September 2017. Please submit your best work!

March 2017: Trent had two journal papers accepted this month. The first paper "Taming the Costs of Trustworthy Provenance through Policy Reduction" was accepted into the ACM Transactions on Internet Technology (TOIT). The lead author is Adam Bates (U Illinois), and other authors are Dave (Jing) Tian, Grant Hernandez, Kevin Butler (Florida), Trent Jaeger, Thomas Moyer (MIT Lincoln Lab).

The second paper "Long-Span Program Behavior Modeling and Attack Detection" was accepted into the ACM Transactions on Privacy and Security (TOPS). The lead author is Xiaokui Shu (now at IBM Research), and the other authors are Naren Ramakrishnan, Danfeng (Daphne) Yao (Virginia Tech), and Trent Jaeger.

February 2017: The paper "TrustShadow: Secure Execution of Unmodified Applications with ARM TrustZone" to the 15th ACM International Conference on Mobile Systems, Applications, and Services (MobiSys). The lead author is Le Guan of Penn State, who is a PostDoc working for Peng Liu. Other authors are Xinyu Xing, Xinyang Ge, Shengzhi Zhang, Meng Yu, Trent Jaeger of Penn State.

January 2017: The paper "Adversarial Network Forensics in Software Defined Networking" to the ACM Symposium on SDN Research. The paper's authors are Stefan Achleitner, Tom La Porta, Patrick McDaniel, and Trent Jaeger.

November 2016: The paper "GRIFFIN: Guarding Control Flows Using Intel Processor Trace" has been accepted for the 22nd ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). The paper's authors are Xinyang Ge, Weidong Cui, and Trent Jaeger. This is one of four ASPLOS papers from Penn State's CSE Department this year!

October 2016: The paper "An Evil Copy: How the Loader Betrays You" has been accepted for the 2017 Network and Distributed System Security Symposium (NDSS). The paper's authors are Xinyang Ge, Mathias Payer, and Trent Jaeger.

October 2016: Trent gave two keynote addresses. One at ACM SafeConfig titled "Configuring Software and Systems for Defense-in-Depth" and one at CPS-Sec-International Workshop on Cyber-Physical Systems Security titled "Software and Systems Security for Cyber-Physical Systems."

October 2016: Yuqiong Sun passed his thesis defense, titled "Protecting IaaS Clouds through Control of Cloud Services." Yuqiong is still considering his offers. Congratulations, Yuqiong!

August 2016: The paper "Pileus: Protecting User Resources from Compromised Cloud Services" has been accepted for the 2016 Annual Computer Security Applications Conference (ACSAC). The paper's authors are Yuqiong Sun, Giuseppe Petracca, Xinyang Ge, and Trent Jaeger.

August 2016: The paper "Leveraging Data Provenance to Enhance Cyber Resilience" has been accepted for the 1st IEEE Cybersecurity Development Conference (SecDev). The paper's authors are Thomas Moyer (Lincoln Lab), Patrick Cable (LL), Karishma Chadha (LL), Robert Cunningham (LL), Nabil Schear (LL), Warren Smith (LL), Adam Bates (UIUC), Kevin Butler (Florida), Frank Capobianco, and Trent Jaeger.

August 2016: Xinyang Ge passed his thesis defense, titled "Enforcing Execution Integrity for Software Systems." Xinyang has accepted an offer at Microsoft Research. Congratulations, Xinyang!

August 2016: I have been invited to give a keynote lecture at the SafeConfig 2016 Workshop at part ACM CCS in Vienna, Austria. Please plan to come to CCS and SafeConfig!

July 2016: The paper "Agility Maneuvers to Mitigate Inference Attacks on Sensed Location Data" has been accepted for MILCOM 2016. The paper's authors are Giuseppe Petracca, Trent Jaeger, Lisa Marvel, Ananthram Swami.

May 2016: My students are starting their summer internships. Giuseppe Petracca will intern at Samsung Research USA and Frank Capobianco will intern at Lincoln Lab.

April 2016: Yuqiong Sun passed his comprehensive exam entitled "Protecting IaaS Clouds through Control of Cloud Services." Congratulations, Yuqiong!

March/April 2016: Xinyang Ge presented our paper "Fine-Grained Control-Flow Integrity for Kernel Software" at the IEEE European Symposium on Security and Privacy. Trent also presented that work at Stony Brook University. The slides for the Stony Brook talk are here.

February 2016: Xinyang Ge passed his comprehensive exam entitled "Enforcing Execution Integrity for Software Systems." Congratulations, Xinyang!

December 2015: Xinyang Ge contributed support for Intel TSX instructions to the open-source x86 disassembler distorm. This support has been upstreamed into the distorm version 3.3.

October 2015: The paper "Fine-Grained Control-Flow Integrity for Kernel Software" has been accepted for the 1st IEEE European Symposium on Security and Privacy. The paper's authors are Xinyang Ge, Nirupama Talele, Mathias Payer (Purdue), and Trent Jaeger.

September 2015: The paper "AuDroid: Preventing Attacks on Audio Channels in Mobile Devices" has been accepted for the Annual Computer Security Applications Conference (ACSAC) . The paper's authors are Giuseppe Petracca, Yuqiong Sun, Trent Jaeger, and Ahmad Atamli (Oxford).

August 2015: The paper "Security-as-a-Service for Microservices-Based Cloud Applications" has been accepted for the IEEE International Conference on Cloud Computing Technology and Science (CloudCom) . The paper's authors are Yuqiong Sun, Susanta Nanda (Symantec), and Trent Jaeger.

July 2015: Trent presented three lectures at the International Summer School on Information Security in Bilbao, Spain.

June 2015: Trent presented the Keynote Address at the ACM Symposium on Access Control Models and Technologies (SACMAT) in Vienna, Austria.

May 2015: My students are starting their summer internships. Xinyang Ge will intern at Microsoft Research Redmond and Yuqiong Sun will intern at IBM Research Watson.

April 2015: The paper "CloudArmor: Protecting Cloud Commands from Compromised Cloud Services" has been accepted for the IEEE International Conference on Cloud Computing (CLOUD 2015) . The paper's authors are Yuqiong Sun, Giuseppe Petracca, and Trent Jaeger.

February 2015: Trent is attending the PC meeting for the 36th IEEE Symposium on Security and Privacy.

November 2014: The paper "Producing Hook Placements to Enforce Expected Access Control Policies" has been accepted for the International Symposium on Engineering Secure Software and Systems (ESSoS). The paper's authors are Divya Muthukumaran, Nirupama Talele, Trent Jaeger, and Gang Tan.

October 2014: The paper "Assurance for Defense in Depth via Retrofitting" has been accepted for the Layer Assurance Workshop (at ACSAC). The paper's authors are Vinod Ganapathy, Trent Jaeger, Christian Skalka, and Gang Tan.

September 2014: The paper "Inevitable Failure: The Flawed Assumption in the Cloud" has been accepted for the ACM Cloud Computing Security Workshop (at CCS). The paper's authors are Yuqiong Sun, Giuseppe Petracca, and Trent Jaeger.

September 2014: We have released the Process Firewall mechanism as open source. The Process Firewall is integrated as part of the Linux 3.2 kernel.

August 2014: We have been awarded a National Science Foundation (NSF) SaTC Medium grant for the project Retrofitting Software for Defense-in-Depth. I am the PI and the co-PIs are Vinod Ganapathy (Rutgers), Christian Skalka (Vermont), and Gang Tan (Lehigh).

May 2014: My students are starting their summer internships. Xinyang Ge will intern at Microsoft Research Redmond, Giuseppe Petracca will intern at Intel, and Yuqiong Sun will intern at Symantec Research.

May 2014: The paper "JIGSAW: Protecting Resource Access by Inferring Programmer Expectations" has been accepted for the USENIX Security Symposium. The paper's authors are Hayawardh Vijayakumar, Xinyang Ge, Mathias Payer, and Trent Jaeger.

April 2014: The paper "Policy Models to Protect Resource Retrieval" has been accepted for the ACM Symposium on Access Control Models and Technologies. The paper's authors are Hayawardh Vijayakumar, Xinyang Ge, and Trent Jaeger.

April 2014: The paper "Monitor Placement for Large-Scale Networks" has been accepted for the ACM Symposium on Access Control Models and Technologies. The paper's authors are Nirupama Talele, Jason Teutsch, Robert Erbacher, and Trent Jaeger.

April 2014: The paper "Sprobes: Enforcing Kernel Code Integrity on the TrustZone Architecture" has been accepted for the Mobile Security Technology Workshop, associated with Oakland. The paper's authors are Xinyang Ge, Hayawardh Vijayakumar, and Trent Jaeger.

February 2014: Hayawardh Vijayakumar passed his thesis defense. Congratulations, Hayawardh!

January 2014: I started my sabbatical semester at HP Labs in Bristol, working with their malware lab.

November 2013: David Schmidt passed his Masters' defense. Congratulations, David!

September 2013: A Penn State-led team has been awarded a Collaborative Research Alliance (CRA) grant from the Army Research Lab. Patrick McDaniel of Penn State is the project's PI.

August 2013: Divya Muthukumaran passed her thesis defense. Congratulations, Divya!

August 2013: The paper "Pitfalls in the Automated Strengthening of Passwords" has been accepted for the 29th Annual Computer Security Applications Conference (ACSAC 2013). The paper's authors are David Schmidt (an M.S. advisee) and Trent Jaeger.

June 2013: Trent Jaeger has been elected Chair of the ACM Special Interest Group on Security, Audit, and Control (SIGSAC) effective July 1, 2013. Thanks for your support! I look forward to working with you all on a variety of topics of interest.

June 2013: We held the 2013 Trusted Infrastructure Workshop at Penn State from June 2-6, 2013. 20 experts in hardware, systems, and network security from industry, government, and academia lectured and ran hands-on labs, including a Capture-the-Flag, covering a variety of security topics. TIW 2013 was attended by approximately 50 students whose attendance was sponsors by the NSF and several companies.

May 2013: Trent Jaeger has been promoted to Professor of Computer Science and Engineering effective July 1, 2013.

April 2013: Divya Muthukumaran and Hayawardh Vijayakumar have accepted summer internships at HP Labs (CA) and NEC Labs (NJ), respectively. Divya will evaluate her thesis approach as applied to the HP Fortify product, whose integration she completed last year. Hayawardh will examine using runtime logs to find vulnerabilities in software in the context of systems.

May 2013: The paper "Cloud Verifier: Verifiable Auditing Service for IaaS Clouds" has been accepted for the 2013 Cloud Security Auditing Workshop. The paper's authors are Joshua Schiffman, Yuqiong Sun, Hayawardh Vijayakumar, and Trent Jaeger.

March 2013: Our Defense Advanced Research Projects Agency (DARPA) proposal "Vetting Whole COTS Systems for Safety Against Malicious Functionality" was selected for awarding, starting in October 2013. The PIs are David Brumley (PI), Virgil Gligor, and Trent Jaeger.

January 2013: The paper "Process Firewalls: Protecting Processes during Resource Access" has been accepted for the EuroSys 2013 Conference. The paper's authors are Hayawardh Vijayakumar, Joshua Schiffman, and Trent Jaeger.

December 2012: Hayawardh Vijayakumar has passed his thesis proposal (we call it a comprehensive exam at Penn State) entitled "Protecting Programs from Resource Access Attacks." Congratulations, Haya!

November 2012: The paper "Using Security Policies to Automate Monitor Placement" has been accepted for the 5th International Symposium on Engineering Secure Software and Systems (ESSoS 2013). The paper's authors are Nirupama Talele, Jason Teutsch, Trent Jaeger, and Robert Erbacher.

October 2012: Trent Jaeger was awarded an Army CERDEC subcontract via Applied Communication Sciences (formerly Telcordia) as part of the Secure Mobile Communications (SMC) program, exploring Root-of-Trust for mobile devices.

September 2012: Trent Jaeger was awarded Phase Two of his Army Research Laboratory (ARL) grant "Automating Intrusion Monitor Placement for Defensive Mediation in Attack Graphs."

September 2012: The paper "Right Files at the Right Time" has been accepted for the 5th Symposium on Configuration Analytics and Automation (SafeConfig 2012). The paper's authors are Hayawardh Vijayakumar and Trent Jaeger.

August 2012: The paper "Transforming Commodity Security Policies to Enforce Clark-Wilson Integrity" has been accepted for the 28th Annual Computer Security Applications Conference. The paper's authors are Divya Muthukumaran, Sandra Rueda, Nirupama Talele, Hayawardh Vijayakumar, Jason Teutsch, Trent Jaeger, and Nigel Edwards.

July 2012: The paper "Leveraging 'Choice' for Automating Authorization Hook Placement" has been accepted for the 19th ACM Conference on Computer and Communications Security. The paper's authors are Divya Muthukumaran, Trent Jaeger, and Vinod Ganapathy.

July 2012: Joshua Schiffman successfully defended his Ph.D. thesis entitled "Practical System Integrity Verification in Cloud Computing Environments." Congratulations, Josh!

June 2012: Trent Jaeger was awarded a renewal of his HP Labs Innovation Research Award, "Towards Mostly-Automatic, System-Wide Integrity Policy Generation."

May 2012: Adam Smith, Jonathan Katz, and Trent Jaeger co-hosted a Joint Summer School on Cryptography and Principles of Software Security. I thank all the speakers for their fine work!

May 2012: Divya Muthukumaran has passed her thesis proposal (we call it a comprehensive exam at Penn State) entitled "Leveraging Choice for Automating Security Mediation Placement in Programs." Congratulations, Divya!

May 2012: Joshua Schiffman has accepted a job offer from Advanced Micro Devices (AMD) in a new security research group headed by Ron Perez. Congratulations, Josh!

April 2012: The paper "STING: Finding Name Resolution Vulnerbailities in Programs" has been accepted for the 21st USENIX Security Symposium. The paper's authors are Hayawardh Vijayakumar, Joshua Schiffman and Trent Jaeger.

April 2012: Trent Jaeger was awarded a grant from the Air Force Office of Sponsored Research (AFOSR) for his proposal "Information Flow Integrity for Systems of Independently-Developed Components."

March 2012: The paper "Verifying System Integrity by Proxy" has been accepted for presentation in the 5th International Conference on Trust and Trustworthy Computing (TRUST 2012). The paper's authors are Joshua Schiffman, Hayawardh Vijayakumar, and Trent Jaeger.

March 2012: Divya Muthukumaran has accepted a summer research internship offer (for 2012) at HP Labs, Bristol, UK. Congratulations, Divya!

February 2012: The paper "Integrity Walls: Finding Attack Surfaces from Mandatory Access Control Policies" has been accepted for the the 7th ACM Symposium on Information, Computer, and Communications Security (ASIACCS). The paper's authors are Hayawardh Vijayakumar, Guruprasad Jakka, Sandra Rueda Rodriguez, Joshua Schiffman and Trent Jaeger.

November 2011: Trent Jaeger was awarded an Army Research Laboratory (ARL) grant for his proposal "Automating Intrusion Monitor Placement for Defensive Mediation in Attack Graphs."

September 2011: The paper A Rose by Any Other Name or an Insane Root? Adventures in Namespace Resolution has been presented at the 7th European Conference on Computer Network Defense (EC2ND) by Hayawardh Vijayakumar.

August 2011: Trent Jaeger was awarded a National Science Foundation grant for his proposal "Towards Customer-Centric Utility Computing."

July 2011: Sandra Rueda Rodriguez defended her Ph.D. thesis entitled "Methods for Constructing, Evaluating, and Resolving system-wide Policy Compliance Problems." She is now taking an Assistant Professor position at Universidad de Los Andes in Bogota, Colombia. Congratulations, Sandra!

June 2011: Trent Jaeger was awarded an HP Labs Innovation Research Award for his proposal "Towards Mostly-Automatic, System-Wide Integrity Policy Generation."