Dawn Xiaodong Song's Publications

[Back to main page]

Here you may find some of my conference papers, journal papers, books and book chapters, technical reports, IETF Drafts, and patents. Comments are most welcome.

Refereed Papers

Towards Automatic Discovery of Deviations in Binary Implementations with Applications to Error Detection and Fingerprint Generation.: David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, and Dawn Song. To appear in Proceedings of USENIX Security Symposium, Aug 2007.
Exploiting Network Structure for Proactive Spam Mitigation.: Shobha Venkataraman, Subhabrata Sen, Oliver Spatscheck, Patrick Haffner, and Dawn Song. To appear in Proceedings of USENIX Security Symposium, Aug 2007.
Creating Vulnerability Signatures Using Weakest Pre-conditions.: David Brumley, Hao Wang, Somesh Jha, and Dawn Song. To appear in Proceedings of Computer Security Foundations Symposium, Jul 2007.
Dynamic Spyware Analysis.: Manuel Egele, Christopher Kruegel, Engin Kirda, Heng Yin, and Dawn Song. To appear in Proceedings of USENIX Annual Technical Conference, Jun 2007.
Distributed Evasive Scan Techniques and Countermeasures.: Min Gyyng Kang, Juan Caballero, and Dawn Song. To appear in Proceedings of International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment (DIMVA), Jun 2007.
Multi-Dimensional Range Query over Encrypted Data.: Elaine Shi, John Bethencourt, Hubert Chan, Dawn Song, and Adrian Perrig. To appear in Proceedings of IEEE Security and Privacy Symposium, May 2007.
Sweeper: a Lightweight End-to-End System for Defending against Fast Worms.: Joseph Tucek, James Newsome, Shan Lu, Chengdu Huang, Spiros Xanthos, David Brumley, Yuanyuan Zhou, and Dawn Song. In Proceedings of European Conference on Computer Systems (EuroSys), Mar 2007.
FiG: Automatic Fingerprint Generation.: Juan Caballero,Shobha Venkataraman, Pongsin Poosankam, Min Gyung Kang, Dawn Song and Avrim Blum. In Proceedings of NDSS, Feb 2007.
Efficient and Accurate Detection of Integer-based Attacks.: David Brumley, Tzi-cker Chiueh, Rob Johnson, Huijia Lin, and Dawn Song. In Proceedings of NDSS, Feb 2007.
Black-box Anomaly Detection---Is it Utopian?: Shobha Venkataraman, Juan Caballero, Dawn Song, Avrim Blum, Jennifer Yates. In Proceedings of HotNets, Nov 2006.
Replayer: Automatic Protocol Replay by Binary Analysis.: James Newsome, David Brumley, Jason Franklin, and Dawn Song. In Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS), October 2006.
Secure Hierarchical In-Network Aggregation in Sensor Networks.: Haowen Chan, Adrian Perrig, and Dawn Song. ACM CCS, November 2006.
Thwarting Signature Learning by Training Maliciously.: James Newsome, Brad Karp, and Dawn Song. In Proceedings of the 9th International Symposium On Recent Advances In Intrusion Detection (RAID 2006), September 2006.
Behavioral Distance Measurement Using Hidden Markov Models.: Debin Gao, Michael K. Reiter and Dawn Song In Proceedings of the 9th International Symposium on Recent Advances in Intrusion Detection (RAID 2006), Hamburg, Germany, September 2006.
Towards Attack-Agnostic Defenses.: David Brumley and Dawn Song. In the Proceedings of the First Workshop on Hot Topics in Security (HOTSEC 06).
Towards Automatic Generation of Vulnerability Signatures: David Brumley, James Newsome, Dawn Song, Hao Wang, and Somesh Jha. In the Proceedings of the IEEE Symposium on Security and Privacy, May 2006.
New Constructions and Applications for Private Stream Search (Extended Abstract): John Bethencourt, Dawn Song, and Brent Waters. In the Proceedings of the IEEE Symposium on Security and Privacy, May 2006.
Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software: James Newsome, David Brumley, and Dawn Song. In the Proceedings of the 13th Annual Network and Distributed Systems Security Symposium (NDSS), 2006.
Behavioral Distance for Intrusion Detection: Debin Gao, Mike Reiter and Dawn Song. Symposium on Recent Advance in Intrusion Detection (RAID), Sep 2005.
Privacy Preserving Set Operations: Lea Kissner and Dawn Song. CRYPTO, Aug 2005.
Semantics-Aware Malware Detection: Mihai Christodorescu, Somesh Jha, Sanjit Seshia, Dawn Song, Randal E. Bryant. In IEEE Security and Privacy Symposium, May 2005.
Polygraph: Automatic Signature Generation for Polymorphic Worms: James Newsome, Brad Karp, Dawn Song. In IEEE Security and Privacy Symposium, May 2005.
FIT: Fast Internet Traceback: Abraham Yaar, Adrian Perrig, and Dawn Song. In IEEE InfoCom, March 2005.
New Streaming Algorithms for Superspreader Detection: Shobha Venkataraman, Dawn Song, Phil Gibbons, and Avrim Blum. In Network and Distributed Systems Security Symposium, Feb 2005.
Dynamic Taint Analysis: Automatic Detection, Analysis, and Signature Generation of Exploit Attacks on Commodity Software: James Newsome and Dawn Song. In Network and Distributed Systems Security Symposium, Feb 2005.
Gray-box Extraction of Execution Graphs for Anomaly Detection: Debin Gao, Mike Reiter, and Dawn Song. In ACM Computer and Communication Security (CCS) 2004 .
Detection of Interactive Stepping Stones: Algorithms and Confidence Bounds: Avrim Blum, Dawn Song, and Shobha Venkataraman. In Conference of Recent Advance in Intrusion Detection (RAID) 2004.
Privtrans: Automatic Privilege Separation: David Brumley and Dawn Song. In USENIX Security Symposium 2004.
Graybox Program Tracking for Hostbased Intrusion Detection: Debin Gao, Mike Reiter, and Dawn Song. In USENIX Security Symposium 2004.
SIFF: An Endhost Capability Mechanism to Mitigate DDoS Flooding Attacks: Abraham Yaar, Adrian Perrig, and Dawn Song. In IEEE Symposium on Security and Privacy 2004, May 2004.
The Sybil attack in sensor networks: analysis & defenses.: James Newsome, Runting Shi, Dawn Song, and Adrian Perrig. In 3rd International Symposium on Information Processing in Sensor Networks (IPSN 2004), April 2004
GEM: Graph Embedding for Routing and Data-Centric Storage in Sensor Networks without Geographic Information.: James Newsome and Dawn Song. In ACM SenSys (Conference on Embedded Networked Sensor Systems), November 2003. [pdf]
SIA: Secure Information Aggregation in Sensor Networks.: Bartosz Przydatek, Dawn Song, and Adrian Perrig. In ACM SenSys (Conference on Embedded Networked Sensor Systems), November 2003. [pdf]
Pi: A Path Identification Mechanism to Defend against DDoS Attacks.: Avi Yaar, Adrian Perrig, and Dawn Song. In IEEE Symposium on Security and Privacy 2003. [pdf]
Random Key Predistribution Schemes for Sensor Networks: Haowen Chan, Adrian Perrig, and Dawn Song. In IEEE Symposium on Security and Privacy 2003. [pdf]
Expander Graphs for Digital Stream Authentication and Robust Overlay Networks: D. Song, D. Zuckerman, and J. D. Tygar. In 2002 IEEE Symposium on Research in Security and Privacy. [pdf]
Quasi-efficient Revocation of Group Signatures: G. Ateniese, D. Song, and G. Tsudik. In Financial Crypto'2002 . [pdf]
Homomorphic Signature Schemes: R. Johnson, D. Molnar, D. Song, and D. Wagner. In RSA 2002, Cryptographer's track. [pdf]
Practical Forward Secure Group Signature Schemes: D. Song. In 8th ACM Conference on Computer and Communications Security (CCS-8), 2001. [pdf]
Timing Analysis of Keystrokes and SSH Timing Attacks: D. Song, D. Wagner, and X. Tian. In 10th USENIX Security Symposium, 2001. [pdf]
AGVI --- Automatic Generation, Verification, and Implementation of Security Protocols: D. Song, A. Perrig, and D. Phan. In 13th Conference on Computer Aided Verification (CAV), 2001. [pdf]
ELK, a New Protocol for Efficient Large-Group Key Distribution: A. Perrig, D. Song, and D. Tygar. In 2001 IEEE Symposium on Research in Security and Privacy. [pdf]
Advanced and Authenticated Marking Schemes for IP Traceback: D. Song and A. Perrig. In IEEE Infocomm 2001. [pdf]
Efficient and Secure Source Authentication for Multicast: A. Perrig, R. Canetti, D. Song, and J. D. Tygar. In Symposium on Network and Distributed Systems Security (NDSS) 2001. [pdf]
Looking for Diamonds in the Desert --- Extending Automatic Protocol Generation to Three-Party Authentication and Key Agreement Protocols: A. Perrig and D. Song. In 13th IEEE Computer Security Foundations Workshop, 2000. [pdf]
Efficient Authentication and Signature of Multicast Streams Over Lossy Channels: A. Perrig, R. Canetti, J. D. Tygar, and D. Song. In 2000 IEEE Symposium on Research in Security and Privacy. [pdf]
Practical Techniques for Searches on Encrypted Data: D. Song, D. Wagner, and A. Perrig. In 2000 IEEE Symposium on Research in Security and Privacy. [pdf]
A First Step towards the Automatic Generation of Security Protocols: A. Perrig and D. Song. In Symposium on Network and Distributed Systems Security (NDSS) 2000. [pdf]
Hash Visualization: A New Technique to Improve Real-World Security: A. Perrig and D. Song. In International Workshop on Cryptographic Techniques and E-Commerce (CrypTEC) 1999. [pdf]
Athena, an Automatic Checker for Security Protocol Analysis: D. Song. In 12th IEEE Computer Security Foundation Workshop, 1999. [pdf]

Journal Papers

SIA: Secure Information Aggregation in Sensor Networks.

Haowen Chan, Adrian Perrig, Bartosz Przydatek, and Dawn Song. Journal of Computer Security.

StackPi: New Packet Marking and Filtering Mechanisms for DDoS and IP Spoofing Defense.

Abraham Yaar, Adrian Perrig, and Dawn Song. To appear in JSAC.

Athena, a Novel Approach to Efficient Automatic Security Protocol Analysis

D. Song, S. Berezin, and A. Perrig. In Journal of Computer Security, 9(1,2):47--74, 2001. [pdf]

Books, Book Chapters, and other Reports

A Clean-Slate Design for the Next-Generation Secure Internet.: Steven Bellovin, David Clark, Adrian Perrig, and Dawn Song. Report of the NSF workshop on "Next-generation Secure Internet", held at CMU 12-14 July 2005.
Key Distribution Techniques for Sensor Networks: Haowen Chan, Adrian Perrig, and Dawn Song. In Wireless Sensor Networks, Kluwer Academic Publishers.

Technical Reports

Mitigating Buffer Overflows by Operating System Randomization: M. Chew and D. Song. Technical Report CMU-CS-02-197.

IETF Drafts

TESLA: Multicast Source Authentication Transform: A. Perrig, R. Canetti, B. Briscoe, D. Song, and J. D. Tygar. IETF draft, 2000.

Patents

Secure Auction Marketplace using a Secure Coprocessor: A. Perrig, S. Smith, and D. Song. U.S. Patent pending, filed in 2000.