Conference Papers
Robust signatures for kernel data structures.
Brendan Dolan-Gavitt, Abhinav Srivastava, Patrick Traynor, and Jonathon Giffin.
In ACM Conference on Computer and Communications Security.
Chicago, Illinois, November 2009.
Automatic reverse engineering of malware emulators.
Monirul Sharif, Andrea Lanzi, Jonathon Giffin, and Wenke Lee.
In IEEE
Symposium on Security and Privacy.
Oakland, California, May 2009.
Received best student paper award.
Soft-timer driven transient kernel control flow attacks and defense.
Jinpeng Wei, Bryan Payne, Jonathon Giffin, and Calton Pu.
In Annual Computer Security
Applications Conference (ACSAC).
Anaheim, California, December 2008.
Award paper.
Evolutionary study of phishing.
Danesh Irani, Steve Webb, Jonathon Giffin, and Calton Pu.
In 3rd
Anti-Phishing Working Group eCrime Researchers Summit.
Atlanta, Georgia, October 2008.
Award paper.
System call API obfuscation (Extended abstract).
Abhinav Srivastava, Andrea Lanzi, and Jonathon Giffin.
In Recent Advances in
Intrusion Detection (RAID).
Cambridge, Massachusetts, September 2008.
Tamper-resistant, application-aware blocking of malicious network connections.
Abhinav Srivastava and Jonathon Giffin.
In Recent Advances in Intrusion Detection (RAID).
Cambridge, Massachusetts, September 2008.
Paper: [Abstract] [pdf]
Security analysis of an IP phone: Cisco 7960G.
Italo Dacosta, Neel Mehta, Evan Metrock, and Jonathon Giffin.
In Principles, Systems and
Applications of IP Telecommunications (IPTComm).
Heidelberg, Germany, July 2008.
Paper: [Abstract]
[pdf]
Evaluating email's feasibility for botnet command and control.
Kapil Singh, Abhinav Srivastava, Jonathon Giffin, and Wenke
Lee.
In 38th Annual IEEE/IFIP
International Conference on Dependable Systems and Networks
(DSN).
Anchorage, Alaska, June 2008.
Paper: [Abstract]
[pdf]
Impeding malware analysis using conditional code obfuscation.
Monirul Sharif, Andrea Lanzi, Jonathon Giffin, and Wenke Lee.
In 15th
Network and Distributed System Security Symposium
(NDSS).
San Diego, California, February 2008.
Paper: [Abstract]
[pdf]
Understanding precision in host based intrusion detection: Formal analysis and practical models.
Monirul Sharif, Kapil Singh, Jonathon Giffin, and Wenke Lee.
In 10th
International Symposium on Recent Advances in Intrusion
Detection (RAID).
Surfers Paradise, Australia, September 2007.
Paper: [Abstract]
[pdf]
Automated discovery of mimicry attacks.
Jonathon T. Giffin, Somesh Jha, and Barton P. Miller.
In 9th International
Symposium on Recent Advances in Intrusion Detection
(RAID).
Hamburg, Germany, September 2006.
Paper: [Abstract]
[pdf]
[ps]
Slides: [pdf]
Strengthening software self-checksumming via self-modifying code.
Jonathon T. Giffin, Mihai Christodorescu, and Louis Kruger.
In 21st Annual Computer Security
Applications Conference (ACSAC).
Tucson, Arizona, December 2005.
Paper: [Abstract]
[pdf]
[ps]
Slides: [pdf]
An auctioning reputation system based on anomaly detection.
Shai Rubin, Mihai Christodorescu, Vinod Ganapathy, Jonathon T. Giffin,
Louis Kruger, Hao Wang, and Nicholas Kidd.
In 12th ACM
Conference on Computer and Communications Security (CCS).
Alexandria, Virginia, November 2005.
Paper: [Abstract]
[pdf]
[ps]
Slides: [pdf]
(Presentation given by Shai Rubin)
Environment-sensitive intrusion detection.
Jonathon T. Giffin, David Dagon, Somesh Jha, Wenke Lee, and Barton
P. Miller.
In 8th
International Symposium on Recent Advances in Intrusion Detection
(RAID).
Seattle, Washington, September 2005.
Paper: [Abstract] [pdf] [ps]
Slides: [pdf]
An architecture for generating semantics-aware signatures.
Vinod Yegneswaran, Jonathon T. Giffin, Paul Barford, and Somesh
Jha.
In 14th USENIX
Security Symposium.
Baltimore, Maryland, August 2005.
Paper: [Abstract] [pdf]
Slides: [pdf]
In the news: [SearchSecurity.com]
Formalizing sensitivity in static analysis for intrusion detection.
Henry Hanping Feng, Jonathon T. Giffin, Yong Huang, Somesh Jha, Wenke
Lee, and Barton P. Miller.
In IEEE
Symposium on Security and Privacy.
Oakland, California, May 2004.
Paper: [Abstract] [pdf] [ps]
Slides: [ppt]
Efficient context-sensitive intrusion detection.
Jonathon T. Giffin, Somesh Jha, and Barton P. Miller.
In 11th
Network and Distributed System Security Symposium (NDSS).
San Diego, California, February 2004.
Paper: [Abstract] [pdf] [ps]
Slides: [pdf]
Detecting manipulated remote call streams.
Jonathon T. Giffin, Somesh Jha, and Barton P. Miller.
In 11th USENIX
Security Symposium.
San Francisco, California, August 2002.
Paper: [Abstract]
[pdf]
[ps]
Slides: [pdf]
Technical Reports
Secure observation of kernel behavior.
Abhinav Srivastava, Kapil Singh, and Jonathon Giffin.
Technical Report GT-CS-08-01, Georgia Institute of Technology, Atlanta, 2008.
Paper: Coming soon.
On effective model-based intrusion detection.
Jonathon T. Giffin, Somesh Jha, and Barton P. Miller.
Technical report 1543, Computer Sciences Department, University of
Wisconsin, Madison, November 2005.
Paper: [Abstract] [pdf] [ps]
Strengthening software self-checksumming via self-modifying code.
Jonathon T. Giffin, Mihai Christodorescu, and Louis Kruger.
Technical report 1531, Computer Sciences Department, University of
Wisconsin, Madison, September 2005.
Paper: [Abstract] [pdf] [ps]
Internet sieve: An architecture for generating resilient signatures.
Vinod Yegneswaran, Jonathon T. Giffin, Paul Barford, and Somesh
Jha.
Technical report 1507, Computer Sciences Department, University of
Wisconsin, Madison, May 2004.
Paper: [Abstract] [pdf]
Book Chapters
Analysis of COTS for security vulnerability remediation.
Gogul Balakrishnan, Mihai Christodorescu, Vinod Ganapathy, Jonathon T. Giffin, Shai Rubin, Hao Wang, Somesh Jha, Barton P. Miller, and Thomas Reps.
In Information Security Research: New Methods for Protecting against Cyber Threats, Wiley Publishing, Inc., Wang, King, Wachter, Herklotz, Arney, Toth, Hislop, Heise, and Combs, eds., July 2007.
ISBN 978-0471787563.
Dissertation
Model-based intrusion detection system design and evaluation.
Jonathon T. Giffin.
Ph.D. Dissertation, Computer Sciences Department, University of Wisconsin, Madison, August 2006.
Paper: [Abstract] [pdf]
Patents
Semantically-aware network intrusion signature generator.
Paul Barford, Jonathon Giffin, Somesh Jha, and Vinod Yegneswaran.
United States Patent Application #20060212942, March 2005.