Limin Jia

Proceedings of the Verification, Model Checking, and Abstract Interpretation, 2024

ProInspector: Uncovering Logical Bugs in Protocol Implementations.

[BibT_eX]

[DOI]

Zichao Zhang

Corina S. Pasareanu

Proceedings of the 9th IEEE European Symposium on Security and Privacy, 2024

2023

A Type System for Safe Intermittent Computing.

[BibT_eX]

[DOI]

Proc. ACM Program. Lang., 2023

Transfer Attacks and Defenses for Large Language Models on Coding Tasks.

[BibT_eX]

[DOI]

CoRR, 2023

Towards Usable Security Analysis Tools for Trigger-Action Programming.

[BibT_eX]

[DOI]

Eric Zeng

Faysal Hossain Shezan

Proceedings of the Nineteenth Symposium on Usable Privacy and Security, 2023

NodeMedic: End-to-End Analysis of Node.js Vulnerabilities with Provenance Graphs.

[BibT_eX]

[DOI]

Wai Tuck Wong

Proceedings of the 8th IEEE European Symposium on Security and Privacy, 2023

Modal Crash Types for Intermittent Computing.

[BibT_eX]

[DOI]

Proceedings of the Programming Languages and Systems, 2023

Towards End-to-End Verified TEEs via Verified Interface Conformance and Certified Compilers.

[BibT_eX]

[DOI]

Proceedings of the 36th IEEE Computer Security Foundations Symposium, 2023

Tainted Secure Multi-Execution to Restrict Attacker Influence.

[BibT_eX]

[DOI]

Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

Tenet: A Flexible Framework for Machine-Learning-based Vulnerability Detection.

[BibT_eX]

[DOI]

Proceedings of the 2nd IEEE/ACM International Conference on AI Engineering, 2023

2022

OmniCrawl: Comprehensive Measurement of Web Tracking With Real Desktop and Mobile Browsers.

[BibT_eX]

[DOI]

Proc. Priv. Enhancing Technol., 2022

Session-typed concurrent contracts.

[BibT_eX]

[DOI]

Hannah Gommerstadt

Frank Pfenning

J. Log. Algebraic Methods Program., 2022

Investigating Advertisers' Domain-changing Behaviors and Their Impacts on Ad-blocker Filter Lists.

[BibT_eX]

[DOI]

Proceedings of the WWW '22: The ACM Web Conference 2022, Virtual Event, Lyon, France, April 25, 2022

Compositional Information Flow Monitoring for Reactive Programs.

[BibT_eX]

[DOI]

Proceedings of the 7th IEEE European Symposium on Security and Privacy, 2022

2021

Towards a Lightweight, Hybrid Approach for Detecting DOM XSS Vulnerabilities with Machine Learning.

[BibT_eX]

[DOI]

Proceedings of the WWW '21: The Web Conference 2021, 2021

Netter: Probabilistic, Stateful Network Models.

[BibT_eX]

[DOI]

Han Zhang

Chi Zhang

Yuvraj Agarwal

Matt Fredrikson

Proceedings of the Verification, Model Checking, and Abstract Interpretation, 2021

An I/O Separation Model for Formal Verification of Kernel Implementations.

[BibT_eX]

[DOI]

Miao Yu

Virgil D. Gligor

Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

SyRust: automatic testing of Rust libraries with semantic-aware program synthesis.

[BibT_eX]

[DOI]

Proceedings of the PLDI '21: 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation, 2021

Automatically enforcing fresh and consistent inputs in intermittent systems.

[BibT_eX]

[DOI]

Milijana Surbatovich

Brandon Lucia

Proceedings of the PLDI '21: 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation, 2021

Session Logical Relations for Noninterference.

[BibT_eX]

[DOI]

Farzaneh Derakhshan

Stephanie Balzer

Proceedings of the 36th Annual ACM/IEEE Symposium on Logic in Computer Science, 2021

Containing Malicious Package Updates in npm with a Lightweight Permission System.

[BibT_eX]

[DOI]

Proceedings of the 43rd IEEE/ACM International Conference on Software Engineering, 2021

Learning Assumptions for Verifying Cryptographic Protocols Compositionally.

[BibT_eX]

[DOI]

Zichao Zhang

Corina S. Pasareanu

Proceedings of the Formal Aspects of Component Software - 17th International Conference, 2021

Gradual Security Types and Gradual Guarantees.

[BibT_eX]

[DOI]

Proceedings of the 34th IEEE Computer Security Foundations Symposium, 2021

2020

Towards a formal foundation of intermittent computing.

[BibT_eX]

[DOI]

Milijana Surbatovich

Brandon Lucia

Proc. ACM Program. Lang., 2020

First-order Gradual Information Flow Types with Gradual Guarantees.

[BibT_eX]

[DOI]

CoRR, 2020

How Risky Are Real Users' IFTTT Applets?

[BibT_eX]

[DOI]

Proceedings of the Sixteenth Symposium on Usable Privacy and Security, 2020

NetSMC: A Custom Symbolic Model Checker for Stateful Network Verification.

[BibT_eX]

[DOI]

Proceedings of the 17th USENIX Symposium on Networked Systems Design and Implementation, 2020

Reconciling noninterference and gradual typing.

[BibT_eX]

[DOI]

Matt Fredrikson

Proceedings of the LICS '20: 35th Annual ACM/IEEE Symposium on Logic in Computer Science, 2020

Automating Compositional Analysis of Authentication Protocols.

[BibT_eX]

[DOI]

Zichao Zhang

Corina S. Pasareanu

Proceedings of the 2020 Formal Methods in Computer Aided Design, 2020

2019

I/O dependent idempotence bugs in intermittent systems.

[BibT_eX]

[DOI]

Milijana Surbatovich

Brandon Lucia

Proc. ACM Program. Lang., 2019

Uncovering Information Flow Policy Violations in C Programs.

[BibT_eX]

[DOI]

Yan Huang

CoRR, 2019

Detecting suspicious package updates.

[BibT_eX]

[DOI]

Kalil Anderson Garrett

Proceedings of the 41st International Conference on Software Engineering: New Ideas and Emerging Results, 2019

Uncovering Information Flow Policy Violations in C Programs (Extended Abstract).

[BibT_eX]

[DOI]

Yan Huang

Proceedings of the Computer Security - ESORICS 2019, 2019

2018

Data Center Diagnostics with Network Provenance.

[BibT_eX]

[DOI]

IEEE Data Eng. Bull., 2018

Efficient and Correct Test Scheduling for Ensembles of Network Policies.

[BibT_eX]

[DOI]

Yifei Yuan

Sanjay Chandrasekaran

Vyas Sekar

Proceedings of the 15th USENIX Symposium on Networked Systems Design and Implementation, 2018

Riding out DOMsday: Towards Detecting and Preventing DOM Cross-Site Scripting.

[BibT_eX]

[DOI]

Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018

Knowledge-Based Security of Dynamic Secrets for Reactive Programs.

[BibT_eX]

[DOI]

Hengrun Zhang

Proceedings of the 31st IEEE Computer Security Foundations Symposium, 2018

FlowNotation: An Annotation System for Statically Enforcing Information Flow Policies in C.

[BibT_eX]

[DOI]

Yan Huang

Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018

2017

Some Recipes Can Do More Than Spoil Your Appetite: Analyzing the Security and Privacy Risks of IFTTT Recipes.

[BibT_eX]

[DOI]

Proceedings of the 26th International Conference on World Wide Web, 2017

Distributed Provenance Compression.

[BibT_eX]

[DOI]

Proceedings of the 2017 ACM International Conference on Management of Data, 2017

Timing-Sensitive Noninterference through Composition.

[BibT_eX]

[DOI]

Willard Rafnsson

Lujo Bauer

Proceedings of the Principles of Security and Trust - 6th International Conference, 2017

A Sequent Calculus for Counterfactual Reasoning.

[BibT_eX]

[DOI]

Lay Kuan Loh

Proceedings of the 2017 Workshop on Programming Languages and Analysis for Security, 2017

2016

überSpark: Enforcing Verifiable Object Abstractions for Automated Compositional Security Analysis of a Hypervisor.

[BibT_eX]

[DOI]

Proceedings of the 25th USENIX Security Symposium, 2016

Monitors and blame assignment for higher-order session types.

[BibT_eX]

[DOI]

Hannah Gommerstadt

Frank Pfenning

Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, 2016

2015

System M: A Program Logic for Code Sandboxing and Identification.

[BibT_eX]

[DOI]

CoRR, 2015

A Program Logic for Verifying Secure Routing Protocols.

[BibT_eX]

[DOI]

Log. Methods Comput. Sci., 2015

Automated verification of safety properties of declarative networking programs.

[BibT_eX]

[DOI]

Proceedings of the 17th International Symposium on Principles and Practice of Declarative Programming, 2015

Run-time Monitoring and Formal Analysis of Information Flows in Chromium.

[BibT_eX]

[DOI]

Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015

A Logic of Programs with Interface-Confined Code.

[BibT_eX]

[DOI]

Proceedings of the IEEE 28th Computer Security Foundations Symposium, 2015

Equivalence-based Security for Querying Encrypted Databases: Theory and Application to Privacy Policy Audits.

[BibT_eX]

[DOI]

Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

2014

Continuous Tamper-Proof Logging Using TPM 2.0.

[BibT_eX]

[DOI]

Proceedings of the Trust and Trustworthy Computing - 7th International Conference, 2014

Lightweight source authentication and path validation.

[BibT_eX]

[DOI]

Proceedings of the ACM SIGCOMM 2014 Conference, 2014

Android taint flow analysis for app sets.

[BibT_eX]

[DOI]

Proceedings of the 3rd ACM SIGPLAN International Workshop on the State Of the Art in Java Program analysis, 2014

Proof-based Verification of Software Defined Networks.

[BibT_eX]

[DOI]

Proceedings of the Open Networking Summit 2014 - Research Track, 2014

Privacy-preserving audit for broker-based health information exchange.

[BibT_eX]

[DOI]

Proceedings of the Fourth ACM Conference on Data and Application Security and Privacy, 2014

Analyzing the dangers posed by Chrome extensions.

[BibT_eX]

[DOI]

Proceedings of the IEEE Conference on Communications and Network Security, 2014

Mechanized Network Origin and Path Authenticity Proofs.

[BibT_eX]

[DOI]

Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

Temporal Mode-Checking for Runtime Monitoring of Privacy Policies.

[BibT_eX]

[DOI]

Proceedings of the Computer Aided Verification - 26th International Conference, 2014

2013

Design, Implementation and Verification of an eXtensible and Modular Hypervisor Framework.

[BibT_eX]

[DOI]

Proceedings of the 2013 IEEE Symposium on Security and Privacy, 2013

Privacy promises that can be kept: a policy analysis method with application to the HIPAA privacy rule.

[BibT_eX]

[DOI]

William H. Winsborough

Proceedings of the 18th ACM Symposium on Access Control Models and Technologies, 2013

Run-Time Enforcement of Information-Flow Properties on Android - (Extended Abstract).

[BibT_eX]

[DOI]

Proceedings of the Computer Security - ESORICS 2013, 2013

2012

FSR: formal analysis and implementation toolkit for safe interdomain routing.

[BibT_eX]

[DOI]

IEEE/ACM Trans. Netw., 2012

Maintaining distributed logic programs incrementally.

[BibT_eX]

[DOI]

Comput. Lang. Syst. Struct., 2012

Reduction-based security analysis of Internet routing protocols.

[BibT_eX]

[DOI]

Proceedings of the 20th IEEE International Conference on Network Protocols, 2012

Modeling and Enhancing Android's Permission System.

[BibT_eX]

[DOI]

Proceedings of the Computer Security - ESORICS 2012, 2012

2011

On Adversary Models and Compositional Security.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2011

A Logical Method for Policy Enforcement over Evolving Audit Logs

[BibT_eX]

[DOI]

Deepak Garg

Anupam Datta

CoRR, 2011

FSR: formal analysis and implementation toolkit for safe inter-domain routing.

[BibT_eX]

[DOI]

Alexander J. T. Gurney

Boon Thau Loo

Jennifer Rexford

Proceedings of the ACM SIGCOMM 2011 Conference on Applications, 2011

Understanding and Protecting Privacy: Formal Semantics and Principled Audit Mechanisms.

[BibT_eX]

[DOI]

Proceedings of the Information Systems Security - 7th International Conference, 2011

Analyzing BGP Instances in Maude.

[BibT_eX]

[DOI]

Proceedings of the Formal Techniques for Distributed Systems, 2011

Policy auditing over incomplete logs: theory, implementation and applications.

[BibT_eX]

[DOI]

Deepak Garg

Anupam Datta

Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011

2010

Experiences in the logical specification of the HIPAA and GLBA privacy laws.

[BibT_eX]

[DOI]

Proceedings of the 2010 ACM Workshop on Privacy in the Electronic Society, 2010

Dependent types and program equivalence.

[BibT_eX]

[DOI]

Proceedings of the 37th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, 2010

An Operational Semantics for Network Datalog.

[BibT_eX]

[DOI]

Proceedings of the 3rd International Workshop on Logics, Agents, and Mobility, 2010

Constraining Credential Usage in Logic-Based Access Control.

[BibT_eX]

[DOI]

Lujo Bauer

Divya Sharma

Proceedings of the 23rd IEEE Computer Security Foundations Symposium, 2010

2009

xDomain: cross-border proofs of access.

[BibT_eX]

[DOI]

Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, 2009

Language support for processing distributed ad hoc data.

[BibT_eX]

[DOI]

Proceedings of the 11th International ACM SIGPLAN Conference on Principles and Practice of Declarative Programming, 2009

Encoding information flow in Aura.

[BibT_eX]

[DOI]

Steve Zdancewic

Proceedings of the 2009 Workshop on Programming Languages and Analysis for Security, 2009

Formally Verifiable Networking.

[BibT_eX]

[DOI]

Proceedings of the Eight ACM Workshop on Hot Topics in Networks (HotNets-VIII), 2009

2008

AURA: a programming language for authorization and audit.

[BibT_eX]

[DOI]

Proceedings of the Proceeding of the 13th ACM SIGPLAN international conference on Functional programming, 2008

Evidence-Based Audit.

[BibT_eX]

[DOI]

Proceedings of the 21st IEEE Computer Security Foundations Symposium, 2008

2006

Expressing heap-shape contracts in linear logic.

[BibT_eX]

[DOI]

Frances Perry

Proceedings of the Generative Programming and Component Engineering, 2006

ILC: A Foundation for Automated Reasoning About Pointer Programs.

[BibT_eX]

[DOI]

Proceedings of the Programming Languages and Systems, 2006

2005

Certifying Compilation for a Language with Stack Allocation.

[BibT_eX]

[DOI]

Proceedings of the 20th IEEE Symposium on Logic in Computer Science (LICS 2005), 2005

2004

Modal Proofs as Distributed Programs (Extended Abstract).

[BibT_eX]

[DOI]

Proceedings of the Programming Languages and Systems, 2004

2003

Reasoning about Hierarchical Storage.

[BibT_eX]

[DOI]

Amal J. Ahmed