Xinming Ou

Orcid: 0009-0007-2501-7991

According to our database1, Xinming Ou authored at least 69 papers between 2000 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

On csauthors.net:

Bibliography

2024
The Impact of Train-Test Leakage on Machine Learning-based Android Malware Detection.
CoRR, 2024

A Preliminary Study on Using Large Language Models in Software Pentesting.
CoRR, 2024

ACM CCS 2024 Doctoral Symposium.
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024

Using LLM Embeddings with Similarity Search for Botnet TLS Certificate Detection.
Proceedings of the 2024 Workshop on Artificial Intelligence and Security, 2024

2023
Towards Optimal Triage and Mitigation of Context-Sensitive Cyber Vulnerabilities.
IEEE Trans. Dependable Secur. Comput., 2023

Revealing Human Attacker Behaviors Using an Adaptive Internet of Things Honeypot Ecosystem.
Proceedings of the Advances in Digital Forensics XIX, 2023

Security Analysis of Trust on the Controller in the Matter Protocol Specification.
Proceedings of the IEEE Conference on Communications and Network Security, 2023

2021
What are Attackers after on IoT Devices? An approach based on a multi-phased multi-faceted IoT honeypot ecosystem and data clustering.
CoRR, 2021

An Analysis of the Role of Situated Learning in Starting a Security Culture in a Software Company.
Proceedings of the Seventeenth Symposium on Usable Privacy and Security, 2021

2020
A First Step Towards Understanding Real-world Attacks on IoT Devices.
CoRR, 2020

An Ethnographic Understanding of Software (In)Security and a Co-Creation Model to Improve Secure Software Development.
Proceedings of the Sixteenth Symposium on Usable Privacy and Security, 2020

GPU-Based Static Data-Flow Analysis for Fast and Scalable Android App Vetting.
Proceedings of the 2020 IEEE International Parallel and Distributed Processing Symposium (IPDPS), 2020

Hybrid Analysis of Android Apps for Security Vetting using Deep Learning.
Proceedings of the 8th IEEE Conference on Communications and Network Security, 2020

A Multi-phased Multi-faceted IoT Honeypot Ecosystem.
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

2019
Topology-Aware Hashing for Effective Control Flow Graph Similarity Analysis.
Proceedings of the Security and Privacy in Communication Networks, 2019

2018
Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps.
ACM Trans. Priv. Secur., 2018

A Population-Based Incremental Learning Approach to Network Hardening.
Proceedings of the New Trends in Intelligent Software Methodologies, Tools and Techniques, 2018

InstaGuard: Instantly Deployable Hot-patches for Vulnerable System Programs on Android.
Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018

JN-SAF: Precise and Efficient NDK/JNI-aware Inter-language Static Analysis Framework for Security Vetting of Android Applications with Native Code.
Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018

2017
Humans Are Dynamic - Our Tools Should Be Too.
IEEE Internet Comput., 2017

Android Malware Clustering Through Malicious Payload Mining.
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2017

Enhanced Security of Building Automation Systems Through Microkernel-Based Controller Platforms.
Proceedings of the 37th IEEE International Conference on Distributed Computing Systems Workshops, 2017

MTD CBITS: Moving Target Defense for Cloud-Based IT Systems.
Proceedings of the Computer Security - ESORICS 2017, 2017

Deep Ground Truth Analysis of Current Android Malware.
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2017

MTD 2017: Fourth ACM Workshop on Moving Target Defense (MTD).
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

Android Malware Detection with Weak Ground Truth Data.
Proceedings of the Thirty-First AAAI Conference on Artificial Intelligence, 2017

2016
Security Optimization of Dynamic Networks with Probabilistic Graph Modeling and Linear Programming.
IEEE Trans. Dependable Secur. Comput., 2016

Turning Contradictions into Innovations or: How We Learned to Stop Whining and Improve Security Operations.
Proceedings of the Twelfth Symposium on Usable Privacy and Security, 2016

A Bottom-Up Approach to Applying Graphical Models in Security Analysis.
Proceedings of the Graphical Models for Security - Third International Workshop, 2016

2015
Predicting Cyber Risks through National Vulnerability Database.
Inf. Secur. J. A Glob. Perspect., 2015

A Human Capital Model for Mitigating Security Analyst Burnout.
Proceedings of the Eleventh Symposium On Usable Privacy and Security, 2015

Assessing Attack Surface with Component-Based Package Dependency.
Proceedings of the Network and System Security - 9th International Conference, 2015

Practical Always-on Taint Tracking on Mobile Devices.
Proceedings of the 15th Workshop on Hot Topics in Operating Systems, 2015

A Theory of Cyber Attacks: A Step Towards Analyzing MTD Systems.
Proceedings of the Second ACM Workshop on Moving Target Defense, 2015

Secure RTOS Architecture for Building Automation.
Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy, 2015

Experimental Study with Real-world Data for Android App Security Analysis using Machine Learning.
Proceedings of the 31st Annual Computer Security Applications Conference, 2015

2014
Metrics of Security.
Proceedings of the Cyber Defense and Situational Awareness, 2014

An Anthropological Approach to Studying CSIRTs.
IEEE Secur. Priv., 2014

Compiling Abstract Specifications into Concrete Systems - Bringing Order to the Cloud.
Proceedings of the 28th Large Installation System Administration Conference, 2014

A model for analyzing the effect of moving target defenses on enterprise networks.
Proceedings of the Cyber and Information Security Research Conference, 2014

Towards a Theory of Moving Target Defense.
Proceedings of the First ACM Workshop on Moving Target Defense, 2014

After we knew it: empirical study and modeling of cost-effectiveness of exploiting prevalent known vulnerabilities across IaaS cloud.
Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, 2014

2013
Aggregating vulnerability metrics in enterprise networks using attack graphs.
J. Comput. Secur., 2013

Aiding Intrusion Analysis Using Machine Learning.
Proceedings of the 12th International Conference on Machine Learning and Applications, 2013

Mission-oriented moving target defense based on cryptographically strong network dynamics.
Proceedings of the Cyber Security and Information Intelligence, 2013

2012
A Certificate Infrastructure for Machine-Checked Proofs of Conditional Information Flow.
Proceedings of the Principles of Security and Trust - First International Conference, 2012

Classification of UDP Traffic for DDoS Detection.
Proceedings of the 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2012

Investigative response modeling and predictive data collection.
Proceedings of the 2012 eCrime Researchers Summit, 2012

2011
Quantitative Security Risk Assessment of Enterprise Networks.
Springer Briefs in Computer Science, Springer, ISBN: 978-1-4614-1860-3, 2011

Effective Network Vulnerability Assessment through Model Abstraction.
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2011

An Empirical Study on Using the National Vulnerability Database to Predict Software Vulnerabilities.
Proceedings of the Database and Expert Systems Applications, 2011

Model-driven, Moving-Target Defense for Enterprise Network Security.
Proceedings of the Models@run.time - Foundations, Applications, and Roadmaps [Dagstuhl Seminar 11481, November 27, 2011

Prioritizing intrusion analysis using Dempster-Shafer theory.
Proceedings of the 4th ACM Workshop on Security and Artificial Intelligence, 2011

Distilling critical attack graph surface iteratively through minimum-cost SAT solving.
Proceedings of the Twenty-Seventh Annual Computer Security Applications Conference, 2011

2010
Uncertainty and Risk Management in Cyber Situational Awareness.
Proceedings of the Cyber Situational Awareness - Issues and Research, 2010

Cyber SA: Situational Awareness for Cyber Defense.
Proceedings of the Cyber Situational Awareness - Issues and Research, 2010

Using Bayesian networks for cyber security analysis.
Proceedings of the 2010 IEEE/IFIP International Conference on Dependable Systems and Networks, 2010

2009
SAT-solving approaches to context-aware enterprise network security management.
IEEE J. Sel. Areas Commun., 2009

Techniques for enterprise network security metrics.
Proceedings of the Fifth Cyber Security and Information Intelligence Research Workshop, 2009

An Empirical Approach to Modeling Uncertainty in Intrusion Analysis.
Proceedings of the Twenty-Fifth Annual Computer Security Applications Conference, 2009

2008
Improving Attack Graph Visualization through Data Reduction and Attack Grouping.
Proceedings of the 5th International Workshop on Visualization for Computer Security, 2008

Identifying Critical Attack Assets in Dependency Attack Graphs.
Proceedings of the Computer Security, 2008

2006
A scalable approach to attack graph generation.
Proceedings of the 13th ACM Conference on Computer and Communications Security, 2006

2005
MulVAL: A Logic-based Network Security Analyzer.
Proceedings of the 14th USENIX Security Symposium, Baltimore, MD, USA, July 31, 2005

A Two-Tier Technique for Supporting Quantifiers in a Lazily Proof-Explicating Theorem Prover.
Proceedings of the Tools and Algorithms for the Construction and Analysis of Systems, 2005

2004
Dynamic Typing with Dependent Types.
Proceedings of the Exploring New Frontiers of Theoretical Informatics, 2004

2003
Theorem Proving Using Lazy Proof Explication.
Proceedings of the Computer Aided Verification, 15th International Conference, 2003

2000
An Effective File Migration Algorithm in Cluster File Systems.
Proceedings of the 2000 International Workshop on Parallel Processing, 2000

Design of an I/O Balancing File System on Web Server Clusters.
Proceedings of the 2000 International Workshop on Parallel Processing, 2000


  Loading...