Publications


  • Bypassing Memory Safety Mechanisms through Speculative Control Flow Hijacks. Andrea Mambretti, Alexandra Sandulescu, Alessandro Sorniotti, William Robertson, Engin Kirda, Anil Kurmus. To appear in Proceedings of the IEEE European Symposium on Security and Privacy (EuroSP). .
  • Evaluating Synthetic Bugs. Joshua Bundt, Andrew Fasano, Brendan Dolan-Gavitt, William Robertson, Tim Leek. To appear in Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIACCS). .
  • SoK: Enabling Security Analyses of Embedded Systems via Rehosting. Andrew Fasano, Tiemoko Ballo, Marius Muench, Tim Leek, Alexander Olienik, Brendan Dolan-Gavitt, Manuel Egele, Aurélien Francillon, Long Lu, Nick Gregory, Davide Balzarotti, William Robertson. To appear in Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIACCS). .
  • PyPANDA: Taming the PANDAmonium of Whole System Dynamic Analysis. Luke Craig, Andrew Fasano, Tiemoko Ballo, Tim Leek, Brendan Dolan-Gavitt, William Robertson. In Proceedings of the Workshop on Binary Analysis Research (BAR), co-located with NDSS. .
  • Cached and Confused: Web Cache Deception in the Wild. Seyed Ali Mirheidari, Sajjad Arshad, Kaan Onarlioglu, Bruno Crispo, Engin Kirda, William Robertson. In Proceedings of the USENIX Security Symposium. .
  • HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing. William Blair, Andrea Mambretti, Sajjad Arshad, Michael Weissbacher, William Robertson, Engin Kirda, Manuel Egele. In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS). .
  • Speculator: A Tool to Analyze Speculative Execution Attacks and Mitigations. Andrea Mambretti, Matthias Neugschwandtner, Alessandro Sorniotti, Engin Kirda, William Robertson, Anil Kurmus. In Proceedings of the Annual Computer Security Applications Conference (ACSAC). .
  • A Longitudinal Analysis of the ads.txt Standard. Muhammad Ahmad Bashir, Sajjad Arshad, Engin Kirda, William Robertson, Christo Wilson. In Proceedings of the Internet Measurement Conference (IMC). .
  • Getting Under Alexa’s Umbrella: Infiltration Attacks Against Internet Top Domain Lists. Walter Rweyemamu, Tobias Lauinger, Christo Wilson, William Robertson, Engin Kirda. In Proceedings of the International Conference on Information Security (ISC). .
  • USBESAFE: An End-Point Solution to Protect Against USB-Based Attacks. Amin Kharraz, Brandon Daley, Graham Baker, William Robertson, Engin Kirda. In Proceedings of the International Symposium on Research in Attacks, Intrusions, and Defenses (RAID). .