V.N. Venkatakrishnan

Home

Publications

Refereed Journal Publications

  1. Alcatraz: An Isolation Environment for Experimenting with Untrusted Software (with Zhenkai Liang, Weiqin Sun and R. Sekar). Accepted for ACM Transactions on Information and Systems Security (TISSEC) . To appear.
  2. Enhancing web browser security against malware extensions (with Mike Ter Louw and Jin Soon Lim ). Accepted for Journal in Computer Virology. ISSN: 1772-9890. Springer Paris. Link.

Refereed Conference Publications

  1. XSS-Guard: Precise Dynamic Detection of Cross-Site Scripting Attacks (with Prithvi Bisht ). Accepted for Fifth GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment (DIMVA'08), Paris, France, July 2008. To appear.
  2. Expanding Malware Defense by Securing Software Installations (with Weiqing Sun, R. Sekar and Zhenkai Liang ).Accepted for Fifth GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment (DIMVA'08), Paris, France, July 2008. To appear.
  3. Analysis of Hypertext Markup Isolation Techniques for XSS Prevention (with Mike Ter Louw and Prithvi Bisht). Accepted for Workshop on Web 2.0 Security and Privacy (W2SP), Oakland, California, May 2008.
  4. CMV: Automatic Verification of Complete Mediation for Java Virtual Machines (with A. Prasad Sistla, Michelle Zhou and Hilary Branske). Accepted for the 3rd ACM Symposium on Information, Computer and Communications Security (ASIACCS'08). Tokyo, Japan. March 2008. PDF(Acceptance rate: 32 out of 181 regular submissions, 18%).
  5. CANDID: Preventing SQL Injection Attacks Using Dynamic Candidate Evaluations (with Sruthi Bandhakavi, Prithvi Bisht and P. Madhusudan). 14th ACM Conference on Computer and Communications Security (CCS) Alexandria, Virginia, November 2007. PDF (Acceptance rate: 55 out of 303 Submissions, 18%).
  6. Extensible Web Browser Security (with Mike Ter-Louw and Jin Soon Lim). Fourth GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment (DIMVA'07), Luzerne, Switzerland, July 2007. PDF (Acceptance rate: 14 out of 57 submissions, 24.5%).
  7. A Comparative Study of Three Random Password Generators (with Michael Leonhard ). IEEE Conference on Information Technology (EIT'07), Chicago, IL, May 2007.
  8. Data Sandboxing: A Technique for Enforcing Confidentiality Policies (with T. Khatiwala and R. Swaminathan). (22nd Annual ACSA Computer Applications Security Conference (ACSAC)) , Miami, FL, December 2006. PDF. (Acceptance rate: 32 out of 135 submissions, 26.5%).
  9. Provably Correct Runtime Enforcement of Non-interference Policies (with W. Xu, D.C. DuVarney and R. Sekar). (8th International Conference on Information and Communications Security (ICICS)) , Raleigh, NC, Decemeber 2006.PDF. (Acceptance rate: 40 out of 122 submissions, 32%).
  10. SUEZ: A Distributed Safe Execution Environment for System Administration Trials (with D. Sim). (20th USENIX System Administration Conference (LISA '06)), Washington D.C., December 2006. PDF.
  11. On Supporting Active User Feedback in P3P (with W. Xu and R. Sharda). 2nd Workshop on Secure Knowledge Management (SKM '06) , New York, September 2006. PDF.
  12. A framework for Privacy-concious Composite Web-based Services (with W. Xu, R. Sekar and I.V. Ramakrishnan). International Conference on Web Services (ICWS '06) (Application Services track), Chicago, IL, September 2006. PDF. (Acceptance rate: 17%).
  13. Programming language based analysis for lifting to an operating system's access control model (with Jon. Solworth). 2nd ECOOP Workshop on Programming Languages and Operating Systems (PLOS '05), Glasgow, UK, July 2005. PDF.
  14. An approach for realizing privacy preserving web-based services (with Wei Xu and R. Sekar and I.V. Ramakrishnan ). 14th international conference on World Wide Web, (WWW '05), (Special interest tracks and posters) Chiba, Japan, May 2005. PDF.
  15. A Secure Composition Framework for Trustworthy Personal Information Assistants (with Wei Xu and I.V. Ramakrishnan and R. Sekar ). IEEE conference on Integration of Knowledge Intensive Multi-Agent Systems (KIMAS '05) Waltham, April 2005 . PDF.
  16. One-way Isolation: An efficient approach for realizing safe execution environments (with Weiqin Sun and Zhenkai Liang and R. Sekar). 12th Network and Distributed Systems Security (NDSS '05) , San Diego, February 2005. PDF. (Acceptance rate: 13%).
  17. Enforcement techniques for expressive security policies. Ph.D Thesis. Department of Computer Science, Stony Brook University. December 2004.
  18. Isolated Program Execution: An application transparent approach for executing untrusted programs (with Zhenkai Liang and R. Sekar). 19th Annual Computer Application Security Conference (ACSAC 03), Las Vegas, December 2003. PDF Best Paper Award!!
  19. Model Carrying Code: A practical approach for safe execution of untrusted applications (with R. Sekar, Samik Basu, Sandeep Bhatkar and Daniel C. DuVarney). 19th ACM Symposium on Operating System Principles (SOSP 03), Bolton Landing, New York, October 2003. PDF. (Acceptance rate: 17%).
  20. SELF: A transparent security extension for ELF binaries (with Sandeep Bhatkar, Daniel C. DuVarney). 12th New Security Paradigms Workshop (NSPW 03), Ascona, Switzerland, August 2003. PDF. (Acceptance rate: 13 out of 43 submissions: 30%).
  21. An approach for secure software installation (with R.Sekar, Tapan Kamat, Sophia Tsipa and Zhenkai Liang). 16th USENIX System Administration Conference (LISA 02), Philadelphia, November 2002. PDF.
  22. Empowering mobile code using expressive security policies (with Ram Peri and R. Sekar). 11th ACM New Security Paradigms Workshop (NSPW 02), Virginia beach, 2002. PDF.
  23. XMC: A logic programming-based verification toolset (with C.R. Ramakrishnan, I.V. Ramakrishnan, Scott A. Smolka, Yifei Dong, Xiaoqun Du and Abhik Roychoudhury). 12th International conference on Computer Aided Verification (CAV 00), Chicago, Illinois, June 2000. PDF.
  24. QoS tradeoffs using partially reliable application-oriented transport protocol for multimedia applications over IP (with Songbin Wei and Vassillis Tsaoussidis). 3rd IEEE Conference in Computational Intelligence and Multimedia Applications (ICCIMA 99), New Delhi, India, September 1999. PDF.

Publications Under Review

  1. Alcatraz: A Virtual Environment for Experimenting with Untrustworthy Software (with W. Sun and Z. Liang and R.Sekar). Under preparation/review. Available on request.

Other publications

  1. A program analysis/transformation approach for enforcing information flow properties. Technical report. Department of Computer Science, SUNY at Stony Brook, May 2004. Available on request.
  2. Recent approaches to ensure safe execution of untrusted code. Technical report. Department of Computer Science, SUNY at Stony Brook, August 2001. Available on request.
  3. Java Stack Inspection: Eager evaluation revisited (with D. Dhurjati , R. Peri and G. Srikumar . . Technical Report. Department of Computer Scince, SUNY at Stony Brook, December 2001. Available on request.

News

Chicago has a lot of nice restaurants. See where I have eaten lately!

Resources for biking in Chicago.

Content
©Copyright
V.N. Venkatakrishnan