Michael E. Locasto

Affiliations:
  • Columbia University, New York City, USA


According to our database1, Michael E. Locasto authored at least 86 papers between 2003 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
The HTTP Garden: Discovering Parsing Vulnerabilities in HTTP/1.1 Implementations by Differential Fuzzing of Request Streams.
CoRR, 2024

Weird Machines in Package Managers: A Case Study of Input Language Complexity and Emergent Execution in Software Systems.
Proceedings of the IEEE Security and Privacy, 2024

2023
PolyDoc: Surveying PDF Files from the PolySwarm network.
Proceedings of the 2023 IEEE Security and Privacy Workshops (SPW), 2023

2022
A Format-Aware Reducer for Scriptable Rewriting of PDF Files.
Proceedings of the 43rd IEEE Security and Privacy, 2022

2021
A Communications Validity Detector for SCADA Networks.
Proceedings of the Critical Infrastructure Protection XV, 2021

2020
IoTHound: environment-agnostic device identification and monitoring.
Proceedings of the IoT '20: 10th International Conference on the Internet of Things, 2020

2019
Converting an Electric Power Utility Network to Defend Against Crafted Inputs.
Proceedings of the Critical Infrastructure Protection XIII, 2019

2018
Integrating Hands-on Cybersecurity Exercises into the Curriculum in 2018: (Abstract Only).
Proceedings of the 49th ACM Technical Symposium on Computer Science Education, 2018

Risks and Benefits of Side-Channels in Battlefields.
Proceedings of the 21st International Conference on Information Fusion, 2018

2017
Curing the Vulnerable Parser: Design Patterns for Secure Input Handling.
login Usenix Mag., 2017

Cybersecurity Education and Assessment in EDURange.
IEEE Secur. Priv., 2017

Live Lesson: The EDURange Framework and a Movie-themed Exercise in Network Reconnaissance.
Proceedings of the 2017 USENIX Workshop on Advances in Security Education, 2017

Building Hardened Internet-of-Things Clients with Language-Theoretic Security.
Proceedings of the 2017 IEEE Security and Privacy Workshops, 2017

Building and Supporting a Community of CS Educators Teaching Cybersecurity in 2017 (Abstract Only).
Proceedings of the 2017 ACM SIGCSE Technical Symposium on Computer Science Education, 2017

Hands-on Cybersecurity Exercises That are Easy to Access and Assess (Abstract Only).
Proceedings of the 2017 ACM SIGCSE Technical Symposium on Computer Science Education, 2017

Jumping the Air Gap: Modeling Cyber-Physical Attack Paths in the Internet-of-Things.
Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, 2017

2016
Finding the Balance Between Guidance and Independence in Cybersecurity Exercises.
Proceedings of the 2016 USENIX Workshop on Advances in Security Education (ASE 16), 2016

In Search of Shotgun Parsers in Android Applications.
Proceedings of the 2016 IEEE Security and Privacy Workshops, 2016

A Reflective Approach to Assessing Student Performance in Cybersecurity Exercises.
Proceedings of the 47th ACM Technical Symposium on Computing Science Education, 2016

A Survey of Ethical Agreements in Information Security Courses.
Proceedings of the 47th ACM Technical Symposium on Computing Science Education, 2016

Assessment of Security Knowledge, Skills and Abilities using Hands-On Exercises in 2016 (Abstract Only).
Proceedings of the 47th ACM Technical Symposium on Computing Science Education, 2016

2015
Teaching Security Using Hands-on Exercises in 2015 (Abstract Only).
Proceedings of the 46th ACM Technical Symposium on Computer Science Education, 2015

Teaching Cybersecurity Analysis Skills in the Cloud.
Proceedings of the 46th ACM Technical Symposium on Computer Science Education, 2015

2014
Why Wassenaar Arrangement's Definitions of "Intrusion Software" and "Controlled Items" Put Security Research and Defense At Risk.
login Usenix Mag., 2014

Why Offensive Security Needs Engineering Textbooks: Or, How to Avoid a Replay of "Crypto Wars" in Security Research.
login Usenix Mag., 2014

Beyond Planted Bugs in "Trusting Trust": The Input-Processing Frontier.
IEEE Secur. Priv., 2014

An Experience Report on Extracting and Viewing Memory Events via Wireshark.
Proceedings of the 8th USENIX Workshop on Offensive Technologies, 2014

EDURange: Meeting the Pedagogical Challenges of Student Participation in Cybertraining Environments.
Proceedings of the 7th Workshop on Cyber Security Experimentation and Test, 2014

Hands-on cybersecurity exercises in the EDURange framework (abstract only).
Proceedings of the 45th ACM Technical Symposium on Computer Science Education, 2014

Teaching security using hands-on exercises (abstract only).
Proceedings of the 45th ACM Technical Symposium on Computer Science Education, 2014

Verifying security patches.
Proceedings of the 2014 International Workshop on Privacy & Security in Programming, 2014

Panel Summary: The Future of Software Regulation.
Proceedings of the 2014 workshop on New Security Paradigms Workshop, 2014

'Weird Machine' Patterns.
Proceedings of the Cyberpatterns, 2014

2013
Security Applications of Formal Language Theory.
IEEE Syst. J., 2013

Hands-on cybersecurity exercises and the rave virtual environment (abstract only).
Proceedings of the 44th ACM Technical Symposium on Computer Science Education, 2013

Teaching security using hands-on exercises (abstract only).
Proceedings of the 44th ACM Technical Symposium on Computer Science Education, 2013

2012
Intrusion detection for resource-constrained embedded control systems in the power grid.
Int. J. Crit. Infrastructure Prot., 2012

Software Diversity: Security, Entropy and Game Theory.
Proceedings of the 7th USENIX Workshop on Hot Topics in Security, 2012

Hacking and the security curriculum: building community (abstract only).
Proceedings of the 43rd ACM technical symposium on Computer science education, 2012

Identifying effective pedagogical practices for commenting computer source code (abstract only).
Proceedings of the 43rd ACM technical symposium on Computer science education, 2012

// TODO: Help students improve commenting practices.
Proceedings of the IEEE Frontiers in Education Conference, 2012

LoSt: location based storage.
Proceedings of the 2012 ACM Workshop on Cloud computing security, 2012

Babel: a secure computer is a polyglot.
Proceedings of the 2012 ACM Workshop on Cloud computing security, 2012

2011
CPU Denial of Service.
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

Exploit Programming: From Buffer Overflows to "Weird Machines" and Theory of Computation.
login Usenix Mag., 2011

A Failure-Based Discipline of Trustworthy Information Systems.
IEEE Secur. Priv., 2011

The ephemeral legion: producing an expert cyber-security work force from thin air.
Commun. ACM, 2011

Security and privacy considerations in digital death.
Proceedings of the 2011 New Security Paradigms Workshop, 2011

Using Active Intrusion Detection to Recover Network Trust.
Proceedings of the Past, 2011

Lightweight Intrusion Detection for Resource-Constrained Embedded Control Systems.
Proceedings of the Critical Infrastructure Protection V, 2011

2010
On the General Applicability of Instruction-Set Randomization.
IEEE Trans. Dependable Secur. Comput., 2010

On the infeasibility of modeling polymorphic shellcode - Re-thinking the role of learning in intrusion detection systems.
Mach. Learn., 2010

Katana: Towards Patching as a Runtime Part of the Compiler-Linker-Loader Toolchain.
Int. J. Secur. Softw. Eng., 2010

SegSlice: Towards a New Class of Secure Programming Primitives for Trustworthy Platforms.
Proceedings of the Trust and Trustworthy Computing, Third International Conference, 2010

Teaching the principles of the hacker curriculum to undergraduates.
Proceedings of the 41st ACM technical symposium on Computer science education, 2010

VM-based security overkill: a lament for applied systems security research.
Proceedings of the 2010 Workshop on New Security Paradigms, 2010

Katana: A Hot Patching Framework for ELF Executables.
Proceedings of the ARES 2010, 2010

2009
Bickering In-Depth: Rethinking the Composition of Competing Security Systems.
IEEE Secur. Priv., 2009

Helping Students 0wn Their Own Code.
IEEE Secur. Priv., 2009

Dartmouth Internet Security Testbed (DIST): Building a Campus-wide Wireless Testbed.
Proceedings of the 2nd Workshop on Cyber Security Experimentation and Test, 2009

Adaptive Anomaly Detection via Self-calibration and Dynamic Updating.
Proceedings of the Recent Advances in Intrusion Detection, 12th International Symposium, 2009

Pushing Boulders Uphill: The Difficulty of Network Intrusion Recovery.
Proceedings of the 23rd Large Installation System Administration Conference, 2009

Keep your friends close: the necessity for updating an anomaly sensor with legitimate environment changes.
Proceedings of the 2nd ACM Workshop on Security and Artificial Intelligence, 2009

The cake is a lie: privilege rings as a policy resource.
Proceedings of the 1st ACM Workshop on Virtual Machine Security, 2009

2008
The Hidden Difficulties of Watching and Rebuilding Networks.
IEEE Secur. Priv., 2008

Casting out Demons: Sanitizing Training Data for Anomaly Sensors.
Proceedings of the 2008 IEEE Symposium on Security and Privacy (SP 2008), 2008

Return Value Predictability Profiles for Self-healing.
Proceedings of the Advances in Information and Computer Security, 2008

Online Network Forensics for Automatic Repair Validation.
Proceedings of the Advances in Information and Computer Security, 2008

Traps, events, emulation, and enforcement: managing the yin and yang of virtualization-based security.
Proceedings of the 1st ACM Workshop on Virtual Machine Security, 2008

Pushback for Overlay Networks: Protecting Against Malicious Insiders.
Proceedings of the Applied Cryptography and Network Security, 6th International Conference, 2008

2007
From STEM to SEAD: Speculative Execution for Automated Defense.
Proceedings of the 2007 USENIX Annual Technical Conference, 2007

ShieldGen: Automatic Data Patch Generation for Unknown Vulnerabilities with Informed Probing.
Proceedings of the 2007 IEEE Symposium on Security and Privacy (S&P 2007), 2007

The future of biologically-inspired security: is there anything left to learn?
Proceedings of the 2007 Workshop on New Security Paradigms, White Mountain Hotel and Resort, New Hampshire, USA, 2007

Self-healing: science, engineering, and fiction.
Proceedings of the 2007 Workshop on New Security Paradigms, White Mountain Hotel and Resort, New Hampshire, USA, 2007

On the infeasibility of modeling polymorphic shellcode.
Proceedings of the 2007 ACM Conference on Computer and Communications Security, 2007

SSARES: Secure Searchable Automated Remote Email Storage.
Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC 2007), 2007

2006
Dark application communities.
Proceedings of the New Security Paradigms Workshop 2006, 2006

Software Self-Healing Using Collaborative Application Communities.
Proceedings of the Network and Distributed System Security Symposium, 2006

W3Bcrypt: Encryption as a Stylesheet.
Proceedings of the Applied Cryptography and Network Security, 4th International Conference, 2006

2005
Hardware support for self-healing software services.
SIGARCH Comput. Archit. News, 2005

Building a Reactive Immune System for Software Services.
Proceedings of the 2005 USENIX Annual Technical Conference, 2005

FLIPS: Hybrid Adaptive Intrusion Prevention.
Proceedings of the Recent Advances in Intrusion Detection, 8th International Symposium, 2005

Speculative virtual verification: policy-constrained speculative execution.
Proceedings of the New Security Paradigms Workshop 2005, 2005

Highlights from the 2005 New Security Paradigms Workshop.
Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC 2005), 2005

2004
CamouflageFS: Increasing the Effective Key Length in Cryptographic Filesystems on the Cheap.
Proceedings of the Applied Cryptography and Network Security, 2004

2003
Using the web to enhance and transform education.
ACM Crossroads, 2003


  Loading...