Publications
Refereed Conference Publications
- Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang, Pretty-Bad-Proxy: An Overlooked Adversary in Browsers’ HTTPS Deployments, in Proceedings of IEEE Symposium on Security and Privacy (Oakland), IEEE Computer Society, May 2009
- Shuo Chen, David Ross, and Yi-Min Wang, An Analysis of Browser Domain-Isolation Bugs and A Light-Weight Transparent Defense Mechanism, in Proceedings of ACM Conference on Computer and Communications Security (CCS), , Association for Computing Machinery, Inc., 31 October 2007
- Jose Brustoloni and Shuo Chen, Automatically Segregating Greedy and Malicious Internet Flows, in Proceedings of IEEE International Conference on Communications, IEEE Computer Society, June 2007
- Shuo Chen, Jose Meseguer, Ralf Sasse, Helen J. Wang, and Yi-Min Wang, A Systematic Approach to Uncover Security Flaws in GUI Logic, in Proceedings of IEEE Symposium on Security and Privacy (Oakland), IEEE Computer Society, May 2007
- Yi-Min Wang, Doug Beck, Xuxian Jiang, Roussi Roussev, Chad Verbowski, Shuo Chen, and Sam King, Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities, in Proceedings of Network and Distributed System Security (NDSS) Symposium, Internet Society, February 2006
- Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, and Ravishankar K. Iyer, Non-Control-Data Attacks Are Realistic Threats, in Proceedings of USENIX Security Symposium, USENIX, August 2005
- Shuo Chen, Jun Xu, Nithin Nakka, Zbigniew Kalbarczyk, and Ravishankar K. Iyer, Defeating Memory Corruption Attacks via Pointer Taintedness Detection, in Proceedings of IEEE International Conference on Dependable Systems and Networks , IEEE Computer Society, June 2005
- Shuo Chen, Jun Xu, Nithin Nakka, Zbigniew Kalbarczyk, and Ravishankar K. Iyer, Defeating Memory Corruption Attacks via Pointer Taintedness Detection, in Proceedings of IEEE International Conference on Dependable Systems and Networks , IEEE Computer Society, June 2005
- Shuo Chen, John Dunagan, Chad Verbowski, and Yi-Min Wang, A Black-Box Tracing Technique to Identify Causes of Least-Privilege Incompatibilities, in Proceedings of Network and Distributed System Security Symposium (NDSS), Internet Society, February 2005
- Shuo Chen, Karthik Pattabiraman, Zbigniew Kalbarczyk, and Ravishankar K. Iyer, Formal Reasoning of Various Categories of Widely Exploited Security Vulnerabilities Using Pointer Taintedness Semantics, in Proceedings of IFIP International Information Security Conference , August 2004
- Shuo Chen, Zbigniew Kalbarczyk, Jun Xu, and Ravishankar K. Iyer, A Data-Driven Finite State Machine Model for Analyzing Security Vulnerabilities, in IEEE International Conference on Dependable Systems and Networks , IEEE Computer Society, June 2003
- Shuo Chen, Jun Xu, Ravishankar K. Iyer, and Keith Whisnant, Modeling and Analyzing the Security Threat of Firewall Data Corruption Caused by Instruction Transient Errors, in IEEE International Conference on Dependable Systems and Networks , IEEE Computer Society, June 2002
- Jun Xu, Shuo Chen, Zbigniew Kalbarczyk, and Ravishankar K. Iyer, An Experimental Study of Security Vulnerabilities Caused by Errors, in IEEE International Conference on Dependable Systems and Networks, IEEE Computer Society, July 2001
Journal Publications
- Shuo Chen, Jun Xu, Zbigniew Kalbarczyk, and Ravishankar K. Iyer, Security Vulnerabilities: From Analysis to Detection and Masking Techniques (invited paper), in Proceedings of the IEEE, February 2006
- Shuo Chen, Jun Xu, Zbigniew Kalbarczyk, and Ravishankar K. Iyer, Modeling and Evaluating the Security Threats of Transient Errors in Firewall Software, in Performance Evaluation, Elsevier , March 2004
Ph.D. Dissertation
- Shuo Chen, Design for Security: Measurement, Analysis and Mitigation Techniques, December 2005
See my co-authors
