Publications – Cybersecurity and Systems Management Group, Microsoft Research-Redmond

 

·       New

o   Chad Verbowski, Emre Kıcıman, Brad Daniels, Arunvijary Kumar, Yi-Min Wang, Roussi Roussev, Shan Lu, Juhan Lee, “Flight Data Recorder: Always-on Tracing and Scalable Analysis of Persistent State Interactions to Improve Systems and Security Management,” in Proc. Seventh Symposium on Operating Systems Design and Implementation (OSDI), 2006

o   Samuel T. King, Peter M. Chen, Yi-Min Wang, Chad Verbowski, Helen J. Wang, Jacob R. Lorch, "SubVirt: Implementing malware with virtual machines", in Proc. IEEE Symp. on Security and Privacy (the Oakland Conference), May 2006.

 

·       Systems Management

 

·        Strider Configuration Management  and Troubleshooting

 

o   Chun Yuan, Ni Lao, Ji-Rong Wen, Jiwei Li, Zheng Zhang, Yi-Min Wang, Wei-Ying Ma, “Automated Known Problem Diagnosis with Event Traces,” in Proc. EuroSys, April 2006.

o   Helen J. Wang, John Platt, Yu Chen, Ruyun Zhang, and Yi-Min Wang, “Automatic Misconfiguration Troubleshooting with PeerPressure,” in Proc. Sixth Symposium on Operating Systems Design and Implementation (OSDI), December 2004

§  Helen J. Wang, John Platt, Yu Chen, Ruyun Zhang, and Yi-Min Wang, “PeerPressure: A Statistical Method for Automatic Misconfiguration TroubleshootingACM Sigmetrics Poster Paper, June 2004

o   Archana Ganapathi, Yi-Min Wang, Ni Lao, and Ji-Rong Wen, “Why PCs Are Fragile and What We Can Do About It: A Study of Windows Registry Problems,” in IEEE International Conference on Dependable Systems and Networks (DSN), June 2004

o   Yi-Min Wang, “Computer Genomics: Towards Self- Change and Configuration Management,” in Proc. SELF-STAR: International Workshop on Self-Star Properties in Complex Information Systems, May 2004

o   John Dunagan, Roussi Roussev, Brad Daniels, Aaron Johson, Chad Verbowski, and Yi-Min Wang, “Towards a Self-Managing Software Patching Process Using Black-Box Persistent-State Manifests,” in Proc. Int. Conf. Autonomic Computing (ICAC), May 2004

o   Emre Kiciman and Yi-Min Wang, “Discovering Correctness Constraints for Self-Management of System Configuration,” in Proc. Int. Conf. Autonomic Computing (ICAC), May 2004

o   Helen J. Wang, Yih-Chun Hu, Chun Yuan, Zheng Zhang, and Yi-Min Wang, “Friends Troubleshooting Network: Towards Privacy-Preserving, Automatic Troubleshooting,” in Proc. IPTPS, February 2004

o   Yi-Min Wang, Chad Verbowski, John Dunagan, Yu Chen, Yuan Chun, Helen J. Wang, and Zheng Zhang, “STRIDER: A Black-box, State-based Approach to Change and Configuration Management and Support,” in Proc. Large Installation System Administration (LISA) Conference, October 2003 (Best Paper Award)

§  Also published in Science of Computer Programming, Topics in System Administration, Volume 53, Issue 2, November 2004, pp. 143-164

o   Yi-Min Wang, Chad Verbowski, and Daniel R. Simon, “Persistent-state Checkpoint Comparison for Troubleshooting Configuration Failures,” in Proc. IEEE International Conference on Dependable Systems and Networks (DSN), June 2003

 

·        Flight Data Recorder

 

o   Chad Verbowski, Emre Kıcıman, Brad Daniels, Arunvijary Kumar, Yi-Min Wang, Roussi Roussev, Shan Lu, and Juhan Lee, “Flight Data Recorder: Always-on Tracing and Scalable Analysis of Persistent State Interactions to Improve Systems and Security Management,” in Proc. Seventh Symposium on Operating Systems Design and Implementation (OSDI), 2006

o   Chad Verbowski, Juhan Lee, Xiaogang Liu, Roussi Roussev, and Yi-Min Wang, “LiveOps: Systems Management as a Service,” in Proc. Large Installation System Administration (LISA) Conference, 2006

 

 

·       Cybersecurity

 

·        Strider Gatekeeper – Spyware Management

 

o   Yi-Min Wang, Roussi Roussev, Chad Verbowski, Aaron Johnson, Ming-Wei Wu, Yennun Huang, and Sy-Yen Kuo, “Gatekeeper: Monitoring Auto-Start Extensibility Points (ASEPs) for Spyware Management,” in Large Installation System Administration (LISA) Conference, November 2004

o   Yi-Min Wang, Roussi Roussev, Chad Verbowski, Aaron Johnson, and David Ladd, “AskStrider: What Has Changed on My Machine Lately?” Microsoft Research Technical Report MSR-TR-2004-03, Jan. 2004

 

·        Rootkits – Strider GhostBuster and Virtual Machine-Based Rootkits

 

o   Samuel T. King, Peter M. Chen, Yi-Min Wang, Chad Verbowski, Helen J. Wang, Jacob R. Lorch, "SubVirt: Implementing malware with virtual machines", to appear in Proc. IEEE Symp. on Security and Privacy, May 2006.

o   Yi-Min Wang and Doug Beck, “Fast User-Mode Rootkit Scanner for the Enterprise, in Proc. Large Installation System Administration (LISA) Conference, December 2005

o   Yi-Min Wang, Doug Beck, Binh Vo, Roussi Roussev, and Chad Verbowski, “Detecting Stealth Software with Strider GhostBuster,” in Proc. IEEE International Conference on Dependable Systems and Networks (DSN), June 2005

o   Yi-Min Wang, Binh Vo, Roussi Roussev, Chad Verbowski, and Aaron Johnson, “Strider GhostBuster: Why It’s A Bad Idea For Stealth Software To Hide Files,” Microsoft Research Technical Report MSR-TR-2004-71, July 2004

 

·        Strider HoneyMonkey – Exploit Detection

 

o   Yi-Min Wang, Doug Beck, Xuxian Jiang, Roussi Roussev, Chad Verbowski, Shuo Chen, and Sam King, “Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities,” in Proc. Network and Distributed System Security (NDSS) Symposium, February 2006

o   Yi-Min Wang; Doug Beck; Xuxian Jiang; Roussi Roussev, “Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities (preliminary version),” Microsoft Research Technical Report MSR-TR-2005-72, August 2005

 

·        Strider Security Access Check Tracer

 

o   Shuo Chen, John Dunagan, Chad Verbowski, and Yi-Min Wang, “A Black-Box Tracing Technique to Identify Causes of Least-Privilege Incompatibilities,” in Proc. Network and Distributed System Security Symposium (NDSS), February 2005

 

·        Strider Typo-Patrol

 

o   Yi-Min Wang, Doug Beck, Jeffrey Wang, Chad Verbowski, and Brad Daniels, “Strider Typo-Patrol: Discovery and Analysis of Systematic Typo-Squatting,” in Proc. Usenix SRUTI Workshop, July 2006.