News
- Our client-side personalization work will appear in CHI.
- Early work on crowd-sourcing programs is now available.
- Some of our research on personalization and privacy has been highlighed at the Microsoft Research Faculty Summit.
- Two of our papers will be appearing at Usenix Security 2013. Our JavaScript analysis paper will appear at FSE. Both are in August.
- I am the chair for the New Ideas track for FSE 2013. Please submit!
- Our paper on Verifying Higher-order Programs with the Dijkstra Monad will be appearing at PLDI.
- Our paper on fully abstract compilation to JavaScript will be appearing at POPL.
- Our POPL papers have been posted.
- Next year I'll be on the PCs of ECOOP, PLDI (ERC), DIMVA, Oakland S&P, Usenix Security, WWW, and CAV.
- MoRePriv project page is up and a new TR is out.
- Our paper on Private Client-side Profiling with Random Forests and Hidden Markov Models will be appearing at PETS 2012.
- Our Rozzle paper has been accepted into Oakland S&P.
- Our paper on Bek is appearing at POPL 2012.
- I am on the PC of RV 2012, CCS 2012, and DIMVA 2012.
- Our new technical report on Bek and SIMD has been posted.
- Our POPL 2012 paper has been posted.
- This Fall, I am presenting at MIT, Harvard, Princeton, Brown, UMass Amherst, and a few other universities and labs. I will speak about our work in the malware detection space and our new focus on online privacy.
- I am on the PC of LEET, RAID, and W2SP 2012.
- Our CCS paper on ScriptGard is now out.
- Our technical report on Rozzle, a tool for de-cloaking internet malware is now out.
- The Summer School in Software Engineering and Verification in Moscow is now officially over.
- Next year I am on the WWW and Oakland S&P program committee.
- ScriptGard paper will be appearing in CCS 2011
- Bek and Zozzle papers appearing at Usenix Security are now posted.
- I've contributed two chapters to a recently released book published by Chapman & Hall
- I am a co-organizer of a workshop on Web Quality, Security, and Testing at FSE 2011
and International Workshop on Programming Language And Systems Technologies for Internet Clients(PLASTIC) at SPLASH 2011.
- RePriv gets profiled in press (MIT Technology Review and NewScientist).
- Our papers on Zozzle and BEK have been accepted into Usenix Security 2011, along with a paper at W2SP 2011.
- RePriv and Ibex papers appearing at Oakland are now posted.
- Our papers on RePriv and verified browser extensions have been accepted into Oakland Security 2011.
- The following technical reports have recently been released:
Zozzle,
Bek,
ScriptGard,
RePriv, and
secure browser extensions (project Ibex).
- This year I am on the PC of Oakland Security,
CCS,
W2SP,
and PLDI. Please consider submitting.
- Dagstuhl seminar proceedings have been added to the publications page
- Our JSMeter, JSZap, and Gulfsteram work gets presented at WebApps in Boston
- MIT Technology Review profiles ConScript
- Gulfstream, JSMeter, and JSZap papers being published at WebApps '10 are now available.
- I am teaching a course on Program Analysis for Software and Web Security at the UW this coming Spring. Please consider attending.
- ConScript paper is now available.
- Gulfstream, JSMeter, and JSZap papers have been accepted into WebApps '10.
- Please consider submitting to APLWACA, a workshop on Analysis and Programming Languages for Web Applications and Cloud Applications. The deadline is March 26, 2010.
- ConScript paper has been accepted to Oakland Security 2010.
- Gulfstream technical report describing an incremental static analysis for JavaScript is out.
- Long-awaited JSMeter technical report is out!
- Please consider submitting to OWASP AppSec Research 2010.
- Technical report on ConScript, browser-based JavaScript policy enforcement, has been released.
- An article about the Nozzle project has been released.
- I am co-chairing a workshop on Analysis and Programming Languages for Web Applications and Cloud Applications. Please consider submitting your papers.
- Ripley project has been profiled in an article from MIT Technology Review.
- This fall and winter I will be visiting the following fine institutions, talking about our work on web application performance and security:
- Berkeley
- Harvard
- MIT
- Stanford
- UBC
- UIUC
- University of Massachusetts Amherst
- University of Wisconsin
Email if you would like to meet with me.
- Doloto gets profiled in an MSR article.
- We've received some wonderful Doloto-related publicity: ArsTechnica, ZDNet, Microsoft DevDiv, Ajaxian, Steve Souders, James Hamilton, and others.
- Doloto is now externally availble as a DevLabs release.
- CatchAndRetry paper accepted to PLOS 2009.
- Ripley paper accepted to CCS 2009.
- Nozzle and Gatekeeper papers accepted to USENIX security 2009.
- A TR on Gatekeeper, a JavaScript analysis project is released.
- A paper on Merlin will appear in PLDI '09. TR for Merlin is released.
- Site redesign complete.
- TRs for Ripley and Nozzle are released.
- Doloto paper presented at FSE '08.
- Spectator paper presented at Usenix ATC '08.
- The Doloto project gets a separate page.
- My dissertation work presented as part of a keynote address at PEPM '08
- Some of my earlier work on LAPSE is profiled in a recent excellent Ajax Security book by Billy Hoffman and Bryan Sullivan.
- Volta is profiled on Channel 9 [1, 2].
- Volta CTP is released; check out the press and take it for a spin! Rotunda end-to-end profiling project is featured in eWeek. Also check out a GWT comparison.
- Volta has been announced at OOPSLA 2007.
- Spectator (JavaScript worm detection) project now has its own page.
- Ajax View (known academically as AjaxScope) is released externally and covered in a number of blogs
[1,2,3,4,5].
We also recently presented a paper on it at SOSP [1].
- TR on code splitting is now available. TR on JavaScript worm detection is now available.
- W2SP and PLAS papers are now available; see blog coverage.
- We recently presented Ajax View project at MIX'07. See these blogs for people's reactions.
We also got featured in an article at MSR site.
|