|Present||Assistant Professor, Wright State University ‐ Computer Science and Engineering|
Russ Engineering Ctr 303
3640 Colonel Glenn Hwy
Dayton, OH 45435-0001
UChecker: Automatically Detecting PHP-Based Unrestricted File Upload Vulnerabilities
Proceedings - 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2019 (2019)
Unrestricted file upload vulnerabilities enable attackers to upload and execute malicious scripts in web servers. We have built a system, ...
Probabilistically Inferring Attack Ramifications Using Temporal Dependence Network
IEEE Transactions on Information Forensics and Security (2018)
There is an increasing need of assessing and mitigating the effects of successful attacks. Uncovering malicious and contaminated objects in ...
Analyzing HTTP-Based Information Exfiltration of Malicious Android Applications
Proceedings - 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications and 12th IEEE International Conference on Big Data Science and Engineering, Trustcom/BigDataSE 2018 (2018)
Exfiltrating sensitive information from smartphones has become one of the most significant security threats. We have built a system to ...
Detecting Suspicious Members in an Online Emotional Support Service
Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST (2018)
Social Informatics and Telecommunications Engineering 2018. Online emotional support systems provide free support to individuals who experience stress, anxiety, and ...
Vulnerability Assessment for Unmanned Systems Autonomy Services Architecture
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2018)
Unmanned Systems Autonomy Services (UxAS) is a set of networked software modules that collaboratively automate mission-level decision making for unmanned ...
Tracking You Through DNS Traffic: Linking User Sessions by Clustering ...
MSWiM 2017 - Proceedings of the 20th ACM International Conference on Modeling, Analysis and Simulation of Wireless and Mobile Systems (2017)
The Domain Name System (DNS), which does not encrypt domain names such as "bank.us" and "dentalcare.com", commonly accurately reflects the ...
Mission-Aware Vulnerability Assessment for Cyber-Physical Systems
Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015 (2015)
Designing secure cyber-physical systems (CPS) is fundamentally important and performing vulnerability assessment becomes indispensable. In this paper, we discuss our ...
You Are How You Query: Deriving Behavioral Fingerprints From DNS ...
Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST (2015)
As the Domain Name System (DNS) plays an indispensable role in a large number of network applications including those used ...