[Back to main page]

Here you may find some of my conference papers, journal papers, books and book chapters, technical reports, IETF Drafts, and patents. Comments are most welcome.

Refereed Papers

ShadowCrypt: Encrypted Web Applications for Everyone
Warren He, Devdatta Akhawe, Sumeet Jain, Elaine Shi, Dawn Song. 21st ACM Conference on Computer and Communications Security (CCS). November 2014.

Code-Pointer Integrity
Volodymyr Kuznetsov, László Szekeres, Mathias Payer, George Candea, R. Sekar, Dawn Song. 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI), page(s): 147-164. October 2014.

Clickjacking Revisited: A Perceptual View of UI Security
Devdatta Akhawe, Warren He, Zhiwei Li, Reza Moazzezi, Dawn Song. Proceedings of the 8th USENIX Workshop on Offensive Technologies (WOOT 14), August 2014.

The Emperor’s New Password Manager: Security Analysis of Web-Based Password Managers.
Zhiwei Li, Warren He, Devdatta Akhawe, Dawn Song. Proceedings of the 23rd USENIX Security Symposium, page(s): 465-479. August 2014.

Data-Confined HTML 5 Applications.
Devdatta Akhawe, Frank Li, Warren He, Prateek Saxena, Dawn Song. Proceedings of ESORICS, page(s): 736-754. September 2013
Blitz: Compositional Bounded Model Checking for Real-World Programs.
Chi Yuan Cho, Vijay D'Silva and Dawn Song. Proceedings of the IEEE/ACM International Conference on Automated Software Engineering (ASE), November 2013.

Phantom: Practical oblivious computation in a secure processor.
Martin Maas, Eric Love, Emil Stefanov, Mohit Tiwari, Elaine Shi, Krste Asanovic, John Kubiatowicz, and Dawn Song. Proceedings of ACM CCS, November 2013.

Hi-CFG: Construction by binary analysis and application to attack polymorphism..
Dan Caselden, Alex Bazhanyuk, Mathias Payer, Stephen McCamant, and Dawn Song. Proceedings of ESORICS, page(s): 164-181. September 2013.
Safe: Secure Authentication With Face and Eyes.
Arman Boehm, Dongqu Chen, Mario Frank, Ling Huang, Cynthia Kuo, Tihomir Lolic, Ivan Martinovic, Dawn Song. Proceedings of International Conference on Security and Privacy in Mobile Information and Communication Systems**June 2013.
Practical Control Flow Integrity & Randomization for Binary Executables .
Chao Zhang, Tao Wei, Zhaofeng Chen , Lei Duan , Stephen McCamant , László Szekeres, Dawn Song, and Wei Zou. Proceedings of IEEE Symposium on Security and Privacy. page(s): 559-573. May 2013.

SoK: Eternal War in Memory.
László Szekeres, Mathias Payerz, Tao Wei, and Dawn Song. Proceedings of IEEE Symposium on Security and Privacy, page(s): 48-62. May 2013.

NetworkProfiler: Towards Automatic Fingerprinting of Android Apps.
Shuaifu Dai, Alok Tongaonkary, Xiaoyin Wang, Antonio Nucci, and Dawn Song. Proceedings of the 32nd IEEE International Conference on Computer Communications, (INFOCOM), page(s): 809-817. April 2013.

Preserving Link Privacy in Social Network Based Systems.
Prateek Mittal, Charalampos Papamanthou, Dawn Song. Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS). February 2013.

Contextual Policy Enforcement in Android Applications with Permission Event Graphs
Kevin Zhijie Chen, Noah Johnson, Vijay D’Silvay, Shuaifu Dai, Kyle MacNamara, Tom Magrino, Edward Wu, Martin Rinard, and Dawn Song. Proceedings of the 19th Annual Network & Distributed System Security Symposium (NDSS). February 2013.

Understanding mobile app usage patterns using in-app advertisements.
Alok Tongaonkar, Shuaifu Dai, Antonio Nucci, and Dawn Song. Proceedings of Passive and Active Measurement, page(s): 63-72, January 2013.

Mining Permission Request Patterns from Android and Facebook Applications.
Mario Frank, Ben Dong, Adrienne Porter Felt, Dawn Song. Proceedings of the IEEE International Conference on Data Mining (ICDM), page(s): 870-875. December 2012.
Evolution of Social-Attribute Networks: Measurements, Modeling, and Implications using Google+
Neil Zhenqiang Gong, Wenchang Xu, Ling Huang, Prateek Mittal, Emil Stefanov, Vyas Sekar and Dawn Song. ACM/USENIX Internet Measurement Conference (IMC), page(s): 131-144. November 2012.

Optimal Lower Bound for Differentially Private Multi-Party Aggregation.
Hubert Chan, Elaine Shi, and Dawn Song. Proceedings of the European Symposium on Algorithms (ESA), page(s): 277-288. September 2012.

On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces
Ivan Martinovic, Doug Davies, Mario Frank, and Daniele Perito, Tomas Ros, Dawn Song. Proceedings of 21st USENIX Security Symposium, page(s): 34-50. August 2012.

Privilege Separation in HTML5 Applications
Devdatta Akhawe, Prateek Saxena, and Dawn Song. Proceedings of 21st USENIX Security Symposium, page(s): 23-39. August 2012.

Context-Centric Security
Hilfi Alkaff, Krste Asanovi, Eric Love, Prashanth Mohan, Andrew Osheroff, Mohit Tiwari, Elaine Shi, and Dawn Song. Proceedings of the 7th USENIX Workshop on Hot Topics in Security (HotSec), page(s): 62-81. August 2012.

Jointly Predicting Links and Inferring Attributes using a Social-Attribute Network (SAN)
Neil Zhenqiang Gong, Ameet Talwalkar, Lester Mackey, Ling Huang, Eui Chul Richard Shin, Emil Stefanov, Elaine (Runting) Shi, Dawn Song. Proceedings of The 6th Social Network Mining and Analysis Workshop (SNA-KDD), August 2012.

Juxtapp: A Scalable System for Detecting Code Reuse Among Android Applications.
Steve Hanna, Ling Huang, Edward Wu, Saung Li, Charles Chen and Dawn Song. Proceedings of the 9th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), page(s): 62-81. July 2012.

Cloud Terminal: Secure Access to Sensitive Applications from Untrusted Systems.
Lorenzo Martignoni, Pongsin Poosankam, Matei Zaharia, Jun Han, Stephen McCamant, Dawn Song, and Vern Paxson, Adrian Perrig, Scott Shenker and Ion Stoica. Proceedings of USENIX Annual Technical Conference (USENIX ATC), page(s): 165-176. June 2012.

Opaak: Using Mobile Phones to Limit Anonymous Identities Online
Gabriel Maganis, Elaine Shi, Hao Chen, and Dawn Song. Proceedings 10th International Conference on Mobile Systems, Applications and Services (MobiSys), page(s): 295-308. June 2012.

Stimuli for Gaze Based Intrusion Detection
Ralf Biedert, Mario Frank, Ivan Martinovic and Dawn Song. Proceedings of the 6th International Symposium on Digital Forensics and Information Security (DFIS), page(s): 757-763. June 2012.

Policy-Enhanced Private Set Intersection: Sharing Information While Enforcing Privacy Policies
Emil Stefanov, Elaine Shi and Dawn Song. Proceedings of the 15th IACR International Conference on Practice and Theory of Public-Key Cryptography, page(s): 413-430. May 2012.

On the Feasibility of Internet-Scale Author Identification
Arvind Narayanan, Hristo Spassimirov Paskov, Neil Zhenqiang Gong, John Bethencourt, Eui Chul Richard Shin, Emil Stefanov and Dawn Song . Proceedings of the IEEE Symposium on Security & Privacy (IEEE S&P), page(s): 300-314. May 2012.

GUPT: Privacy Preserving Data Analysis Made Easy
Prashanth Mohan, Abhradeep Thakurta, Elaine Shi, Dawn Song, and David Culler. Proceedings of the 2012 ACM International Conference on Management of Data (SIGMOD), page(s): 349-360. May 2012.

Path-Exploration Lifting: Hi-Fi Tests for Lo-Fi Emulators
Lorenzo Martignoni, Stephen McCamant, Pongsin Poosankam, Dawn Song and Petros Maniatis. Proceedings of Seventeenth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), page(s): 337-348. March 2012.

Towards Practical Oblivious RAM
Emil Stefanov, Elaine Shi and Dawn Song. Proceedings of the 19th Annual Network & Distributed System Security Symposium (NDSS), February 2012.

FreeMarket: Shopping for free in Android applications
Daniel Reynaud, Dawn Song, Tom Magrino, Edward Wu, Richard Shin. Proceedings of the 19th Annual Network & Distributed System Security Symposium (NDSS), February 2012.

Context-sensitive auto-sanitization in web templating languages using type qualifiers
Mike Samuel, Prateek Saxena,Dawn Song. In Proceedings of the 18th ACM conference on Computer and Communications Security (CCS), page(s): 587-600. October 2011.

Android permissions demystified
Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, David Wagner. Proceedings of the 18th ACM conference on Computer and Communications Security (CCS), page(s): 627-638. October 2011.

A Systematic Analysis of XSS Sanitization in Web Application Frameworks.
Joel Weinberger, Prateek Saxena, Devdatta Akhawe, Matthew Finifter, Richard Shin and Dawn Song. Proceedings of the 16th European Symposium on Research in Computer Security (ESORICS), page(s): 150-171. September 2011.

Suspended accounts in retrospect: an analysis of Twitter spam
Kurt Thomas, Chris Grier, Dawn Song, Vern Paxson. Proceedings of the ACM Conference on Internet Measurement Conference, page(s): 243-258. August 2011.

Take two software updates and see me in the morning: The case for software security evaluations of medical devices
Steve Hanna, Rolf Rolles, Andrés Molina-Markham, Pongsin Poosankam, Kevin Fu, Dawn Song. Proceedings of the USENIX Health Security (HealthSec), Page(s): 6-6. August 2011.

MACE Model inference Assisted Concolic Exploration for Protocol and Vulnerability Discovery.pdfvery.
Chia Yuan Cho, Domagoj Babic, Pongsin Poosankam, Kevin Zhijie Chen, Dawn Song and Edward XueJun Wu. Proceedings of USENIX Security, Page(s): 10-26. August 2011.

Towards Client-side HTML Security Policies .
Joel Weinberger, Adam Barth, Dawn Song, Proceedings of USENIX Hot Topics in Security (HotSec), page(s): 8-14. August 2011.

Malware Analysis with Tree Automata Inference.
Domagoj Babic, Daniel Reynaud and Dawn Song. Proceedings of 23rd International Conference on Computer Aided Verification (CAV). page(s): 116-131. July 2011.

Statically-Directed Dynamic Automated Test Generation.
Domagoj Babic, Lorenzo Martignoni, Stephen McCamant, and Dawn Song. Proceedings of International Symposium on Software Testing and Analysis (ISSTA), page(s): 12-22. July 2011.

Do You Know Where Your Data Are? Secure Data Capsules for Deployable Data Protection.
Petros Maniatis, Devdatta Akhawe, Kevin Fall,; Elaine Shi, Dawn Song. Proceedings of 13th Workshop on Hot Topics in Operating Systems (USENIX HotOS), May 2011.

Design and Evaluation of a Real-Time URL Spam Filtering Service.
Kurt Thomas, Chris Grier, Justin Ma, Vern Paxson, Dawn Song. Proceedings of the 32nd IEEE Symposium on Security and Privacy, page(s): 447-462. May 2011.

Differential Slicing: Identifying Causal Execution Differences for Security Applications.
Noah Johnson, Juan Caballero, Kevin Zhijie Chen, Stephen McCamant, Pongsin Poosankam, Daniel Reynaud, and Dawn Song. Proceedings of the 32nd IEEE Symposium on Security and Privacy, page(s): 347-362.
May 2011.

Privacy Settings from Contextual Attributes: A Case Study Using Google Buzz.
Daisuke Mashima, Prateek Sarkar, Elaine Shi, Chris Li, Richard Chow, Dawn Song. IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom), page(s): 257-262. March 2011.

DTA++: Dynamic Taint Analysis with Targeted Control-Flow Propagation.
Min Gyung Kang, Stephen McCamant, Pongsin Poosankam, and Dawn Song. Proceedings of the 18th Annual Network and Distributed System Security Symposium (NDSS), page(s):. 269-282, February 2011.

Privacy-Preserving Aggregation of Time-Series Data.
Elaine Shi, T-H. Hubert Chan, Eleanor Rieffel, Richard Chow, and Dawn Song. Proceedings of 18th Annual Network and Distributed System Security Symposium (NDSS), page(s): 489-505, February 2011.

Inference and Analysis of Formal Models of Botnet Command and Control Protocols
Chia Yuan Cho, Domagoj Babic, Richard Shin and Dawn Song. Proceedings of the 17th ACM Conference on Computer and Communication Security (CCS), page(s): 426-439. October 2010.

Input Generation via Decomposition and Re-Stitching: Finding Bugs in Malware.
Juan Caballero, Pongsin Poosankam, Stephen McCamant, Domagoj Babic, Dawn Song. In Proceedings of the 17th ACM Conference on Computer and Communication Security(CCS), page(s): 413-425. October 2010.

Private and Continual Release of Statistics.
T-H. Hubert Chan, Elaine Shi, and Dawn Song. Proceedings of the 37th International Colloquium on Automata, Languages and Programming (ICALP), page(s): 405-417. July 2010.

HookScout: Proactive Binary-Centric Hook Detection.
Heng.Yin, Pongsin Poosankam, Steve Hanna, and Dawn Song. Proceedings of the Seventh Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), page(s): 1-20. July 2010.

Towards a Formal Foundation of Web Security
Devdatta Akhawe, Adam Barth, Peifung Lam, John C. Mitchell, and Dawn Song. Proceedings of the Computer Security Foundations Symposium (CSF), page(s): 290-304. July 2010.

The Emperor's New API: On the (In)Secure Usage of New Client Side Primitives.
Steve Hanna, Richard Shin, Devdatta Akhawe, Arman Boehm, and Dawn Song. WEB 2.0 SECURITY AND PRIVACY (W2SP), May 2010.

A Symbolic Execution Framework for JavaScript.
Prateek Saxena, Devdatta Akhawe, Steve Hanna, Stephen McCamant, Feng Mao, Dawn Song. Proceedings of IEEE Symposium on Security and Privacy, page(s): 513-528. May 2010.

Insights from the Inside: A View of Botnet Management from Infiltration.
Chia Yuan Cho, Juan Caballero, Chris Grier, Vern Paxson and Dawn Song. Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET). April 2010.

FLAX: Systematic Discovery of Client-side Validation Vulnerabilities in Rich Web Applications.
Prateek Saxena, Steve Hanna, Pongsin Poosankam, Dawn Song. In the Proceeedings of the 17th Network and Distributed System Security Symposium (NDSS), page(s): 105-121. February 2010.

Binary Code Extraction and Interface Identification for Security Applications.
Juan Caballero, Noah M. Johnson, Stephen McCamant, and Dawn Song. Proceedings of the 17th Annual Network and Distributed System Security Symposium (NDSS), page(s): 391-408. February 2010.

A Learning-Based Approach to Reactive Security.
Adam Barth, Benjamin I. P. Rubinstein, Mukund Sundararajan, John C. Mitchell, Dawn Song, and Peter Bartlett. Financial Cryptography and Data Security International Conference, page(s): 192-206. January 2010.

Signatures of Reputation: Towards Trust Without Identity.
John Bethencourt, Elaine Shi, and Dawn Song. Presented as an extended abstract at Financial Cryptography, page(s): 400-407. January 2010.

Tracking Dynamic Sources of Malicious Activity at Internet-Scale
Shobha Venkataraman, Avrim Blum, Dawn Song, Subhabrata Sen and Oliver Spatscheck. Proceedings of Neural Information Processing Systems (NIPS), page(s): 1946-1954. December 2009.

Dispatcher: Enabling Active Botnet Infiltration using Automatic Protocol Reverse-Engineering.
Juan Caballero, Pongsin Poosankam, Christian Kreibich, and Dawn Song. Proceedings of the 16th ACM Conference on Computer and Communication Security, page(s): 621-634. November 2009.

Emulating Emulation-Resistant Malware.
Min Gyung Kang, Heng Yin, Steve Hanna, Steve McCamant, and Dawn Song. Proceedings of the 2nd Workshop on Virtual Machine Security, page(s): 11-22. November 2009.

Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration.
Juan Caballero, Zhenkai Liang, Pongsin Poosankam, and Dawn Song. Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection (RAID), page(s): 161-181. September 2009.

Cross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense.
Adam Barth, Joel Weinberger, and Dawn Song. In Proceedings of USENIX Security Symposium, page(s): 187-198.  August 2009.

Loop-Extended Symbolic Execution on Binary Programs.
Prateek Saxena, Pongsin Poosankam, Stephen McCamant, and Dawn Song. Proceedings of the ACM/SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), page(s): 225-236. July 2009.

Measuring Channel Capacity to Distinguish Undue Influence.
James Newsome, Stephen McCamant, and Dawn Song. Proceedings of the Fourth ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS), June 2009.

Secure Content Sniffing for Web Browsers or How to Stop Papers from Reviewing Themselves.
Adam Barth, Juan Caballero, and Dawn Song. Proceedings of the IEEE Symposium on Security and Privacy, May 2009.

Document Structure Integrity: A Robust Basis for Cross-site Scripting Defense.
Yacin Nadji, Prateek Saxena, and Dawn Song. Proceedings of Network & Distributed System Security Symposium (NDSS), February 2009.

BinHunt: Automatically Finding Semantic Differences in Binary Programs.
Debin Gao, Michael K. Reiter, and Dawn Song. Proceedings of the 4th International Conference on Information Systems Security, December 2008.

BitBlaze: A New Approach to Computer Security via Binary Analysis.
Dawn Song, David Brumley, Heng Yin, Juan Caballero, Ivan Jager, Min Gyung Kang, Zhenkai Liang, James Newsome, Pongsin Poosankam, and Prateek Saxena. Proceedings of the 4th International Conference on Information Systems Security, December 2008. Keynote Invited Paper.

Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications.
David Brumley, Pongsin Poosankam, Dawn Song, and Jiang Zheng. Proceedings of the IEEE Security and Privacy Symposium, May 2008.

Analysis-resistant Malware
John Bethencourt, Dawn Song, Brent Waters. Proceedings of Network and Distributed System Security Symposium (NDSS), February 2008.

Limits of Learning-based Signature Generation with Adversaries.
Shobha Venkataraman, Avrim Blum, Dawn Song. Proceedings of Network and Distributed System Security Symposium (NDSS), February 2008.

HookFinder: Identifying and Understanding Malware Hooking Behaviors.
Heng Yin, Zhenkai Liang, and Dawn Song. Proceedings of Network and Distributed System Security Symposium (NDSS), February 2008.

Would Diversity Really Increase the Robustness of the Routing Infrastructure Against Software Defects?
Juan Caballero, Theocharis Kampouris, Dawn Song, Jia Wang. Proceedings of Network and Distributed System Security Symposium (NDSS), February 2008.

Capturing System-wide Information Flow for Malware Detection and Analysis.
Heng Yin, Dawn Song, Manuel Egele, Engin Kirda and Christopher Kruegel. Proceedings of ACM Conference on Computer and Communications Security (CCS), October 2007.

Polyglot: Automatic Extraction of Protocol Message Format using Dynamic Binary Analysis.
Juan Caballero, Heng Yin, Zhenkai Liang, and Dawn Song. Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS), October 2007.

Provable Data Possession at Untrusted Stores.
Giuseppe Ateniese, Randal Burns, Reza Curtmola, Joseph Herring, Lea Kissner, Zachary Peterson and Dawn Song. Proceedings of ACM Conference on Computer and Communications Security (CCS), October 2007.

Towards Automatic Discovery of Deviations in Binary Implementations with Applications to Error Detection and Fingerprint Generation.
David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, and Dawn Song. Proceedings of USENIX Security Symposium, August 2007. Best Paper Award

Exploiting Network Structure for Proactive Spam Mitigation.
Shobha Venkataraman, Subhabrata Sen, Oliver Spatscheck, Patrick Haffner, and Dawn Song. Proceedings of USENIX Security Symposium, August 2007.

Creating Vulnerability Signatures Using Weakest Pre-conditions.
David Brumley, Hao Wang, Somesh Jha, and Dawn Song. Proceedings of Computer Security Foundations Symposium, July 2007.

Dynamic Spyware Analysis.
Manuel Egele, Christopher Kruegel, Engin Kirda, Heng Yin, and Dawn Song. Proceedings of USENIX Annual Technical Conference, June 2007.

Distributed Evasive Scan Techniques and Countermeasures.
Min Gyyng Kang, Juan Caballero, and Dawn Song. Proceedings of International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment (DIMVA), June 2007.

Multi-Dimensional Range Query over Encrypted Data.
Elaine Shi, John Bethencourt, Hubert Chan, Dawn Song, and Adrian Perrig. Proceedings of IEEE Security and Privacy Symposium, May 2007.

Sweeper: a Lightweight End-to-End System for Defending against Fast Worms.
Joseph Tucek, James Newsome, Shan Lu, Chengdu Huang, Spiros Xanthos, David Brumley, Yuanyuan Zhou, and Dawn Song. Proceedings of European Conference on Computer Systems (EuroSys), March 2007.

FiG: Automatic Fingerprint Generation.
Juan Caballero,Shobha Venkataraman, Pongsin Poosankam, Min Gyung Kang, Dawn Song and Avrim Blum. Proceedings of Network and Distributed Systems Security Symposium (NDSS), February 2007.

Efficient and Accurate Detection of Integer-based Attacks.
David Brumley, Tzi-cker Chiueh, Rob Johnson, Huijia Lin, and Dawn Song. Proceedings of Network and Distributed Systems Security Symposium (NDSS), February 2007.

Black-box Anomaly Detection---Is it Utopian?
Shobha Venkataraman, Juan Caballero, Dawn Song, Avrim Blum, Jennifer Yates. Proceedings of Workshop on Hot Topics in Networks  (HotNets), November 2006.

Replayer: Automatic Protocol Replay by Binary Analysis.
James Newsome, David Brumley, Jason Franklin, and Dawn Song. Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS), October 2006.

Secure Hierarchical In-Network Aggregation in Sensor Networks.
Haowen Chan, Adrian Perrig, and Dawn Song. Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS), October 2006.

Thwarting Signature Learning by Training Maliciously.
James Newsome, Brad Karp, and Dawn Song. Proceedings of the 9th International Symposium On Recent Advances In Intrusion Detection (RAID), September 2006.

Behavioral Distance Measurement Using Hidden Markov Models.
Debin Gao, Michael K. Reiter and Dawn Song. Proceedings of the 9th International Symposium on Recent Advances in Intrusion Detection (RAID), September 2006.

Towards Attack-Agnostic Defenses.
David Brumley and Dawn Song. Proceedings of the First Workshop on Hot Topics in Security (HOTSEC), July 2006.

Towards Automatic Generation of Vulnerability Signatures
David Brumley, James Newsome, Dawn Song, Hao Wang, and Somesh Jha. Proceedings of the IEEE Symposium on Security and Privacy, May 2006.

New Constructions and Applications for Private Stream Search (Extended Abstract)
John Bethencourt, Dawn Song, and Brent Waters. Proceedings of the IEEE Symposium on Security and Privacy, May 2006.

Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software
James Newsome, David Brumley, and Dawn Song. Proceedings of the 13th Annual Network and Distributed Systems Security Symposium (NDSS), 2006.

Behavioral Distance for Intrusion Detection
Debin Gao, Mike Reiter and Dawn Song. Proceedings of the Symposium on Recent Advance in Intrusion Detection (RAID), September 2005.

Privacy Preserving Set Operations
Lea Kissner and Dawn Song. Proceedings of CRYPTO, August 2005.

Semantics-Aware Malware Detection
Mihai Christodorescu, Somesh Jha, Sanjit Seshia, Dawn Song, Randal E. Bryant. Proceedings of IEEE Security and Privacy Symposium, May 2005.

Polygraph: Automatic Signature Generation for Polymorphic Worms
James Newsome, Brad Karp, Dawn Song. Proceedings of IEEE Security and Privacy Symposium, May 2005.

FIT: Fast Internet Traceback
Abraham Yaar, Adrian Perrig, and Dawn Song. Proceedings of IEEE InfoCom, March 2005.

New Streaming Algorithms for Superspreader Detection
Shobha Venkataraman, Dawn Song, Phil Gibbons, and Avrim Blum. Proceedings of the Network and Distributed Systems Security Symposium, February 2005.

Dynamic Taint Analysis: Automatic Detection, Analysis, and Signature Generation of Exploit Attacks on Commodity Software
James Newsome and Dawn Song. Proceedings of the Network and Distributed Systems Security Symposium, February 2005.

Gray-box Extraction of Execution Graphs for Anomaly Detection
Debin Gao, Mike Reiter, and Dawn Song. Proceedings of ACM Computer and Communication Security (CCS), October 2004.

Detection of Interactive Stepping Stones: Algorithms and Confidence Bounds
Avrim Blum, Dawn Song, and Shobha Venkataraman. Proceedings of Seventh International Symposium on Recent Advances in Intrusion Detection (RAID), September 2004.

Privtrans: Automatic Privilege Separation
David Brumley and Dawn Song. Proceedings of USENIX Security Symposium, August 2004.
Graybox Program Tracking for Hostbased Intrusion Detection
Debin Gao, Mike Reiter, and Dawn Song. Proceedings of USENIX Security Symposium, August 2004.

SIFF: An Endhost Capability Mechanism to Mitigate DDoS Flooding Attacks
Abraham Yaar, Adrian Perrig, and Dawn Song. Proceedings of IEEE Symposium on Security and Privacy, May 2004.

The Sybil attack in sensor networks: analysis & defenses.
James Newsome, Runting Shi, Dawn Song, and Adrian Perrig. Proceedings of 3rd International Symposium on Information Processing in Sensor Networks (IPSN), April 2004.

GEM: Graph Embedding for Routing and Data-Centric Storage in Sensor Networks without Geographic Information.
James Newsome and Dawn Song. Proceedings of the ACM SenSys (Conference on Embedded Networked Sensor Systems), November 2003.

SIA: Secure Information Aggregation in Sensor Networks.
Bartosz Przydatek, Dawn Song, and Adrian Perrig. Proceedings of the ACM Conference on Embedded Networked Sensor Systems (SenSys), November 2003.

Pi: A Path Identification Mechanism to Defend against DDoS Attacks.
Avi Yaar, Adrian Perrig, and Dawn Song. Proceedings of IEEE Symposium on Security and Privacy, May 2003.

Random Key Predistribution Schemes for Sensor Networks
Haowen Chan, Adrian Perrig, and Dawn Song. Proceedings of IEEE Symposium on Security and Privacy, May 2003.

Expander Graphs for Digital Stream Authentication and Robust Overlay Networks
D. Song, D. Zuckerman, and J. D. Tygar. Proceedings of IEEE Symposium on Research in Security and Privacy, May 2002.

Quasi-efficient Revocation of Group Signatures
G. Ateniese, D. Song, and G. Tsudik. Proceedings of Financial Crypto, March 2002.

Homomorphic Signature Schemes
R. Johnson, D. Molnar, D. Song, and D. Wagner. In RSA 2002, February 2002. Cryptographer's track.

Practical Forward Secure Group Signature Schemes
D. Song. Proceedings of the 8th ACM Conference on Computer and Communications Security (CCS-8), 2001.

Timing Analysis of Keystrokes and SSH Timing Attacks
D. Song, D. Wagner, and X. Tian. Proceedings of the 10th USENIX Security Symposium, May 2001.

AGVI --- Automatic Generation, Verification, and Implementation of Security Protocols
D. Song, A. Perrig, and D. Phan. Proceedings of 13th Conference on Computer Aided Verification (CAV), 2001.

ELK, a New Protocol for Efficient Large-Group Key Distribution
A. Perrig, D. Song, and D. Tygar. Proceedings of the IEEE Symposium on Research in Security and Privacy, May 2001

Advanced and Authenticated Marking Schemes for IP Traceback
D. Song and A. Perrig. Proceedings of IEEE Infocomm, 2001.

Efficient and Secure Source Authentication for Multicast
A. Perrig, R. Caetti, D. Song, and J. D. Tygar. Proceedings of the Symposium on Network and Distributed Systems Security (NDSS), 2001.

Looking for Diamonds in the Desert --- Extending Automatic Protocol Generation to Three-Party Authentication and Key Agreement Protocols
A. Perrig and D. Song. Proceedings of the 13th IEEE Computer Security Foundations Workshop, 2000.

Efficient Authentication and Signature of Multicast Streams Over Lossy Channels
A. Perrig, R. Canetti, J. D. Tygar, and D. Song. Proceedings of IEEE Symposium on Research in Security and Privacy, 2000.

Practical Techniques for Searches on Encrypted Data
D. Song, D. Wagner, and A. Perrig. Proceedings of IEEE Symposium on Research in Security and Privacy, 2000.

A First Step towards the Automatic Generation of Security Protocols
A. Perrig and D. Song. Proceedings of Symposium on Network and Distributed Systems Security (NDSS), 2000.

Hash Visualization: A New Technique to Improve Real-World Security
A. Perrig and D. Song. Proceedings of the International Workshop on Cryptographic Techniques and E-Commerce (CrypTEC), 1999.

Athena, an Automatic Checker for Security Protocol Analysis
D. Song. Proceedings of the 12th IEEE Computer Security Foundation Workshop, 1999.

Journal Papers

Joint Link Prediction and Attribute Inference using a Social-Attribute Network.
Neil Zhenqiang Gong, Ameet Talwalkar, Lester Mackey, Ling Huang, Eui Chul Richard Shin, Emil Stefanov, Elaine(Runting) Shi and Dawn Song . ACM Transactions on Intelligent Systems and Technology (ACM TIST). 2014
Joint Link Prediction and Attribute Inference using a Social-Attribute Network.
Neil Zhenqiang Gong, Ameet Talwalkar, Lester Mackey, Ling Huang, Eui Chul Richard Shin, Emil Stefanov, Elaine(Runting) Shi and Dawn Song . ACM Transactions on Intelligent Systems and Technology (ACM TIST). 2013
Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Athentication.
Mario Frank, Ralf Biedert, Eugene Ma, Ivan Martinovic, Dawn Song. IEEE Transactions on Information Forensics & Security Journal (Vol. 8, No. 1), page(s): 136-148, January 2013.

A Learning-Based Approach to Reactive Security.
Adam Barth, Benjamin I. P. Rubinstein, Mukund Sundararajan, John C. Mitchell, Dawn Song, and Peter L. Bartlett. IEEE Transactions on Dependable and Secure Computing, 9(4), page(s): 482-493. July-August 2012.

Automatic Protocol Reverse-Engineering: Message Format Extraction and Field Semantics Inference.
Juan Caballero and Dawn Song. Computer Networks. vol. 57(2), page(s): 451-474. February 2012.

The Evolution of Patterns on Conus Shells.
Zhenqiang Gong, Nick Matzke, Bard Ermentrout, Dawn Song, Jann E. Vendetti, Montgomery Slatkin and George Oster. Proceedings of the National Academy of Sciences (PNAS), vol. 109(5), page(s): E234-E241. January 2012.

Cloud Data Protection for the Masses.
Dawn Song, Elaine Shi, Ian Fischer, Umesh Shankar. Computer, vol. 45(1), page(s): 39-45. January 2012.

Recognizing Malicious Software Behaviors with Tree Automata Inference.
Domagoj Babic, Daniel Reynaud and Dawn Song. Formal Methods in System Design, vol. 41(1), page(s): 107-128. April 2012.

Private and Continual Release of Statistics.
T-H. Hubert Chan, Elaine Shi, and Dawn Song. ACM Transactions on Information and System Security (TISSEC), vol. 14(3), Article No. 26, November 2011.

Secure Distributed Data Aggregation.
Haowen Chan, Hsu-Chun Hsiao, Adrian Perrig, and Dawn Song. Foundations and Trends in Databases, vol. 3(3), pages 149-201. June 2011.

Remote Data Checking Using Provable Data Possession
Guiseppe Atenisese, Randal Burns, Reza Curtmola, Joseph Herring, Osama Khan, Lea Kissner, Zachary Peterson, Dawn Song. ACM Transactions on Information and System Security (TISSEC), vol. 14(1), page(s): 1-34. May 2011.

TaintEraser: protecting sensitive data leaks using application-level taint tracking.
David (Yu) Zhu, Jaeyeon Jung, Dawn Song, Tadayoshi Kohno, and David Wetherall. SIGOPS Oper. Syst. Rev.,vol. 45(1), page(s): 142-154. January 2011.

 
Beyond Output Voting: Detecting Compromised Replicas Using HMM-based Behavioral Distance.
Debin Gao, Mike Reiter, and Dawn Song. IEEE Transactions of Dependable and Secure Computing,
vol. 6(2), page(s): 96-110. April-June 2009.

New Techniques for Private Stream Searching.
John Bethencourt, Dawn Song, and Brent Waters. ACM Transactions on Information and System Security, vol. 12(3), page(s): , January 2009.

Theory and Techniques for Automatic Generation of Vulnerability-Based Signatures.
David Brumley, James Newsome, Dawn Song, Hao Wang, and Somesh Jha. IEEE Transactions on Dependable and Secure Computing,vol. 5(4), page(s): 224-241. October-December 2008.

SIA: Secure Information Aggregation in Sensor Networks.
Haowen Chan, Adrian Perrig, Bartosz Przydatek, and Dawn Song. Journal of Computer Security, January 2007.

StackPi: New Packet Marking and Filtering Mechanisms for DDoS and IP Spoofing Defense.
Abraham Yaar, Adrian Perrig, and Dawn Song. IEEE Journal on Selected Areas in Communication (JSAC) 24(10). October 2006.

Athena, a Novel Approach to Efficient Automatic Security Protocol Analysis
D. Song, S. Berezin, and A. Perrig. Journal of Computer Security, 9(1,2), page(s): 47-74. 2001.

Books, Book Chapters, and other Reports

Automatic Malware Analysis: An Emulator Based Approach
Heng Yin and Dawn Song. SpringerBriefs in Computer Science (2013). New York, NY 2013.

Sting: an End-to-End Self-healing System for Defending against Internet Worms.
David Brumley, James Newsome, and Dawn Song. Book chapter in Malware Detection and Defense, Editors Christodorescu, Jha, Maughn, Song. pp. 147-170, Springer Science and Business Media, New York NY, 2007.

Automatically Identifying Trigger-based Behavior in Malware
David Brumley, Cody Hartwig, Zhenkai. Liang, James Newsome, Pongsin Poosankam, Dawn Song, and Heng Yin.  Book chapter in Botnet Analysis and Defense, Editors Wenke Lee et. al., pp. 1-24, 2007.

Malware Detection
Mihai Christodorescu, Somesh Jha, Dawn Song, Cliff Wang, and Doug Maughan, editors. Springer 2006.

A Clean-Slate Design for the Next-Generation Secure Internet.
Steven Bellovin, David Clark, Adrian Perrig, and Dawn Song. Report of the NSF workshop on "Next-generation Secure Internet", held at CMU 12-14 July 2005.

Key Distribution Techniques for Sensor Networks
Haowen Chan, Adrian Perrig, and Dawn Song. In Wireless Sensor Networks, Kluwer Academic Publishers, page(s): 277-30, February 2004.

Technical Reports

Mitigating Buffer Overflows by Operating System Randomization
M. Chew and D. Song. Technical Report CMU-CS-02-197.

IETF Drafts

TESLA: Multicast Source Authentication Transform
A. Perrig, R. Canetti, B. Briscoe, D. Song, and J. D. Tygar. IETF draft, 2000.

Patents

Concealing access patterns to electronic data storage for privacy.
Emil Stefanov, Elaine Shi, Dawn Song.US Patent US 20140007250 A1. January 2014.
Secure Auction Marketplace using a Secure Coprocessor
Adrian Perrig, Sean W. Smith, and Dawn Song. U.S. Patent , filed in 2000.