Note: You can download all entries as a BibTex database.

Zhenghao Hu and Brendan Dolan-Gavitt. IRQDebloat: Reducing Driver Attack Surface in Embedded Devices. In IEEE Symposium on Security and Privacy. San Francisco, CA. 2022.

Hammond Pearce, Baleegh Ahmad, Benjamin Tan, Brendan Dolan-Gavitt and Ramesh Karri. Asleep at the Keyboard? Assessing the Security of GitHub Copilot’s Code Contributions. In IEEE Symposium on Security and Privacy. San Francisco, CA. 2022.

Yu Hu, Zekun Shen and Brendan Dolan-Gavitt. Characterizing and Improving Bug-Finders with Synthetic Bugs. In IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). Honolulu, HI. 2022.

Iman Hosseini and Brendan Dolan-Gavitt. Beyond the C: Retargetable Decompilation using Neural Machine Translation. In NDSS Workshop on Binary Analysis Research (BAR). Hybrid Event, San Diego, CA. 2022.

Alan Cao and Brendan Dolan-Gavitt. What the Fork? Finding and Analyzing Malware in GitHub Forks. In NDSS Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb). Hybrid Event, San Diego, CA. 2022.

Zekun Shen, Ritik Roongta and Brendan Dolan-Gavitt. Drifuzz: Harvesting Bugs in Device Drivers from Golden Seeds. In 31st USENIX Security Symposium (USENIX Security 22). Boston, MA. 2022.

Joshua Bundt, Andrew Fasano, Brendan Dolan-Gavitt, William Robertson and Tim Leek. Evaluating Synthetic Bugs. In Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIACCS). Virtual Event, Hong Kong. 2021.

Andrew Fasano, Tiemoko Ballo, Marius Muench, Tim Leek, Alexander Bulekov, Brendan Dolan-Gavitt, Manuel Egele, Aurélien Francillon, Long Lu, Nick Gregory, Davide Balzarotti and William Robertson. SoK: Enabling Security Analyses of Embedded Systems via Rehosting. In Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIACCS). Virtual Event, Hong Kong. 2021.

Luke Craig, Andrew Fasano, Tiemoko Ballo, Tim Leek, Brendan Dolan-Gavitt and William Robertson. PyPANDA: Taming the PANDAmonium of Whole System Dynamic Analysis. In NDSS Workshop on Binary Analysis Research (BAR). Virtual Event, San Diego, CA. 2021.

Akshaj Kumar Veldanda, Kang Liu, Benjamin Tan, Prashanth Krishnamurthy, Farshad Khorrami, Ramesh Karri, Brendan Dolan-Gavitt and Siddharth Garg. NNoculation: Catching BadNets in the Wild. In ACM Workshop on Artificial Intelligence and Security (AISec). Virtual Event, Republic of Korea. 2021.

Qingchuan Zhao, Chaoshun Zuo, Brendan Dolan-Gavitt, Giancarlo Pellegrino and Zhiqiang Lin. Automatic Uncovering of Hidden Behaviors From Input Validation in Mobile Apps. In Proceedings of the IEEE Symposium on Security and Privacy (S&P). Virtual Event. 2020.

Zekun Shen and Brendan Dolan-Gavitt. HeapExpo: Pinpointing Promoted Pointers to Prevent Use-After-Free Vulnerabilities. In Annual Computer Security Applications Conference (ACSAC). Virtual Event, Austin, TX. 2020.

Andrew Fasano, Tim Leek, Brendan Dolan-Gavitt and Josh Bundt. The Rode0day to Less-Buggy Programs. IEEE Security & Privacy 17 (6): 84–88. 2019.

Tianyu Gu, Kang Liu, Brendan Dolan-Gavitt and Siddharth Garg. BadNets: Evaluating Backdooring Attacks on Deep Neural Networks. IEEE Access 7: 47230–47244. 2019.

Kevin Gallagher, Sameer Patil, Brendan Dolan-Gavitt, Damon McCoy and Nasir Memon. Peeling the Onion’s User Experience Layer: Examining Naturalistic Use of the Tor Browser. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS). Toronto, Canada. 2018.

Subhajit Roy, Awanish Pandey, Brendan Dolan-Gavitt and Yu Hu. Bug Synthesis: Challenging Bug-Finding Tools with Deep Faults. In Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE). Lake Buena Vista, FL. 2018.

Giorgio Severi, Tim Leek and Brendan Dolan-Gavitt. Malrec: Compact Full-Trace Malware Recording for Retrospective Deep Analysis. In Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA). Saclay, France. 2018.

Kang Liu, Brendan Dolan-Gavitt and Siddharth Garg. Fine-Pruning: Defending Against Backdooring Attacks on Deep Neural Networks. In Research in Attacks, Intrusions, and Defenses (RAID). Heraklion, Greece. 2018.

Yiwen Li, Brendan Dolan-Gavitt, Sam Weber and Justin Cappos. Lock-in-Pop: Securing Privileged Operating System Kernels by Keeping on the Beaten Path. In 2017 USENIX Annual Technical Conference (USENIX ATC). Santa Clara, CA. 2017.

Patrick Hulin, Andy Davis, Rahul Sridhar, Andrew Fasano, Cody Gallagher, Aaron Sedlacek, Tim Leek and Brendan Dolan-Gavitt. AutoCTF: Creating Diverse Pwnables via Automated Bug Injection. In 11th USENIX Workshop on Offensive Technologies (WOOT). Vancouver, BC. 2017.

Brendan Dolan-Gavitt, Patrick Hulin, Engin Kirda, Tim Leek, Andrea Mambretti, Will Robertson, Frederick Ulrich and Ryan Whelan. LAVA: Large-Scale Automated Vulnerability Addition. In IEEE Symposium on Security and Privacy (S&P). San Jose, CA. 2016.

Brendan Dolan-Gavitt, Josh Hodosh, Patrick Hulin, Tim Leek and Ryan Whelan. Repeatable Reverse Engineering with PANDA. In Proceedings of the Program Protection and Reverse Engineering Workshop (PPREW). Los Angeles, CA. 2015.

Brendan Dolan-Gavitt, Tim Leek, Josh Hodosh and Wenke Lee. Tappan Zee (North) Bridge: Mining Memory Accesses for Introspection. In Proceedings of the ACM Conference on Computer and Communications Security (CCS). Berlin, Germany. 2013.

Brendan Dolan-Gavitt, Tim Leek, Michael Zhivich, Jonathon Giffin and Wenke Lee. Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection. In Proceedings of the IEEE Symposium on Security and Privacy (S&P). Oakland, CA. 2011.

Brendan Dolan-Gavitt, Abhinav Srivastava, Patrick Traynor and Jonathon Giffin. Robust Signatures for Kernel Data Structures. In Proceedings of the ACM Conference on Computer and Communications Security (CCS). Chicago, IL. 2009.