Ganapathy, Vinod - Department of Computer Science, Rutgers University

• RETROFITTING LEGACY CODE FOR AUTHORIZATION POLICY ENFORCEMENT
• Published in ACSAC'09: Proceedings of the 25 th Annual Computer Security Applications Conference, Honolulu, Hawaii, December 2009 Analyzing Information Flow in JavaScriptbased Browser Extensions
• Detecting Identity Spoofs in 802.11e Wireless Gayathri Chandrasekaran, John-Austen Deymious, Vinod Ganapathy, Marco Gruteser, Wade Trappe,
• Improving NFA-based Signature Matching using Ordered Binary Decision Diagrams
• Automatic Discovery of APILevel Exploits Vinod Ganapathy + , Sanjit A. Seshia , Somesh Jha + , Thomas W. Reps + , Randal E. Bryant
• Working SetBased Access Control for Network File Systems Stephen Smaldone, Vinod Ganapathy, and Liviu Iftode
• Target: Privacy Invasion Scenario : You have a meeting
• Retrofitting Legacy Code for Authorization Policy Enforcement VINOD GANAPATHY
• Position Paper: The Case for JavaScript Transactions Mohan Dhawan Chung-chieh Shan Vinod Ganapathy
• Retrofitting Legacy Code for Authorization Policy Enforcement Vinod Ganapathy
• Published in Proceedings of the 12 th ACM Conference on Computer and Communications Security, November 2005 Automatic Placement of Authorization Hooks
• Published in ACSAC'09: Proceedings of the 25th Annual Computer Security Applications Conference, Honolulu, Hawaii, December 2009 Analyzing Information Flow in JavaScript-based Browser Extensions
• Published in CCS'08: Proceedings of the 15th ACM Conference on Computer and Communications Security, Alexandria, Virginia, October 2008 Enforcing Authorization Policies using
• Evaluating the Security Risks of Freedom on Social Networking Websites
• Published in ICSE'07: Proceedings of the 29th International Conference on Software Engineering, Minneapolis, Minnesota, May 2007 Mining SecuritySensitive Operations in Legacy Code using Concept Analysis
• Automatic Discovery of APILevel Vulnerabilities Vinod Ganapathy + , Sanjit A. Seshia # , Somesh Jha + , Thomas W. Reps + , Randal E. Bryant #
• Published in ASPLOS XII: Proceedings of the Twelfth International Conference on Architectural Support for Programming Languages and Operating Systems, October 2006
• Electronic Notes in Theoretical Computer Science 65 No. 5 (2002) URL: http://www.elsevier.nl/locate/entcs/volume65.html 15 pages
• Published in MobiSys'11: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, June/July 2011. Security versus Energy Tradeoffs in
• Published in Proceedings of the 2006 IEEE Symposium on Security and Privacy, Oakland, California, May 2006 Retrofitting Legacy Code for Authorization Policy Enforcement
• RETROFITTING LEGACY CODE FOR AUTHORIZATION POLICY ENFORCEMENT
• Rootkits on Smart Phones: Attacks and Implications Jeffrey Bickford, Ryan O'Hare, Arati Baliga, Vinod Ganapathy and Liviu Iftode
• Working Set-Based Access Control for Network File Systems Stephen Smaldone, Vinod Ganapathy, and Liviu Iftode
• Electronic Notes in Theoretical Computer Science 65 No. 5 (2002) URL: http://www.elsevier.nl/locate/entcs/volume65.html 15 pages
• Published in ACSAC'08: Proceedings of the 24th Annual Computer Security Applications Conference, Anaheim, CA, December 2008 Automatic Inference and Enforcement of Kernel Data Structure Invariants
• Buffer Overrun Detection using Linear Programming and Static Analysis Vinod Ganapathy, Somesh Jha
• An Auctioning Reputation System Based on Anomaly Detection
• IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, TO APPEAR (ACCEPTED IN FEBRUARY 2010) 1 Detecting Kernel-level Rootkits
• This is an expanded version of an identically-titled paper published in ACSAC'09 Proceedings of the 25th Annual Computer Security Applications Conference, Honolulu, Hawaii, December 2009.
• Privately Querying Location-based Services with SybilQuery
• Published in ACSAC'08: Proceedings of the 24th Annual Computer Security Applications Conference, Anaheim, CA, December 2008 Automatic Inference and Enforcement of Kernel Data Structure Invariants
• OMOS: A Framework for Secure Communication in Mashup Applications Saman Zarandioon Danfeng (Daphne) Yao Vinod Ganapathy
• Published in ICSE'07: Proceedings of the 29th International Conference on Software Engineering, Minneapolis, Minnesota, May 2007 Mining Security-Sensitive Operations in Legacy Code using Concept Analysis
• Published in Proceedings of the 22nd Annual Computer Security Applications Conference, Miami Beach, Florida, December 2006 NetSpy: Automatic Generation of Spyware Signatures for NIDS
• An Auctioning Reputation System Based on Anomaly Detection
• Buffer Overrun Detection using Linear Programming and Static Analysis
• Published in Proceedings of the ACM SIGPLAN 5th Workshop on Programming Languages and Analysis for Security, Toronto, Canada, June 2010 Position Paper: The Case for JavaScript Transactions
• Appears in W2SP 2009: The Web 2.0 Security and Privacy 2009 Workshop, Oakland, California, May 2009 Evaluating Attack Amplification in Online Social Networks
• Analyzing Information Flow in JavaScriptbased Browser Extensions (JSEs)Analyzing Information Flow in JavaScriptbased Browser Extensions (JSEs) Mohan Dhawan and Vinod GanapathyMohan Dhawan and Vinod Ganapathy
• EnforcingSecurityPoliciesusing Transac4onalMemoryIntrospec4on
• Enforcing Authorization Policies using Transactional Memory IntrospectionEnforcing Authorization Policies using Transactional Memory Introspection Arnar BirgissonArnar Birgisson
• Retrofitting Legacy Code for Authorization Policy Enforcement
• Privately Querying Location-based Services with SybilQuery Pravin Shankar, Vinod Ganapathy, Liviu Iftode
• Rutgers University DCS Technical Report 648, April 2009 Analyzing Information Flow in JavaScript-based Browser Extensions
• Enforcing Authorization Policies using Transactional Memory Introspection
• Mining Security-Sensitive Operations in Legacy Code using Concept Analysis
• Automatic Discovery of API-Level Vulnerabilities Vinod Ganapathy
• Published in ASPLOS XIII: Proceedings of the Thirteenth International Conference on Architectural Support for Programming Languages and Operating Systems, March 2008
• Protecting Commodity Operating System Kernels from Vulnerable Device Drivers
• Automatic Discovery of API-Level Exploits Vinod Ganapathy
• Mining SecuritySensitive Operations in Legacy Code using Concept Analysis
• Published in Proceedings of the 12th ACM Conference on Computer and Communications Security, November 2005
• Privacy-aware Identity Management for Client-side Mashup Applications
• Working Set-Based Access Control for Network File Systems
• Published in Proceedings of the 22nd Annual Computer Security Applications Conference, Miami Beach, Florida, December 2006 NetSpy: Automatic Generation of Spyware Signatures for NIDS #
• Appears in Second Annual Securityenhanced Linux Symposium, Baltimore, MD, March 2006 Towards Automated Authorization Policy Enforcement
• Published in Proceedings of the 11th Workshop on Hot Topics in Operating Systems (HotOS XI), San Diego, California, May 2007 Microdrivers: A New Architecture for Device Drivers
• Buffer Overrun Detection using Linear Programming and Static Analysis #
• Buffer Overrun Detection using Linear Programming and Static Analysis Vinod Ganapathy, Somesh Jha
• Appears in Second Annual Security-enhanced Linux Symposium, Baltimore, MD, March 2006 Towards Automated Authorization Policy Enforcement
• Published in Proceedings of the 2006 IEEE Symposium on Security and Privacy, Oakland, California, May 2006 Retrofitting Legacy Code for Authorization Policy Enforcement
• Published in Proceedings of the 11th Workshop on Hot Topics in Operating Systems (HotOS XI), San Diego, California, May 2007 Microdrivers: A New Architecture for Device Drivers
• Rutgers University DCS Technical Report 648, April 2009 Analyzing Information Flow in JavaScriptbased Browser Extensions
• Published in ASPLOS XII: Proceedings of the Twelfth International Conference on Architectural Support for Programming Languages and Operating Systems, October 2006
• Rootkits on Smart Phones: Attacks, Implications and Opportunities
• Monitoring Data Structures Using Hardware Transactional Memory
• The Case for Energy-aware Trust Establishment in Dynamic Networks of Cyber Physical Devices
• Fast, Memory-efficient Regular Expression Matching with NFA-OBDDs$ , Rezwana Karima
• K2C: Cryptographic Cloud Storage With Lazy Revocation and Anonymous Access
• Published in Proceedings of the 2006 IEEE Symposium on Security and Privacy, Oakland, California, May 2006 Retrofitting Legacy Code for Authorization Policy Enforcement
• Vinod Ganapathy Department of Computer Science Tel: (732) 445-2001 x5027
• An Analysis of the Mozilla Jetpack Extension Rezwana Karim1
• Fast, memory-efficient regular expression matching with NFA-OBDDs q Liu Yang a,
• Detecting Identity Spoofs in 802.11e Wireless Gayathri Chandrasekaran, John-Austen Deymious, Vinod Ganapathy, Marco Gruteser, Wade Trappe,
• Published in Proceedings of the 2006 IEEE Symposium on Security and Privacy, Oakland, California, May 2006 Retrofitting Legacy Code for Authorization Policy Enforcement