Topics
I'm interested in advancing the scientific knowledge on software security and
reliability. I work on a broad range of topics in analysis and testing,
leveraging synergistically ideas from a variety of disciplines ranging from
formal logic to low-level system implementation details.
I've applied program analysis techniques to prevalent web application security
problems, namely cross-site scripting (XSS) and SQL injection. Both of these
are input validation problems, and I've proposed formal characterizations of
them, and designed and experiemented with runtime and compile-time approaches
for preventing them (see this page
for more on this topic). I find this a fascinating problem domain and I
expect it to continue yielding many interesting research topics.
I've also done work with Jed
Crandall, Daniela,
and others on uses of the Dacoda project for dealing with sophisticated
malware.
I spent the summer of 2007 and
DoCoMo USA Labs
working with Dachuan Yu, Ajay Chander, and Dinakar Durjhati on a technique for
web application testing. This technique handles string operations, string
values, and dynamic language features (all of which are common in web application scripting
languages such as PHP) more precisely than previous techniques.
I've also done some work on XML type checking (see paper). The most
interesting part of this work involved discovering and dealing with the
subtleties of tree types. I spent the summer of 2005 at JPL working with Nicolas Rouquette on
applying ideas from Category Theory to model-based engineering design.
Papers
Conference |
|
|
|
|
Dynamic Test Input Generation for Web Applications
Gary Wassermann, Dachuan Yu, Ajay Chander, Dinakar Dhurjati, Hiroshi Inamura, Zhendong Su, ISSTA'08. (26%)
|
|
|
|
|
Static Detection of Cross-Site Scripting Vulnerabilities*
Gary Wassermann, Zhendong Su, ICSE'08. (15%)
|
|
|
|
|
Bezoar: Automated Virtual Machine-based Full-System Recovery from Control-Flow Hijacking Attacks
Daniella A. S. de Oliveria, Jedidiah R. Crandall, Gary Wassermann, Shaozhi Ye, S. Felix Wu, Zhendong Su, Frederic T. Chong, NOMS'08. (27%)
|
|
|
|
|
Sound and Precise Analysis of Web Applications for Injection Vulnerabilities
Gary Wassermann, Zhendong Su, PLDI'07. (25%)
|
|
|
|
|
Validity Checking for Finite Automata over Linear Arithmetic Constraints
Gary Wassermann, Zhendong Su, FSTTCS'06. (22%)
|
|
|
|
|
|
Temporal Search: Detecting Hidden Malware Timebombs with Virtual Machines
Jedidiah R. Crandall, Gary Wassermann, Daniela A. S. de Oliveira, Zhendong Su, S. Felix Wu, Frederic T. Chong, ASPLOS'06. (22%)
|
|
|
|
|
The Essence of Command Injection Attacks in Web Applications
Zhendong Su, Gary Wassermann, POPL'06. (19%)
|
Workshop |
|
|
|
|
|
ExecRecorder: VM-Based Full-System Replay for Attack Analysis and System Recovery
Daniela A. S. de Oliveira, Jedidiah R. Crandall, Gary Wassermann, Zhendong Su, S. Felix Wu, Frederic T. Chong,
ASID'06
with ASPLOS'06.
|
|
|
|
|
An Analysis Framework for Security in Web Applications
Gary Wassermann, Zhendong Su, SAVCBS'04
with FSE'04. (43%)
|
Journal |
|
|
|
|
|
Static Checking of Dynamically Generated Queries in Database Applications
Gary Wassermann, Carl Gould, Zhendong Su, Premkumar Devanbu, TOSEM.
|
Technical Reports and Unpublished Drafts |
|
|
|
|
A Type-based Dimensional Analysis for XQuery
Zhendong Su, Gary Wassermann, Computer Science Division Tech Report.
|
|
|
|
|
Type-based Inference of Size Relationships for XML Transformations
Zhendong Su, Gary Wassermann, Draft
|
* This draft is made available for early dissemination. The camera ready copy is in preparation and will be posted when it is available.
Co-Authors