Pongsin Poosankam

Doctoral Student

Computer Science Department
School of Computer Science
Carnegie Mellon University
Pittsburgh PA 15213 USA

ppoo...@andrew.cmu.edu



Current office:

Soda Hall 421
Computer Science Division
University of California
Berkeley, CA 94720

My primary research interest is computer security, including software and network security and binary analysis. I am also interested in using software engineering and machine learning techniques to improve the security of computer systems.

Currently, I am visiting UC Berkeley. I am a member of the BitBlaze group. My advisor is Dawn Song.


Papers and Publications

(You can also look for my publications through the Google Scholar service and the Microsoft Academic Search service.)
Path-Exploration Lifting: Hi-Fi Tests for Lo-Fi Emulators.
Lorenzo Martignoni, Stephen McCamant, Pongsin Poosankam, Dawn Song, and Petros Maniatis. In Proceedings of the 17th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), London, UK, March 2012.

MACE: Model-inference-Assisted Concolic Exploration for Protocol and Vulnerability Discovery. [ pdf ]
Chia Yuan Cho, Domagoj Babic, Pongsin Poosankam, Kevin Zhijie Chen, Edward XueJun Wu, and Dawn Song. In Proceedings of the 20th USENIX Security Symposium, San Francisco, CA, August 2011.

Take Two Software Updates and See Me in the Morning: The Case for Software Security Evaluations of Medical Devices. [ pdf ]
Steve Hanna, Rolf Rolles, Andres Molina-Markham, Pongsin Poosankam, Kevin Fu, and Dawn Song. In Proceedings of the 2nd USENIX Workshop on Health Security and Privacy, San Francisco, CA, August 2011.

Differential Slicing: Identifying Causal Execution Differences for Security Applications. [ pdf ]
Noah M. Johnson, Juan Caballero, Kevin Zhijie Chen, Stephen McCamant, Pongsin Poosankam, Daniel Reynaud, and Dawn Song. In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2011.

DTA++: Dynamic Taint Analysis with Targeted Control-Flow Propagation. [ pdf ]
Min Gyung Kang, Stephen McCamant, Pongsin Poosankam, and Dawn Song. In Proceedings of the 18th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2011.

Input Generation via Decomposition and Re-Stitching: Finding Bugs in Malware. [ pdf ]
Juan Caballero, Pongsin Poosankam, Stephen McCamant, Domagoj Babic, and Dawn Song. In Proceedings of the 17th ACM Conference on Computer and Communication Security, Chicago, IL, October 2010.

HookScout: Proactive Binary-Centric Hook Detection. [ pdf ]
Heng Yin, Pongsin Poosankam, Steve Hanna, and Dawn Song. In Proceedings of the 7th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA'10), Bonn, Germany, July 2010.

FLAX: Systematic Discovery of Client-side Validation Vulnerabilities in Rich Web Applications. [ pdf ]
Prateek Saxena, Steve Hanna, Pongsin Poosankam, and Dawn Song. In Proceedings of the 17th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2010.

Dispatcher: Enabling Active Botnet Infiltration using Automatic Protocol Reverse-engineering. [ pdf ]
Juan Caballero, Pongsin Poosankam, Christian Kreibich, and Dawn Song. In Proceedings of the 16th ACM Conference on Computer and Communication Security, Chicago, IL, November 2009.

Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration. [ pdf ]
Juan Caballero, Zhenkai Liang, Pongsin Poosankam, and Dawn Song. In Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection, Saint-Malo, France, September 2009.

Loop-Extended Symbolic Execution on Binary Programs. [ pdf ]
Prateek Saxena, Pongsin Poosankam, Stephen McCamant, and Dawn Song. In Proceedings of the ACM/SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), July 2009.

BitBlaze: A New Approach to Computer Security via Binary Analysis. [ pdf ]
Dawn Song, David Brumley, Heng Yin, Juan Caballero, Ivan Jager, Min Gyung Kang, Zhenkai Liang, James Newsome, Pongsin Poosankam, and Prateek Saxena. In Proceedings of the 4th International Conference on Information Systems Security, December 2008.
* Invited Paper

Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications. [ pdf ]
David Brumley, Pongsin Poosankam, Dawn Song, and Jiang Zheng. In Proceedings of the 2008 IEEE Security and Privacy Symposium. Oakland, CA, May 2008.

Renovo: A Hidden Code Extractor for Packed Executables. [ pdf ]
Min Gyung Kang, Pongsin Poosankam, and Heng Yin. In Proceedings of the 5th ACM Workshop on Recurring Malcode (WORM), October 2007.

FiG: Automatic Fingerprint Generation. [ pdf ]
Juan Caballero, Shobha Venkataraman, Pongsin Poosankam, Min Gyung Kang, Dawn Song and Avrim Blum. In Proceedings of the 14th Annual Network and Distributed System Security Symposium, San Diego, CA, February 2007.

Design Space and Analysis of Worm Defense Strategies. [ pdf ]
David Brumley, Li-Hao Liu, Pongsin Poosankam, and Dawn Song. In ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS), Mar 2006.