Pongsin Poosankam

Doctoral Student

Computer Science Department
School of Computer Science
Carnegie Mellon University
Pittsburgh PA 15213 USA

ppoo...@andrew.cmu.edu

Current office:

Soda Hall 725
Computer Science Division
University of California
Berkeley, CA 94720

My primary research interest is computer security, including software and network security and binary analysis. I am also interested in using software engineering and machine learning techniques to improve the security of computer systems.

Currently, I am visiting UC Berkeley. I am a member of the BitBlaze group. My advisor is Dawn Song.

Papers and Publications

FLAX: Systematic Discovery of Client-side Validation Vulnerabilities in Rich Web Applications.: Prateek Saxena, Steve Hanna, Pongsin Poosankam, and Dawn Song. To appear in the Proceedings of the 17th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2010.

Dispatcher: Enabling Active Botnet Infiltration using Automatic Protocol Reverse-engineering. [ pdf ]: Juan Caballero, Pongsin Poosankam, Christian Kreibich, and Dawn Song. In Proceedings of the 16th ACM Conference on Computer and Communication Security, Chicago, IL, November 2009.

Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration. [ pdf ]: Juan Caballero, Zhenkai Liang, Pongsin Poosankam, and Dawn Song. In Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection, Saint-Malo, France, September 2009.

Loop-Extended Symbolic Execution on Binary Programs. [ pdf ]: Prateek Saxena, Pongsin Poosankam, Stephen McCamant, and Dawn Song. In the Proceedings of the ACM/SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), July 2009.

BitBlaze: A New Approach to Computer Security via Binary Analysis. [ pdf ]: Dawn Song, David Brumley, Heng Yin, Juan Caballero, Ivan Jager, Min Gyung Kang, Zhenkai Liang, James Newsome, Pongsin Poosankam, and Prateek Saxena. In Proceedings of the 4th International Conference on Information Systems Security, December 2008.
* Invited Paper

Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications. [ pdf ]: David Brumley, Pongsin Poosankam, Dawn Song, and Jiang Zheng. In the Proceedings of the 2008 IEEE Security and Privacy Symposium. Oakland, CA, May 2008.

Renovo: A Hidden Code Extractor for Packed Executables. [ pdf ]: Min Gyung Kang, Pongsin Poosankam, and Heng Yin. In Proceedings of the 5th ACM Workshop on Recurring Malcode (WORM), October 2007.

FiG: Automatic Fingerprint Generation. [ pdf ]: Juan Caballero, Shobha Venkataraman, Pongsin Poosankam, Min Gyung Kang, Dawn Song and Avrim Blum. In Proceedings of the 14th Annual Network and Distributed System Security Symposium, San Diego, CA, February 2007.

Design Space and Analysis of Worm Defense Strategies. [ pdf ]: David Brumley, Li-Hao Liu, Pongsin Poosankam, and Dawn Song. In ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS), Mar 2006.