Jedidiah R. Crandall's full list of publications
Conference, workshop, and journal papers:
- Nikolaos Sapountzis, Ruimin Sun, Xuetao Wei, Yier Jin, Jedidiah Crandall, and Daniela Oliveira. MITOS: Optimal Decisioning for the Indirect Flow Propagation Dilemma in Dynamic Information Flow Tracking Systems. In the Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS 2020). Singapore. November, 2020.
- Geoffrey Alexander, Antonio Espinoza, and
Jedidiah R. Crandall.
Detecting TCP/IP Connections via IPID Hash Collisions.
In the Proceedings of the 2019 Privacy Enhancing Technologies Symposium (PETS 2019). Stockholm, Sweden. July 2019.
- Kirtus G. Leyba, Benjamin Edwards, Cynthia
Freeman, Jedidiah R. Crandall, and Stephanie Forrest.
Borders and
Gateways: Measuring and Analyzing National AS Chokepoints.
In the Proceedings of the second annual ACM SIGCAS Conference on Computing and
Sustainable Societies (COMPASS 2019). Accra, Ghana. July 2019.
- Daniel Riofrio, Anacaren Ruiz, Erin Sosebee, Qasim Raza, Adnan Bashir, Jed Crandall, and Ramrio Sandoval.
Presidential Elections in Ecuador: Bot Presence in Twitter.
In the Proceedings of the Sixth International Conference on eDemocracy and eGovernment (ICEDEG 2019). Quito, Ecuador. April 2019. pdf
- Meisam Navaki Arefi, Geoffrey Alexander, Hooman Rokham, Aokun Chen, Daniela Oliveira, Xuetao Wei, Michalis Faloutsos, and Jedidiah R. Crandall.
FAROS: Illuminating In-Memory Injection Attacks via Provenance-based Whole System Dynamic Information Flow Tracking.
Accepted (pending shepherd approval) to the IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2018). Luxembourg City, Luxembourg. June 2018. pdf
- Meisam Navaki Arefi, Geoffrey Alexander, and Jedidiah R. Crandall.
PIITracker: Automatic Tracking of Personally Identifiable
Information in Windows.
In the Proceedings of 11th European Workshop on Systems Security (EUROSEC
2018). Porto, Portugal. April 2018. pdf
- Xu Zhang, Jeffrey Knockel, and Jedidiah R. Crandall.
ONIS:
Inferring TCP/IP-based Trust Relationships Completely Off-Path.
In the Proceedings of IEEE INFOCOM 2018 (INFOCOM 2018). Honolulu, Hawaii. April 2018. pdf
- Mahdi Zamani, Jared Saia, and Jedidiah R. Crandall.
TorBricks: Blocking-Resistant Tor Bridge Distribution.
In the Proceedings of the 19th International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS 2017).
Boston, Massachusetts. November 2017. pdf
- Antonio M. Espinoza, William J. Tolley, Jedidiah R. Crandall, Masashi Crete-Nishihata, and Andrew Hilts.
Alice and Bob, who the FOCI are they?: Analysis of end-to-end encryption in the LINE messaging application.
In the Proceedings of the 7th USENIX Workshop on
Free and Open Communications on the Internet. (FOCI 2017). Vancouver, Canada. August 2017. pdf
- Xu Zhang, Jeffrey Knockel, and Jedidiah R. Crandall.
High Fidelity Off-Path Round-Trip Time Measurement via TCP/IP Side Channels with Duplicate SYNs.
In the Proceedings of IEEE GLOBECOM (GLOBECOM 2016). Washington, D.C. December 2016.
- Aokun Chen, Pratik Brahma, Dapeng Oliver Wu, Natalie Ebner, Brandon Matthews, Jedidiah Crandall, Xuetao Wei, Michalis Faloutsos, and Daniela Oliveira.
Cross-Layer Personalization as a First Class Citizen for Situation Awareness and Computer Infrastructure Security.
In the Proceedings of the New Security Paradigms Workshop (NSPW 2016). C Lazy U Ranch, Colorado. September 2016.
- Antonio Espinoza, Jeffrey Knockel, Jedidiah R. Crandall, and Pedro Comesaña.
V-DIFT: Vector-Based Dynamic Information Flow Tracking with
Application to Locating Cryptographic Keys for Reverse Engineering.
In the Proceedings of the International Conference on Availability, Reliability and Security (ARES 2016). Salzburg, Austria. August/September 2016. pdf
- Daniela Oliveira, Jedidiah Crandall, Harry Kalodner, Nicole Morin, Megan Maher, Jesus Navarro and, Felix Emiliano.
An Information Flow-based Taxonomy to Understand the Nature of Software Vulnerabilities.
In the Proceedings of the 31st International Conference on ICT Systems Security and Privacy Protection - Springer. (IFIP SEC 2016). Ghent, Belgium, May 2016. pdf
- Jeffrey Knockel, Masashi Crete-Nishihata, Jason Q. Ng, Adam Senft, and Jedidiah R. Crandall.
Every Rose Has Its Thorn: Censorship and Surveillance on Social Video Platforms in China.
In the Proceedings of the 5th USENIX Workshop on
Free and Open Communications on the Internet. (FOCI 2015). Washington, D.C. August 2015. pdf
- Jedidiah R. Crandall, Masashi Crete-Nishihata, and Jeffrey Knockel.
Forgive Us Our SYN’s: Technical and Ethical Considerations for Measuring Internet Censorship
Workshop on Ethics in Networked Systems Research (co-located with ACM SIGCOMM'15).
London, United Kingdom. August 2015. pdf
- Roya Ensafi, Philipp Winter, Abdullah Mueen, Jedidiah R. Crandall. Analyzing the Great Firewall of China Over Space and Time. Proceedings on Privacy Enhancing Technologies (PoPETs). 1 (1), 61. DOI: 10.1515/popets-2015-0005. Will be presented at PETS 2015 in Philadelphia, Pennsylvania. pdf
- Geoffrey Alexander and Jedidiah R. Crandall.
Off-Path Round Trip Time Measurement via TCP/IP Side Channels.
In the Proceedings of IEEE INFOCOM 2015 (INFOCOM 2015). Hong Kong. April 2015. pdf
- Xu Zhang, Jeffrey Knockel, and Jedidiah R. Crandall.
Original SYN: Finding Machines Hidden Behind Firewalls.
In the Proceedings of IEEE INFOCOM 2015 (INFOCOM 2015). Hong Kong. April 2015. pdf
- Jeffrey Knockel and Jedidiah R. Crandall.
Counting Packets Sent Between Arbitrary Internet Hosts.
In the Proceedings of the 4th USENIX Workshop on
Free and Open Communications on the Internet. (FOCI 2014). San Diego, California. August 2014. pdf
- Roya Ensafi, Mike Jacobi, and Jedidiah R. Crandall. A Case Study in Helping Students to Covertly Eat Their Classmates. In the Proceedings of the USENIX Summit on Gaming, Games and Gamification in Security Education. (3GSE 2014). San Diego, California. August 2014. pdf
- Roya Ensafi, Jeffrey Knockel, Geoffrey Alexander, and Jedidiah R. Crandall. Detecting Intentional Packet Drops on the Internet via TCP/IP Side Channels. In the Proceedings of the 2014 Passive and Active Measurements conference. (PAM 2014). Los Angeles, California. March 2014. An extended version is available here.
- Tao Zhu, David Phipps, Adam Pridgen, Jedidiah R. Crandall, and Dan S.
Wallach. The Velocity of Censorship: High-Fidelity Detection of
Microblog Post Deletions. In the Proceedings of the 22nd USENIX Security
Symposium.
(USENIX Security 2013). Washington D.C. August 2013. pdf
- Jedidiah R. Crandall, Masashi Crete-Nishihata, Jeffrey Knockel, Sarah McKune, Adam Senft, Diana Tseng, and Greg Wiseman.
Chat program censorship and surveillance in China: Tracking TOM-Skype and Sina UC. First Monday Volume 18, Number 7, 1 July 2013. paper
and supplementary materials with
visualizations
- Bilal Shebaro, Fernando Perez-Gonzalez, and Jedidiah R. Crandall.
Exploiting Geometrical Structure for Forensic Applications of Timing Inference Channels. International Journal of Digital Crime and Forensics (IJDCF). Vol. 5, no. 1, DOI: 10.4018/jdcf.2013010104 (2013).
- Mohammed Ibrahim Al-Saleh, Antonio M. Espinosa, and Jedidiah R. Crandall.
Antivirus performance characterisation: system-wide view. IET
Information Security, Volume 7, Issue 2, June 2013, p. 126 - 133,
DOI: 10.1049/iet-ifs.2012.0192.
- Peiyou Song, Anhei Shu, David Phipps, Dan Wallach, Mohit Tiwari, Jedidiah Crandall, and George Luger. Language Without Words: A Pointillist Model for Natural Language Processing In the Proceedings of the 6th International Conference on Soft Computing and Intelligent Systems.
(SCIS-ISIS 2012). Kobe, Japan. November 2012. pdf
- Peiyou Song, Anhei Shu, Anyu Zhou, Dan Wallach, and Jedidiah R. Crandall. A Pointillism Approach for Natural Language
Processing of Social Media. In the Proceedings of the 2012 International
Conference on Natural Language Processing and Knowledge Engineering.
(NLP-KE'12). Hefei, China. September 2012. pdf
- Jeffrey Knockel and Jedidiah R. Crandall.
Protecting Free and Open Communications on the Internet Against Man-in-the-Middle Attacks on Third-Party Software: We're FOCI'd.
In the Proceedings of the 2nd USENIX Workshop on
Free and Open Communications on the Internet. (FOCI 2012). Bellevue, Washington. August 2012. pdf
- Nicholas Aase, Jedidiah R. Crandall, Alvaro Diaz, Jeffrey Knockel, Jorge Ocana Molinero, Jared Saia, Dan Wallach, and Tao Zhu.
Whiskey, Weed, and Wukan on the World Wide Web: On Measuring Censors' Resources and Motivations.
In the Proceedings of the 2nd USENIX Workshop on
Free and Open Communications on the Internet. (FOCI 2012). Bellevue, Washington. August 2012. pdf
- Daniela Oliveira and Jedidiah R. Crandall.
Holographic Vulnerability Studies: Vulnerabilities as Fractures in Interpretation as Information Flows Across Abstraction Boundaries. In the Proceedings of the New Security Paradigms Workshop (NSPW 2012). Bertinoro, Italy. pdf
- Roya Ensafi, Mike Jacobi, and Jedidiah R. Crandall. Students Who Don't Understand Information Flow Should be Eaten: An Experience Paper. In the Proceedings of the 5th USENIX Workshop on Cyber Security Experimentation and Test. (CSET 2012). Bellvue, Washington. August 2012. pdf
- Antonio M. Espinoza and Jedidiah R. Crandall. Work-in-Progress: Automated Named Entity Extraction for Tracking
Censorship of Current Events. In the Proceedings of the USENIX Workshop on Free and Open
Communications on the Internet. (FOCI 2011). San Francisco,
California. August 2011. pdf
- Jeffrey Knockel, Jedidiah R. Crandall, and Jared Saia.
Three Researchers,
Five Conjectures: An Empirical Analysis of TOM-Skype Censorship and
Surveillance. In the Proceedings of the USENIX Workshop on
Free and Open Communications on the Internet. (FOCI 2011). San
Francisco, California. August 2011. pdf
- Bilal Shebaro and Jedidiah R. Crandall.
Privacy-Preserving Network Flow Recording.
In the Proceedings of the DFRWS 2011 Annual Conference (DFRWS 2011).
New Orleans, Louisiana. August 2011. pdf
- Mohammed I. Al-Saleh and Jedidiah R. Crandall. Application-Level
Reconnaissance: Timing Channel Attacks Against Antivirus Software.
In the Proceedings of the 4th USENIX Workshop on Large-Scale Exploits and
Emergent Threats. (LEET 2011). Boston, Massachusetts. March 2011. pdf
- Mohammed I. Al-Saleh and Jedidiah R. Crandall.
On Information Flow for Intrusion Detection: What if Accurate Full-system Dynamic Information Flow Tracking Was Possible?
In the Proceedings of the New Security Paradigms Workshop (NSPW 2010). Concord, Massachusetts. September 2010. pdf
- Roya Ensafi, Jong Chun Park, Deepak Kapur, and Jedidiah R. Crandall.
Idle Port Scanning and Non-interference Analysis of Network Protocol Stacks
Using Model Checking. In the Proceedings of the 19th USENIX Security Symposium (USENIX Security 2010). Washington, D.C. August 2010. pdf
- Bilal Shebaro, Fernando Perez-Gonzalez, and Jedidiah R. Crandall.
Leaving Timing Channel Fingerprints in Hidden Service Log Files.
At the DFRWS 2010 Annual Conference (DFRWS 2010). Portland, Oregon. August 2010. pdf
- Jong Chun Park and Jedidiah R. Crandall.
Empirical Study of a National-Scale Distributed Intrusion Detection System: Backbone-Level Filtering of HTML Responses in China. In the Proceedings of the 30th International Conference on Distributed Computing Systems (ICDCS 2010). Genoa, Italy. June 2010. pdf
- Mohammed I. Al-Saleh, Patrick Bridges, and Jedidiah R. Crandall.
Architectural Support for Securing Sensor Networks Against Remote Attacks. In the Proceedings of the ISCA First International Conference on Sensor Networks and Applications (SNA-2009). San Francisco, CA. November 2009. pdf
- Jedidiah R. Crandall, John Brevik, Shaozhi Ye, Gary
Wassermann, Daniela A.S. de Oliveira, Zhendong Su, S. Felix Wu,
and Frederic T. Chong.
Putting Trojans on the Horns of a Dilemma: Redundancy
for Information Theft Detection. In the Special Issue
on Security in Computing of the Transactions on Computational Sciences
Journal (Springer LNCS), pages 244-262. pdf
- Jedidiah R. Crandall, Roya Ensafi, Stephanie Forrest, Joshua Ladau,
and Bilal Shebaro. The Ecology of Malware. In the
Proceedings of the New Security Paradigms Workshop (NSPW
2008).
Olympic Valley, California. September 2008. pdf
- Ryan Iwahashi, Daniela Oliveira, S. Felix Wu, Jedidiah Crandall,
Young-Jun Heo, Jin-Tae Oh, and Jong-Soo Jang. Toward
Automatically Generating Double-Free Vulnerability Signatures Using
Petri Nets. In the Proceedings of the 11th Information Security
Conference (ISC 2008). Taipei, Taiwan. September
2008.
- Daniela A.S. de Oliveira, Jedidiah R. Crandall, Gary Wassermann,
Shaozhi Ye, Felix Wu, Zhendong Su, and Frederic T. Chong.
Bezoar: Automated Virtual Machine-based Full-System Recovery
from Control-Flow Hijacking Attacks. In the Proceedings of the
2008
IEEE/IFIP Network Operations and Management Symposium (NOMS
2008). Salvador-Bahia, Brazil. April 2008. link
- Jedidiah R. Crandall, Daniel Zinn, Michael Byrd, Earl Barr, and
Rich East.
ConceptDoppler: A Weather Tracker for Internet
Censorship. In the Proceedings of the 14th ACM
Conference on Computer and Communications Security (CCS
2007). Alexandria, Virginia. October 2007.
pdf
- Jedidiah R. Crandall, Frederic T. Chong, and S. Felix Wu.
Minos: Architectural Support for Protecting Control
Data. Transactions on Architecture and Code Optimization
(TACO). Volume 3, Issue 4 (December 2006). pdf
- Jedidiah R. Crandall,
Gary
Wassermann, Daniela A. S. de Oliveira, Zhendong Su, S. Felix Wu, and
Frederic T. Chong. Temporal Search: Detecting Hidden Malware
Timebombs with Virtual Machines. In the Proceedings of the Twelfth
International Conference on Architectural
Support for Programming Languages and Operating Systems (ASPLOS
XII). San Jose, CA. October 2006. pdf
- Daniela A. S. de Oliveira, Jedidiah R. Crandall, Gary M.
Wassermann, S. Felix Wu, Zhendong Su, and Frederic T. Chong.
ExecRecorder: VM-Based Full-System Replay for Attack
Analysis and System Recovery.
Workshop on Architectural and System Support for Improving Software Dependability
(ASID). San Jose, California. October 2006.
link
- Jedidiah R. Crandall, Zhendong Su, S. Felix Wu, and Frederic T.
Chong.
On Deriving Unknown Vulnerabilities from Zero-Day
Polymorphic and Metamorphic Worm Exploits. In the proceedings of the 12th ACM
Conference on Computer and Communications Security (CCS
2005). Alexandria, Virginia. November 2005. pdf
- Jedidiah R. Crandall, S. Felix Wu, and Frederic T. Chong.
Experiences Using Minos as A Tool for Capturing and Analyzing
Novel Worms for Unknown Vulnerabilities. GI/IEEE SIG SIDAR
Conference on Detection of Intrusions and Malware and Vulnerability
Assessment (DIMVA 2005). Vienna, Austria. July 2005.
Springer Lecture Notes in Computer Science. pdf, slides
- Jedidiah R. Crandall, Frederic T. Chong. Minos: Control
Data Attack Prevention Orthogonal to Memory Model. In the Proceedings of the 37th
International Symposium on Microarchitecture (MICRO-37).
Portland, Oregon. December 2004. pdf
- Jedidiah R. Crandall and Frederic T. Chong.
A Security Assessment of the Minos Architecture.
Workshop on Architectural Support for Security and Anti-virus
(WASSA). Boston, Massachusetts. October 2004.
pdf
- John Oliver, Ravishankar Rao, Paul Sultana, Jedidiah Crandall, Erik
Czernikowski, Leslie Jones IV, Diana Franklin, Venkatesh Akella, and Frederic T. Chong. Synchroscalar: A Multiple Clock Domain,
Power-Aware, Tile-Based Embedded Processor. In the Proceedings of the International
Symposium on Computer Architecture (ISCA 2004). Munich,
Germany. June 2004. link
- Ravishankar Rao, John Oliver, Paul Sultana, Jedidiah Crandall, Erik
Czernikowski, Leslie W. Jones IV, Dean Copsey, Diana Keen, Venkatesh
Akella, and Frederic T. Chong.
Synchroscalar: Initial Lessons in Power-Aware Design of a
Tile-Based Embedded Architecture. Workshop on Power-Aware
Computer Systems (PACS) in conjunction with MICRO-36. San
Diego, California. December
2003. link
Some other random things...
An errata list for some of the above papers.
Latest source code from the DACODA repository
Older version of DACODA source code, but contains dacodanotes.txt that might be helpful.