4. Man-Ki Yoon, Sibin Mohan, Jaesik Choi, Mihai Christodorescu, and Lui Sha. Learning execution contexts from system call distribution for anomaly detection in smart embedded systems. In Proceedings of the 2nd ACM/IEEE International Conference on Internet-of-Things Design and Implementation (IoTDI 2017), April 2017.
5. Man-Ki Yoon, Sibin Mohan, Jaesik Choi, Mihai Christodorescu, and Lui Sha. Intrusion detection using execution contexts learned from system call distributions of real-time embedded systems. CoRR, abs/1501.05963, 2015. URL http://arxiv.org/abs/1501.05963.
6. Rui Han, Alejandro Mesa, Mihai Christodorescu, and Saman A. Zonouz. Troguard: context-aware protection against web-based socially engineered trojans. In Proceedings of the 30th Annual Computer Security Applications Conference, ACSAC 2014, New Orleans, LA, USA, December 8-12, 2014, pages 66–75, 2014. doi: 10.1145/2664243.2664270. URL http://doi.acm.org/10.1145/2664243.2664270.
7. Douglas Lee Schales, Mihai Christodorescu, Xin Hu, Jiyong Jang, Josyula R. Rao, Reiner Sailer, Marc Ph. Stoecklin, Wietse Venema, and Ting Wang. Stream computing for large-scale, multichannel cyber threat analytics. In Proceedings of the 15th IEEE International Conference on Information Reuse and Integration, IRI 2014, Redwood City, CA, USA, August 13-15, 2014, pages 8–15, 2014. doi: 10.1109/IRI.2014.7051865. URL http://dx.doi.org/10.1109/IRI.2014.7051865.
8. Vern Paxson, Mihai Christodorescu, Mobin Javed, Josyula Rao, Reiner Sailer, Douglas Schales, Marc Ph. Stoecklin, Kurt Thomas, Wietse Venema, and Nicholas Weaver. Practical comprehensive bounds on surreptitious communication over dns. In Proceedings of the 22nd USENIX Conference on Security, SEC’13, pages 17–32, Berkeley, CA, USA, 2013. USENIX Association. ISBN 978-1-931971-03-4. URL http://dl.acm.org/citation.cfm?id=2534766.2534769.
9. Pedro Giovanni Leon, Blase Ur, Yang Wang, Manya Sleeper, Rebecca Balebako, Richard Shay, Lujo Bauer, Mihai Christodorescu, and Lorrie Faith Cranor. What matters to users?: Factors that affect users’ willingness to share information with online advertisers. In Proceedings of the Ninth Symposium on Usable Privacy and Security, SOUPS ’13, pages 7:1–7:12, New York, NY, USA, 2013. ACM. ISBN 978-1-4503-2319-2. doi: 10.1145/2501604.2501611. URL http://doi.acm.org/10.1145/2501604.2501611.
10. Shakeel Butt, Vinod Ganapathy, Arati Baliga, and Mihai Christodorescu. Monitoring data structures using hardware transactional memory. In Proceedings of the 2nd International Conference on Runtime Verification (RV’11), volume 7186 of Lecture Notes in Computer Science, pages 345–359, San Francisco, CA, USA, September 27–30, 2011. Springer. ISBN 978-3-642-29859-2.
11. Matthew Fredrikson, Mihai Christodorescu, and Somesh Jha. Dynamic behavior matching: A complexity analysis and new approximation algorithms. In Nikolaj Bjørner and Viorica Sofronie-Stokkermans, editors, Proceedings of the 23rd International Conference on Automated Deduction (CADE’11) , volume 6803 of Lecture Notes in Computer Science , pages 252–267. Springer, July 31–August 5, 2011. ISBN 978-3-642-22437-9. doi: 10.1007/978-3-642-22438 6.
12. Andrea Lanzi, Davide Balzarotti, Christopher Kruegel, Mihai Christodorescu, and Engin Kirda. AccessMiner: using system-centric models for malware protection. In Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS’10) , pages 399–412, New York, NY, USA, 2010. ACM Press. ISBN 978-1-4503-0245-6. doi: 10.1145/1866307.1866353.
13. Matt Fredrikson, Somesh Jha, Mihai Christodorescu, Reiner Sailer, and Xifeng Yan. Synthesizing near-optimal malware specifications from suspicious behaviors. In Proceedings of the 2010 IEEE Symposium on Security and Privacy (S&P’10) , pages 45–60, May 2010. doi: 10.1109/SP.2010.11.
14. Mihai Christodorescu, Reiner Sailer, Douglas Lee Schales, Daniele Sgandurra, and Diego Zamboni. Cloud security is not (just) virtualization security: a short paper. In Radu Sion and Dawn Song, editors, Proceedings of the 2009 ACM Cloud Computing Security Workshop (CCSW’09) , pages 97–102. ACM Press, November 13, 2009. ISBN 978-1-60558-784-4. doi: 10.1145/1655008.1655022.
15. Chen Chen, Cindy X Lin, Matt Fredrikson, Mihai Christodorescu, Xifeng Yan, and Jiawei Han. Mining graph patterns efficiently via randomized summaries. Proceedings of the VLDB Endowment , 2(1):742–753, August 2009. ISSN 2150 8097.
16. Mihai Christodorescu. Private use of untrusted web servers via opportunistic encryption. In Proceedings of the Web 2.0 Security & Privacy Workshop 2008 (W2SP’08) , May 2008.
17. Lorenzo Martignoni, Mihai Christodorescu, and Somesh Jha. Omniunpack: Fast, generic, and safe unpacking of malware. In Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC’07) , pages 431–441. IEEE Computer Society, December 10–14, 2007.
18. Mihai Christodorescu, Christopher Kruegel, and Somesh Jha. Mining specifications of malicious behavior. In Proceedings of the 6th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE’07) ,pages 5–14, New York, NY, USA, 2007. ACM Press. ISBN 978-1-59593-811-4. doi: 10.1145/1287624.1287628.
19. Mihai Christodorescu, Somesh Jha, Johannes Kinder, Stefan Katzenbeisser, and Helmut Veith. Software transformations to improve malware detection. Journal in Computer Virology , 3(4):253–265, 2007. doi: 10.1007/s11416-007-0059-8.
20. Mila Dalla Preda, Mihai Christodorescu, Somesh Jha, and Saumya Debray. A semantics-based approach to malware detection. In Proceedings of the 34th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’07) , pages 377–388, New York, NY, USA, January 17–19, 2007. ACM Press. doi: 10.1145/1190216.1190270.
21. Jonathon Giffin, Mihai Christodorescu, and Louis Kruger. Strengthening software selfchecksumming via self-modifying code. In Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC’05) , pages 18–27, Tucson, AZ, USA, December 5–9, 2005. Applied Computer Associates, IEEE Computer Society.
22. Shai Rubin, Mihai Christodorescu, Vinod Ganapathy, Jonathon T. Giffin, Louis Kruger, Hao Wang, and Nicholas Kidd. An auctioning reputation system based on anomaly detection. In Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS’05) , pages 270–279, New York, NY, USA, 2005. ACM Press. ISBN 1-59593-226-7. doi: 10.1145/1102120.1102156.
23. Mihai Christodorescu, Nicholas Kidd, and Wen-Han Goh. String analysis for x86 binaries. In Proceedings of the 6th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE’05) , Lisbon, Portugal, September 5–6, 2005. ACM Press.
24. Mihai Christodorescu, Somesh Jha, Sanjit A. Seshia, Dawn Song, and Randal E. Bryant. Semantics-aware malware detection. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’05) , pages 32–46, Oakland, CA, USA, May 8–11, 2005. IEEE Computer Society.
25. Mihai Christodorescu and Somesh Jha. Testing malware detectors. In Proceedings of the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA’04), pages 34–44,Boston, MA, USA, July 11–14, 2004. ACM SIGSOFT, ACM Press.
26. Mihai Christodorescu and Somesh Jha. Static analysis of executables to detect malicious patterns. In Proceedings of the 12th USENIX Security Symposium (Security’03) , pages 169–186, Washington,DC, USA, August 4–8, 2003. USENIX Association.
Journal publications
1. Marc Ph. Stoecklin, Kapil Singh, Larry Koved, Xin Hu, Suresh N. Chari, Josyula R. Rao, P.-C. Cheng, Mihai Christodorescu, Reiner Sailer, and Douglas Lee Schales. Passive security intelligence to analyze the security risks of mobile/BYOD activities. IBM Journal of Research and Development , 60(4):9, 2016. doi: 10.1147/JRD.2016.2569858.
2. Mila Dalla Preda, Mihai Christodorescu, Somesh Jha, and Saumya K. Debray. A semantics-based approach to malware detection. ACM Transactions on Programming Languages and Systems (TOPLAS) , 30(5), 2008.
3. Barton P. Miller, Mihai Christodorescu, Robert Iverson, Tevfik Kosar, Alexander Mirgorodskii, and Florentina Popovici. Playing inside the black box: Using dynamic instrumentation to create security holes. Parallel Processing Letters, 11(2/3):267–280, June/September 2001.
Invited publications
1. Somesh Jha, Matthew Fredrikson, Mihai Christodorescu, Reiner Sailer, and Xifeng Yan. Synthesizing near-optimal malware specifications from suspicious behaviors. In 8th International Conference on Malicious and Unwanted Software: "The Americas", MALWARE 2013, Fajardo, PR, USA, October 22-24, 2013 , pages 41–50, 2013. doi: 10.1109/MALWARE.2013.6703684. URL http://dx.doi.org/10.1109/MALWARE.2013.6703684 .
2. Mihai Christodorescu, Somesh Jha, and Christopher Kruegel. Mining specifications of malicious behavior. In Gautam Shroff, Pankaj Jalote, and Sriram K. Rajamani, editors, Proceedings of the 1st Annual India Software Engineering Conference (ISEC’08) , pages 5–14. ACM Press, February 19–22, 2008. ISBN 978-1-59593-917-3.
3. Mihai Christodorescu and Vinod Ganapathy. Dynamic analysis. In Henk C. A. van Tilborg and Sushil Jajodia, editors, Encyclopedia of Cryptography and Security, 2nd ed, pages 365–367. Springer, 2011. ISBN 978-1-4419-5905-8. doi: 10.1007/978-1-4419-5906-5_836.
4. Mihai Christodorescu, Matthew Fredrikson, Somesh Jha, and Jonathon Giffin. End-to-end software diversification of internet services. In Sushil Jajodia, Anup K. Ghosh, Vipin Swarup, CliffWang, and Sean X.Wang, editors, Moving Target Defense, volume 54 of Advances in Information Security , pages 117–130. Springer New York, 2011. ISBN 978-1-4614-0977-9. doi: 10.1007/978-1-4614-0977-9_7.
5. Matt Fredrikson, Mihai Christodorescu, Jonathon Giffin, and Somesh Jha. A declarative framework for intrusion analysis. In Sushil Jajodia, Peng Liu, Vipin Swarup, and Cliff Wang, editors, Cyber Situational Awareness , volume 46 of Advances in Information Security , pages 179–200. Springer US, 2010. ISBN 978-1-4419-0140-8. doi: 10.1007/978-1-4419-0140-8_9.
6. Mihai Christodorescu and Shai Rubin. Can cooperative intrusion detectors challenge the base-rate fallacy? In Mihai Christodorescu, Somesh Jha, Douglas Maughan, Dawn Song, and Cliff Wang, editors, Malware Detection , volume 27 of Advances in Information Security , pages 193–209, August 2005. This edited volume represents the proceedings of the 2005 ARO-DHS Special Workshop on Malware Detection, Aug. 10–11, 2005, Arlington, VA, USA.
Technical reports
1. Douglas L. Schales, Mihai Christodorescu, Josyula R. Rao, Reiner Sailer, Marc Ph. Stoecklin, and Wietse Venema. Stream computing for large-scale, multi-channel cyber threat analytics: Architecture, implementation, deployment, and lessons learned. Technical Report RC25172, IBM T.J. Watson Research Center, 2011.
2. Douglas L. Schales, Mihai Christodorescu, Mitchell A. Cohen, Josyula R. Rao, and Reiner Sailer. Calypsos: An experimentation-friendly, real-time, and scalable cybersecurity analytics engine. Technical Report RC25153, IBM T.J. Watson Research Center, 2011.
3. Mihai Christodorescu, Johannes Kinder, Somesh Jha, Stefan Katzenbeisser, and Helmut Veith. Malware normalization. Technical Report 1539, University of Wisconsin, Madison, WI, USA, November 2005.
4. Jonathon T. Giffin, Mihai Christodorescu, and Louis Kruger. Strengthening software self-checksumming via self-modifying code. Technical Report 1531, University of Wisconsin, Madison, WI, USA, September 2005.
5. Tevfik Kosar, Mihai Christodorescu, and Robert Iverson. Opening pandora’s box: Using binary code rewrite to bypass license checks. Technical Report 1479, University of Wisconsin, Madison, WI, USA, April 2003.
6. Mihai Christodorescu and Somesh Jha. SAFE: Static analysis for executables. Technical Report 1467, University of Wisconsin, Madison, WI, USA, February 2003.