Examines impact of Ghidra’s 39 releases and 13,000 commits on code similarity analysis and metrics like analysis time and function detection, revealing that newer versions don’t always provide superior results for every use case.
Journal article demonstrating that multifidelity sampling techniques combining high and low-fidelity network simulations produce estimators with significantly lower variance, making them effective UQ tools for network analysis.
Describes automated methods and tools for discovering information systems through network and host analysis to create high-fidelity emulation models, demonstrated on SCinet with 5 routers and 10,000 endpoints.
Sandia LDRD report summarizing a three-year project to quantify behavioral (not performance) differences between emulations and real-world systems by running representative workloads on both and comparing collected metrics.
Documents lessons learned from running over 10,000 experiments and processing half a petabyte of data to quantify behavioral (not just performance) differences between virtual and physical testbeds for cyber security research.
Investigates multifidelity UQ strategies for network simulations by combining limited high-fidelity model runs with numerous lower-fidelity evaluations to achieve more accurate estimators with lower variance.
Comparative analysis quantifying behavioral differences between physical and virtual testbeds for cyber security research to assess the fidelity of virtualized environments for experimentation.
Proposes Mobile Trusted-Origin Policy to authenticate mobile apps accessing network APIs by annotating HTTP requests with app provenance, preventing click fraud and API abuse through code isolation and origin verification.
Demonstrates how adversaries can subvert DBSCAN clustering by injecting bridge points to merge arbitrary clusters, degrading system performance, and proposes machine learning-based remediation using outlier detection.
PhD dissertation presenting scalable semantics-based approaches for detecting similar Android applications, with applications to clone detection, malware analysis, and security assessment.