Publications, Papers and Presentations

Steven Hanna. Attacks on Emerging Architectures. Dissertation. Technical Report. Summer 2012.

Steven Hanna, Ling Huang, Edward Wu, Saung Li, Charles Chen and Dawn Song Juxtapp: A Scalable System for Detecting Code Reuse Among Android Applications. DIMVA 2012.

Adrienne Porter Felt, Matthew Finifter, Erika Chin, Steven Hanna, and David Wagner. A Survey of Mobile Malware in the Wild. ACM Workshop on Security and Privacy in Mobile Devices (SPSM) 2011.

Steven Hanna, Rolf Rolles, Andre ́s Molina-Markham, Pongsin Poosankam, Kevin Fu, Dawn Song. Take two software updates and see me in the morning: The Case for Software Security Evaluations of Medical Devices. Slides. Usenix Health Security 2011. This work is in collaboration with the Medical Device Security Center and made possible by medical devices provided by the Open Medical Device Research Library.

Adrienne Porter Felt, Erika Chin, Steven Hanna, Dawn Song, and David Wagner. Android Permissions Demystified. ACM CCS 2011.

Adrienne Porter Felt, Helen Wang, Alex Moshchuk, Steven Hanna, and Erika Chin. Permission Re-Delegation: Attacks and Defenses. Usenix Security 2011.

Heng Yin, Pongsin Poosankam, Steven Hanna, Dawn Song. HookScout: Proactive Binary-Centric Hook Detection. DIMVA 2010.

Steven Hanna, Richard Shin, Devdatta Akhawe, Arman Boehm, Prateek Saxena, Dawn Song. The Emperors New APIs: On the (In)Secure Usage of New Client-side Primitives. Web 2.0 Security and Privacy 2010 (W2SP). Slides.

Prateek Saxena, Devdatta Akhawe, Steven Hanna, Feng Mao, Stephen McCamant and Dawn Song. A Symbolic Execution Framework for JavaScript. IEEE Security and Privacy 2010. This paper won the ATT Award for Best Applied Security Research Paper 2010!!!

Prateek Saxena, Steven Hanna, Pongsin Poosankam, Dawn Song. FLAX: Systematic Discovery of Client-side Validation Vulnerabilities in Rich Web Applications. NDSS 2010.

Min Gyung Kang, Heng Yin Steven Hanna, Stephen McCamant, and Dawn Song. Emulating emulation-resistant malware. VMSec '09: Proceedings of the 1st ACM workshop on Virtual machine security.

David Nicol, Steven Hanna, William Sanders and Frank Stratton. Modeling and Analysis of Worm Defense Using Stochastic Activity Networks. Symposium on Simulation Software Security (SSSS'07) .

Steven Hanna, David Nicol. Exploring the Behavior of Flash Worms on a Large Topology. Proceedings of the Undergraduate Research Symposium, University of Illinois Urbana Champaign 2006 .

Steven Hanna, David Nicol. Implementation and Instrumentation of a Flash-Worm. Proceedings of the Deterlab Workshop 2006 .

Steven Hanna. Shellcoding for Linux and Windows Tutorial. White paper, 2004. In use/used by CS498, Cyber Security Lab at UIUC, CS38 Security and Privacy at Dartmouth, as well as being widely regarded as an excellent source for learning shellcoding.

even, much, much older project and presentations