V. N. Venkatakrishnan
Associate Dean for Research and Graduate Studies, Engineering
Department of Computer Science
Building & Room:
851 S. Morgan St, MC 159, Chicago, IL, 60607
Building & Room:
851 S. Morgan St, MC 152, Chicago, IL, 60607
My research areas broadly span topics in Computer Systems Security, with use of ideas from compilers, operating systems and formal methods for defending cyber attacks.
I've been fortunate to work with a group of outstanding students and postdocs!
Current Student Advisees
- Sadegh Momemi (Ph.D)
- Vijay Sai Prasanth Kommini (M.S.)
- Mike Ter Louw (Ph.D) (now at LGS innovations)
- Prithvi Bisht (Ph.D) (now at Adobe)
- Kalpana Gondi (Ph.D) (co-advised with Prof. Prasad Sistla) (now at Amazon)
- Tim Hinrichs (post-doc) (co-advise with Lenore Zuck) (now at VMWare)
- Rigel Gjomemo (now Research Assistant Professor at University of Illinois at Chicago)
- Phu H. Phung (post-doc) (now Asst. Professor of Computer Science at Univ of Dayton)
- Maliheh Monshizadeh (Ph.D)
- Birhanu Mekuria (now Assistant Professor at University of Michigan, Dearborn)
- Abeer Alhuzali (Ph.D) (now Asst. Professor at King AbdulAziz University in Saudi Arabia)
I am a member of the following Chicago-area organizations:
- HOLMES: Real-time APT Detection through Correlation of Suspicious Information Flows (with Sadegh M. Milajerdi, Rigel Gjomemo, Birhanu Eshete, R. Sekar ), 40th IEEE Symposium on Security and Privacy (Oakland’19), San Francisco, CA, May 2019.
- NAVEX: Precise and Scalable Exploit Generation for Dynamic Web Applications (with Abeer Alhuzali, Rigel Gjomemo, Birhanu Eshete), 27th USENIX Security Symposium (SEC’18), Baltimore, MD. Distinguished Paper Award!!
- SLEUTH: Real-time Attack Scenario Reconstruction from COTS Audit Data (with Md Nahid Hossain, Sadegh M. Milajerdi, Junao Wang, Birhanu Eshete, Rigel Gjomemo, R. Sekar and Scott Stoller ) 26th USENIX Security Symposium (SEC’17), Vancouver, BC, Canada. (85 out of 522 submissions, 17%).
- Chainsaw: Chained Automated Workflow-based Exploit Generation (with Abeer Alhuzhali, Birhanu Eshete and Rigel Gjomemo ) ACM Conference on Computer and Communications Security (CCS), Vienna, Austria 2016. (Acceptance Rate: 16%).
- Leveraging Static Analysis Tools for Improving Usability of Memory Error Sanitization Compilers, (with Rigel Gjomemo, Phu H. Phung, Ted Ballou, Kedar Namjoshi, V.N. Venkatakrishnan and Lenore Zuck), IEEE Conference on Quality, Reliability and Security (QRS), Vienna, Austria August 2016. (Acceptance Rate 29%) Best Paper Award!!
- MACE: Detecting Privilege Escalation Vulnerabilities in Web Applications (with Maliheh Monshizadeh and Prasad Naldurg). 21st ACM Conference on Computer and Communications Security (CCS), Scottsdale, Arizona, November 2014. (115 papers accepted out of 585, 19.6%)
- NoTamper: Automatically Detecting Parameter Tampering Vulnerabilities in Web Applications (with Prithvi Bisht, Timothy Hinrichs, Nazari Skrupsky, and Radoslaw Bobrowicz), ACM Conference on Computer and Communications Security (CCS’10), Chicago, IL, Oct 2010. PDF. (55 papers accepted out of 320, 17.6%). Among the 10 nationwide finalists for the 2010 ATT Award for Best Applied Security Research paper.
- AdJail: Practical Enforcement of Confidentiality and Integrity Policies on Web Advertisements (with Mike Ter Louw and Karthik Thotta Ganesh). USENIX Security Symposium (SECURITY’10) , Washington D.C. Aug 2010. PDF. (30 papers accepted out of 202, 14.8%).
- BluePrint: Robust Prevention of Cross-site Scripting Attacks for Existing Browsers (with Mike Ter Louw). IEEE Symposium on Security and Privacy (Oakland’09), Oakland, CA, May 2009.PDF. (26 out of 254 papers, 10.2%). Award for the 2009 ATT Award for Best Applied Security Research paper.
- XSS-Guard: Precise Dynamic Prevention of Cross-Site Scripting Attacks (with Prithvi Bisht ). Fifth GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment (DIMVA’08), Paris, France, July 2008. PDF. (Acceptance 13 out of 42 papers, 31%).
- CANDID: Preventing SQL Injection Attacks Using Dynamic Candidate Evaluations (with Sruthi Bandhakavi, Prithvi Bisht and P. Madhusudan). 14th ACM Conference on Computer and Communications Security (CCS) Alexandria, Virginia, November 2007. PDF (Acceptance rate: 55 out of 303 Submissions, 18%).
- Isolated Program Execution: An application transparent approach for executing untrusted programs (with Zhenkai Liang and R. Sekar). 19th Annual Computer Application Security Conference (ACSAC 03), Las Vegas, December 2003. PDF Best Paper Award!!
- Model Carrying Code: A practical approach for safe execution of untrusted applications (with R. Sekar, Samik Basu, Sandeep Bhatkarand Daniel C. DuVarney). 19th ACM Symposium on Operating System Principles (SOSP 03), Bolton Landing, New York, October 2003. PDF. (Acceptance rate: 17%).
I graduated with a Ph.D in Computer Science in December 2004, from Stony Brook University (formerly, SUNY @ StonyBrook). My advisor was R. Sekar.