Dawn Song

Associate Professor

Research Areas

• Operating Systems & Networking (OSNT)
• Programming Systems (PS)
• Security (SEC)

Research Centers

• Team for Research in Ubiquitous Secure Technology (TRUST)

Biography

Dawn Song is an Assistant Professor at University of California, Berkeley. She obtained her PhD in Computer Science from UC Berkeley (2002). Prior to joining UC berkeley, she was an Assistant Professor at Carnegie Mellon Univeristy from 2002 to 2007. Her research interest lies in security and privacy issues in computer systems and networks. She is the author of more than 60 research papers in areas ranging from software security, networking security, database security, distributed systems security, to applied cryptography. She is the recipient of various awards and grants including the NSF CAREER Award, the IBM Faculty Award, the George Tallman Ladd Research Award, the Sloan Award, and the Best Paper Award in USENIX Security Symposium.

Selected Publications

• T. H. Chan, E. Shi, and D. Song, "Private and Continual Release of Statistics.," in Proceedings of the 37th international colloquium conference on Automata, languages and programming: Part II, ICALP'10, Berlin, Heidelberg: Springer-Verlag, 2010, pp. 405--417.
• H. Yin, P. Poosankam, S. Hanna, and D. Song, "HookScout: Proactive Binary-Centric Hook Detection.," in Seventh Conference on Detection of Intrusions and Malware & Vulnerability Assessment.( DIMVA 2010), 2010.
• D. Akhawe, A. Barth, P. Lam, J. C. Mitchell, and D. Song, "Towards a Formal Foundation of Web Security," in Proceedings of the Computer Security Foundations Symposium (CSF 2010), 2010.
• S. Hanna, R. Shin, D. Akhawe, A. Boehm, and D. Song, "The Emperor's New API: On the (In)Secure Usage of New Client Side Primitives," in W2SP 2010: WEB 2.0 SECURITY AND PRIVACY 2010, 2010.
• P. Saxena, D. Akhawe, S. Hanna, F. Mao, S. McCamant, and D. Song, "A symbolic execution framework for javascript," in Proceedings of the IEEE Symposium on Security and Privacy, 2010.
• C. Y. Cho, C. Juan, G. Chris, V. Paxson, and D. Song, "Insights from the Inside: A View of Botnet Management from Infiltration," in 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), 2010.
• J. Caballero, N. Johnson, S. McCamant, and D. Song, "Binary code extraction and interface identification for security applications.," in 17th Annual Network and Distributed Systems Symposium (NDSS 2010), 2010.
• P. Saxena, S. Hanna, P. Poosankam, and D. Song, "FLAX: Systematic discovery of client-side validation vulnerabilities in rich web applications," in 17th Annual Network & Distributed System Security Symposium,(NDSS), 2010.
• J. Bethencourt, E. Shi, and D. Song, "Signatures of Reputation: Towards Trust Without Identity.," in Financial Cryptography and Data Security '10. Fourteenth International Conference, 2010.
• A. Barth, B. I. P. Rubinstein, M. Sundararajan, J. C. Mitchell, D. Song, and P. Bartlett, "A Learning-Based Approach to Reactive Security," in Financial Cryptography and Data Security '10. Fourteenth International Conference, 2010.
• S. Venkataraman, A. Blum, D. Song, S. Sen, and O. Spatscheck, "Tracking Dynamic Sources of Malicious Activity at Internet Scale," in Advances in Neural Information Processing Systems (NIPS 2009), 2009.
• M. G. Kang, H. Yin, S. McCamant, and D. Song, "Emulating Emulation-Resistant Malware.," in Proceedings of the 2nd Workshop on Virtual Machine Security, 2009.
• J. Caballero, Z. Liang, P. Poosankam, and D. Song, "Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration.," in Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection, September 2009, 2009.
• A. Barth, J. Weinberger, and D. Song, "Cross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense.," in Proceedings of USENIX Security Symposium, August 2009., 2009.
• P. Saxena, P. Poosankam, S. McCamant, and D. Song, "Loop-Extended Symbolic Execution on Binary Programs.," in Proceedings of the ACM/SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), July 2009., 2009.
• J. Newsome, S. McCamant, and D. Song, "Measuring Channel Capacity to Distinguish Undue Influence.," in Proceedings of the Fourth ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS), June 2009, 2009.
• A. Barth, J. Caballero, and D. Song, "Secure Content Sniffing for Web Browsers or How to Stop Papers from Reviewing Themselves.," in Proceedings of the IEEE Symposium on Security and Privacy, May 2009., 2009.
• Y. Nadji, P. Saxena, and D. Song, "Document structure integrity: A robust basis for cross-site scripting defense.," in Proceedings of the Network and Distributed System Security Symposium, 2009.
• J. Bethencourt, D. Song, and B. Waters, "New techniques for private stream searching," ACM Transactions on Information and System Security (TISSEC), vol. 12, no. 3, pp. 16, Jan. 2009.
• D. Gao, M. K. Reiter, and D. Song, "BinHunt: Automatically Finding Semantic Differences in Binary Programs.," in Proceedings of the 4th International Conference on Information Systems Security, December 2008., L. Chen, M. D. Ryan, and G. Wang, Eds., 2008.