Faculty Publications - Dawn Song

Books

• M. Christodorescu, S. Jha, D. Maughan, D. Song, and C. Wang, Eds., Malware Detection, Advances in Information Security, Vol. 27, New York, NY: Springer Science+Business Media, LLC, 2006.

Book chapters or sections

• M. G. Kang, J. Caballero, and D. Song, "Distributed evasive scan techniques and countermeasures," in Detection of Intrusions and Malware, and Vulnerability Assessment: Proc. 4th Intl. Conf. (DIMVA 2007), B. M. Hammerli and R. Sommer, Eds., Lecture Notes in Computer Science, Vol. 4579, Berlin, Germany: Springer-Verlag, 2007, pp. 157-174.
• D. Brumley, J. Newsome, and D. Song, "Sting: An end-to-end self-healing system for defending against Internet worms," in Malware Detection, M. Christodorescu, S. Jha, D. Maughan, D. Song, and C. Wang, Eds., Advances in Information Security, Vol. 27, New York, NY: Springer Science+Business Media, LLC, 2006, pp. 147-170.
• D. Gao, M. K. Reiter, and D. Song, "Behavioral distance for intrusion detection," in Recent Advances in Intrusion Detection: Proc. 8th Intl. Symp. (RAID 2005). Revised Papers, A. Valdez and D. Zamboni, Eds., Lecture Notes on Computer Science, Vol. 3858, Berlin, Germany: Springer-Verlag, 2006, pp. 63-81.
• J. Newsome, B. Karp, and D. Song, "Paragraph: Thwarting signature learning by training maliciously," in Recent Advances in Intrusion Detection: Proc. 9th Intl. Symp. (RAID 2006), D. Zamboni and C. Kruegel, Eds., Lecture Notes in Computer Science, Vol. 4219, Berlin, Germany: Springer-Verlag, 2006, pp. 81-105.
• D. Gao, M. K. Reiter, and D. Song, "Behavioral distance measurement using hidden Markov models," in Recent Advances in Intrusion Detection: Proc. 9th Intl. Symp. (RAID 2006), D. Zamboni and C. Kruegel, Eds., Lecture Notes in Computer Science, Vol. 4219, Berlin, Germany: Springer-Verlag, 2006, pp. 19-40.
• L. Kissner and D. Song, "Privacy-preserving set operations," in Advances in Cryptology: Proc. 25th Annual Intl. Cryptology Conf. (CRYPTO 2005), V. Shoup, Ed., Lecture Notes in Computer Science, Vol. 3621, Berlin, Germany: Springer-Verlag, 2005, pp. 241-257.
• A. Blum, D. Song, and S. Venkataraman, "Detection of interactive stepping stones: Algorithms and confidence bounds," in Recent Advances in Intrusion Detection: Proc. 7th Intl. Symp. (RAID 2004), E. Jonsson, A. Valdes, and M. Almgren, Eds., Lecture Notes in Computer Science, Vol. 3224, Berlin, Germany: Springer-Verlag, 2004, pp. 258-277.
• L. Kissner, A. Oprea, M. K. Reiter, D. Song, and K. Yang, "Private keyword-based push and pull with applications to anonymous communication (Extended Abstract)," in pplied Cryptography and Network Security: Proc. 2nd Intl. Conf. (ACNS 2004), M. Jakobsson, M. Yung, and J. Zhou, Eds., Lecture Notes in Computer Science, Vol. 3089, Berlin, German y: Springer-Verlag, 2004, pp. 16-30.
• G. Ateniese, D. Song, and G. Tsudik, "Quasi-efficient revocation of group signatures," in Financial Cryptography: Proc. 6th Intl. Conf. (FC 2002). Revised Papers, M. Blaze, Ed., Lecture Notes in Computer Science, Vol. 2357, Berlin, Germany: Springer-Verlag, 2003, pp. 183-197.
• R. Johnson, D. Molnar, D. Song, and D. Wagner, "Homomorphic signature schemes," in Topics in Cryptography: The Cryptographer's Track at the RSA Conf. (CT-RSA 2002), B. Preneel, Ed., Lecture Notes in Computer Science, Vol. 2271, Berlin, Germany: Springer-Verlag, 2002, pp. 244-262.
• D. Song, A. Perrig, and D. Phan, "AGVI - Automatic Generation, Verification, and Implementation of security protocols," in Computer Aided Verification: Proc. 13th Intl. Conf. (CAV 2001), G. Berry, H. Comon, and A. Finkel, Eds., Lecture Notes in Computer Science, Vol. 2102, Berlin, Germany: Springer-Verlag, 2001, pp. 241-245.

Articles in journals or magazines

• J. Tucek, J. Newsome, S. Lu, C. Huang, S. Xanthos, D. Brumley, Y. Zhou, and D. Song, "Sweeper: A lightweight end-to-end system for defending against fast worms," ACM SIGOPS Operating Systems Review, vol. 41, no. 3, pp. 115-128, June 2007.
• H. Chen, A. Perrig, B. Przydatek, and D. Song, "SIA: Secure Information Aggregation in sensor networks," J. Computer Security: Special Issue on Security of Ad Hoc and Sensor Networks, vol. 15, no. 1, pp. 69-102, Jan. 2007.
• A. Yaar, A. Perrig, and D. Song, "StackPi: New packet marking and filtering mechanisms for DDoS and IP spoofing defense," IEEE J. Selected Areas in Communications, vol. 24, no. 10, pp. 1853-1863, Oct. 2006.
• A. Perrig, R. Canetti, D. Tygar, and D. Song, "The TESLA broadcast authentication protocol," RSA Cryptobytes, vol. 5, no. 2, pp. 2-13, 2002.
• D. Song, S. Berezin, and A. Perrig, "Athena: A novel approach to efficient automatic security protocol analysis," J. Computer Security, vol. 9, no. 1/2, pp. 47-74, Jan. 2001.

Articles in conference proceedings

• D. Brumley, P. Poosankam, D. Song, and J. Zheng, "Automatic patch-based exploit generation is possible: Techniques and implications," in Proc. 2008 IEEE Symp. on Security and Privacy (SP'08), Los Alamitos, CA: IEEE Computer Society, 2008, pp. 143-157.
• S. Venkataraman, A. Blum, and D. Song, "Limits of learning-based signature generation with adversaries," in Proc. 15th Annual Network and Distributed System Security Symp. (NDSS '08), Reston, VA: Internet Society, 2008, pp. 16 pg.
• H. Yin, Z. Liang, and D. Song, "HookFinder: Identifying and understanding malware hooking behaviors," in Proc. 15th Annual Network and Distributed System Security Symp. (NDSS '08), Reston, VA: Internet Society, 2008, pp. 16 pg.
• J. Caballero, T. Kampouris, D. Song, and J. Wang, "Would diversity really increase the robustness of the routing infrastructure against software defects?," in Proc. 15th Annual Network and Distributed System Security Symp. (NDSS '08), Reston, VA: Internet Society, 2008, pp. 15 pg.
• J. Bethencourt, D. Song, and B. Waters, "Analysis-resistant malware," in Proc. 15th Annual Network and Distributed System Security Symp. (NDSS '08), Reston, VA: Internet Society, 2008, pp. 13 pg.
• G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, "Provable data possession at untrusted stores," in Proc. 14th ACM Conf. on Computer and Communications Security (CCS '07), P. Ning, Ed., New York, NY: The Association for Computing Machinery, Inc., 2007, pp. 598-609.
• J. Caballero, H. Yin, Z. Liang, and D. Song, "Polyglot: Automatic extraction of protocol message format using dynamic binary analysis," in Proc. 14th ACM Conf. on Computer and Communications Security (CCS '07), P. Ning, S. De Capitani di Vimercati, and P. Syverson, Eds., New York, NY: The Association for Computing Machinery, Inc., 2007, pp. 317-329.
• H. Yin, D. Song, M. Egele, C. Kruegel, and E. Kirda, "Panorama: Capturing system-wide information flow for malware detection and analysis," in Proc. 14th ACM Conf. on Computer and Communications Security (CCS '07), P. Ning, S. De Capitani di Vimercati, and P. F. Syverson, Eds., New York, NY: The Association for Computing Machinery, Inc., 2007, pp. 116-127.
• S. Venkataraman, S. Sen, O. Spatscheck, P. Haffner, and D. Song, "Exploiting network structure for proactive spam mitigation," in 16th USENIX Security Symp., Berkeley, CA: USENIX Association, 2007, pp. 149-166.
• D. Brumley, J. Caballero, Z. Liang, J. Newsome, and D. Song, "Towards automatic discovery of deviations in binary implementations with applications to error detection and fingerprint generation (Best Paper Award)," in Proc. 16th USENIX Security Symp. (Security '07), Berkeley, CA: USENIX Association, 2007, pp. 213-228.
• D. Brumley, H. Wang, S. Jha, and D. Song, "Creating vulnerability signatures using weakest preconditions," in Proc. 20th IEEE Computer Security Foundations Symp. (CSF '07), Los Alamitos, CA: IEEE Computer Society, 2007, pp. 311-325.
• M. Egele, C. Kruegel, E. Kirda, H. Yin, and D. Song, "Dynamic spyware analysis," in 2007 USENIX Annual Technical Conf. (USENIX '07), Berkeley, CA: USENIX Association, 2007, pp. 233-246.
• E. Shi, J. Bethencourt, T. H. Chan, D. Song, and A. Perrig, "Multi-dimensional range query over encrypted data," in Proc. 2007 IEEE Symp. on Security and Privacy (SP '07), Los Alamitos, CA: IEEE Computer Society, 2007, pp. 350-364.
• J. Tucek, J. Newsome, S. Lu, C. Huang, S. Xanthos, D. Brumley, Y. Zhou, and D. Song, "Sweeper: A lightweight end-to-end system for defending against fast worms," in Proc. 2nd European Conf. on Computer Systems (EuroSys '07), New York, NY: The Association for Computing Machinery, Inc., 2007, pp. 115-128.
• D. Brumley, T. Chiueh, R. Johnson, H. Lin, and D. Song, "RICH: Automatically protecting against integer-based vulnerabilities," in Proc. 14th Annual Network & Distributed System Security Symp. (NDSS '07), Reston, VA: Internet Society, 2007, pp. 13 pg.
• S. Venkataraman, J. Caballero, P. Poosankam, M. G. Kang, and D. Song, "FiG: Automatic FIngerprint Generation," in Proc. 14th Annual Network & Distributed System Security Symp. (NDSS '07), Reston, VA: Internet Society, 2007, pp. 16 pg.
• S. Venkataraman, J. Caballero, D. Song, A. Blum, and J. Yates, "Black box anomaly detection: Is it Utopian?," in Proc. 5th Workshop on Hot Topics in Networks (HotNets-V), New York, NY: The Association for Computing Machinery, Inc., 2006, pp. 127-132.
• J. Newsome, D. Brumley, J. Franklin, and D. Song, "Replayer: Automatic protocol replay by binary analysis," in Proc. 13th ACM Conf. on Computer and Communications Security (CCS '06), A. Juels, R. N. Wright, and S. De Capitani di Vimercati, Eds., New York, NY: The Association for Computing Machinery, Inc., 2006, pp. 311-321.
• H. Chan, A. Perrig, and D. Song, "Secure hierarchical in-network aggregation in sensor networks," in Proc. 13th ACM Conf. on Computer and Communications Security (CCS '06), A. Juels, R. N. Wright, and S. De Capitani di Vimercati, Eds., New York, NY: The Association for Computing Machinery, Inc., 2006, pp. 278-287.
• D. Brumley and D. Song, "Towards attack-agnostic defenses," in Proc. 1st USENIX Workshop on Hot Topics in Security (HotSec '06), Berkeley, CA: USENIX Association, 2006, pp. 57-62.
• D. Brumley, J. Newsome, D. Song, H. Wang, and S. Jha, "Towards automatic generation of vulnerability-based signatures," in Proc. 2006 IEEE Symp. on Security and Privacy (SP '06), Los Alamitos, CA: IEEE Computer Society, 2006, pp. 2-16.
• J. Bethencourt, D. Song, and B. Waters, "New constructions and practical applications for private stream searching (Extended Abstract)," in Proc. 2006 IEEE Symp. on Security and Privacy (SP '06), Los Alamitos, CA: IEEE Computer Society, 2006, pp. 132-139.
• D. Brumley, L. H. Liu, P. Poosankam, and D. Song, "Design space and analysis of worm defense strategies," in Proc. 2006 ACM Symp. on Information, Computer and Communications Security (ASIACCS '06), F. C. Lin, D. T. Lee, B. S. Lin, S. Shieh, and S. Jajodia, Eds., New York, NY: The Association for Computing Machinery, Inc., 2006, pp. 125-137.
• J. Newsome, D. Brumley, and D. Song, "Vulnerability-specific execution filtering for exploit prevention on commodity software," in Proc. 13th Annual Network and Distributed Systems Security Symp. (NDSS '06), Reston, VA: Internet Society, 2006, pp. 14 pp..
• M. Christodorescu, S. Jha, S. Seshia, D. Song, and R. E. Bryant, "Semantics-aware malware detection," in Proc. 2005 IEEE Symp. on Security and Privacy (SP '05), Los Alamitos, CA: IEEE Computer Society, 2005, pp. 32-46.
• J. Newsome, B. Karp, and D. Song, "Polygraph: Automatically generating signatures for polymorphic worms," in Proc. 2005 IEEE Symp. on Security and Privacy (SP '05), Los Alamitos, CA: IEEE Computer Society, 2005, pp. 226-241.
• A. Yaar, A. Perrig, and D. Song, "FIT: Fast Internet Traceback," in Proc. 24th Annual Joint Conf. of the IEEE Computer and Communications Societies (INFOCOM 2005), K. Makki and E. Knightly, Eds., Vol. 2, Piscataway, NJ: IEEE Press, 2005, pp. 1395-1406.
• J. Newsome and D. Song, "Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software," in Proc. 12th Annual Network and Distributed System Security Symp. (NDSS '05), Reston, VA: Internet Society, 2005, pp. 18 pp..
• S. Venkataraman, D. Song, P. B. Gibbons, and A. Blum, "New streaming algorithms for fast detection of superspreaders," in Proc. 12th Annual Network and Distributed System Security Symp. (NDSS '05), Reston, VA: Internet Society, 2005, pp. 18 pp..
• D. Gao, M. K. Reiter, and D. Song, "Gray-box extraction of execution graphs for anomaly detection," in Proc. 11th ACM Conf. on computer and Communications Security (CCS '04), New York, NY: The Association for Computing Machinery, Inc., 2004, pp. 318-329.
• D. Gao, M. K. Reiter, and D. Song, "On gray-box program tracking for anomaly detection," in Proc. 13th USENIX Security Symp., Berkeley, CA: USENIX Association, 2004, pp. 103-118.
• D. Brumley and D. Song, "Privtrans: Automatically partitioning programs for privilege separation," in Proc. 13th USENIX Security Symp., Vol. 13, Berkeley, CA: USENIX Association, 2004, pp. 57-71.
• C. Wong, C. Wang, D. Song, S. Bielski, and G. R. Ganger, "Dynamic quarantine of Internet worms," in Proc. 2004 IEEE Intl. Conf. on Dependable Systems and Networks (DSN 2004), Los Alamitos, CA: IEEE Computer Society, 2004, pp. 73-82.
• A. Yaar, A. Perrig, and D. Song, "SIFF: A Stateless Internet Flow Filter to mitigate DDoS flooding attacks," in Proc. 2004 IEEE Symp. on Security and Privacy (SP '04), Los Alamitos, CA: IEEE Computer Society, 2004, pp. 130-143.
• J. Newsome, E. Shi, D. Song, and A. Perrig, "The Sybil attack in sensor networks: Analysis & defenses," in Proc. 3rd Intl. Symp. on Information Processing in Sensor Networks (IPSN 2004), New York, NY: The Association for Computing Machinery, Inc., 2004, pp. 259-268.
• J. Newsome and D. Song, "GEM: Graph EMbedding for routing and data-centric storage in sensor networks without geographic information," in Proc. 1st Intl. Conf. on Embedded Networked Sensor Systems (SynSys '03), New York, NY: The Association for Computing Machinery, Inc., 2003, pp. 76-88.
• B. Przydatek, D. Song, and A. Perrig, "SIA: Secure Information Aggregation in sensor networks," in Proc. 1st Intl. Conf. on Embedded Networked Sensor Systems, New York, NY: The Association for Computing Machinery, Inc., 2003, pp. 255-265.
• A. Yaar, A. Perrig, and D. Song, "Pi: A path identification mechanism to defend against DDoS attacks," in Proc. 2003 Symp. on Security and Privacy (SP '03), Los Alamitos, CA: IEEE Computer Society, 2003, pp. 93-107.
• H. Chan, A. Perrig, and D. Song, "Random key predistribution schemes for sensor networks," in Proc. 2003 Symp. on Security and Privacy (SP '03), Los Alamitos,CA: IEEE Computer Society, 2003, pp. 197-213.
• S. Crosby, I. Goldberg, R. Johnson, D. Song, and D. Wagner, "A cryptanalysis of the High-Bandwidth Digital Content Protection system," in Security and Privacy in Digital Right Management: Proc. 2001 Workshop on Security and Privacy in Digital Rights Management. Revised Papers, T. Sander, Ed., Lecture Notes in Computer Science, Vol. 2320, Berlin, Germany: Springer-Verlag, 2002, pp. 159-182.
• D. Song, D. Zuckerman, and D. Tygar, "Expander graphs for digital stream authentication and robust overlay networks," in Proc. 2002 IEEE Symp. on Security and Privacy (SP '02), Los Alamitos, CA: IEEE Computer Society, 2002, pp. 258-270.
• D. Song, "Practical forward secure group signature schemes," in Proc. 8th ACM Conf. on Computer and Communications Security (CCS '01), P. Samarati, Ed., New York, NY: The Association for Computing Machinery, Inc., 2001, pp. 225-234.
• D. Song, D. Wagner, and X. Tian, "Timing analysis of keystrokes and timing attacks on SSH," in Proc. 10th USENIX Security Symp., Berkeley, CA: USENIX Association, 2001, pp. 16 pg.
• A. Perrig, D. Song, and D. Tygar, "ELK, a new protocol for Efficient Large-group Key distribution," in Proc. 2001 IEEE Symp. on Security and Privacy (SP '01), Los Alamitos, CA: IEEE Computer Society, 2001, pp. 247-262.
• A. Perrig, S. Smith, D. Song, and D. Tygar, "SAM: A flexible and secure auction architecture using trusted hardware," in Proc. 15th Intl. Parallel and Distributed Processing Symp. (IPDPS 2001), Los Alamitos, CA: IEEE Computer Society, 2001, pp. 1764-1773.
• D. Song and A. Perrig, "Advanced and authenticated marking schemes for IP traceback," in Proc. 20th Annual Joint Conf. of the IEEE Computer and Communications Societies (INFOCOM 2001), Vol. 2, Piscataway, NJ: IEEE Press, 2001, pp. 878-886.
• A. Perrig, R. Canetti, D. Song, and D. Tygar, "Efficient and secure source authentication for multicast," in Proc. 8th Annual Symp. on Network and Distributed System Security (NDSS '01), Reston, VA: Internet Society, 2001, pp. 12 pg.
• A. Perrig and D. Song, "Looking for diamonds in the desert -- Extending automatic protocol generation to three-party authentication and key agreement protocols," in Proc. 13th IEEE Workshop on Computer Security Foundations (CSFW-13), Los Alamitos, CA: IEEE Computer Society, 2000, pp. 64-76.
• D. Song, D. Wagner, and A. Perrig, "Practical techniques for searches on encrypted data," in Proc. 2000 IEEE Symp. on Security and Privacy (SP '00), Los Alamitos, CA: IEEE Computer Society, 2000, pp. 44-55.
• A. Perrig, R. Canetti, D. Tygar, and D. Song, "Efficient authentication and signing of multicast streams over lossy channels," in Proc. 2000 IEEE Symp. on Security and Privacy (SP '00), Los Alamitos, CA: IEEE Computer Society, 2000, pp. 56-73.
• A. Perrig and D. Song, "A first step towards the automatic generation of security protocols," in Proc. 2000 Symp. on Network and Distributed System Security (NDSS '00), Reston, VA: Internet Society, 2000, pp. 11 pg.
• A. Perrig and D. Song, "On a first step to the automatic generation of security protocols," in Proc. 7th Annual Network and Distributed System Security Symp. (NDSS '00), Vol. I, Reston, VA: Internet Society, 2000, pp. 73-83.
• A. Perrig and D. Song, "Hash visualization: A new technique to improve real-world security," in Proc. Intl. (CrypTEC '99), M. Blum and C. H. Lee, Eds., Hong Kong: City University of Hong Kong Press, 1999, pp. 8 pg.
• D. Song, "Athena: A new efficient automatic checker for security protocol analysis," in Proc. 12th IEEE Computer Society Foundations Workshop (CSFW-12), Los Alamitos, CA: IEEE Computer Society, 1999, pp. 192-202.

Technical Reports

• D. Brumley, Z. Liang, J. Newsome, and D. Song, "Towards Practical Automatic Generation of Multipath Vulnerability Signatures," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-07-150, April 2007.
• J. Bethencourt, T. H. Chan, A. Perrig, E. Shi, and D. Song, "Anonymous Multi-Attributed Encryption with Range Query and Conditional Decryption," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-06-135, May 2006.
• D. Brumley, D. Song, and J. Slember, "Towards Automatically Eliminating Integer-Based Vulnerabilities," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-06-136, March 2006.
• D. Brumley, J. Newsome, D. Song, H. Wang, and S. Jha, "Theory and Techniques for Automatic Generation of Vulnerability-Based Signatures," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-06-108, Feb. 2006.
• J. Bethencourt, D. Song, and B. Waters, "New Techniques for Private Stream Searching," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-06-106, Feb. 2006.
• J. Newsome, D. Brumley, and D. Song, "Sting: An End-to-End Self-healing System for Defending against Zero-day Worm Attacks on Commodity Software," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-05-191, Nov. 2005.
• J. Newsome, D. Brumley, and D. Song, "Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-05-169, Nov. 2005.
• D. Brumley, L. Liu, P. Poosankam, and D. Song, "Taxonomy and Effectiveness of Worm Defense Strategies," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-05-156, June 2005.
• L. Kissner and D. Song, "Privacy-Preserving Set Operations," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-05-113, June 2005.
• L. Kissner and D. Song, "Private and Threshold Set-Intersection," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-04-181, Nov. 2004.
• H. Burck and D. Song, "A Security Study of the Internet: An Analysis of Firewall Behavior and Anonymous DNS," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-04-141, July 2004.
• S. Venkataraman, D. Song, P. B. Gibbons, and A. Blum, "New Streaming Algorithms for Fast Detection of Superspreaders," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-04-142, May 2004.
• J. Newsome and D. Song, "Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-04-140, May 2004.
• D. Brumley and D. Song, "Privtrans: Automatically Partitioning Programs for Privilege Separation," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-04-113, Feb. 2004.
• J. Newsome and D. Song, "GEM: Graph EMbedding for Routing and Data-Centric Storage in Sensor Networks without Geographic Information," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-03-112, March 2003.
• A. Perrig, D. Song, and A. Yaar, "StackPi: A New Defense Mechanism Against IP Spoofing and DDoS Attacks," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-02-208, Dec. 2002.
• H. Chan, A. Perrig, and D. Song, "Random Key Predistribution Schemes for Sensor Networks," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMS-CS-02-207, Dec. 2002.
• M. Chew and D. Song, "Mitigating Buffer Overflows by Operating System Randomization," Carnegie Mellon University, School of Computer Science, Tech. Rep. CMU-CS-02-197, Dec. 2002.

Talks or presentations

• D. Song, "Towards Automatic Generation of Vulnerability Signatures," Austin, TX, Nov. 2006.

Ph.D. Theses

• D. Song, "An Automatic Approach to Building Secure Systems," University of California at Berkeley, Department of EECS, 2002.

Miscellaneous

• S. M. Bellovin, D. D. Clark, A. Perrig, and D. Song, "A Clean-Slate Design for the Next-Generation Secure Internet," July 2005.
• A. Perrig, R. Canetti, B. Briscoe, D. Song, and D. Tygar, "TESLA: Multicast Source Authentication Transform (Draft)," Dec. 2004.