Dr. Kevin Hamlen

 Professor and Director of the Cyber Security Research and Education Institute

Degrees:

• Ph.D., Computer Science, Cornell University, 2006
• M.S., Computer Science, Cornell University, 2002
• B.S., Computer Science and Mathematical Sciences, Carnegie Mellon University, 1998

Research Interests:

• Binary software security
• Cyberdeceptive software engineering
• Formal methods software verification
• Web, cloud, and mobile platform security
• Compilers and language-based security
• Intrusion detection

Major Honors and Awards:

• Association of Computing Machinery (ACM) Senior Membership, 2019
• Institute of Electrical and Electronics Engineers (IEEE) Senior Membership, 2019
• Eugene McDermott Faculty Endowment Award, The University of Texas at Dallas, 2018
• Associate Faculty Outstanding Research Award, Erik Jonsson School of Engineering and Computer Science, The University of Texas at Dallas, 2017
•  NSF I/UCRC Technology Breakthrough Award, 2016
• NYU-Poly CSAW Best Applied Security Paper of the Year Award, 2nd place, 2014
• Metroplex Technology Business Council Tech Titan Technology Inventor, Finalist (final four), 2013
• Outstanding Teaching Award, Erik Jonsson School of Engineering and Computer Science, The University of Texas at Dallas, 2013
• Best Student Paper Award, Annual Computer Security Applications Conference (ACSAC), 2012
• NYU-Poly AT&T Best Applied Security Paper of the Year Award, 2nd place, 2012
• Faculty Research Award, Erik Jonsson School of Engineering and Computer Science, The University of Texas at Dallas, 2012
• Best Paper Award, IEEE International Conference on Tools with Artificial Intelligence (ICTAI), Special Session on Stream Data Mining, 2011
• CAREER Award, National Science Foundation, 2011
• Young Investigator Program (YIP) Award, U.S. Air Force Office of Scientific Research, 2008
• Ph.D. Fellowship Award, Intel Foundation, 2004
• Allen Newell Award for Excellence in Undergraduate Research, Carnegie Mellon University, 1998
• Phi Kappa Phi Honor Society, Carnegie Mellon University, 1998
• Phi Beta Kappa Honor Society, Carnegie Mellon University, 1998
• Graduated summa cum laude (3rd in class), Carnegie Mellon University, 1998

Selected News Stories:

• “University fools hackers into sharing tactics”, InfoSecurity Magazine, 2020
• “New technique Red Herring fights ‘Heartbleed’ virus”, The Economic Times, 2014
• “A Thing of Threads and Patches”, The Economist, 2012
• “Frankenstein virus creates malware by pilfering code, New Scientist, 2012

Representative Publications:

• Frederico Araujo, Gbadebo Ayoade, Khaled Al-Naami, Yang Gao, Kevin W. Hamlen, and Latifur Khan. Improving Intrusion Detectors by Crook-sourcing. In Proceedings of the 35th Annual Computer Security Applications Conference (ACSAC), pp. 245–256, December 2019.
• Masoud Ghaffarinia and Kevin W. Hamlen. Binary Control-flow Trimming. In Proceedings of the 26th ACM Conference on Computer and Communications Security (CCS), pp. 1009–1022, November 2019.
• Xiaoyang Xu, Masoud Ghaffarinia, Wenhao Wang, Kevin W. Hamlen, and Zhiqiang Lin. ConFIRM: Evaluating Compatibility and Relevance of Control-flow Integrity Protections for Modern Software. In Proceedings of the 28th USENIX Security Symposium, pp. 1805–1821, August 2019.
• Jun Duan, Kevin W. Hamlen, and Benjamin Ferrell. Better Late Than Never: An n-Variant Framework of Verification for Java Source Code on CPU×GPU Hybrid Platform. In Proceedings of the 28th ACM International Symposium on High-Performance Parallel and Distributed Computing (HPDC), pp. 207–218, June 2019.
• Wenhao Wang, Benjamin Ferrell, Xiaoyang Xu, Kevin W. Hamlen, and Shuang Hao. SEISMIC: SEcure In-lined Script Monitors for Interrupting Cryptojacks. In Proceedings of the 23rd European Symposium on Research in Computer Security (ESORICS), pp. 122–142, September 2018.
• Erick Bauman, Zhiqiang Lin, and Kevin W. Hamlen. Superset Disassembly: Statically Rewriting x86 Binaries Without Heuristics. In Proceedings of the 25th Network and Distributed Systems Security Symposium (NDSS), February 2018.
• Wenhao Wang, Xiaoyang Xu, and Kevin W. Hamlen. Object Flow Integrity. In Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS), pp. 1909–1924, November 2017.
• Frederico Araujo and Kevin W. Hamlen. Compiler-instrumented, Dynamic Secret-Redaction of Legacy Processes for Attacker Deception. In Proceedings of the 24th USENIX Security Symposium, August 2015.
• Vishwath Mohan, Per Larsen, Stefan Brunthaler, Kevin W. Hamlen, and Michael Franz. Opaque Control-Flow Integrity. In Proceedings of the 22nd Network and Distributed System Security Symposium (NDSS), February 2015.
• Frederico Araujo, Kevin W. Hamlen, Sebastian Biedermann, and Stefan Katzenbeisser. From Patches to Honey-Patches: Lightweight Attacker Misdirection, Deception, and Disinformation. In Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS), pp. 942–953, November 2014.
• Richard Wartell, Vishwath Mohan, Kevin W. Hamlen, and Zhiqiang Lin. Securing Untrusted Code via Compiler-Agnostic Binary Rewriting. In Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC), pp. 299–308, December 2012.
• Richard Wartell, Vishwath Mohan, Kevin W. Hamlen, and Zhiqiang Lin. Binary Stirring: Self-randomizing Instruction Addresses of Legacy x86 Binary Code. In Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS), pp. 157–168, October 2012.
• Vishwath Mohan and Kevin W. Hamlen. Frankenstein: Stitching Malware from Benign Binaries. In Proceedings of the 6th USENIX Workshop on Offensive Technologies (WOOT), pp. 77–84, August 2012.