H
Hao Wang
Researcher at University of Wisconsin-Madison
Publications - 12
Citations - 611
Hao Wang is an academic researcher from University of Wisconsin-Madison. The author has contributed to research in topics: Exploit & Certificate. The author has an hindex of 7, co-authored 12 publications receiving 601 citations.
Papers
More filters
Proceedings ArticleDOI
Towards automatic generation of vulnerability-based signatures
TL;DR: The work departs from previous approaches by focusing on the semantics of the program and vulnerability exercised by a sample exploit instead of the semantics or syntax of the exploit itself, and can automatically generate a vulnerability signature using a single exploit of much higher quality than previous exploit-based signatures.
Proceedings ArticleDOI
Creating Vulnerability Signatures Using Weakest Preconditions
TL;DR: This work investigates new techniques for automatically generating sound vulnerability signatures with fewer false negatives than previous research using program binary analysis and creates algorithms for generating vulnerability signatures that are based on computing weakest preconditions (WP).
Proceedings ArticleDOI
NetSpy: Automatic Generation of Spyware Signatures for NIDS
TL;DR: A tool to automatically generate network-level signatures for spyware by correlating user input with network traffic generated by the untrusted program, which generates a signature characterizing the malicious substrate of the spyware's network behavior.
ReportDOI
An Auctioning Reputation System Based on Anomaly Detection
TL;DR: The authors developed a reputation system to help buyers identify sellers whose auctions seem price-inflated, based upon models that characterize sellers according to statistical metrics related to price inflation. But their reputation system does not address the concern of a buyer shopping for commodities, finding a good bargain.
Journal ArticleDOI
Theory and Techniques for Automatic Generation of Vulnerability-Based Signatures
TL;DR: This paper creates vulnerability signatures which are guaranteed to have zero false positives, and shows how to automate signature creation for any vulnerability that can be detected by a runtime monitor.