M
Mikhail Kazdagli
Researcher at University of Texas at Austin
Publications - 8
Citations - 135
Mikhail Kazdagli is an academic researcher from University of Texas at Austin. The author has contributed to research in topics: Malware & Mobile malware. The author has an hindex of 4, co-authored 7 publications receiving 107 citations. Previous affiliations of Mikhail Kazdagli include Qualcomm.
Papers
More filters
Proceedings ArticleDOI
Understanding contention-based channels and using them for defense
TL;DR: A general mathematical study of microarchitectural channels using information theory and a novel way of detecting intelligent adversaries that try to hide while running covert channel eavesdropping attacks is introduced.
Proceedings ArticleDOI
Quantifying and improving the efficiency of hardware-based mobile malware detectors
TL;DR: This work introduces Sherlock - a white-box methodology that quantifies an HMD's ability to detect malware and identifies the reason why, and shows a surprising new result - obfuscation techniques used by malware to evade static analyses makes them more detectable using HMDs.
Proceedings ArticleDOI
Morpheus: benchmarking computational diversity in mobile malware
TL;DR: This work introduces Morpheus -- a benchmarking tool that includes both real mobile malware and a synthetic malware generator that can be configured to generate a computationally diverse malware sample-set -- as a tool to evaluate computational signatures based malware detection.
Posted Content
EMMA: A New Platform to Evaluate Hardware-based Mobile Malware Analyses
TL;DR: EMMA deconstructs malware into atomic, orthogonal actions and introduces a systematic way of pitting different HMDs against a diverse subset of malware hidden inside benign applications, which drives both malware and benign programs with real user-inputs to yield an HMD's effective operating range.
Patent
Information Flow Tracking Using Incremental Profiling
TL;DR: In this article, a hybrid static/dynamic analysis is used to track information flow during execution of a software application, and the method may predict a multiple paths of execution, and may utilize these predictions to analyze only actually executing software code.