About

I am currently pursuing my doctoral degree in Software Engineering at the Software Languages Security Lab at UTD under the supervision of Dr. Kevin Hamlen. My research seeks scientific approaches to make software systems more secure and resilient against cyber threats, with a focus on leveraging language-based techniques to engineer applications with proactive and deceptive capabilities that degrade attackers' methods and disrupt their reconnaissance efforts.

I am a software engineer with over four years of work experience in the development of industrial software systems. I have excellent knowledge of modern/agile practices and processes, having technically led large-scale projects. I also have thorough technical knowledge in Object Oriented Modeling and Design, Domain Driven Design and Aspect Oriented Programming.

I speak Portuguese, English, French, and some Italian. When not working, I love to spend some time cooking with my wife, playing my violin, and contemplating nature.

Education

2016 (expected)

University of Texas at Dallas

Software Engineering, PhD.

GPA: 4.0, Supervised by Dr. Kevin Hamlen

2012

University of Texas at Dallas

Computer Science (major: Software Engineering), MSc.

GPA: 4.0, Outstanding Academic Achievement Award

2008

Ecole Centrale Paris

"Diplôme d'Ingénieur" Engineering, MSc.

Rank: TOP 15% out of 462 students

2007

University of São Paulo

Electrical Engineering, B.S.
Emphasis on Computer Engineering

Rank: TOP 1% out of 645 students

Publications

NEW! Araujo, Frederico and Hamlen, K.W. Embedded Honeypotting. In Cyber Deception, S. Jajodia et al. (eds.). Springer. 2016.

Araujo, F., Hamlen, K.W. Compiler-instrumented, Dynamic Secret-Redaction of Legacy Processes for Attacker Deception. In Proceedings of the 24th Usenix Security Symposium, August 2015. [Lightning Talk Video] [Talk Video]

Araujo, F., Shapouri, M., Pandey, S., Hamlen, K.W. Experiences with Honey-Patching in Active Cyber Security Education. In Proceedings of the 8th Workshop on Cyber Security Experimentation and Test (CSET '15), USENIX Security Symposium, August 2015.

Araujo, F., Hamlen, K.W., Biedermann, S., and Katzenbeisser, S. From Patches to Honey-Patches: Lightweight Attacker Misdirection, Deception, and Disinformation. In Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS), November 2014. Best Applied Security Research Paper Award, 2nd prize, NYU-Poli CSAW, 2014.

Al-Zinati, M., Araujo, F., Kuiper, D., Valente, J., and Wenkstern, R. Z., DIVAs 4.0: A Multi-Agent Based Simulation Framework, IEEE/ACM 17th International Symposium on Distributed Simulation and Real Time Applications (DS-RT), 2013.

Araujo, F., Al-Zinati, M., Valente, J., Kuiper, D., and Wenkstern, R. Z., DIVAs 4.0: A Framework for the Development of Situated Multi-Agent Based Simulation Systems, Proceedings of the 12th International Conference on Autonomous Agents and Multiagent Systems (AAMAS). IFAAMAS, 2013. Best demo award, AAMAS'13. [video]

Valente, J., Araujo, F., and Wenkstern R. Z. On Modeling and Verification of Agent-Based Traffic Simulation Properties in Alloy, Journal of Agent Technologies and Systems (IJATS). IGI Global (2012)

Araujo, F., Valente, J., and Wenkstern R. Z. Modeling Agent-Based Traffic Simulation Properties in Alloy, ACM Proceedings of Agent Directed Simulation Symposium. Society for Modeling and Simulation., Orlando, Florida (2012) Best paper award, ADS'12 and Best overall paper award, SpringSim'12.

Projects

2014 - present

SignaC

SignaC, named after pointillism co-founder Paul Signac, introduces new information flow controls for LLVM, implementing automatic instrumentation of a new taint-tracking semantics and secret redaction support into annotated C/C++ programs at compile-time, yielding programs that can self-censor their address spaces in response to emerging cyber-attacks.


publications: work accepted at Usenix Security'15

2013 - present

RedHerring

RedHerring is a system that supports a new model of software security patching, called "honey-patching". When the attacker attacks a server that has been honey-patched with RedHerring, the attack appears to have succeeded. However, the secrets revealed are fakes and the server owner can make use of counterreconnaissance techniques to track and learn about the attack. With RedHerring, attackers no longer know which of their attacks have really succeeded and which have failed, and they can no longer reliably probe web servers for vulnerabilities.

NSA Grant Proposal on Active Cyber Defense Accepted (2015-2016)!

RedHerring is supported by an AFOSR research grant (2014-2017).

RedHerring received best research paper of the year award at CSAW'14 in New York City!


publications: work accepted at ACM CCS'14 and CSET'15
posters: 4th Annual Texas Security Awareness Week (TxSaw) at UTDallas (Oct 2014); 11th Cyber Security Awareness Week Conference (CSAW) at NYUPoli (Nov 2014)
awards: Best Applied Security Research Paper at CSAW, 2nd prize, 2014. Press Release!

Recent News Coverage of my Research!


CW33 Nightcap News (April 15, 2014), CBS 11 News (April 14, 2014), UTD News, ScienceDaily, TechFragments, Economic Times

2012 - 2013

DIVAs

DIVAs is a large-scale, multi-agent-based simulation framework for situated virtual environments in which autonomous agents perceive their surroundings through multiple senses. Leaded the reengineering and development of Divas 4. [video]


publications: Work accepted at AAMAS'13 and DS-RT'13.
awards: Best Demo Award at AAMAS'13

2011 - 2012

Matisse

MATISSE is an agent-based traffic simulation system for the modeling and simulation of Intelligent Transportation Systems. Used Alloy to formalize, specify, and verify the static and dynamic properties of Matisse.


publications: Work accepted at ADS'12 and IJATS'12
awards: best paper awards at ADS'12 and best overall paper award at SpringSim'12
.

2011 - 2012

HOPE

HOPE (Help Our People Easily) is a mobile assistive and augmented communication app developed for Android to help people with communication impairments. Its core algorithm, which uses adaptive, context-aware user modeling based on captured contextual information inferred from usage patterns, was verified in Alloy. [video]


Work
experience

2014 - Present

University of Texas at Dallas

Research Assistant

Research on language-based security, network security, and honeypoting technologies

2015

IBM T.J. Watson Research Center

Research Intern - Security Research

Summer research on cloud-based moving target defense

2010 - 2014

University of Texas at Dallas

Teaching Assistant

• CS6371 - Advanced Programming Languages (Spring 2014)
• CS6324 - Information Security (Spring 2014)
• CS6362 - Advanced Software Architecture (Fall 2010, 2012, 2013)
• CS6361 - Advanced Requirements Engineering (Spring 2013, Fall 2013)
• CS6375 - Machine Learning (Spring 2013)
• CS6387 - Advanced Software Engineering (Spring 2013)
• CS6V81 - Advanced Web Development (Spring 2012)
• CS6359 - Object Oriented Analysis and Design (Spring 2011, 2012)
• CS3354 - Software Engineering (Fall 2011, 2012)
• CS3340 - Computer Architecture (Fall 2010, Summer 2011)

2006 - 2010

Chemtech - A Siemens Business

Software Engineer

• Technical Lead and Software Architect Evangelist
• Coaching of Technical Teams in Software Architecture and Development
• Project Planning
• Technical and Commercial Proposals Elaboration
• Participation in large-scale projects related to: Warehouse Management Systems (WMS), Warehouse Control Systems(WCS), Business Logistics, and Manufacturing Execution Systems (MES)

Teaching
experience

2010 - present

University of Texas at Dallas

Invited Guest Lectures

• CS 6301 - Language-Based Security (Fall 2014, 2015)
   - "Dynamic Secret Redaction for Attacker Deception"
   - "Honey-patching: Lightweight Attacker Misdirection and Disinformation"
   - "Introduction to Honeypots"

• CS6324 - Digital Forensics (Fall 2014)
   - "Using Honeypots for Attack Detection and Analysis"

• CS6324 - Information Security (Spring 2014)
   - "The OpenSSL Heartbleed Vulnerability"

• CS6361 - Advanced Requirements Engineering (Spring 2013)
   - "An Introduction to Model Checking using SPIN"
   - "Formal Methods and a Tutorial on the Alloy Model Finder"

• CS6359 - Object Oriented Analysis & Design (Fall 2012)
• CS3354 - Software Engineering (Spring 2012)
• Executive Masters in Computer Science (Spring 2012)
   - "Model-drien Design with IBM Rational Rhapsody"

• CS6362 - Advanced Software Architecture (Fall 2010)
   - "Model Checking, a Tutorial on SPIN Model Checker"
   - "Theorem Proving for the Verification of Software Systems"
   - "Scenario-based Verification"

Awards

Scholarship to attend WiCys - Women in Cyber Security Conference (2016)
Primary student contributor in an accepted NSA grant proposal, NSA, $287,000 (2015-2016)
Best Applied Security Paper Award, 2nd prize, NYU-Poli CSAW (2014)
Travel Grant to attend CSAW'14 (2014)
NSF Grant to attend OPLSS'14 (2014)
Best demonstration award, AAMAS (2013)
Outstanding Academic Achievement Award, University of Texas at Dallas (2012)
Best paper award, Agent Directed Simulation Symposium. Society for Modeling and Simulation International (2012)
Best overall conference paper award, 2012 Spring Simulation Multi-Conference. Society for Modeling and Simulation International (2012)
Merit-based Ericsson Graduate Fellowship (2012)
Outstanding Performance Award, Chemtech (2008)
Academic Excellence Award by Accenture in recognition of Senior Graduation Thesis (2008)
Technology Innovation Award by Chemtech in recognition of Senior Graduation Thesis (2008)
Best Senior Graduation Thesis at the University of São Paulo, entitled Supply Chain Integrator System based on Vendor Managed Inventory (VMI) using Continuous Replacement Model (2007)
Best Software Product Developed for the Industry at the University of São Paulo (2007)
Merit-based scholarship granted by the Brazilian Ministry of Education (2004-2005)

Copyright © 2013-2015 Frederico Araujo. Last updated on April 14, 2016.

E-mail iconSend me an e-mail Facebook iconFacebook LinkedIn iconLinkedIn Twitter iconTwitter CitationsCitations