background pic Kevin W. Hamlen
menu top
menu border Home menu border
menu border Research menu border
menu border Experience menu border
menu border Education menu border
menu border Projects menu border
menu border Links menu border
menu border

  Research


I currently have five externally funded, ongoing research projects:

  • Language-based Security for Polymorphic Malware Protection (NSF Career, 2011-2016): This project develops runtime code analyses for malware detection and defense. It recasts traditionally static programming language-based security approaches, such as strong type-checking, model-checking, and in-lined reference monitoring, as hybrid static-dynamic algorithms that detect and prevent malicious program behaviors as the untrusted code executes. SIGNAL magazine, FEDcyber.com, and ACM Technews ran a news story about the project in October, and UTD publicized it in a press release in August.
  • Securing Web Advertisements (NSF Trustworthy Computing, 2011-2014): Web ads introduce unique challenges for end-to-end software security. This project develops tools and algorithms for malicious ad detection and trust negotiation at the level of ad developers, ad distributors, and ad recipients. The sidebar of this press release summarizes the project.
  • Secure, Peer-to-peer Data Management (NSF EAGER, 2009-2011): Cloud computing is an increasingly essential paradigm for supporting management of large databases and distributed computations. This project develops fully decentralized data integrity, confidentiality, and privacy enforcement algorithms for cloud computing based on structured peer-to-peer networking protocols and economic theories of utility optimization and risk.
  • Reactively Adaptive Malware (AFOSR Active Defense, 2009-2012): Traditional polymorphic malware undergoes undirected (random) mutation as it propagates so that no two instances look exactly alike. This makes the malware harder to detect. This project examines more powerful directed mutation strategies that allow next-generation malware to reactively learn and adapt to deployed malware defenses. Anticipating this next generation of malware is critical for keeping pace with the cyber-security arms race. UTD devoted a press release to the project in May 2010.
  • Certified, Automated In-lined Reference Monitors (AFOSR Young Investigator, 2008-2011): In-lined Reference Monitors (IRMs) modify untrusted code to make it provably safe, rather than merely examining it to try to determine its safety. The approach is more powerful than purely static defenses, and more flexible than traditional OS- or VM-level execution monitoring.

This year I am being considered for tenure at UTD. Please see my tenure review materials for information regarding my candidacy.

Publications

The following is a list of research papers and theses that I've written. Each is provided in PDF form.

Conference Publications

All of the following conference publications are peer-reviewed. Acceptance rates are provided whenever they are known.

Bhavani Thuraisingham, Vaibhav Khadilkar, Jyothsna Rachapalli, Tyrone Cadenhead, Murat Kantarcioglu, Kevin W. Hamlen, Latifur Khan, and Farhan Husain. Cloud-centric Assured Information Sharing. In Proceedings of the Pacific Asia Workshop on Intelligence and Security Informatics (PAISI), May 2012, forthcoming. [BibTeX]

Kevin W. Hamlen, Micah M. Jones, and Meera Sridhar. Aspect-oriented Runtime Monitor Certification. In Proceedings of the 18th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS), March-April 2012, forthcoming. [BibTeX] [acceptance rate: 24%]

Pallabi Parveen, Zackary R. Weger, Bhavani Thuraisingham, Kevin W. Hamlen, and Latifur Khan. Supervised Learning for Insider Threat Detection Using Stream Mining. In Proceedings of the 23rd IEEE International Conference on Tools with Artificial Intelligence (ICTAI), November 2011. (Best Paper Award) [BibTeX] [acceptance rate: 30%]

Pallabi Parveen, Jonathan Evans, Bhavani Thuraisingham, Kevin W. Hamlen, and Latifur Khan. Insider Threat Detection using Stream Mining and Graph Mining. In Proceedings of the 3rd IEEE Conference on Privacy, Security, Risk and Trust (PASSAT), October 2011. [BibTeX] [acceptance rate: 8%]

Richard Wartell, Yan Zhou, Kevin W. Hamlen, Murat Kantarcioglu, and Bhavani Thuraisingham. Differentiating Code from Data in x86 Binaries. In Proceedings of the European Conference on Machine Learning and Principles and Practice of Knowledge Discovery in Databases (ECML PKDD), 3:522-536, September 2011. [BibTeX] [acceptance rate: 20%]

Micah Jones and Kevin W. Hamlen. A Service-oriented Approach to Mobile Code Security. In Proceedings of the 8th International Conference on Mobile Web Information Systems (MobiWIS), 531-538, September 2011. [BibTeX] [acceptance rate: 36%]

Meera Sridhar and Kevin W. Hamlen. Flexible In-lined Reference Monitor Certification: Challenges and Future Directions. In Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages meets Program Verification (PLPV), 55-60, January 2011. [BibTeX] [acceptance rate: 60%]

Arindam Khaled, Mohammad Farhan Husain, Latifur Khan, Kevin W. Hamlen, and Bhavani Thuraisingham. A Token-Based Access Control System for RDF Data in the Clouds. In Proceedings of the 2nd IEEE International Conference on Cloud Computing Technology and Science (CloudCom), 104-111, November/December 2010. [BibTeX] [acceptance rate: <25%]

Aditi Patwardhan, Kevin W. Hamlen, and Kendra Cooper. Towards Security-aware Program Visualization for Analyzing In-lined Reference Monitors. In Proceedings of the International Workshop on Visual Languages and Computing (VLC), 257-260, October 2010. [BibTeX] [acceptance rate: 36.5%]

Bhavani Thuraisingham and Kevin W. Hamlen. Challenges and Future Directions of Software Technology: Secure Software Development, Invited paper. In Proceedings of the 34th IEEE Annual International Computer Security and Applications Conference (COMPSAC), 17-20, July 2010. [BibTeX]

Bhavani Thuraisingham and Kevin W. Hamlen. Secure Semantic Sensor Web and Pervasive Computing. In Proceedings of the IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC), 5-10, June 2010. [BibTeX]

Micah Jones and Kevin W. Hamlen. Disambiguating Aspect-oriented Security Policies. In Proceedings of the 9th International Conference on Aspect-Oriented Software Development (AOSD), 193-204, March 2010. [BibTeX] [acceptance rate: 22%]

Meera Sridhar and Kevin W. Hamlen. ActionScript In-lined Reference Monitoring in Prolog. In Proceedings of the 12th International Symposium on Practical Aspects of Declarative Languages (PADL), 149-151, January 2010. [BibTeX] [acceptance rate: 37.9%]

Meera Sridhar and Kevin W. Hamlen. Model-Checking In-Lined Reference Monitors. In Proceedings of the 11th International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI), 312-327, January 2010. [BibTeX] [acceptance rate: 36.8%]

Brian W. DeVries, Gopal Gupta, Kevin W. Hamlen, Scott Moore, and Meera Sridhar. ActionScript Bytecode Verification With Co-Logic Programming. In Proceedings of the 4th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS), 9-15, June 2009. [BibTeX] [acceptance rate: 42%]

Micah Jones and Kevin W. Hamlen. Enforcing IRM Security Policies: Two Case Studies. In Proceedings of IEEE International Conference on Intelligence and Security Informatics (ISI), 214-216, June 2009. [BibTeX]

Bhavani Thuraisingham, Latifur Khan, Mohammed M. Masud, and Kevin W. Hamlen. Data Mining for Security Applications. In Proceedings of the IEEE/IFIP International Conference on Embedded and Ubiquitous Computing (EUC), 585-589, December 2008. [BibTeX] [acceptance rate: 30%]

Mohammed M. Masud, Tahseen Al-khateeb, Latifur Khan, Bhavani Thuraisingham, and Kevin W. Hamlen. Flow-based Identification of Botnet Traffic by Mining Multiple Log Files. In Proceedings of the 1st International Conference on Distributed Framework and Applications (DFmA), 200-206, October 2008. [BibTeX]

Kevin W. Hamlen and Micah Jones. Aspect-Oriented In-lined Reference Monitors. In Proceedings of the 3rd ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS), 11-20, June 2008. [BibTeX] [acceptance rate: 54%]

Kevin W. Hamlen and Bhavani Thuraisingham. Secure Peer-to-peer Networks for Trusted Collaboration, Invited paper. In Proceedings of the IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing (COLCOM), 58-63, November 2007. [BibTeX]

Nathalie Tsybulnik, Kevin W. Hamlen, Bhavani Thuraisingham. Centralized Security Labels in Decentralized P2P Networks. In Proceedings of the Annual Computer Security Applications Conference (ACSAC), 315-324, December 2007. [BibTeX] [acceptance rate: 20.9%]

Kevin W. Hamlen, Greg Morrisett, and Fred B. Schneider. Certfied In-lined Reference Monitoring on .NET. In Proceedings of the ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS), 7-16, June 2006. [BibTeX] [acceptance rate: 56%]

Journal Articles

Where possible, each journal's impact factor is provided for the 2nd year after the date of article publication (or the current impact factor if published within the past 2 years). Based on the impact factor formula, this is the best measure of the journal's impact at the time the article was published.

Bhavani Thuraisingham and Kevin W. Hamlen. Secure Service-oriented Computing: Concepts, Architectures and Models. Computer Standards & Interfaces Journal, 2012, forthcoming (accepted). [BibTeX] [impact factor: 0.825]

Kevin W. Hamlen and William Hamlen. An Economic Perspective of Message-dropping Attacks in Peer-to-peer Overlays. Intelligence and Security Informatics (ISI), 2012, forthcoming (accepted with minor revisions). [BibTeX]

Bhavani Thuraisingham, Balakrishnan Prabhakaran, Latifur Khan, and Kevin W. Hamlen. A Database Inference Controller for 3D Motion Capture Databases. International Journal of Information Security and Privacy (IJISP), 2012, forthcoming (accepted). [BibTeX]

Kevin W. Hamlen and Bhavani Thuraisingham. Secure Semantic Computing. International Journal of Semantic Computing (IJSC), 5(2):121-131, June 2011. [BibTeX]

Mohammad M. Masud, Tahseen M. Al-Khateeb, Kevin W. Hamlen, Jing Gao, Latifur Khan, Jiawei Han, and Bhavani Thuraisingham. Cloud-based Malware Detection for Evolving Data Streams. ACM Transactions on Management Information Systems (TMIS), 2(3), October 2011. [BibTeX]

Mohammad Mehedy Masud, Clay Woolam, Jing Gao, Latifur Khan, Jiawei Han, Kevin W. Hamlen, and Nikunj C. Oza. Facing the Reality of Data Stream Classification: Coping with Scarcity of Labeled Data. Knowledge and Information Systems (KAIS), 1-32, November 2011. [BibTeX] [impact factor: 2.008]

Kevin W. Hamlen, Murat Kantarcioglu, Latifur Khan, and Bhavani Thuraisingham. Security Issues for Cloud Computing. International Journal of Information Security and Privacy (IJISP), 4(2):39-51, April-June 2010. [BibTeX] [impact factor: 1.094]

Kevin W. Hamlen, Vishwath Mohan, Mohammad M. Masud, Latifur Khan, and Bhavani Thuraisingham. Exploiting an Antivirus Interface. Computer Standards & Interfaces Journal, 31(6):1182-1189, April 2009. [BibTeX] [impact factor: 0.825]

William Hamlen and Kevin W. Hamlen. A Closed System of Production Possibility and Social Welfare. Computers in Higher Education Economics Review (CHEER), 18, December 2006. [BibTeX]

Kevin W. Hamlen, Greg Morrisett, and Fred B. Schneider. Computability Classes for Enforcement Mechanisms. ACM Transactions on Programming Languages And Systems (TOPLAS), 28(1):175-205, January 2006. [BibTeX] [impact factor: 1.444]

Technical Reports and Theses

Bhavani Thuraisingham, Vaibhav Khadilkar, Jyothsna Rachapalli, Tyrone Cadenhead, Murat Kantarcioglu, Kevin Hamlen, Latifur Khan, and Farhan Husain. Towards the Design and Implementation of a Cloud-centric Assured Information Sharing System. Technical Report UTDCS-27-11, Computer Science Department, The University of Texas at Dallas, Richardson, Texas, September 2011. [BibTeX]

Kevin W. Hamlen, Micah M. Jones, and Meera Sridhar. Chekov: Aspect-oriented Runtime Monitor Certification via Model-checking (Extended Version). Technical Report UTDCS-16-11, Computer Science Department, The University of Texas at Dallas, Richardson, Texas, May 2011. [BibTeX]

Kevin W. Hamlen, Vishwath Mohan, and Richard Wartell. Reining In Windows API Abuses with In-lined Reference Monitors. Technical Report UTDCS-18-10, Computer Science Department, The University of Texas at Dallas, Richardson, Texas, June 2010. [BibTeX]

Kevin W. Hamlen. Security Policy Enforcement by Automated Program-rewriting. PhD Thesis (Advisors: Greg Morrisett and Fred B. Schneider), Cornell University, Ithaca, New York, August 2006. [BibTeX]

Kevin W. Hamlen, Greg Morrisett, and Fred B. Schneider. Certified In-lined Reference Monitoring on .NET. Technical Report TR-2005-2003, Computer Science Department, Cornell University, Ithaca, New York, November 2005.

Kevin W. Hamlen. Proof-Carrying Code for x86 Architectures. Undergraduate Senior Honors Thesis (Advisors: Peter Lee and George C. Necula), Carnegie Mellon, Pittsburgh, Pennsylvania, May 1998. [BibTeX]

Supervised Student Theses

The following theses were completed under my supervision.

Sunitha Ramanujam. Towards an Integrated Semantic Web: Interoperability Between Data Models. Ph.D. Thesis (Advisors: Latifur Khan and Kevin Hamlen), The University of Texas at Dallas, Richardson, Texas, December 2011. [BibTeX]

Micah Jones. Declarative Aspect-oriented Security Policies for In-lined Reference Monitors. Ph.D. Thesis (Advisor: Kevin Hamlen), The University of Texas at Dallas, Richardson, Texas, December 2011. [BibTeX]

Aditi A. Patwardhan. Security-aware Program Visualization for Analyzing In-lined Reference Monitors. Master's Thesis (Advisors: Kevin Hamlen and Kendra Cooper), The University of Texas at Dallas, Richardson, Texas, June 2010. [BibTeX]