Juan Caballero Associate Research Professor IMDEA Software Institute Madrid, Spain Contact: Phone: +34-911012202 Ext: 4137 Address:    Instituto IMDEA Software   Campus de Montegancedo S/N   28223 Pozuelo de Alarcon   Madrid, SPAIN

I have joined the IMDEA Sofware Institute in Madrid, Spain after receiving my Ph.D in ECE from Carnegie Mellon University.
I was advised by Professor Dawn Song.

My interest lies in Computer Security, Program Analysis, and Networking .
Currently, I develop program binary analysis techniques to address security issues in systems, software, and networks.
Some areas that interest me are Binary Analysis / Reverse Engineering, Web Security, Malware Analysis,
Fingerprinting, Anomaly Detection, and Intrusion Detection.

Prior to my Ph.D I received a Telecommunications Engineer degree from Universidad Politecnica de Madrid (UPM) in 
Madrid, Spain and a M.Sc. in Electrical and Computer Engineering from the Royal Institute of Technology (KTH) in
Stockholm, Sweden.

In October 2003 I was awarded the La Caixa Foundation Fellowship, arguably the most prestigious fellowship for
international graduate studies awarded in Spain.

Starting in May 2002 and for two years I held positions as R&D Engineer and Systems Engineer in Orange (formerly Amena),
a spanish cell phone carrier.

Service

TPC chair for ACSAC 2018, the 2018 Annual Computer Security Applications Conference, December 3-7, 2018, San Juan, Puerto Rico
TPC co-chair for ACSAC 2017, the 2017 Annual Computer Security Applications Conference, December 4-8, 2017, Orlando, FL
TPC chair for DIMVA 2016, the 13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 7-8, 2016, San Sebastian, Spain
TPC co-chair for ESSoS 2016, the 8th International Symposium on Engineering Secure Software and Systems, April 6-8, 2016, Royal Holloway University of London, UK
TPC co-chair for EuroSec 2015, the 8th European Workshop on Systems Security, April 21, 2015, Bordeaux, France
TPC co-chair for ESSoS 2015, the 7th International Symposium on Engineering Secure Software and Systems, March 4-6, 2015, Milan, Italy
TPC chair for DFRWS 2014, the 14th Annual Digital Forensics Research Conference, August 3-6, 2014, Denver, CO
TPC co-chair for EuroSec 2014, the 7th European Workshop on Systems Security, April 13, 2014, Amsterdam, The Netherlands
TPC vice-chair for DFRWS 2013, the 13th Annual Digital Forensics Research Conference, August 4-7, 2013, Monterey, CA

TPC member for ASIACCS 2021, the 16th ACM Asia Conference on Computer and Communications Security, June 7-11, 2020, Hong Kong, China
TPC member for ACM CCS 2020, the 27th ACM Conference on Computer and Communications Security, Nov 9-13, 2020, Virtual Event
TPC member for DIMVA 2020, the 17th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, June 24-26, 2020, Virtual Event
TPC member for NDSS 2020, the 2020 Network and Distributed System Security Symposium, February 23-26, 2020, San Diego, CA
TPC member for IEEE S&P 2020, the 41st IEEE Symposium on Security & Privacy, May 18-20, 2020, San Francisco, CA
TPC member for IEEE S&P 2019, the 40th IEEE Symposium on Security & Privacy, May 20-22, 2019, San Francisco, CA
TPC member for NDSS 2019, the 2019 Network and Distributed System Security Symposium, February 24-27, 2019, San Diego, CA
TPC member for ASIACCS 2018, the 13th ACM Asia Conference on Computer and Communications Security, June 4-8, 2018, Songdo, Incheon, South Korea
TPC member for IEEE S&P 2018, the 39th IEEE Symposium on Security & Privacy, May 21-23, 2018, San Francisco, CA
TPC member for eCrime 2018, the 13th Symposium on Electronic Crime Research, May 15-17, 2018, San Diego, CA
TPC member for ACM CCS 2017, the 24th ACM Conference on Computer and Communications Security, October 30-Nov 4, 2017, Dallas, TX
TPC member for USENIX Security 2017, the 26th USENIX Security Symposium, August 16-18, 2017, Vancouver, Canada
TPC member for eCrime 2017, the 12th Symposium on Electronic Crime Research, April 25-27, 2017, Scottsdale, AR
TPC member for ASIACCS 2017, the 12th ACM Asia Conference on Computer and Communications Security, April 2-6, 2017, Abu Dabhi, UAE
TPC member for ACM CCS 2016, the 23rd ACM Conference on Computer and Communications Security, October 24-28, 2016, Viena, Austria
TPC member for RV 2016, the 16th International Conference on Runtime Verification, September, 2016, Madrid, Spain
TPC member for USENIX Security 2016, the 25th USENIX Security Symposium, August 10-12, 2016, Austin, TX
TPC member for eCrime 2016, the 11th Symposium on Electronic Crime Research, June 1-3, 2016, Toronto, Canada
TPC member for ASIACCS 2016, the 11th ACM Asia Conference on Computer and Communications Security, May 30-June 3, 2016, Xian, China
TPC member for ACM CCS 2015, the 22nd ACM Conference on Computer and Communications Security, October 12-16, 2015, Denver, CO
TPC member for JNIC 2015, I Jornadas Nacionales de Investigación en Ciberseguridad, September 14-16, 2015, Leon, Spain
TPC member for WOOT 2015, the 9th USENIX Workshop on Offensive Technologies, August 10-11, 2015, Washington DC
TPC member for USENIX Security 2015, the 24th USENIX Security Symposium, August 12-14, 2015, Washington DC
TPC member for NDSS 2015, the 2015 Network and Distributed System Security Symposium, February 8-11, 2015, San Diego, CA
TPC member for IEEE S&P 2014, the 35th IEEE Symposium on Security & Privacy, May 18-21, 2014, San Jose, CA
TPC member for NIER-ICSE 2014, the ICSE 2014 New Ideas and Emerging Results Track, May 31-June 7, 2014, Hyderabad, India
TPC member for NDSS 2014, the 2014 Network and Distributed System Security Symposium, February 23-26, 2014, San Diego, CA
TPC member for RAID 2013, the 16th International Symposium on Research in Attacks, Intrusions and Defenses, October 23-25, 2013, St. Lucia
TPC member for DIMVA 2013, the 10th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 18-19, 2013, Berlin, Germany
TPC member for WWW 2013, the 22nd International World Wide Web Conference, May 13-17, 2013, Rio de Janeiro, Brazil
TPC member for IEEE S&P 2013, the 34th IEEE Symposium on Security & Privacy, May 19-22, 2013, San Francisco, CA
TPC member for PPREW 2013, the 2nd ACM SIGPLAN Program Protection and Reverse Engineering Workshop, January 26, 2013, Rome, Italy
TPC member for RAID 2012, the 15th International Symposium on Research in Attacks, Intrusions and Defenses, September 12-14, 2012, Amsterdam, The Netherlands
TPC member for RECSI 2012, XII Spanish Meeting on Cryptology and Information Security, September 4-7, 2012, San Sebastian, Spain
TPC member for DFRWS 2012, the 12th Annual Digital Forensics Research Conference, August 6-8, 2012, Washington, DC
TPC member for DIMVA 2012, the 9th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 26-27, 2012, Heraklion, Greece
TPC member for PST 2012, the 10th Annual Conference on Privacy, Security and Trust, July 16-18, 2012, Paris, France
TPC member for IEEE S&P 2012, the 33th IEEE Symposium on Security & Privacy, May 20-23, 2012, San Francisco, CA
TPC member for RAID 2011,  the 14th International Symposium on Recent Advances in Intrusion Detection, September 20-21, 2011, Menlo Park, CA
TPC member for DIMVA 2011, the 8th Conference on Detection of Intrusions and Malware & Vulnerability Assesment , July 7-8, 2011, Amsterdam, The Netherlands
TPC member for ICPADS 2010 (Security and Trustworthy Computing track), the 16th International Conference on Parallel and Distributed Systems, December 8-10, 2010, Shangai, China
TPC member for eCrime 2010, the 5th annual APWG eCrime Researchers Summit, October 18-20, 2010, Dallas, TX
TPC member for EuroCat 2010, the 4th Workshop on Combining Context with Trust, Security, and Privacy, August 23-24, 2010, Nice, France
TPC member for DIMVA 2010, the 7th Conference on Detection of Intrusions and Malware & Vulnerability Assesment , July 8-9, 2010, Bonn, Germany

Bug Finding

OSVDB-66497 : Cutwail Bot C&C Parsing Remote Overflow
OSVDB-66498 : Gheg Bot C&C Parsing Null Dereference Remote DoS
OSVDB-66499 : Zbot Trojan C&C Parsing Null Dereference Remote DoS
OSVDB-66500 : Zbot Trojan C&C Parsing Infinite Loop Remote DoS
OSVDB-66501 : Zbot Trojan C&C Decompression Remote Overflow

CVE-2008-3465 (MS08-071) :  Heap-based buffer overflow in an gdi32.dll
Affects: Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008

Publications

Refereed 

• [CSUR] A Survey on Binary Code Similarity PDF Bibtex  Publisher
  Irfan Ul Haq, Juan Caballero.
  In ACM Computing Surveys
  Accepted on December 2020
  
• [S&P 2021] How Did That Get In My Phone? Unwanted App Distribution on Android Devices PDF Bibtex  Publisher
  Platon Kotzias, Juan Caballero, Leyla Bilge
  In Proceedings of the 42nd IEEE Symposium on Security & Privacy, San Francisco, CA, May 2021
  
• [ACSAC 2020] AVClass2: Massive Malware Tag Extraction from AV Labels PDF Bibtex  Publisher
  Silvia Sebastián, Juan Caballero
  In Proceedings of the 2020 Annual Computer Security Applications Conference, Virtual Event, December 2020
  Acceptance Rate: 23.2%  [70/302]
• [CCS 2020] Towards Attribution in Mobile Markets: Identifying Developer Account Polymorphism PDF Bibtex  Publisher
  Silvia Sebastián, Juan Caballero
  In Proceedings of the 27th ACM Conference on Computer and Communication Security, Virtual Event, November 2020
  Acceptance Rate: 17.0%  [121/715]
• [NDSS 2020] Cross-Origin State Inference (COSI) Attacks: Leaking Web Site States through XS-Leaks Bibtex  Publisher
  Avinash Sudhodanan, Soheil Khodayari, Juan Caballero
  In Proceedings of the 2020 Network and Distributed System Security Symposium, San Diego, CA, February 2020
  Acceptance Rate: 17.4%  [88/506]
• [NDSS 2019] Mind your Own Business: A Longitudinal Study of Threats and Vulnerabilities in Enterprises PDF Bibtex  Publisher
  Platon Kotzias, Leyla Bilge, Pierre-Antoine Vervier, Juan Caballero
  In Proceedings of the 2019 Network and Distributed System Security Symposium, San Diego, CA, February 2019
  Acceptance Rate: 17.1%  [89/521]
• [IEEE TIFS Journal] The MalSource Dataset: Quantifying Complexity and Code Reuse in Malware Development PDF Bibtex  Publisher
  Alejandro Calleja, Juan Tapiador, Juan Caballero
  In IEEE Transactions on Information Forensics and Security, 2019
  
• [Information Security Journal] Costly Freeware: A Systematic Analysis of Abuse in Download Portals PDF Bibtex  Publisher
  Richard Rivera, Platon Kotzias, Avinash Sudhodanan, Juan Caballero
  In IET Information Security Journal, January 2019
  
• [CCS 2018] Pinpointing Insecure Cryptographic Keys from Execution Traces PDF Bibtex  Publisher
  Juanru Li, Zhiqiang Lin, Juan Caballero, Yuanyuan Zhang, Dawu Gu
  In Proceedings of the 25th ACM Conference on Computer and Communication Security, Toronto, Canada, October 2018
  Acceptance Rate: 16.6%  [104/809]
• [IMC 2018] Coming of Age: A Longitudinal Study of TLS Deployment PDF Bibtex  Publisher
  Platon Kotzias, Abbas Razaghpanah, Johanna Amann, Kenneth G. Paterson, Narseo Vallina-Rodriguez, Juan Caballero
  In Proceedings of ACM Internet Measurement Conference, Boston, MA, October 2018
  Acceptance Rate: 24.7%  [43/174]
• [COSE Journal] Malware Lineage in the Wild PDF Bibtex  Publisher
  Irfan Ul Haq, Sergio Chica, Juan Caballero, Somesh Jha
  In Computers & Security Journal, August 2018
  
• [AsiaCCS 2018] BCD: Decomposing Binary Code Into Components Using Graph-Based Clustering PDF Bibtex  Publisher
  Vishal Karande, Swarup Chandra, Zhiqiang Lin, Juan Caballero, Latifur Khan, Kevin Hamlen
  In Proceedings of the 13th ACM ASIA Conference on Information, Computer and Communications Security, Songdo, Korea, June 2018
  Acceptance Rate: 20.0%  [62/310]
• [WEIS 2017] An Analysis of Pay-per-Install Economics Using Entity Graphs PDF Bibtex  Publisher
  Platon Kotzias, Juan Caballero
  In 16th Annual Workshop on the Economics of Information Security, San Diego, CA, June 2017
  Acceptance Rate: 31.4%  [22/70]
• [S&P 2017] A Lustrum of Malware Network Communication: Evolution and Insights PDF Bibtex  Publisher
  Chaz Lever, Platon Kotzias, Davide Balzarotti, Juan Caballero, Manos Antonakakis.
  In Proceedings of the 38th IEEE Symposium on Security & Privacy, San Jose, CA, May 2017
  Acceptance Rate: 13.3%  [60/450]
• [NDSS 2017] Dissecting Tor Bridges: a Security Evaluation of their Private and Public Infrastructures PDF Bibtex  Publisher
  Srdjan Matic, Carmela Troncoso, Juan Caballero.
  In Proceedings of the 2017 Network and Distributed System Security Symposium, San Diego, CA, February 2017
  Acceptance Rate: 16.1%  [68/423]
• [ACSAC 2016] RevProbe: Detecting Silent Reverse Proxies in Malicious Server Infrastructures PDF Bibtex  Publisher
  Antonio Nappa, Rana Faisal Munir, Irfan Khan Tanoli, Christian Kreibich, Juan Caballero.
  In Proceedings of the 2016 Annual Computer Security Applications Conference, Los Angeles, CA, December 2016
  Acceptance Rate: 22.8%  [48/210]
• [RAID 2016] AVClass: A Tool for Massive Malware Labeling PDF Bibtex  Publisher
  Marcos Sebastian, Richard Rivera, Platon Kotzias, Juan Caballero.
  In Proceedings of the 19th International Symposium on Research in Attacks, Intrusions and Defenses, Evry, France, September 2016
  Acceptance Rate: 25.9%  [21/81]
• [RAID 2016] A Look into 30 Years of Malware Development from a Software Metrics Perspective PDF Bibtex  Publisher
  Alejandro Calleja, Juan Tapiador, Juan Caballero.
  In Proceedings of the 19th International Symposium on Research in Attacks, Intrusions and Defenses, Evry, France, September 2016
  Acceptance Rate: 25.9%  [21/81]
• [USENIX Security 2016] Measuring PUP Prevalence and PUP Distribution through Pay-Per-Install Services PDF Bibtex  Publisher
  Platon Kotzias, Leyla Bilge, Juan Caballero.
  In Proceedings of the 25th USENIX Security Symposium, Austin, TX, August 2016
  Acceptance Rate: 15.5%  [72/463]
• [CSUR] Type Inference on Executables PDF Bibtex  Publisher
  Juan Caballero, Zhiqiang Lin.
  In ACM Computing Surveys 48:4, 65:1-65:35, May 2016
  
• [CCS 2015] Caronte: Detecting Location Leaks for Deanonymizing Tor Hidden Services PDF Bibtex  Publisher
  Srdjan Matic, Platon Kotzias, Juan Caballero.
  In Proceedings of the 22nd ACM Conference on Computer and Communication Security, Denver, CO, October 2015
  Acceptance Rate: 19.8%  [128/646]
• [CCS 2015] Certified PUP: Abuse in Authenticode Code Signing PDF Bibtex  Publisher
  Platon Kotzias, Srdjan Matic, Richard Rivera, Juan Caballero.
  In Proceedings of the 22nd ACM Conference on Computer and Communication Security, Denver, CO, October 2015
  Acceptance Rate: 19.8% [128/646]
• [WODA 2015] Ayudante: Identifying Undesired Variable Interactions PDF Bibtex  Publisher
  Irfan Ul Haq, Juan Caballero, Michael D. Ernst.
  In Proceedings of the 13th International Workshop on Dynamic Analysis, Pittsburgh, PA, October 2015
  
• [S&P 2015] The Attack of the Clones: A Study of the Impact of Shared Code on Vulnerability Patching PDF Bibtex  Publisher
  Antonio Nappa, Richard Johnson, Leyla Bilge, Juan Caballero, Tudor Dimitras.
  In Proceedings of the 36th IEEE Symposium on Security & Privacy, San Jose, CA, May 2015
  Acceptance Rate: 13.7% [55/400]
• [ACSAC 2014] Network Dialog Minimization and Network Dialog Diffing: Two Novel Primitives for Network Security Applications PDF Bibtex  Publisher
  M. Zubair Rafique, Juan Caballero, Christophe Huygens, Wouter Joosen.
  In Proceedings of the 2014 Annual Computer Security Applications Conference, New Orleans, LA, December 2014
  Acceptance Rate: 19.9%  [47/236]
• [CCS 2014] AutoProbe: Towards Automatic Active Malicious Server Probing Using Dynamic Binary Analysis PDF Bibtex  Publisher
  Zhaoyan Xu, Antonio Nappa, Robert Baykov, Guangliang Yang, Juan Caballero, Guofei Gu.
  In Proceedings of the 21st ACM Conference on Computer and Communication Security, Scottsdale, AZ, November 2014
  Acceptance Rate: 19.5% [114/585]
• [IMC 2014] WhoWas: A Platform for Measuring Web Deployments on IaaS Clouds PDF Bibtex  Publisher
  Liang Wang, Antonio Nappa, Juan Caballero, Thomas Ristenpart, Aditya Akella.
  In Proceedings of the 2014 ACM Internet Measurement Conference, Vancouver, Canada, November 2014
  Acceptance Rate: 22.9% [43/188]
• [ESORICS 2014] SigPath: A Memory Graph Based Approach for Program Data Introspection and Modification PDF Bibtex  Publisher
  David Urbina, Yufei Gu, Juan Caballero, Zhiqiang Lin.
  In Proceedings of the 19th European Symposium on Research in Computer Security, Wroclaw, Poland, September, 2014
  Acceptance Rate: 24.8% [58/234]
• [IJIS Journal] The MALICIA Dataset: Identification and Analysis of Drive-by Download Operations PDF Bibtex  Publisher
  Antonio Nappa, M. Zubair Rafique, Juan Caballero.
  In International Journal of Information Security, June 2014
  
• [NDSS 2014] CyberProbe: Towards Internet-Scale Active Detection of Malicious Servers PDF Bibtex  Publisher
  Antonio Nappa, Zhaoyan Xu, M. Zubair Rafique, Juan Caballero, Guofei Gu.
  In Proceedings of the 2014 Network and Distributed System Security Symposium, San Diego, CA, February, 2014
  Acceptance Rate: 18.6% [55/295]
• [RAID 2013] FIRMA: Malware Clustering and Network Signature Generation with Mixed Network Behaviors PDF Bibtex  Publisher
  M. Zubair Rafique and Juan Caballero.
  In Proceedings of the 16th International Symposium on Research in Attacks, Intrusions and Defenses, St. Lucia, October, 2013
  Acceptance Rate: 22.6% [21/93]
• [DIMVA 2013] Driving in the Cloud: An Analysis of Drive-by Download Operations and Abuse Reporting PDF Bibtex  Publisher
  Antonio Nappa, M. Zubair Rafique, and Juan Caballero.
  In Proceedings of the 10th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, Berlin, Germany, July 2013
  Acceptance Rate: 31.6% [12/38]
• [Computer Networks] Automatic protocol reverse-engineering: Message format extraction and field semantics inference PDF Bibtex  Publisher
  Juan Caballero and Dawn Song.
  In Computer Networks 57:2,451-474,  February 2013
  
• [CCS 2012] Manufacturing Compromise: The Emergence of Exploit-as-a-Service PDF Bibtex  Publisher
  Chris Grier, Lucas Ballard, Juan Caballero, Neha Chachra, Christian J. Dietrich, Kirill Levchenko, Panayiotis Mavrommatis,
  Damon McCoy, Antonio Nappa, Andreas Pitsillidis, Niels Provos, M. Zubair Rafique, Moheeb Abu Rajab, Christian Rossow,
  Kurt Thomas, Vern Paxson, Stefan Savage, Geoffrey M. Voelker.
  In Proceedings of the 19th ACM Conference on Computer and Communication Security, Raleigh, NC, October 2012.
  Acceptance Rate: 18.9% [80/423]
• [ISSTA 2012] Undangle: Early Detection of Dangling Pointers in Use-After-Free and Double-Free Vulnerabilities PDF Bibtex  Publisher
  Juan Caballero, Gustavo Grieco, Mark Marron and Antonio Nappa.
  In Proceedings of the 2012 International Symposium on Software Testing and Analysis, Minneapolis, MN, July 2012.
  Acceptance Rate: 28.7% [31/108]
• [Usenix Security 2011] Measuring Pay-per-Install: The Commoditization of Malware Distribution PDF Bibtex  Publisher
  Juan Caballero, Chris Grier, Christian Kreibich, Vern Paxson.
  In Proceedings of the 20th USENIX Security Symposium, San Francisco, CA, August 2011.
  Acceptance Rate: 17.1% [35/204]
  Read the article at MIT Technology Review
  
* Outstanding Paper Award

• [S&P 2011] Differential Slicing: Identifying Causal Execution Differences for Security Applications PDF Bibtex  Publisher
  Noah M. Johnson, Juan Caballero, Kevin Zhijie Chen, Stephen McCamant, Pongsin Poosankam, Daniel Reynaud, Dawn Song.
  In Proceedings of the 32th IEEE Symposium on Security & Privacy, Oakland, CA, May 2011.
  Acceptance Rate: 11.1% [34/306]
  
• [CCS 2010] Input Generation via Decomposition and Re-Stitching: Finding Bugs in Malware PDF Bibtex Publisher
  Juan Caballero, Pongsin Poosankam, Stephen McCamant, Domagoj Babic, Dawn Song.
  In Proceedings of the 17th ACM Conference on Computer and Communication Security, Chicago, IL, October 2010.
  Acceptance Rate: 17.2% [55/320]
  
• [LEET 2010] Insights from the Inside: A View of Botnet Management from Infiltration PDF Bibtex Publisher
  Chia Yuan Cho, Juan Caballero, Chris Grier, Vern Paxson, Dawn Song.
  In Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, San Jose, CA, April 2010.
  Acceptance Rate: 31.4% [11/35]
  
• [NDSS 2010] Binary Code Extraction and Interface Identification for Security Applications PDF Bibtex Publisher
  Juan Caballero, Noah M. Johnson, Stephen McCamant and Dawn Song.
  In Proceedings of the 17th Annual Network and Distributed System Security Symposium, San Diego, CA, February 2010.
  Acceptance Rate: 15.4% [24/156]
  
• [CCS 2009] Dispatcher: Enabling Active Botnet Infiltration using Automatic Protocol Reverse-Engineering PDF Bibtex Publisher
  Juan Caballero, Pongsin Poosankam, Christian Kreibich, Dawn Song.
  In Proceedings of the 16th ACM Conference on Computer and Communication Security, Chicago, IL, November 2009.
  Acceptance Rate: 18.4% [58/315]
  Read the article at MIT Technology Review
  
• [RAID 2009] Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration   PDF Bibtex Publisher
  Juan Caballero, Zhenkai Liang, Pongsin Poosankam, Dawn Song.
  In Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection, Saint-Malo, France, September 2009.
  Acceptance Rate: 28.3% [17/60] 
  
• [S&P 2009] Secure Content Sniffing for Web Browsers or How to Stop Papers from Reviewing Themselves PDF Bibtex Publisher
  Adam Barth, Juan Caballero, Dawn Song.
  In Proceedings of the 30th IEEE Symposium on Security & Privacy, Oakland, CA, May 2009.
  Acceptance Rate: 10.2% [26/254] 
  Our String-Enhanced White-Box Exploration technique is detailed in our companion Technical Report
  
• [ICISS2008] BitBlaze: A New Approach to Computer Security via Binary Analysis PDF Bibtex Publisher
  Dawn Song, David Brumley, Heng Yin,Juan Caballero, Ivan Jager, Min Gyung Kang, Zhenkai Liang, James Newsome,
  Pongsin Poosankam, Prateek Saxena .
  In Proceedings of the 4th International Conference on Information Systems Security, Hyderabad, India, December 2008.
  * Invited paper
  
• [NDSS 2008] Would Diversity Really Increase the Robustness of the Routing Infrastructure against Software Defects? PDF Bibtex Publisher
  Juan Caballero, Theocharis Kampouris, Dawn Song, Jia Wang.
  In Proceedings of the 15th Annual Network and Distributed System Security Symposium, San Diego, CA, February 2008.
  Acceptance Rate: 17.8%  [21/118]
  We also have an extended, though less polished, version containing all the algorithms and more results PDF
  
• [CCS 2007] Polyglot: Automatic Extraction of Protocol Message Format using Dynamic Binary Analysis. PDF Bibtex Slides Publisher
  Juan Caballero, Heng Yin, Zhenkai Liang, Dawn Song.
  In Proceedings of the 14th ACM Conference on Computer and Communication Security, Alexandria, VA, October 2007.
  Acceptance Rate: 18.1% [55/303]
  
• [USENIX Security 2007] Towards Automatic Discovery of Deviations in Binary Implementations with
  Applications to Error Detection and Fingerprint Generation. PDF Bibtex Publisher
  David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, and Dawn Song.
  In Proceedings of the 16th USENIX Security Symposium, Boston, MA, August 2007.
  Acceptance Rate: 12.3% [23/187]
  * Conference Best Paper Award
  
• [DIMVA 2007] Distributed Evasive Scan Techniques and Countermeasures. PDF Bibtex Publisher
  Min Gyung Kang, Juan Caballero, Dawn Song.
  In Proceedings of the Fourth GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment,
  Lucerne, Switzerland, July 2007.
  Acceptance Rate: 24.6% [14/57]
  
• [NDSS 2007] FiG: Automatic Fingerprint Generation. PDF Bibtex Publisher
  Juan Caballero, Shobha Venkataraman, Pongsin Poosankam, Min Gyung Kang, Dawn Song and Avrim Blum.
  In Proceedings of the 14th Annual Network and Distributed System Security Symposium, San Diego, CA, February 2007.
  Acceptance Rate: 14.4% [18/125]
  
• [HOTNETS 2006] Black-box Anomaly Detection: Is it Utopian? PDF Bibtex Publisher
  Shobha Venkataraman, Juan Caballero, Dawn Song, Avrim Blum and Jennifer Yates.
  In Proceedings of the Fifth Workshop on Hot Topics in Networking (HotNets-V), Irvine, CA, November 2006.
  Acceptance Rate: 20.2% [23/114]

Non-Refereed

• [ERCIM 90] Understanding the Role of Malware in Cybercrime PDF  Bibtex  Publisher
  Juan Caballero.
  In ERCIM News 90, 12 -15, July 2012.
  
• [BlackHat 2010] Crash Analysis with Bitblaze PDF Publisher
  Charlie Miller, Juan Caballero, Noah M. Johnson, Min Gyung Kang, Stephen McCamant, Pongsin Poosankam, Dawn Song.
  In BlackHat 2010, Las Vegas, NV, July 2010.

Technical Reports

The following technical reports contain material that has not been published in other form.
They correspond to extended versions of the above papers or have only been partially superseeded by one of the above papers.
For a complete list of my technical reports, drop me an email.

Thesis

• Grammar and Model Extraction for Security Applications using Dynamic Program Binary Analysis. PDF
  Juan Caballero.
  Ph.D. thesis in Electrical & Computer Engineering, Carnegie Mellon University, Pittsburgh, PA, September 2010.

• Experimental Study of a Network Access Server for a Public WLAN Access Network. PDF
  Juan Caballero and Daniel Malmkvist.
  M.Sc. thesis at Royal Institute of Technology, Stockholm, Sweden, January 2002.