by Steve Hanna

Juan Caballero

Associate Research Professor
IMDEA Software Institute
Madrid, Spain

Contact:

Phone: +34-911012202 Ext: 4137
Address: 
  Instituto IMDEA Software
  Campus de Montegancedo S/N
  28223 Pozuelo de Alarcon
  Madrid, SPAIN

I have joined the IMDEA Sofware Institute in Madrid, Spain after receiving my Ph.D in ECE from Carnegie Mellon University.
I was advised by Professor Dawn Song.

My interest lies in Computer Security, Program Analysis, and Networking .
Currently, I develop program binary analysis techniques to address security issues in systems, software, and networks.
Some areas that interest me are Binary Analysis / Reverse Engineering, Web Security, Malware Analysis,
Fingerprinting, Anomaly Detection, and Intrusion Detection.

Prior to my Ph.D I received a Telecommunications Engineer degree from Universidad Politecnica de Madrid (UPM) in 
Madrid, Spain and a M.Sc. in Electrical and Computer Engineering from the Royal Institute of Technology (KTH) in
Stockholm, Sweden.

In October 2003 I was awarded the La Caixa Foundation Fellowship, arguably the most prestigious fellowship for
international graduate studies awarded in Spain.

Starting in May 2002 and for two years I held positions as R&D Engineer and Systems Engineer in Orange (formerly Amena),
a spanish cell phone carrier.

Service

TPC chair for ACSAC 2018, the 2018 Annual Computer Security Applications Conference, December 3-7, 2018, San Juan, Puerto Rico
TPC co-chair for ACSAC 2017, the 2017 Annual Computer Security Applications Conference, December 4-8, 2017, Orlando, FL
TPC chair for DIMVA 2016, the 13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 7-8, 2016, San Sebastian, Spain
TPC co-chair for ESSoS 2016, the 8th International Symposium on Engineering Secure Software and Systems, April 6-8, 2016, Royal Holloway University of London, UK
TPC co-chair for EuroSec 2015, the 8th European Workshop on Systems Security, April 21, 2015, Bordeaux, France
TPC co-chair for ESSoS 2015, the 7th International Symposium on Engineering Secure Software and Systems, March 4-6, 2015, Milan, Italy
TPC chair for DFRWS 2014, the 14th Annual Digital Forensics Research Conference, August 3-6, 2014, Denver, CO
TPC co-chair for EuroSec 2014, the 7th European Workshop on Systems Security, April 13, 2014, Amsterdam, The Netherlands
TPC vice-chair for DFRWS 2013, the 13th Annual Digital Forensics Research Conference, August 4-7, 2013, Monterey, CA

TPC member for ASIACCS 2021, the 16th ACM Asia Conference on Computer and Communications Security, June 7-11, 2020, Hong Kong, China
TPC member for ACM CCS 2020, the 27th ACM Conference on Computer and Communications Security, Nov 9-13, 2020, Virtual Event
TPC member for DIMVA 2020, the 17th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, June 24-26, 2020, Virtual Event
TPC member for NDSS 2020, the 2020 Network and Distributed System Security Symposium, February 23-26, 2020, San Diego, CA
TPC member for IEEE S&P 2020, the 41st IEEE Symposium on Security & Privacy, May 18-20, 2020, San Francisco, CA
TPC member for IEEE S&P 2019, the 40th IEEE Symposium on Security & Privacy, May 20-22, 2019, San Francisco, CA
TPC member for NDSS 2019, the 2019 Network and Distributed System Security Symposium, February 24-27, 2019, San Diego, CA
TPC member for ASIACCS 2018, the 13th ACM Asia Conference on Computer and Communications Security, June 4-8, 2018, Songdo, Incheon, South Korea
TPC member for IEEE S&P 2018, the 39th IEEE Symposium on Security & Privacy, May 21-23, 2018, San Francisco, CA
TPC member for eCrime 2018, the 13th Symposium on Electronic Crime Research, May 15-17, 2018, San Diego, CA
TPC member for ACM CCS 2017, the 24th ACM Conference on Computer and Communications Security, October 30-Nov 4, 2017, Dallas, TX
TPC member for USENIX Security 2017, the 26th USENIX Security Symposium, August 16-18, 2017, Vancouver, Canada
TPC member for eCrime 2017, the 12th Symposium on Electronic Crime Research, April 25-27, 2017, Scottsdale, AR
TPC member for ASIACCS 2017, the 12th ACM Asia Conference on Computer and Communications Security, April 2-6, 2017, Abu Dabhi, UAE
TPC member for ACM CCS 2016, the 23rd ACM Conference on Computer and Communications Security, October 24-28, 2016, Viena, Austria
TPC member for RV 2016, the 16th International Conference on Runtime Verification, September, 2016, Madrid, Spain
TPC member for USENIX Security 2016, the 25th USENIX Security Symposium, August 10-12, 2016, Austin, TX
TPC member for eCrime 2016, the 11th Symposium on Electronic Crime Research, June 1-3, 2016, Toronto, Canada
TPC member for ASIACCS 2016, the 11th ACM Asia Conference on Computer and Communications Security, May 30-June 3, 2016, Xian, China
TPC member for ACM CCS 2015, the 22nd ACM Conference on Computer and Communications Security, October 12-16, 2015, Denver, CO
TPC member for JNIC 2015, I Jornadas Nacionales de Investigación en Ciberseguridad, September 14-16, 2015, Leon, Spain
TPC member for WOOT 2015, the 9th USENIX Workshop on Offensive Technologies, August 10-11, 2015, Washington DC
TPC member for USENIX Security 2015, the 24th USENIX Security Symposium, August 12-14, 2015, Washington DC
TPC member for NDSS 2015, the 2015 Network and Distributed System Security Symposium, February 8-11, 2015, San Diego, CA
TPC member for IEEE S&P 2014, the 35th IEEE Symposium on Security & Privacy, May 18-21, 2014, San Jose, CA
TPC member for NIER-ICSE 2014, the ICSE 2014 New Ideas and Emerging Results Track, May 31-June 7, 2014, Hyderabad, India
TPC member for NDSS 2014, the 2014 Network and Distributed System Security Symposium, February 23-26, 2014, San Diego, CA
TPC member for RAID 2013, the 16th International Symposium on Research in Attacks, Intrusions and Defenses, October 23-25, 2013, St. Lucia
TPC member for DIMVA 2013, the 10th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 18-19, 2013, Berlin, Germany
TPC member for WWW 2013, the 22nd International World Wide Web Conference, May 13-17, 2013, Rio de Janeiro, Brazil
TPC member for IEEE S&P 2013, the 34th IEEE Symposium on Security & Privacy, May 19-22, 2013, San Francisco, CA
TPC member for PPREW 2013, the 2nd ACM SIGPLAN Program Protection and Reverse Engineering Workshop, January 26, 2013, Rome, Italy
TPC member for RAID 2012, the 15th International Symposium on Research in Attacks, Intrusions and Defenses, September 12-14, 2012, Amsterdam, The Netherlands
TPC member for RECSI 2012, XII Spanish Meeting on Cryptology and Information Security, September 4-7, 2012, San Sebastian, Spain
TPC member for DFRWS 2012, the 12th Annual Digital Forensics Research Conference, August 6-8, 2012, Washington, DC
TPC member for DIMVA 2012, the 9th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 26-27, 2012, Heraklion, Greece
TPC member for PST 2012, the 10th Annual Conference on Privacy, Security and Trust, July 16-18, 2012, Paris, France
TPC member for IEEE S&P 2012, the 33th IEEE Symposium on Security & Privacy, May 20-23, 2012, San Francisco, CA
TPC member for RAID 2011,  the 14th International Symposium on Recent Advances in Intrusion Detection, September 20-21, 2011, Menlo Park, CA
TPC member for DIMVA 2011, the 8th Conference on Detection of Intrusions and Malware & Vulnerability Assesment , July 7-8, 2011, Amsterdam, The Netherlands
TPC member for ICPADS 2010 (Security and Trustworthy Computing track), the 16th International Conference on Parallel and Distributed Systems, December 8-10, 2010, Shangai, China
TPC member for eCrime 2010, the 5th annual APWG eCrime Researchers Summit, October 18-20, 2010, Dallas, TX
TPC member for EuroCat 2010, the 4th Workshop on Combining Context with Trust, Security, and Privacy, August 23-24, 2010, Nice, France
TPC member for DIMVA 2010, the 7th Conference on Detection of Intrusions and Malware & Vulnerability Assesment , July 8-9, 2010, Bonn, Germany

Bug Finding

OSVDB-66497 : Cutwail Bot C&C Parsing Remote Overflow
OSVDB-66498 : Gheg Bot C&C Parsing Null Dereference Remote DoS
OSVDB-66499 : Zbot Trojan C&C Parsing Null Dereference Remote DoS
OSVDB-66500 : Zbot Trojan C&C Parsing Infinite Loop Remote DoS
OSVDB-66501 : Zbot Trojan C&C Decompression Remote Overflow

CVE-2008-3465 (MS08-071) :  Heap-based buffer overflow in an gdi32.dll
Affects: Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008

Publications

Refereed 

Non-Refereed

Technical Reports

The following technical reports contain material that has not been published in other form.
They correspond to extended versions of the above papers or have only been partially superseeded by one of the above papers.
For a complete list of my technical reports, drop me an email.

Thesis