Juan Caballero

Ph.D. Candidate
Electrical and Computer Engineering Department
Carnegie Mellon University

Currently I am visiting at UC Berkeley

Contact:

Phone: (510)-643-4603
Address:
Soda Hall 725
Computer Science Division
University of California
Berkeley, CA 94720-1776
USA

I am a Ph.D candidate at ECE in Carnegie Mellon University advised by Professor Dawn Song.
Currently, I am visiting at EECS in UC Berkeley where my advisor got a position.
My interest lies in Computer Security, Networking, and Program Analysis with an emphasis on
applying Program Analysis techniques to address security issues in systems, software, and networks.
I have worked on projects on Binary Analysis, Protocol Reverse Engineering, Web Security,
Malware Analysis, Fingerprinting, Network Robustness against failures, Anomaly Detection,
Worm Detection, and Intrusion Detection.

I am a member of both the Bitblaze and Webblaze research groups.
The Bitblaze research group focuses on applying binary analysis techniques to security problems,
while the Webblaze research group focuses on improving web security.

Before coming to CMU, I received a Telecommunications Engineer degree from Universidad Politecnica de Madrid (UPM) in
Madrid, Spain and a M.Sc. in Electrical and Computer Engineering from the Royal Institute of Technology (KTH) in
Stockholm, Sweden.

In October 2003 I was awarded the La Caixa Foundation Fellowship, arguably the most prestigious fellowship for
international graduate studies awarded in Spain.

Starting in May 2002 and for two years I held positions as R&D Engineer and Systems Engineer in Orange (formerly Amena),
a spanish cell phone carrier.

Service

I am in the program commitee for DIMVA 2010, the 7th Conference on Detection of Intrusions and Malware & Vulnerability Assesment
July 8-9th, 2010 at Bonn, Germany
Consider submitting your best work and attending!

Bug Finding

CVE-2008-3465 (MS08-071) Heap-based buffer overflow in an gdi32.dll
Affects: Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008

Publications

Refereed

[NDSS 2010] Binary Code Extraction and Interface Identification for Security Applications PDF Bibtex Publisher
Juan Caballero, Noah M. Johnson, Stephen McCamant and Dawn Song.
In Proceedings of the 17th Annual Network and Distributed System Security Symposium, San Diego, CA, February 2010.
Acceptance Rate: 15.4% [24/156]
[CCS 2009] Dispatcher: Enabling Active Botnet Infiltration using Automatic Protocol Reverse-Engineering PDF Bibtex Publisher
Juan Caballero, Pongsin Poosankam, Christian Kreibich, and Dawn Song.
In Proceedings of the 16th ACM Conference on Computer and Communication Security, Chicago, IL, November 2009.
Acceptance Rate: 18.4% [58/315]
Read the article at MIT Technology Review
[RAID 2009] Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration PDF Bibtex Publisher
Juan Caballero, Zhenkai Liang, Pongsin Poosankam, and Dawn Song.
In Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection, Saint-Malo, France, September 2009.
Acceptance Rate: 28.3% [17/60]
[Oakland 2009] Secure Content Sniffing for Web Browsers or How to Stop Papers from Reviewing Themselves PDF Bibtex Publisher
Adam Barth, Juan Caballero, and Dawn Song.
In Proceedings of the 30th IEEE Symposium on Security & Privacy, Oakland, CA, May 2009.
Acceptance Rate: 10.2% [26/254]
Our String-Enhanced White-Box Exploration technique is detailed in our companion Technical Report
[ICISS2008] BitBlaze: A New Approach to Computer Security via Binary Analysis PDF Bibtex Publisher
Dawn Song, David Brumley, Heng Yin, Juan Caballero, Ivan Jager, Min Gyung Kang, Zhenkai Liang, James Newsome,
Pongsin Poosankam, and Prateek Saxena .
In Proceedings of the 4th International Conference on Information Systems Security, Hyderabad, India, December 2008.
* Invited paper
[NDSS 2008] Would Diversity Really Increase the Robustness of the Routing Infrastructure against Software Defects? PDF Bibtex Publisher
Juan Caballero, Theocharis Kampouris, Dawn Song, and Jia Wang.
In Proceedings of the 15th Annual Network and Distributed System Security Symposium, San Diego, CA, February 2008.
Acceptance Rate: 17.8% [21/118]
We also have an extended, though less polished, version containing all the algorithms and more results PDF
[CCS 2007] Polyglot: Automatic Extraction of Protocol Message Format using Dynamic Binary Analysis. PDF Bibtex Slides Publisher
Juan Caballero, Heng Yin, Zhenkai Liang, and Dawn Song.
In Proceedings of the 14th ACM Conference on Computer and Communication Security, Alexandria, VA, October 2007.
Acceptance Rate: 18.1% [55/303]
[USENIX Security 2007] Towards Automatic Discovery of Deviations in Binary Implementations with
Applications to Error Detection and Fingerprint Generation. PDF Bibtex Publisher
David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, and Dawn Song.
In Proceedings of the 16th USENIX Security Symposium, Boston, MA, August 2007.
Acceptance Rate: 12.3% [23/187]
* Conference Best Paper Award
[DIMVA 2007] Distributed Evasive Scan Techniques and Countermeasures. PDF Bibtex Publisher
Min Gyung Kang, Juan Caballero, and Dawn Song.
In Proceedings of the Fourth GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment,
Lucerne, Switzerland, July 2007.
Acceptance Rate: 24.6% [14/57]
[NDSS 2007] FiG: Automatic Fingerprint Generation. PDF Bibtex Publisher
Juan Caballero, Shobha Venkataraman, Pongsin Poosankam, Min Gyung Kang, Dawn Song and Avrim Blum.
In Proceedings of the 14th Annual Network and Distributed System Security Symposium, San Diego, CA, February 2007.
Acceptance Rate: 14.4% [18/125]
[HOTNETS 2006] Black-box Anomaly Detection: Is it Utopian? PDF Bibtex Publisher
Shobha Venkataraman, Juan Caballero, Dawn Song, Avrim Blum and Jennifer Yates.
In Proceedings of the Fifth Workshop on Hot Topics in Networking (HotNets-V), Irvine, CA, November 2006.
Acceptance Rate: 20.2% [23/114]

Technical Reports

The following technical reports contain material that has not been published in other form.
They correspond to extended versions of the above papers or have only been partially superseeded by one of the above papers.
For a complete list of my technical reports, drop me an email.

UCB-EECS-2009-36: Extracting Models of Security-Sensitive Operations using String-Enhanced White-Box
Exploration on Binaries PDF Bibtex
Juan Caballero, Stephen McCamant, Adam Barth, and Dawn Song.
EECS Department, University of California, Berkeley.
Publication Date: March 6, 2009
CMU-CyLab-08-009: Towards Generating High Coverage Vulnerability-based Signatures with Protocol-level
Constraint-guided Exploration PDF Bibtex
Juan Caballero, Zhenkai Liang, Pongsin Poosankam, and Dawn Song.
Cylab, Carnegie Mellon University.
Publication Date: June 24, 2008
CMU-CyLab-07-014: Rosetta: Extracting Protocol Semantics using Binary Analysis with Applications to
Protocol Replay and NAT Rewriting PDF Bibtex
Juan Caballero and Dawn Song.
Cylab, Carnegie Mellon University.
Publication Date: October 9, 2007
CMU-CyLab-07-002: Would Diversity Really Increase the Robustness of the Routing Infrastructure against
Software Defects? PDF Bibtex
Juan Caballero, Theocharis Kampouris, Dawn Song, Jia Wang.
Cylab, Carnegie Mellon University.
Publication Date: February 6, 2007

Thesis

Experimental Study of a Network Access Server for a Public WLAN Access Network. PDF
Juan Caballero and Daniel Malmkvist.
M.Sc. thesis at Royal Institute of Technology, Stockholm, Sweden, January 2002.