CURRICULUM VITAE

Giovanni Vigna

Professor

Department of Computer Science

University of California,

Santa Barbara

Address: Department of Computer Science

University of California

Santa Barbara

CA 93106-5110 USA

Fax: +1-805-***-****

Email: abplvz@r.postjobfree.com

WWW http://www.cs.ucsb.edu/~vigna

Personal Information

Date of Birth: February 28, 1969

Place of Birth: Milano, Italy

Citizenship: United States

Education

Ph.D

. Electronic Engineering, Politecnico di Milano, Italy, January 1998

Dissertation Title:

Mobile Code Technologies, Paradigms, and Applications

M.S. (cum laude) Computer Engineering, Politecnico di Milano, Italy, July 1994

Dissertation Title: The Design and Implementation of SPADE-1 2.0,

A Process-Centered Software Engineering Environment

1

Research Experience

7/09

Present: Full Professor at the Department of Computer Science, University of

Califor

-

nia Santa Barbara.

7/04

7/09: Associate Professor at the Department of Computer Science, University of

California Santa Barbara.

7/00

6/04: Assistant Professor at the Department of Computer Science, University of Ca

-

lifornia Santa Barbara.

10/97

6/00: Post-Doctoral Researcher at the Department of Computer Science, University

of California Santa Barbara. Research on intrusion detection and network se-

curity.

11/94

11/97: PhD student at Politecnico di Milano, Italy. Research on mobile code,

software

architectures, models for network security, and WWW software engineering.

9/94

6/95: Researcher at CEFRIEL, a research center in Milano, Italy, sponsored by a

number of national and international companies. Research on software pro-

cess, software architectures, and integration of security technologies in wide-

area network services.

9/93

7/94: Graduate Intern at CEFRIEL. Research on software development process and

process-centered software engineering environments. Master in Information

Technology, awarded with outstanding student scholarship.

Awards and Honors

2006, College of Engineering Student Council Outstanding Professor Award.

2006, Keynote Lecture, Network Protocol Security Workshop, Santa Barbara, CA.

2005, Winner of the Capture The Flag, competition at DefCon, Las Vegas, NV.

2005, Best Paper Award, AusCERT Asia Pacific Information Technology Security Conference,

Gold

Coast, Australia.

2004, UCSB Academic Senate Distinguished Teaching Award.

2004, College of Engineering Student Council Outstanding Professor Award.

2003, National Science Foundation CAREER Award.

2

2001, UC Regents Junior Faculty Fellowship Award.

2001, Keynote address at Workshop su Sistemi Distribuiti: Architetture, Algoritmi,

Linguaggi (WS-

DAAL 01), Como, Italy.

1998, Best Paper Award, Annual Computer Security Applications Conference, Scottsdale, AZ.

Research Funding

Army

2009-2014. MURI: A Cyber-awareness Framework for Attack Analysis, Prediction and

Visual-

ization, $6,579,163, Co-PI (Richard Kemmerer, PI).

Army 2009-2014. MURI: Botnet Attribution and Removal: From Axioms to Theory to Practice,

$7,500,000, Co-PI (Wenke Lee, PI).

NSF 2009

-2012. Analyzing the Underground Economy, $1,197,306, Co-PI (Chris Kruegel, PI).

NSF

2008-2010. Grand Challenges in Cyber Security, $249,968, PI.

NSF

2008-2011. Understanding the Underground Economy, $199,994, Co-PI (Chris Kruegel,

PI).

NSF

2007-2010. Modeling and Analyzing Trust in Service-Oriented Architectures, $ 850,002,

PI.

NSF

2007-2009. A Framework for Live Security Exercises and Challenges, $ 200,000, PI.

California Secretary of State, 2007. Accessibility and Usability Testing of Voting

Systems, $100,300,

PI.

NSF

2007-2008. Using Structural and Behavioral Models to Detect Malware, $235,000, PI.

NSF

2006-2008. Multi-model Anomaly Detection for Web-based Applications, $449,999, PI.

NSF

2003-2008. CAREER: A Multi-level Approach to Malicious Mobile Code Detection,

$399,946,

PI.

NSA

2002-2003. Graphical Compiler for the State Transition Analysis Technique (STAT),

$46,437,

Co-PI (Richard Kemmerer, PI).

NSF

2002-2005. MASSA: Mobile Agent System Security Through Analysis, $230,115, PI.

ARL

2001-2006. Hi-DRA: High-speed, Wide-area Network Detection, Response, and Analysis,

$4,283,526, Co-PI (Richard Kemmerer, PI).

ISTS

2001-2002. Network Memory for Intrusion Analysis, $41,090, PI.

DARPA

2001-2002. NetSTAT: A Network-based Intrusion Detection System (addition),

$250,000,

Co-PI (Richard Kemmerer, PI).

3

Publications

Vigna, An Experience in Testing the Security of Real-world Electronic Voting Systems,

. G. Vigna,

F. Valeur, D. Balzarotti, W. Robertson, C. Kruegel, and E. Kirda, Reducing

11

5. G. Vigna and C. Kruegel, Host-based Intrusion Detection Systems, in The Handbook of

Information

Security, Volume III, John Wiley & Sons, December 2005.

6. C. Kruegel, F. Valeur, and G. Vigna, Intrusion Detection and Correlation: Challenges

and Solutions,

Springer, Advances in Information Security Series, ISBN 0-387-23398-9, 2005.

7. R.A. Kemmerer and G. Vigna, Sensor Families for Intrusion Detection Infrastructures,

book chap-

ter in Managing Cyber Threats: Issues, Approaches and Challenges, Springer, Massive

Computing

Series, vol. 5, January 2005.

book chap-

ter in J. Vitek and C. Tschudin, Eds., Mobile Object Systems: Towards the Programmable

Internet,

Lecture Notes in Computer Science, State-of-the-Art Survey Series, Springer-Verlag, vol.

1222, pp.

93 111, April 1997.

Invited Colloquia, Panels, and Tutorials

Ethical Issues in Security Research, Invited Panelist, Network and Distributed Systems

Security

Symposium, San Diego, CA, February 2010.

E-Voting, Invited Panelist, USENIX Security Conference, Boston, MA, August 2008.

Read Teaming and Hacking Games, Invited Panelist, Network and Distributed Systems

Security

Symposium, San Diego, CA, February 2007.

Web Application Security: Keeping Up with the Wily Hackers, Keynote Lecture, Yardi

Developers

Conference, Santa Barbara, CA, February 2007.

12

Defining a Security Grand Challenge: Lessons Learned from (participating in/running)

Hacking

Competitions, Invited Presentation, CyberTrust PI Meeting, Atlanta, GA, January 2007.

Testing Network-based Intrusion Detection Systems: Issues and Approaches, Invited

Keynote Lec-

ture, Network Protocol Security Workshop, Santa Barbara, CA, November 2006.

Bringing the Road to the Rubber: Grand Challenges and Hacking Competitions, Invited

Presenta-

tion, NSF CyberTrust meeting, Pittsburgh, PA, October 2006.

Internet Security: History, Challenges, and Opportunities, Invited Presentation,

CEFRIEL Research

Center, Milan, Italy, June 2006.

Web-based Attacks, Invited Tutorial, Scuola Superiore Sant Anna, Pisa, Italy, May 2006.

Testing Intrusion Detection Systems Using Mutant Exploits, Invited Presentation, State

University

of Milan, Italy, April 2006.

Testing Network-based Intrusion Detection Signatures Using Mutant Exploits, Invited

Presentation,

Southern California Security and Cryptography Workshop, UC Irvine, CA, September 2005.

Detecting Malicious Software Using Binary Analysis, Invited Presentation, ARO-DHS

Workshop

on Malware Detection, Pittsburgh, PA, August 2005.

Network Security: People, Hackers, and Software, Invited Presentation, Strategic

Healthcare Pro-

grams, Santa Barbara, CA, June 2005.

Testing Network-based Intrusion Detection Signatures Using Mutant Exploits, Invited

Presentation,

Symantec, San Jose, CA, April 2005.

Network Security: History, Challenges, and Opportunities, Invited Keynote, Central

Coast MIT

Enterprise Forum, Santa Barbara, CA, February 2005.

Testing Network-based Intrusion Detection Signatures Using Mutant Exploits, Invited

Presentation,

Microsoft Research, Redmond, WA, February 2005.

A Multi-Model Approach to the Detection of Web-based Attacks, Invited Presentation,

Politecnico

di Milano, Italy, December 2004.

Capture The Flag, Invited Panelist, USENIX Security 2004, San Diego, CA, August 2004.

A Multi-Model Approach to the Detection of Web-based Attacks, Invited Presentation,

George

Mason University, Washington, DC, April 2004.

Invited Panelist, Mobile Agents: Ten Reasons for Failure, IEEE MDM 04, Berkeley, CA,

January

2004.

Designing a Web of Highly-Configurable Intrusion Detection Sensors, Invited

Presentation, Naval

Post-Graduate School, Monterey, CA, August 2003.

Designing and Implementing Intrusion Detection Sensors, Invited Presentation, HRL Labs,

Santa

Monica, CA, June 2003.

13

Designing a Web of Highly-Configurable Intrusion Detection Sensors, Invited

Presentation, Uni-

versity of Colorado, Boulder, CO, March 2003.

Highly Customizable Intrusion Detection, Invited Presentation, Air Force Rome Lab,

Rome, NY,

August 2001.

Intrusion Detection, Distributed Systems, and Mobile Code, Invited Keynote Address,

Workshop

su Sistemi Distribuiti: Architetture, Algoritmi, Linguaggi (WSDAAL 2001), Como, Italy,

September

2001.

Highly configurable Webs of Sensors, Invited Presentation, Politecnico di Milano,

Italy, June 2001.

STAT: An Extensible Intrusion Detection Framework, Invited Speaker, Workshop on

Foundations

For Secure/Survivable Systems and Networks, Tokyo Institute of Technology, Tokyo, Japan,

January

2001.

STAT: An Extensible Intrusion Detection Framework, Invited Presentation, Department of

Com-

puter Science, Dartmouth College, October 2000.

Understanding Code Mobility, Tutorial, ECOOP 99, Lisbon, Portugal, June 1999.

Understanding Code Mobility, Tutorial, Autonomous Agents 99, Seattle, May 1999.

NetSTAT: A Network-based Intrusion Detection Approach, Invited Presentation, Department

of

Computer Science, University of California in Santa Barbara, February 1999.

Internet Programming, Tutorial, Telecom Italia, June 1998.

Mobile Code Paradigms, Technologies, and Applications, Invited Presentation, Ecole

Politechnique

Federale de Lausanne (EPFL), July 1997.

Protecting Mobile Agents Through Cryptographic Traces, Invited Presentation, Ecole

Politechnique

Federale de Lausanne (EPFL), July 1997.

Security of Mobile Code Systems, Invited Presentation, European Center for Atomic

Energy (EU-

RATOM), June 1997.

TCP/IP Security, Three-day tutorial, given five times during 96 99 to representatives

of Italian

banks, law enforcement agencies, military, and public administration.

Professional Activities and Service

Society Memberships

Member, Association for Computing Machinery (ACM)

Member, Institute of Electrical and Electronics Engineers (IEEE)

Member, IEEE Computer Society

Member, USENIX Association

14

Editorship

Member of the Editorial Board of the ACM Transactions on Information and System Security,

2007-

2009.

Member of the Editorial Board of the IEEE Transactions on Dependable and Secure

Computing,

2005-2009.

Member of the Editorial Board of the Journal of Computer Security, 2004-2009.

Member of the Editorial Board of IEEE Security & Privacy Magazine, 2003-2009.

th

First ACM Workshop on Security and Privacy in E-Commerce (WSPEC), 2000.

Joint Symposium on Mobile Agents and Agent Systems and Applications (ASA/MA), 2000.

IEEE International Conference on Software Engineering (ICSE), 2000.

Steering Committees

Network and Distributed Systems Security Symposium (NDSS).

IEEE International Conference on Mobile Agents (MA).

International Symposium on Recent Advances in Intrusion Detection (RAID).

17

Reviewing Activities

Panelist for the NSF CyberTrust Program, 2009.

Panelist for the NSF CyberTrust Program, 2007.

Panelist for the NSF Trusted Computing Program, 2003.

Panelist for the Council for Physical Sciences of the Netherlands Organization for

Scientific Research

(NWO), 2002.

Panelist for the NSF Trusted Computing Program, 2002.

University of California Committees

Department Committees

2000-2001 Colloquia Committee

2000-2002 Graduate Student Admission Committee

2001-2007 Facilities Committee

2001-2004 Faculty Advisor of the ACM Student Chapter

2001-2008 Faculty Liaison for the USENIX Association

2002-2004 Curriculum Committee

2004-2005 Graduate Student Admission Committee

2007-2010 Head of Facilities Committee

2007-2009 Undergraduate Curriculum Affairs Committee

2009-2010 Graduate Affairs Committee

University Committees

2002-2003 Department Representative to the Faculty Legislature

2003 Team Leader for the Security Evaluation of the Academic Senate Web Site

2005 Graduate Division s Central Fellowship Committee

2007-2008 Department Representative to the College of Engineering Executive Committee

2008 Chief Information Security Officer Search Committee

2008 Continuing Student Central Fellowship Competition Committee

18

Teaching and Advising

Courses

CS170 Operating Systems Spring 2001, Fall 2001, Spring 2004

CS176B Network Computing Winter 2003, Winter 2004, Winter 2005, Winter

2006

CS177 Introduction to Computer Security Winter 2008

CS189B Senior Computer Systems Project Spring 2005, Spring 2009.

CS279 Network Security and Intrusion Detection Winter 2001, Spring 2002, Fall 2002, Fall

2003, Fall

2004, Fall 2007, Fall 2009.

CS90I Vulnerability Analysis Fall 2005

CS595I Security Issues in Wireless Network Fall 2001

CS595I Advanced Topics in Intrusion Detection Seminar Fall 2002

CS595N Special Topics in Intrusion Detection Winter 2003

CS595N Special Topics in Intrusion Detection Winter 2003

CS595N Vulnerability Analysis Winter 2004

CS595X Goedel, Escher, Bach an Eternal Golden Braid Spring 2004

CS595N Vulnerability Analysis Spring 2005

CS595N Security of Web Technologies Fall 2006

CS595N Web Vulnerability Analysis Winter 2007

CS595G Security Issues in MMORPGs Spring 2007

CS595G Understanding the Underground Economy Spring 2008

PhD Students

Yan Shoshitaishvili, started in Fall 2010, Area: Malware Analysis.

Luca Invernizzi, started in Fall 2010, Area: Security of Social Networks.

Adam Doupe, started in Fall 2010, Area: Web Security.`

Alex Kapravelos, started in Fall 2009, Area: Web Malware.

Gorkem Yakin, started in Fall 2009, Area: OS Security.

Ali Zand, started in Fall 2009, Area: Situation Awareness.

Ludovico Cavedon, started in Fall 2008, Area: Web Security.

Vika Felmetsger, graduated in September 2010, Area: Web Application Vulnerability

Analysis, Thesis

Title: Identifying Logic Vulnerabilities in Web Applications.

Marco Cova, graduated in June 2010, Area: Web-based Malware, Thesis Tittle: Taming the

Malicious

Web: Avoiding and Detecting Web-based Attacks.

Will Robertson, graduated in June 2009, Area: Detection of Web-based Attacks, Thesis

title: Detect-

ing and Preventing Attacks Against Web Applications.

19

Fredrik Valeur, graduated in June 2006, Area: Intrusion Detection and Alert Correlation,

Thesis title:

A Modular Framework for Intrusion Detection Alert Correlation

Darren Mutz, graduated in June 2006, Area: Anomaly Detection Systems, Thesis title:

Context-

sensitive Multi-model Anomaly Detection.

Steve T. Eckmann, graduated in June 2002, Area: Signature-based Intrusion Detection,

Thesis title:

The STATL Attack Detection Language.

Master Students (with Thesis/Project Option)

Nicholas Childers, Project Title: Teaching Security through Competition, March 2010.

Adam Doupe, Project Title:` An Analysis of Black-box Web Vulnerability Scanners, June

2009.

Sean Ford, Project Title: Analyzing and Detecting Malicious Flash Advertisements, June

2009.

Greg Banks, Project Title: MISHIMA: Multilateration of Internet hostS Hidden usIng

Malicious

fast-flux Agents, November 2008.

Collin Mulliner, Thesis title: Smart Phone Security, June 2006.

Michael Richmond, Thesis title: ViSe: A Virtual Security Testbed, June 2005.

Susana Aguiar, Thesis title: Smart Cards and Secure Areas of Computation, Fall 2004.

Marco Cova, Thesis title: An Intrusion Detection System For Linux, Fall 2003.

Vishal Kher, Project title: Writing STAT Applications: WebSTAT, LogSTAT, Fall 2003.

Jingyu Zhou, Thesis title: NetMap Design and Implementation, Winter 2003.

Alberto Revelli, Thesis title: Modelli e strumenti per la verifica della sicurezza in

sottoreti TCP/IP,

Politecnico di Milano, Italy, 1999.

Tullio Dovera and Norberto Nespoli, Thesis title: Paradigmi e tecnologie per lo sviluppo

di appli-

cazioni basate su codice mobile, Politecnico di Milano, Italy, 1998.

Francesco Coda, Thesis title: Un modello orientato agli oggetti a supporto dello sviluppo

di un sito

World Wide Web, Politecnico di Milano, Italy, 1998.

Elena Colombo, Thesis title: SALTA: Un linguaggio a codice mobile sicuro, Politecnico di

Milano,

Italy, 1998.

Post-Doctoral and Visiting Students

Manuel Egele, Post-Doc Student, April 2011-present, TU Vienna, Austria.

Gregoire Jacob, Post-Doc Student, Jan 2010-present, ESIEA Laval, France.

Lorenzo Cavallaro, Post-Doc Student,

April 2008-November 2009, Universita Statale di

Milano, Italy.`

20

Fredrik Valeur, Post

-Doc Student, Jul 2006-February 2008, UCSB.

Davide Balzarotti,

Post-Doc Student,

Jul 2006-April 2008, Politecnico di Milano, Italy

.

Davide Balzarotti, PhD Student, Jun 2004-Dec 2004, Politecnico di Milano, Italy.

Chris Kruegel, Post-Doc, Sep 2002-Jun 2004, Technical University of Vienna, Austria.

Marco Cova, MS Student, Jun 2002-Oct 2002 and Jul 2003-Oct 2003,

Universita di Bologna,

Italy.`

Matteo Rossi, PhD Student, Jun 2002-Sep 2002, Politecnico di Milano, Italy

.

Chris Kruegel, PhD Student, Jul 2001-Nov 2001, Technical University of Vienna, Austria

.

Sebastian Fischmeister, MS Student, Nov 1999-May 2000, Technical University of Vienna,

Austria

.

21

Contact this candidate