My research is centered around operating system security. Specifically, I'm currently working on intrusion detection and prevention using virtualization. I'm doing most of my work on Xen and QEMU.
Code for some of my work is available from the FRIENDS group website.
Publications
Ryan Riley, Xuxian Jiang, Dongyan Xu, "Multi-Aspect Profiling of Kernel Rootkit Behavior," Proceedings of the 4th European Conference on Computer Systems (EuroSys 2009), Nuremberg, Germany, April 2009 (16.9%)
Junghwan Rhee, Ryan Riley, Dongyan Xu, Xuxian Jiang, "Defeating Kernel Dynamic Data Rootkit Attacks via VMM-based Guest-Transparent Monitoring", To appear in the proceedings of the Fourth International Conference on Availability, Reliability and Security (ARES 2009), Fukuoka, Japan, March 2009. (25%)
Ryan Riley, Xuxian Jiang, Dongyan Xu,
"Guest-Transparent
Prevention of Kernel Rootkits with VMM-based Memory Shadowing",
Proceedings of 11th International Symposium on Recent Advances in
Intrusion
Detection
(RAID 2008),
Boston, MA, September 2008. (25%)
Received the best paper award.
Source code is available from the project
page.
Ryan Riley, Xuxian Jiang, Dongyan Xu,
"An Architectural Approach to Preventing Code Injection Attacks",
Proceedings of IEEE/IFIP International Conference on Dependable
Systems and Networks
(DSN-DCCS
2007),
Edinburgh, UK, June 2007. (25%)
Source code is available from the project
page.