Adam Doupé

Assistant Professor, Arizona State University

Publications

Journal

E-mail Header Injection Vulnerabilities (pdf) (bibtex)
Sai Prashanth Chandramouli, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn
it - Information Technology, 59(2), pp. 67-72, March, 2017.

Conferences

A Game Theoretic Approach of Strategy Generation for Moving Target Defense in Web Applications (pdf) (bibtex)
Sailik Sengupta, Satya Gautam Vadlamudi, Subbarao Kambhampati, Adam Doupé, Ziming Zhao, Marthony Taguinod, and Gail-Joon Ahn
Proceedings of the International Conference on Autonomous Agents and Multiagent Systems (AAMAS), May, 2017.

Deep Android Malware Detection (pdf) (bibtex)
Niall McLaughlin, Jesus Martinez del Rincon, BooJoong Kang, Suleiman Yerima, Paul Miller, Sakir Sezer, Yeganeh Safaei, Erik Trickel, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn
Proceedings of the ACM on Conference on Data and Application Security and Privacy (CODASPY), March, 2017.

Toward Authenticated Caller ID Transmission: The Need for a Standardized Authentication Scheme in Q.731.3 Calling Line Identification Presentation (pdf) (bibtex)
Best Paper Award
Huahong Tu, Adam Doupé, Ziming Zhao, and Gail-Joon Ahn
Proceedings of the ITU Kaleidoscope (ITU), November, 2016.

Towards Automated Threat Intelligence Fusion (pdf) (bibtex)
Ajay Modi, Zhibo Sun, Anupam Panwar, Tejas Khairnar, Ziming Zhao, Adam Doupé, Gail-Joon Ahn, and Paul Black
Proceedings of the IEEE International Conference on Collaboration and Internet Computing (CIC), November, 2016.

dbling: Identifying Extensions Installed on Encrypted Web Thin Clients (pdf) (bibtex)
Mike Mabey, Adam Doupé, Ziming Zhao, and Gail-Joon Ahn
Proceedings of the Digital Forensics Research Conference (DFRWS), August, 2016.

State-aware Network Access Management for Software-Defined Networks (pdf) (bibtex)
Wonkyu Han, Hongxin Hu, Ziming Zhao, Adam Doupé, Gail-Joon Ahn, Kuang-Ching Wang, and Juan Deng
Proceedings of the ACM Symposium on Access Control Models And Technologies (SACMAT), June, 2016.

Behind Closed Doors: Measurement and Analysis of CryptoLocker Ransoms in Bitcoin (pdf) (bibtex)
Kevin Liao, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn
Proceedings of the Symposium on Electronic Crime Research (eCrime), June, 2016.

SoK: Everyone Hates Robocalls: A Survey of Techniques against Telephone Spam (pdf) (bibtex) (slides) (video)
Media coverage: The Orange County Register
Huahong Tu, Adam Doupé, Ziming Zhao, and Gail-Joon Ahn
Proceedings of the IEEE Symposium on Security and Privacy, May, 2016.

Checking Intent-based Communication in Android with Intent Space Analysis (pdf) (bibtex)
Yiming Jing, Gail-Joon Ahn, Adam Doupé, and Jeong Hyun Yi
Proceedings of the ACM Symposium on Information, Computer and Communications Security (AsiaCCS), May, 2016.

Moving Target Defense for Web Applications using Bayesian Stackelberg Games (Extended Abstract) (pdf) (bibtex) (code)
Satya Gautam Vadlamudi, Sailik Sengupta, Marthony Taguinod, Ziming Zhao, Adam Doupé, Gail-Joon Ahn, and Subbarao Kambhampati
Proceedings of the International Conference on Autonomous Agents and Multiagent Systems (AAMAS), May, 2016.

Going Native: Using a Large-Scale Analysis of Android Apps to Create a Practical Native-Code Sandboxing Policy (pdf) (bibtex)
Vitor Afonso, Antonio Bianchi, Yanick Fratantonio, Adam Doupé, Mario Polino, Paulo de Geus, Christopher Kruegel, and Giovanni Vigna
Proceedings of the Symposium on Network and Distributed System Security (NDSS), February, 2016.

Toward a Moving Target Defense for Web Applications (pdf) (bibtex)
Marthony Taguinod, Adam Doupé, Ziming Zhao, and Gail-Joon Ahn
Proceedings of the IEEE International Conference on Information Reuse and Integration (IRI), August, 2015.

Federated Access Management for Collaborative Network Environments: Framework and Case Study (pdf) (bibtex)
Carlos E. Rubio-Medrano, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn
Proceedings of the ACM Symposium on Access Control Models And Technologies (SACMAT), June, 2015.

Do You Feel Lucky? A Large-Scale Analysis of Risk-Rewards Trade-Offs in Cyber Security (pdf) (bibtex)
Yan Shoshitaishvili, Luca Invernizzi, Adam Doupé, and Giovanni Vigna
Proceedings of the ACM Symposium on Applied Computing (SAC), March, 2014.

deDacota: Toward Preventing Server-Side XSS via Automatic Code and Data Separation (pdf) (bibtex) (slides)
Adam Doupé, Weidong Cui, Mariusz H. Jakubowski, Marcus Peinado, Christopher Kruegel, and Giovanni Vigna
Proceedings of the ACM Conference on Computer and Communications Security (CCS), November, 2013.

Writing Groups in Computer Science Research Labs (pdf) (bibtex) (slides)
Adam Doupé and Janet L. Kayfetz
Proceedings of the Frontiers in Education Conference (FIE), October, 2013.

EARs in the Wild: Large-Scale Analysis of Execution After Redirect Vulnerabilities (pdf) (bibtex)
Pierre Payet, Adam Doupé, Christopher Kruegel, and Giovanni Vigna
Proceedings of the ACM Symposium on Applied Computing (SAC), March, 2013.

Enemy of the State: A State-Aware Black-Box Web Vulnerability Scanner (pdf) (bibtex) (slides) (video) (code)
Outstanding Publication Award in Computer Science, UC Santa Barbara
Adam Doupé, Ludovico Cavedon, Christopher Kruegel, and Giovanni Vigna
Proceedings of the USENIX Security Symposium (USENIX), August, 2012.

Hit 'em Where it Hurts: A Live Security Exercise on Cyber Situational Awareness (pdf) (bibtex) (slides) (data)
Adam Doupé, Manuel Egele, Benjamin Caillat, Gianluca Stringhini, Gorkem Yakin, Ali Zand, Ludovico Cavedon, and Giovanni Vigna
Proceedings of the Annual Computer Security Applications Conference (ACSAC), December, 2011.

Fear the EAR: Discovering and Mitigating Execution After Redirect Vulnerabilities (pdf) (bibtex) (slides) (code)
Adam Doupé, Bryce Boe, Christopher Kruegel, and Giovanni Vigna
Proceedings of the ACM Conference on Computer and Communications Security (CCS), October, 2011.

Why Johnny Can't Pentest: An Analysis of Black-box Web Vulnerability Scanners (pdf) (bibtex) (slides) (code)
Adam Doupé, Marco Cova, and Giovanni Vigna
Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), July, 2010.

Workshops

Shell We Play A Game? CTF-as-a-service for Security Education (pdf) (bibtex)
Erik Trickel, Francesco Disperati, Eric Gustafson, Faezeh Kalantari, Mike Mabey, Naveen Tiwari, Yeganeh Safaei, Adam Doupé, and Giovanni Vigna
Proceedings of the USENIX Workshop on Advances in Security Education (ASE), August, 2017.

Target Fragmentation in Android Apps (pdf) (bibtex)
Patrick Mutchler, Yeganeh Safaei, Adam Doupé, and John Mitchell
Proceedings of the Mobile Security Technologies Workshop (MoST), May, 2016.

Position Paper: Towards a Moving Target Defense Approach for Attribute-based Access Control (pdf) (bibtex)
Carlos E. Rubio-Medrano, Josephine Lamp, Marthony Taguinod, Adam Doupé, Ziming Zhao, and Gail-Joon Ahn
Proceedings of the ACM Workshop on Attribute Based Access Control (ABAC), March, 2016.

HoneyMix: Toward SDN-based Intelligent Honeynet (pdf) (bibtex)
Wonkyu Han, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn
Proceedings of the ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization (SDN-NFV Sec), March, 2016.

A Large-Scale Study of Mobile Web App Security (pdf) (bibtex)
Best Paper Award
Patrick Mutchler, Adam Doupé, John Mitchell, Christopher Kruegel, and Giovanni Vigna
Proceedings of the Mobile Security Technologies Workshop (MoST), May, 2015.

Ten Years of iCTF: The Good, The Bad, and The Ugly (pdf) (bibtex) (code)
Giovanni Vigna, Kevin Borgolte, Jacopo Corbetta, Adam Doupé, Yanick Fratantonio, Luca Invernizzi, Dhilung Kirat, and Yan Shoshitaishvili
Proceedings of the USENIX Summit on Gaming, Games and Gamification in Security Education (3GSE), August, 2014.

Dissertation

Advanced Automated Web Application Vulnerability Analysis (pdf) (bibtex) (code)
Adam Doupé
University of California, Santa Barbara, September, 2014.