Manuel Egele

Manuel Egele

About me

Currently, I am a Systems Scientist at Carnegie Mellon University (CyLab). Before moving to Pittsburgh I was a post-doctoral researcher at the Computer Security Group at the Department of Computer Science of the University of California, Santa Barbara. I received my Ph.D. in January 2011 from the Vienna University of Technology under my advisors Christopher Kruegel and Engin Kirda.

Prior to working as a post-doc I visited the Computer Security Group at UCSB as part of my Ph.D. studies. Similarly, I spent six months visiting the iSeclab's research lab in France (i.e., Institute Eurecom). I was very fortunate to meet and work with interesting and smart people at all these locations, many of whom became good friends.

My research interests include most aspects of systems security, such as mobile security, binary and malware analysis, and web security.

From 2009 to 2011 I helped organizing UCSB's iCTF. In 2010 we were the first CTF that featured a challenge with effects on the physical world aka. cyber-physical system. More specifically, the teams had to control a foam missile launcher. In 2011 we took this concept one step further and teams from around the globe could remote control a unmanned areal vehicle in the conference room of UCSB's Computer Science Department. Before being part of the organizing team for the iCTF I participated as part of the We_0wn_Y0u team of the Vienna University of Technology, as well as on the team of the Institute Eurecom. Furthermore, I participated as part of the Shellphish team at several DefCon CTF competitions in Las Vegas.

General Information

Education:Dr.techn.(Ph.D.), Dipl.-Ing.(MSc.) in Computer Science, Vienna University of Technology
Email:manuel@iseclab.org
Current Address:Carnegie Mellon University
CIC Building, Room 2120
4720 Forbes Avenue
Pittsburgh, PA, 15213

List of Publications

Conference Publications
Manuel Egele, David Brumley, Yanick Fratantonio, and Christopher Kruegel. An Empirical Study of Cryptographic Misuse in Android Applications. In ACM Conference on Computer and Communications Security, CCS 2013, Berlin, Germany, November, 2013
[download]
Gianluca Stringhini, Gang Wang, Manuel Egele, Christopher Kruegel, Giovanni Vigna, Haitao Zheng and Ben Y. Zhao. Follow the Green: Growth and Dynamics in Twitter Follower Markets. In proceedings of the Internet Measurement Conference , IMC, Barcelona, Spain, October, 2013
[download]
Manuel Egele, Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna. Compa: Detecting Compromised Accounts on Social Networks. In Network and Distributed System Security Symposium, NDSS 2013, San Diego, CA, February, 2013
[download]
Gianluca Stringhini, Manuel Egele, Apostolis Zarras, Thorsten Holz, Christopher Kruegel, and Giovanni Vigna. B@bel: Leveraging Email Delivery for Spam Mitigation. In Proceedings of the USENIX Security Symposium, Bellevue, WA, August 2012
[download]
Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thomas Fischer, Thorsten Holz, Ralf Hund, Stefan Nuernberger, and Ahmad-Reza Sadeghi. MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones. In Network and Distributed System Security Symposium, NDSS 2012, San Diego, CA, USA, 2012
[download]
Adam Doupe, Manuel Egele, Benjamin Caillat, Gianluca Stringhini, Gorkem Yakin, Ali Zand, Ludovico Cavedon, and Giovanni Vigna. Hit’em Where it Hurts: A Live Security Exercise on Cyber Situational Awareness. In Proceedings of the Annual Computer Security Applications Conference (ACSAC 2011), Orlando, FL, December 2011
[download]
Manuel Egele, Christopher Kruegel, Engin Kirda, and Giovanni Vigna. PiOS: Detecting Privacy Leaks in iOS Applications. In Network and Distributed System Security Symposium, NDSS 2011, San Diego, CA, USA, 2011
(Distinguished Paper Award)
[download]
Nicholas Childers, Bryce Boe, Lorenzo Cavallaro, Ludovico Cavedon, Marco Cova, Manuel Egele, and Giovanni Vigna. Organizing large scale hacking competitions. In Proceedings of the 7th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA’10
[download]
Marco Balduzzi, Manuel Egele, Engin Kirda, Davide Balzarotti, and Christopher Kruegel. A solution for the automated detection of clickjacking attacks. In ASIACCS ’10: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
[download]
Manuel Egele, Leyla Bilge, Engin Kirda, and Christopher Kruegel. CAPTCHA smuggling: hijacking web browsing sessions to create CAPTCHA farms. In Proceedings of the 2010 ACM Symposium on Applied Computing, SAC ’10
[download]
Manuel Egele, Peter Wurzinger, Christopher Kruegel, and Engin Kirda. Defending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks. In Proceedings of the 6rd International Conference on Detection of Intrusions and Malware & Vulnerability Assessment, DIMVA'09
[download]
Manuel Egele, Christopher Kruegel, and Engin Kirda. Removing web spam links from search engine results. In 18th European Institute for Computer Antivirus Research (EICAR) Conference, Berlin, Germany, May 2009
[download]
Heng Yin, Dawn Xiaodong Song, Manuel Egele, Christopher Kruegel, and Engin Kirda. Panorama: capturing system-wide information flow for malware detection and analysis. In ACM Conference on Computer and Communications Security (CCS), Alexandria, VA, USA, 2007
[download]
Manuel Egele, Christopher Kruegel, Engin Kirda, Heng Yin, and Dawn Xiaodong Song. Dynamic Spyware Analysis. In Proceedings of the 2007 USENIX Annual Technical Conference, Santa Clara, CA, USA, 2007
[download]
Manuel Egele, Martin Szydlowski, Engin Kirda, and Christopher Kruegel. Using Static Program Analysis to Aid Intrusion Detection. In Proceedings of the 3rd International Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Berlin, Germany, 2006
[download]
Workshop Publications
Gianluca Stringhini, Manuel Egele, Christopher Kruegel, and Giovanni Vigna. Poultry Markets: On the Underground Economy of Twitter Followers. In Proceedings of the Workshop on Online Social Network (WOSN), Helsinki, Finland, August 2012. ACM
[download]
Martin Szydlowski, Manuel Egele, Christopher Kruegel, and Giovanni Vigna. Challenges for Dynamic Analysis of iOS Applications. In iNetSec2011 Open Research Problems in Network Security, Luzerne, Switzerland, 2011
[download]
Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thomas Fischer, Ralf Hund, Stefan Nuernberger, Ahmad-Reza Sadeghi, and Thorsten Holz. CFI Goes Mobile: Control-Flow Integrity for Smartphones. In International Workshop on Trustworthy Embedded Devices (TrustED), Leuven, Belgium, 2011
Manuel Egele, Andreas Moser, Christopher Kruegel, and Engin Kirda. PoX: Protecting Users from Malicious Facebook Applications. In 3rd IEEE International Workshop on SEcurity and SOCial Networking (SESOC), Seattle, WA, USA, March 2011
[download]
Manuel Egele, Engin Kirda, and Christopher Kruegel. Mitigating Drive-by Download Attacks: Challenges and Open Problems. In iNetSec2009 Open Research Problems in Network Security, Zurich, Switzerland, 2009
[download]
Journal Publications
Manuel Egele, Andreas Moser, Christopher Kruegel, and Engin Kirda. PoX: Protecting Users from Malicious Facebook Applications. Computer Communications, 35(12):1507 – 1515, 2012
[download]
Manuel Egele, Theodoor Scholte, Engin Kirda, and Christopher Kruegel. A Survey on Automated Dynamic Malware Analysis Techniques and Tools. ACM Computing Surveys, 44(2):6:1–6:42, Mar. 2012
[download]
Manuel Egele, Clemens Kolbitsch, and Christian Platzer. Removing web spam links from search engine results. Journal in Computer Virology, 7:51–62, February 2011
[download]

Professional Activities

Program Committee Memberships
Usenix Workshop on Offensive Technologies (WOOT), 2013
Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), 2012, 2013
ASE/IEEE International Conference on Cyber Security, 2012
Usenix Workshop on Large-Scale Exploits and Emergent Threats (LEET), 2012
External Reviewer
IEEE Symposium on Security and Privacy, 2010, 2012, 2013
ACM Conference on Computer and Communications Security, 2010, 2012
International Symposium on Recent Advances in Intrusion Detection, 2011
Network and Distributed System Security Symposium (NDSS), 2010
International Information Security Conference (SEC), 2010
International Workshop on Software Engineering for Secure Systems (SESS), 2009
Journal Reviewer
ACM Computing Surveys
The Computer Journal
IEEE Journal of Internet Computing
Elsevier Computers & Security (COSE)
Elsevier Journal of Systems and Software (JSS)
Springer International Journal of Information Security (IJIS)
Elsevier Computer Networks (COMNET)

Last Modified: Wed Dec 4 23:05:33 CET 2013


International Secure Systems Lab www.iseclab.org