Research

Here are most of the publications that I’ve participated in. I’m interested in many different security topics, some of which are listed below. I have a Ph.D. in Electrical and Computer Engineering from the University of Illinois at Urbana-Champaign.

My dissertation included research published in “Secure web browsing with the OP web browser”, “The Multi-principal OS Construction of the Gazelle Web Browser”, as well as “Alhambra: A system for creating, enforcing and testing browser security policies”.

A few recent co-authors in no particular order: Vern Paxson (ICSI/UCB), Kurt Thomas (UCB), Juan Caballero (IMDEA Software), Chia Yuan Cho (UCB), Dawn Song (UCB), Christian Kreibich (ICSI/UCB), Stefan Savage (UCSD), Geoff Voelker (UCSD), Sam King (UIUC), Shuo Tang (UIUC), David Nicol (UIUC)

My Google Scholar page: http://scholar.google.com/citations?user=BCX31BMAAAAJ

Conference and workshop publications

(Note: acceptance rates are not an indication of quality of the paper or conference!)

“The ZeroAccess Auto-Clicking and Search-Hijacking Click Fraud Modules.” Paul Pearce, Chris Grier, Vern Paxson, Vacha Dave, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. EECS Department, University of California, Berkeley, Tech. Rep. UCB/EECS-2013-211, Dec. 2013. [PDF] [BIB]

“Botcoin: Monetizing Stolen Cycles.” Danny Y. Huang, Hitesh Dharmdasani, Sarah Meiklejohn, Vacha Dave, Chris Grier, Kirill Levchenko, Damon McCoy, Stefan Savage, Nicholas Weaver, and Alex C. Snoeren. To appear in the Proceedings of the Network and Distributed System Security Symposium (NDSS), February, 2014. [PDF] [BIB] (?% accepted)

“Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse.” Kurt Thomas, Damon McCoy, Chris Grier, Alek Kolcz, and Vern Paxson. To appear in the Proceedings of the USENIX Security Symposium, August 2013. PDF BIB (16% accepted, 45/277)

“Manufacturing Compromise: The Emergence of Exploit-as-a-Service.” Chris Grier, Lucas Ballard, Juan Caballero, Neha Chachra, Christian J. Dietrich, Kirill Levchenko, Panayiotis Mavrommatis, Damon McCoy, Antonio Nappa, Andreas Pitsillidis, Niels Provos, M. Zubair Rafique, Moheeb Abu Rajab, Christian Rossow, Kurt Thomas, Vern Paxson, Stefan Savage, Geoffrey M. Voelker. In the Proceedings of the ACM Conference on Computer and Communications Security (CCS), October 2012. PDF BIB (19% accepted, 80/423)

“Adapting Social Spam Infrastructure for Political Censorship.” Kurt Thomas, Chris Grier, and Vern Paxson. In the Proceedings of the USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET). April 2012. PDF BIB

“Prudent Practices for Designing Malware Experiments: Status Quo and Outlook.” Christian Rossow, Christian J. Dietrich, Christian Kreibich, Chris Grier, Vern Paxson, Norbert Pohlmann, Herbert Bos, and Maarten van Steen. To Appear in the Proceedings of the IEEE Symposium on Security and Privacy, May 2012. PDF BIB

“Suspended Accounts in Retrospect: An Analysis of Twitter Spam.” Kurt Thomas, Chris Grier, Vern Paxson, Dawn Song. In Proceedings of the Internet Measurement Conference (IMC). November 2011. PDF BIB (19% accepted, 42/220)

“No Plan Survives Contact: Experience with Cybercrime Measurement.” Chris Kanich, Neha Chachra, and Damon McCoy, Chris Grier, David Wang, Marti Motoyama, Kirill Levchenko, Stefan Savage, and Geoff Voelker. Workshop on Cyber Security Experimentation and Test (CSET). August 2011. PDF BIB

“Measuring Pay-per-Install: The Commoditization of Malware Distribution.” Juan Caballero, Chris Grier, Christian Kreibich, and Vern Paxson. In Proceedings of the USENIX Security Symposium. August 2011. PDF BIB (17% accepted, 35/204). Outstanding Paper Award.

“What’s Clicking What? Techniques and Innovations of Today’s Clickbots.” Brad Miller, Paul Pearce, Chris Grier, Christian Kreibich, and Vern Paxson. In Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment. July 2011. PDF BIB

“Design and Evaluation of a Real-Time URL Spam Filtering Service.” Kurt Thomas, Chris Grier, Justin Ma, Vern Paxson, and Dawn Song. Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2011. PDF BIB (11% accepted, 34/306)

“Click Trajectories: End-to-End Analysis of the Spam Value Chain.” Kirill Levchenko, Andreas Pitsillidis, Neha Chachra, Brandon Enright, Mark Felegyhazi, Chris Grier, Tristan Halvorson, Chris Kanich, Christian Kreibich, He Liu, Damon McCoy, Nicholas Weaver, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage. Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2011. PDF BIB (11% accepted, 34/306)

“@spam: The Underground on 140 Characters or Less.” Chris Grier, Kurt Thomas, Vern Paxson and Michael Zhang, Proceedings of the ACM Conference on Computer and Communications Security (CCS 2010), October 2010. PDF BIB (17% accepted, 55/320)

“unFriendly: Multi-Party Privacy Risks in Social Networks.” Kurt Thomas, Chris Grier, David Nicol, Proceedings of Privacy Enhancing Technologies Symposium (PETS 2010), July 2010. PDF BIB (28% accepted, 16/57)

“Insights from the Inside: A View of Botnet Management from Infiltration.” Chia Yuan Cho, Juan Caballero, Chris Grier, Vern Paxson, Dawn Song, Proceedings of Large-Scale Exploits and Emergent Threats (LEET 2010), April 27th, 2010. PDF BIB

“Alhambra: A system for creating, enforcing and testing browser security policies.” Shuo Tang, Chris Grier, Onur Aciicmez, Samuel T. King, In Proceedings of the International World Wide Web Conference (WWW 2010), April 2010. PDF BIB. (14% accepted, 104/743)

“Barriers to Security and Privacy Research in the Web Era.” Chris Grier, Kurt A. Thomas, David M. Nicol, Proceedings of the Workshop on Ethics in Computer Security Research (WECSR 2010), January 2010. PDF.

“The Multi-principal OS Construction of the Gazelle Web Browser,” Helen J. Wang, Chris Grier, Alexander Moshchuk, Samuel T. King, Piali Choudhury, and Herman Venter, Proceedings of the 18th USENIX Security Symposium, August 2009. PDF BIB (15% accepted, 26/176)

“How I Learned to Stop Worrying and Love Plugins.” Chris Grier, Samuel T. King, Dan S. Wallach, Web 2.0 Security and Privacy (W2SP 2009), May 2009. PDF BIB

“The Multi-Principal OS Construction of the Gazelle Web Browser,” Helen J. Wang, Chris Grier, Alexander Moshchuk, Samuel T. King, Piali Choudhury, and Herman Venter, MSR technical report MSR-TR-2009-16, Redmond, WA, Feb 19, 2009. PDF

“Secure web browsing with the OP web browser,” Chris Grier, Shuo Tang, and Samuel T. King, In Proceedings of the 2008 IEEE Symposium on Security and Privacy, May 2008. PDF BIB

“Designing and implementing malicious hardware,” Samuel T. King, Joseph Tucek, Anthony Cozzie, Chris Grier, Weihang Jiang, and Yuanyuan Zhou, Proceedings of the First USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET ’08), April 2008. PDF BIB. Best Paper Award.

“SCADA Cyber Security Testbed Development,” C. M. Davis, J. E. Tate, H. Okhravi, C. Grier, T. J. Overbye, and D. Nicol, Proceedings of North American Power Symposium (NAPS), September 2006. PDF

“RINSE: The Real- Time Immersive Network Simulation Environment for Network Security Exercises,” Michael Liljenstam, Jason Liu, David Nicol, Yougu Yuan, Guanhua Yan, Chris Grier, Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation (PADS), June 2005. PDF

Journal papers

“Designing and implementing the OP and OP2 web browsers.” Chris Grier, Shuo Tang, and Samuel T. King. ACM Transactions on the Web (TWEB). Vol. 5(2), pp. 11,
May 2011.

“RINSE: The Real-Time Immersive Network Simulation Environment for Network Security Exercises (Extended Version).” Michael Liljenstam, Jason Liu, David Nicol, Yougu Yuan, Guanhua Yan, and Chris Grier. Simulation Vol. 82(1), pp. 43-59, Jan. 2006. (PADS conference PDF)

Other publications

Chris Grier, Shuo Tang, and Samuel T. King. “Building a More Secure Web Browser,” ;login: The USENIX Magazine, Vol. 33 Number 4, August 2008. PDF

Other things

General interests

  • Building secure systems
  • Networks and protocol security
  • Very large scale Internet attacks (worms, botnets, etc…)
  • Rootkits, malware, bot design and implementations
  • Breaking just about anything and analyzing prevention mechanisms
  • Reverse engineering