Research
I'm currently at Scio Security, a security startup founded by Dug Song and myself.
I'm wrapping up my PhD thesis at the University of Michigan, advised by Farnam Jahanian, the CSE chair and founder of Arbor Networks. Our research group website is here.
My current resume is available here.
Publications and Presentations
2010
-
Internet Inter-Domain Traffic
Craig Labovitz, Scott Iekel-Johnson, Danny McPherson, Jon Oberheide, and Farnam Jahanian
SIGCOMM 2010
New Delhi, India, September 2010
[event]
-
The Power of Chinese Security
Jon Oberheide, Jake Appelbaum, and Anthony Lai
DEFCON 18
Las Vegas, NV, July 2010
[presentation]
[event]
-
The Twilight Saga: Android Edition
Jon Oberheide
DEFCON 18 Sky Talks
Las Vegas, NV, July 2010
[event]
-
Antique Exploitation (aka Terminator 3.11 for Workgroups)
Jon Oberheide
DEFCON 18
Las Vegas, NV, July 2010
[event]
-
Android Hax
Jon Oberheide
SummerCon 2010
New York, NY, June 2010
[presentation]
[event]
-
Linux Kernel Exploitation: Earning Its Pwnie a Vuln at a Time
Jon Oberheide
SOURCE Boston 2010
Boston, MA, April 2010
[presentation]
[event]
-
When Mobile is Harder Than Fixed: Demystifying Security Challenges in Mobile Environments
Jon Oberheide and Farnam Jahanian
HotMobile 2010
Annapolis, MD, February 2010
[paper]
[bibtex]
[event]
-
Vulnerability Classes in the Linux Kernel
Jon Oberheide
CERT Vulnerability Discovery Workshop
Arlington, VA, February 2010
[event]
2009
-
Internet Observatory Report
Craig Labovitz, Danny McPherson, Scott Iekel-Johnson, Jon Oberheide, Farnam Jahanian, and Manish Karir
NANOG 47
Dearborn, MI, October 2009
[presentation]
[event]
-
The More Things Change, the More They Stay the Same: Security Risk in Emerging Technologies
Jon Oberheide
Intel Security Conference
Hillsboro, OR, September 2009
[event]
-
PolyPack: An Automated Online Packing Service for Optimal Antivirus Evasion
Jon Oberheide, Michael Bailey, and Farnam Jahanian
Workshop on Offensive Technologies (WOOT'09)
Montreal, Canada, August 2009
[paper]
[presentation]
[bibtex]
[event]
-
Remote Fingerprinting and Exploitation of Mail Server Antivirus Engines
Jon Oberheide and Farnam Jahanian
University of Michigan Technical Report CSE-TR-552-09
Ann Arbor, MI, June 2009
[paper]
[bibtex]
-
If It Ain't Broke, Don't Fix It: Challenges and New Directions for Inferring the Impact of Software Patches
Jon Oberheide, Evan Cooke, and Farnam Jahanian
Workshop on Hot Topics in Operating Systems (HotOS XII)
Monte Verita, Switzerland, May 2009
[paper]
[presentation]
[bibtex]
[event]
-
A Look at a Modern Mobile Security Model: Google's Android Platform
Jon Oberheide
CanSecWest 2009
Vancouver, Canada, March 2009
[presentation]
[event]
-
Remote Security Services: Moving Security into the Network Cloud
Jon Oberheide
IQPC Remote Services Implementation
San Francisco, CA, February 2009
[event]
2008
-
Virtualization Security Summit (Moderator and Speaker)
Jon Oberheide, Steve Orrin, Dino Dai Zovi, Dennis Moreau, and Hezi Moore
CSI Annual 2008
National Harbor, MD, November 2008
[event]
-
CloudAV: N-Version Antivirus in the Network Cloud
Jon Oberheide, Evan Cooke, and Farnam Jahanian
USENIX Security Symposium
San Jose, California, July 2008
[paper]
[presentation]
[bibtex]
[event]
-
Unraveling the VirtSec Debacle: Black Eyes and Emerging Opportunities
Jon Oberheide
Lockdown 2008
Madison, Wisconsin, July 2008
[event]
-
Understanding Malware Behavior for Network Security
Jon Oberheide
IDGA Cyber Security for National Defense
Arlington, Virginia, June 2008
[event]
-
Virtualized In-Cloud Security Services for Mobile Devices
Jon Oberheide, Kaushik Veeraraghavan, Evan Cooke, Jason Flinn, and Farnam Jahanian
Workshop on Virtualization in Mobile Computing (MobiVirt'08)
Breckenridge, Colorado, June 2008
[paper]
[presentation]
[bibtex]
[event]
-
CloudAV: Malware Analysis in the Network Cloud
Jon Oberheide
Merit Member Conference
Ann Arbor, Michigan, June 2008
[presentation]
[event]
-
Exploiting Live Virtual Machine Migration
Jon Oberheide, Evan Cooke, and Farnam Jahanian
Black Hat DC 2008 Briefings
Washington DC, February 2008
[paper]
[presentation]
[bibtex]
[event]
2007
-
Automated Classification and Analysis of Internet Malware
Michael Bailey, Jon Oberheide, Jon Andersen, Z. Morley Mao, Farnam Jahanian, and Jose Nazario
Recent Advances in Intrusion Detection (RAID'07)
Queensland, Australia, September 2007
[paper]
[bibtex]
[event]
-
Rethinking Antivirus: Executable Analysis in the Network Cloud
Jon Oberheide, Evan Cooke, and Farnam Jahanian
USENIX Workshop on Hot Topics in Security (HotSec'07)
Boston, Massachusetts, August 2007
[paper]
[presentation]
[bibtex]
[event]
-
Characterizing Dark DNS Behavior
Jon Oberheide, Manish Karir, Z. Morley Mao, and Farnam Jahanian
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA'07)
Lucerne, Switzerland, July 2007
[paper]
[presentation]
[bibtex]
[event]
2006
-
VAST: Visualizing Autonomous System Topology
Jon Oberheide, Manish Karir, and Dionysus Blazakis
Workshop on Visualization for Computer Security (VizSEC'06)
Alexandria, Virginia, November 2006
[paper]
[bibtex]
[event]
-
Flamingo Tutorial
Manish Karir and Jon Oberheide
Internet2 Joint Techs Workshop
Madison, Wisconsin, July 2006
[presentation]
[event]
-
Extracting Information from Raw Network Data
Manish Karir and Jon Oberheide
IFIP Workshop on Infrastructure Security
Annapolis, Maryland, June 2006
[presentation]
[event]
-
Flamingo: Visualizing Internet Traffic
Jon Oberheide, Michael Goff, and Manish Karir
IEEE/IFIP Network Operations and Management Symposium (NOMS'06)
Vancouver, Canada, April 2006
[paper]
[bibtex]
[event]
-
Flamingo: Visualizing Internet Traffic
Jon Oberheide, Michael Goff, and Manish Karir
North American Network Operators Group (NANOG 36)
Dallas, Texas, February 2006
[presentation]
[event]
-
Honeyd Detection via Packet Fragmentation
Jon Oberheide and Manish Karir
Merit Technical Report
Ann Arbor, Michigan, January 2006
[paper]
[bibtex]
[event]
2005
-
The BGP-Inspect Project
Manish Karir, Jon Oberheide, Dionysus Blazakis, and John Baras
North American Network Operators Group (NANOG 35)
Los Angeles, California, October 2005
[presentation]
[event]
Professional Services
I've served on the program committee and acted as an external reviewer for numerous workshops and conferences including:
- 2010 - DSN (Publicity Chair), NSF, RAID, WREN
- 2009 - CCS, DSN, IEEE S&P, IEEE TDSC, NSDI, NSF, QRASA (PC), WOOT (PC), WREN
- 2008 - CCS, DSN, LEET, NDSS, RAID, SIGCOMM CCR, WOOT
- 2007 - DSN, INM, LADC, RAID, SRUTI, USENIX Security, WOOT