JON.OBERHEIDE.ORG

• Home
• Blog
• Research
• Advisories
• Projects
• About

Research

I'm co-founder and CTO at Duo Security, a two-factor authentication provider based out of Ann Arbor, Michigan. I recently wrapped up my PhD at the University of Michigan, advised by Farnam Jahanian.

Publications and Presentations

2012

• Mobile Vulnerability Assessment: There's an App for That
  Jon Oberheide
  CSAW THREADS
  Brooklyn, NY, November 2012
  [event]  
• Mobile Vulnerability Assessment: There's an App for That
  Jon Oberheide
  Intel Security Conference
  Hillsboro, OR, November 2012
  [event]  
• Android Security and the Elusive HSM
  Jon Oberheide
  Visa Mobile Security Summit
  Foster City, CA, August 2012
  [event]  
• Mobile Vulnerability Assessment: There's an App for That
  Jon Oberheide
  United Summit
  San Francisco, CA, September 2012
  [event]  
• Dissecting the Android Bouncer
  Jon Oberheide and Charlie Miller
  SummerCon 2012
  Brooklyn, NY, June 2012
  [presentation]   [event]  
• Exploiting the Linux Kernel: Measures and Countermeasures
  Jon Oberheide
  SyScan 2012
  Singapore, April 2012
  [presentation]   [event]  
• The Stack is Back
  Jon Oberheide
  Infiltrate 2012
  Miami, FL, January 2012
  [presentation]   [event]  

2011

• Don't Root Robots: Breaks in Google's Android Platform
  Jon Oberheide
  UofM SUMIT_11
  Ann Arbor, MI, October 2011
  [event]  
• Cyber Security Panel
  Jon Oberheide and Gary Miliefsky
  Michigan Cyber Summit 2011
  Ypsilanti, MI, October 2011
  [event]  
• Kernel Fun
  Jon Oberheide
  GrrCON 2011
  Grand Rapids, MI, September 2011
  [event]  
• Stackjacking and Other Kernel Nonsense
  Jon Oberheide and Dan Rosenberg
  SummerCon 2011
  New York City, NY, June 2011
  [presentation]   [event]  
• Don't Root Robots: Breaks in Google's Android Platform
  Jon Oberheide
  BSides Detroit 2011
  Detroit, MI, June 2011
  [presentation]   [event]  
• Stackjacking Your Way to grsecurity/PaX Bypass
  Jon Oberheide and Dan Rosenberg
  Infiltrate 2011
  Miami, FL, April 2011
  [presentation]   [event]  
• Stackjacking Your Way to grsecurity/PaX Bypass
  Jon Oberheide and Dan Rosenberg
  Hackito Ergo Sum 2011
  Paris, France, April 2011
  [presentation]   [event]  
• Team JOCH vs Android: The Ultimate Showdown
  Jon Oberheide and Zach Lanier
  ShmooCon 2011
  Washington DC, January 2011
  [presentation]   [event]  

2010

• Team JOCH vs Android: The Ultimate Showdown
  Jon Oberheide and Zach Lanier
  Intel Security Conference
  Hillsboro, OR, November 2010
  [event]  
• Internet Inter-Domain Traffic
  Craig Labovitz, Scott Iekel-Johnson, Danny McPherson, Jon Oberheide, and Farnam Jahanian
  SIGCOMM 2010
  New Delhi, India, September 2010
  [paper]   [presentation]   [event]  
• The Power of Chinese Security
  Jon Oberheide, Jake Appelbaum, and Anthony Lai
  DEFCON 18
  Las Vegas, NV, July 2010
  [presentation]   [event]  
• The Twilight Saga: Android Edition
  Jon Oberheide
  DEFCON 18 Sky Talks
  Las Vegas, NV, July 2010
  [event]  
• Antique Exploitation (aka Terminator 3.11 for Workgroups)
  Jon Oberheide
  DEFCON 18
  Las Vegas, NV, July 2010
  [event]  
• Android Hax
  Jon Oberheide
  SummerCon 2010
  New York, NY, June 2010
  [presentation]   [event]  
• Multifactor Authentication: Past, Present, and Future
  Jon Oberheide
  Merit Member Conference 2010
  Ann Arbor, MI, May 2010
  [presentation]   [event]  
• Linux Kernel Exploitation: Earning Its Pwnie a Vuln at a Time
  Jon Oberheide
  SOURCE Boston 2010
  Boston, MA, April 2010
  [presentation]   [event]  
• When Mobile is Harder Than Fixed: Demystifying Security Challenges in Mobile Environments
  Jon Oberheide and Farnam Jahanian
  HotMobile 2010
  Annapolis, MD, February 2010
  [paper]   [bibtex]   [event]  
• Vulnerability Classes in the Linux Kernel
  Jon Oberheide
  CERT Vulnerability Discovery Workshop
  Arlington, VA, February 2010
  [event]  

2009

• Internet Observatory Report
  Craig Labovitz, Danny McPherson, Scott Iekel-Johnson, Jon Oberheide, Farnam Jahanian, and Manish Karir
  NANOG 47
  Dearborn, MI, October 2009
  [presentation]   [event]  
• The More Things Change, the More They Stay the Same: Security Risk in Emerging Technologies
  Jon Oberheide
  Intel Security Conference
  Hillsboro, OR, September 2009
  [event]  
• PolyPack: An Automated Online Packing Service for Optimal Antivirus Evasion
  Jon Oberheide, Michael Bailey, and Farnam Jahanian
  Workshop on Offensive Technologies (WOOT'09)
  Montreal, Canada, August 2009
  [paper]   [presentation]   [bibtex]   [event]  
• Remote Fingerprinting and Exploitation of Mail Server Antivirus Engines
  Jon Oberheide and Farnam Jahanian
  University of Michigan Technical Report CSE-TR-552-09
  Ann Arbor, MI, June 2009
  [paper]   [bibtex]  
• If It Ain't Broke, Don't Fix It: Challenges and New Directions for Inferring the Impact of Software Patches
  Jon Oberheide, Evan Cooke, and Farnam Jahanian
  Workshop on Hot Topics in Operating Systems (HotOS XII)
  Monte Verita, Switzerland, May 2009
  [paper]   [presentation]   [bibtex]   [event]  
• A Look at a Modern Mobile Security Model: Google's Android Platform
  Jon Oberheide
  CanSecWest 2009
  Vancouver, Canada, March 2009
  [presentation]   [event]  
• Remote Security Services: Moving Security into the Network Cloud
  Jon Oberheide
  IQPC Remote Services Implementation
  San Francisco, CA, February 2009
  [event]  

2008

• Virtualization Security Summit (Moderator and Speaker)
  Jon Oberheide, Steve Orrin, Dino Dai Zovi, Dennis Moreau, and Hezi Moore
  CSI Annual 2008
  National Harbor, MD, November 2008
  [event]  
• CloudAV: N-Version Antivirus in the Network Cloud
  Jon Oberheide, Evan Cooke, and Farnam Jahanian
  USENIX Security Symposium
  San Jose, California, July 2008
  [paper]   [presentation]   [bibtex]   [event]  
• Unraveling the VirtSec Debacle: Black Eyes and Emerging Opportunities
  Jon Oberheide
  Lockdown 2008
  Madison, Wisconsin, July 2008
  [event]  
• Understanding Malware Behavior for Network Security
  Jon Oberheide
  IDGA Cyber Security for National Defense
  Arlington, Virginia, June 2008
  [event]  
• Virtualized In-Cloud Security Services for Mobile Devices
  Jon Oberheide, Kaushik Veeraraghavan, Evan Cooke, Jason Flinn, and Farnam Jahanian
  Workshop on Virtualization in Mobile Computing (MobiVirt'08)
  Breckenridge, Colorado, June 2008
  [paper]   [presentation]   [bibtex]   [event]  
• CloudAV: Malware Analysis in the Network Cloud
  Jon Oberheide
  Merit Member Conference
  Ann Arbor, Michigan, June 2008
  [presentation]   [event]  
• Exploiting Live Virtual Machine Migration
  Jon Oberheide, Evan Cooke, and Farnam Jahanian
  Black Hat DC 2008 Briefings
  Washington DC, February 2008
  [paper]   [presentation]   [bibtex]   [event]  

2007

• Automated Classification and Analysis of Internet Malware
  Michael Bailey, Jon Oberheide, Jon Andersen, Z. Morley Mao, Farnam Jahanian, and Jose Nazario
  Recent Advances in Intrusion Detection (RAID'07)
  Queensland, Australia, September 2007
  [paper]   [bibtex]   [event]  
• Rethinking Antivirus: Executable Analysis in the Network Cloud
  Jon Oberheide, Evan Cooke, and Farnam Jahanian
  USENIX Workshop on Hot Topics in Security (HotSec'07)
  Boston, Massachusetts, August 2007
  [paper]   [presentation]   [bibtex]   [event]  
• Characterizing Dark DNS Behavior
  Jon Oberheide, Manish Karir, Z. Morley Mao, and Farnam Jahanian
  Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA'07)
  Lucerne, Switzerland, July 2007
  [paper]   [presentation]   [bibtex]   [event]  

2006

• VAST: Visualizing Autonomous System Topology
  Jon Oberheide, Manish Karir, and Dionysus Blazakis
  Workshop on Visualization for Computer Security (VizSEC'06)
  Alexandria, Virginia, November 2006
  [paper]   [bibtex]   [event]  
• Flamingo Tutorial
  Manish Karir and Jon Oberheide
  Internet2 Joint Techs Workshop
  Madison, Wisconsin, July 2006
  [presentation]   [event]  
• Extracting Information from Raw Network Data
  Manish Karir and Jon Oberheide
  IFIP Workshop on Infrastructure Security
  Annapolis, Maryland, June 2006
  [presentation]   [event]  
• Flamingo: Visualizing Internet Traffic
  Jon Oberheide, Michael Goff, and Manish Karir
  IEEE/IFIP Network Operations and Management Symposium (NOMS'06)
  Vancouver, Canada, April 2006
  [paper]   [bibtex]   [event]  
• Flamingo: Visualizing Internet Traffic
  Jon Oberheide, Michael Goff, and Manish Karir
  North American Network Operators Group (NANOG 36)
  Dallas, Texas, February 2006
  [presentation]   [event]  
• Honeyd Detection via Packet Fragmentation
  Jon Oberheide and Manish Karir
  Merit Technical Report
  Ann Arbor, Michigan, January 2006
  [paper]   [bibtex]   [event]  

2005

• The BGP-Inspect Project
  Manish Karir, Jon Oberheide, Dionysus Blazakis, and John Baras
  North American Network Operators Group (NANOG 35)
  Los Angeles, California, October 2005
  [presentation]   [event]  

Professional Services

I've served on the program committee and acted as an external reviewer for numerous workshops and conferences including:

• 2012 - ACSAC (PC)
• 2010 - DSN (Publicity Chair), NSF, RAID, WREN
• 2009 - CCS, DSN, IEEE S&P, IEEE TDSC, NSDI, NSF, QRASA (PC), WOOT (PC), WREN
• 2008 - CCS, DSN, LEET, NDSS, RAID, SIGCOMM CCR, WOOT
• 2007 - DSN, INM, LADC, RAID, SRUTI, USENIX Security, WOOT

Copyright © 2012 - Jon Oberheide <jon at oberheide dot org>