Wilson Lian

I'm a security researcher, climber, tinkerer, and recent (fall 2016) PhD graduate from UC San Diego in the Security & Crypto and Systems & Networking groups.

My advisors were Hovav Shacham and Stefan Savage.

I like studying things that go bump in the (virtual) night; lately I've been into JIT spraying attacks and hardening Just-In-Time compilers.

Prior to coming to UCSD, I earned my B.S. in Computer Science at the University of North Carolina at Chapel Hill in 2009. In 2013 and 2014, I earned my M.S. and C.Phil. at UCSD.

Nowadays, I'm a software engineer at Google, where I work on the Google Cloud Platform Team.

Publications

Too LeJIT to Quit:
Extending JIT Spraying to ARM

We show for the first time that the JIT spraying attack is feasible against the ARM architecture found in most handheld devices, describe our proof-of-concept attack, and offer tips for hardening.

Measuring the Practical Impact of DNSSEC Deployment

In a large-scale ad-based study, we show that enabling DNSSEC for a domain will prevent one client (typically in Asia) from accessing the domain for every ten clients protected from tampering.

Traffic Classification Using Visual Motifs: An Empirical Evaluation

We measure how well pretty pictures can be used to visually distinguish the traffic patterns of various application protocols on the wire.
It's super effective!

More on JIT Spraying...

Wilson Lian, Hovav Shacham, Stefan Savage. Too LeJIT to Quit:Extending JIT Spraying to ARM. In Proceedings of the Network and Distributed System Security (NDSS) Symposium, 2015. (16% acceptance) PDF BibTeX

More on DNSSEC Deploment...

Wilson Lian, Eric Rescorla, Hovav Shacham, Stefan Savage. Measuring the Practical Impact of DNSSEC Deployment. In Proceedings of the USENIX Security Symposium, Washington D.C., August 2013. (16% acceptance) PDF BibTeX

More on Traffic Classification...

Wilson Lian, Fabian Monrose, John McHugh. Traffic Classification Using Visual Motifs: An Empirical Evaluation In Proceedings of the Seventh International Symposium on Visualization for Cyber Security (VizSec). p. 70-78. September 2010. DOI BibTeX

Hi there.

I'm Wilson Lian.

I'm a security researcher, climber, tinkerer, and recent (fall 2016) PhD graduate from UC San Diego in the Security & Crypto and Systems & Networking groups.

Publications

Too LeJIT to Quit:
Extending JIT Spraying to ARM

Measuring the Practical Impact of DNSSEC Deployment

Traffic Classification Using Visual Motifs: An Empirical Evaluation

More on JIT Spraying...

More on DNSSEC Deploment...

More on Traffic Classification...

I'm based out of Mountain View, CA.

Shoot me an email at wlian [clutch] cs [stick] ucsd [pedal] edu

Hi there.

I'm Wilson Lian.

I'm a security researcher, climber, tinkerer, and recent (fall 2016) PhD graduate from UC San Diego in the Security & Crypto and Systems & Networking groups.

Publications

Too LeJIT to Quit: Extending JIT Spraying to ARM

Measuring the Practical Impact of DNSSEC Deployment

Traffic Classification Using Visual Motifs: An Empirical Evaluation

More on JIT Spraying...

More on DNSSEC Deploment...

More on Traffic Classification...

I'm based out of Mountain View, CA.

Shoot me an email at wlian [clutch] cs [stick] ucsd [pedal] edu

Too LeJIT to Quit:
Extending JIT Spraying to ARM