vita.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
            "http://www.w3.org/TR/html4/loose.dtd">

<html>

	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
		<title>Damien Octeau</title>
		<link href="css.css" rel="stylesheet" type="text/css">
		<script src="js/ga.js"></script>
	</head>
	
	<body>
		<table cellspacing="0" cellpadding="5px">
			<tr> <td class="myname">Damien Octeau</td> </tr>
			<tr> <td id="nav" class="mylinks"> <myl> <a href="index.html" class="linknostyle">Home</a> &loz; <a href="research.html" class="linknostyle">Research</a> &loz; <a href="publications.html" class="linknostyle">Publications</a> &loz; <strong>Vita</strong> &loz; <a href="tools.html" class="linknostyle">Tools</a> </myl> </td> </tr>
		</table>
		
		<div class="content">

		<h2 class="vitaheader">Experience</h1>
		<b>Google Inc.</b>, Mountain View, CA<br>
		Software Engineer, September 2015 - Present
		<ul>
		<li>Working on various techniques for mobile malware detection
		</li>
		</ul>

		<b>University of Wisconsin-Madison</b>, Madison, WI<br>
		<b>Pennsylvania State University</b>, University Park, PA<br>
		Postdoctoral Research Associate, September 2014 - September 2015
		<ul>
		<li>Designed and implemented a technique for propagation of constants 
		with composite types. Presented it at ICSE 2015. Released the tool at 
		<a href="http://siis.cse.psu.edu/coal">http://siis.cse.psu.edu/coal</a>.
		</li>
		<li>Reformulated the problem of inferring Android Inter-Component 
		Communication to a composite constant propagation problem. Released the 
		tool at 
		<a href="http://siis.cse.psu.edu/ic3">http://siis.cse.psu.edu/ic3</a>.
		</li>
		<li>Studied probabilistic ranking of program values inferred using 
		static analysis. Presented it at POPL 2016. Released the tool at 
		<a href="http://siis.cse.psu.edu/primo">http://siis.cse.psu.edu/primo</a>.
		</li>
		</ul>

		<b>Pennsylvania State University</b>, University Park, PA<br>
		Research Assistant, January 2009 - July 2014
		<ul>
		<li>Designed and implemented Ded, the first efficient method to 
		decompile applications running on Google Android (&#8776;95% success 
		rate). Released the tool at 
		<a href="http://siis.cse.psu.edu/ded">http://siis.cse.psu.edu/ded</a>.
		</li>
		<li>Used Ded for a study of the security of 1,100 applications using 
		static analysis, presented at USENIX Security 2011.
		</li>
		<li>Designed and implemented Dare, the most efficient method to 
		retarget Android applications to Java bytecode (99.99% success rate). 
		Presented it at FSE 2012. Released the tool and source code at 
		<a href="http://siis.cse.psu.edu/dare">http://siis.cse.psu.edu/dare</a>.
		</li>
		<li>Designed and implemented Epicc, a tool to analyze Android 
		Inter-Component Communication. Presented it at USENIX Security 
		2013. Released the tool at 
		<a href="http://siis.cse.psu.edu/epicc">http://siis.cse.psu.edu/epicc</a>.
		</li>
		</ul>

		<b>Google Inc.</b>, Mountain View, CA<br>
		Intern in the Security team, Summer 2013<br>
		<br>

		<b>Google Inc.</b>, Mountain View, CA<br>
		Intern, Summer 2011<br>
		<ul>
		<li>Designed and implemented tools to analyze and visualize experimental 
		data about user proximity.
		</li>
		<li>Patented the work as U.S. Patent 8,830,909, issued on September 9, 
		2014.
		</li>
		</ul>

		<b>Pennsylvania State University</b>, University Park, PA<br>
		Teaching Assistant, August 2010 - December 2010<br>
		Assisted students in labs for CMPSC 122, the course in intermediate 
		programming in C++.<br>
		<br>

		<b>Osiatis France</b>, Bordeaux, France<br>
		Intern, Summer 2008<br>
		<ul>
		<li>Designed and implemented a collaborative php/MySQL application to 
		manage the follow up on all IT issues for a major client.</li>
		<li>Trained the local team to use and modify it.</li>
		</ul>


		<h2 class="vitaheader">Education</h1>
		<b>Pennsylvania State University, 2014</b>
		<ul>
		<li>Ph.D. in Computer Science and Engineering<br>
		Thesis: <i>Analysis of Inter-Component Communication in Mobile Applications Through Retargeting</i><br>
		Advisor: Dr. Patrick McDaniel</li>
		<li>M.S. in Computer Science and Engineering, 2010<br>
		Thesis: <i>Automated Certification of Android Applications</i><br>
		Advisor: Dr. Patrick McDaniel</li>
		</ul>
		
		<b>Ecole Centrale de Lyon</b>, France
		<ul>
		<li><i>Dipl&ocirc;me d'ing&eacute;nieur</i> (Master's degree in 
		Engineering), 2010</li>
		<li>B.S. in Engineering, 2007</li>
		</ul>


		<h2 class="vitaheader">Publications</h2>
		<h3>Journal Publications</h3>

		Damien Octeau, Daniel Luchaup, Somesh Jha, and Patrick McDaniel. 
		Composite Constant Propagation and its 
		Application to Android Program Analysis. <i>IEEE Transactions of 
		Software Engineering (TSE)</i>, vol. 42, no. 11, pp. 999-1014, November 
		2016.

		<br>
		<br>

		Basak Guler, Burak Varan, Kaya Tutuncuoglu, Mohamed Nafea, Ahmed A. 
		Zewail, Aylin Yener, and Damien Octeau. Using Social Sensors for 
		Influence Propagation in Networks with Positive and Negative 
		Relationships. <i>IEEE Journal on Selected Topics in Signal Processing: 
		Special Issue on Signal Processing for Situational Awareness from 
		Networked Sensors and Social Media</i>. March 2015.

		<h3>Conference Publications</h3>

		Li Li, Tegawende F. Bissyande, Damien Octeau and Jacques Klein. 
		Reflection-Aware Static Analysis of Android  Apps, <i>Proceedings of 
		the 31st IEEE/ACM International Conference on Automated Software 
		Engineering (ASE), Tool Track</i>, September 2016, Singapore, Singapore.

		<br>
		<br>

		Michael Backes, Sven Bugiel, Erik Derr, Patrick McDaniel, Damien 
		Octeau, and Sebastian Weisgerber. On Demystifying the Android 
		Application Framework: Re-Visiting Android Permission Specification 
		Analysis. <i>Proceedings of the 25th USENIX Security Symposium</i>, 
		August 2016, Austin, TX. <i>Acceptance rate: 15.6%</i>.

		<br>
		<br>

		Li Li, Tegawende F. Bissyande, Damien Octeau, and Jacques Klein. 
		DroidRA: Taming Reflection to Support Whole-Program Analysis of Android 
		Apps. <i>Proceedings of the 25th International Symposium on Software 
		Testing and Analysis (ISSTA)}</i>. Saarbrucken, Germany, July 2016. 
		<i>Acceptance rate: 25.17%</i>.

		<br>
		<br>

		Damien Octeau, Somesh Jha, Matthew Dering, Patrick McDaniel, Alexandre 
		Bartel, Li Li, Jacques Klein, and Yves Le Traon. Combining Static 
		Analysis with Probabilistic Models to Enable Market-Scale Android 
		Inter-Component Analysis. <i>Proceedings of the 43rd ACM SIGPLAN-SIGACT 
		Symposium on Principles of Programming Languages (POPL)</i>. St. 
		Petersburg, Florida, USA, January 2016. <i>Acceptance rate: 23.3%</i>.

		<br>
		<br>

		Damien Octeau, Daniel Luchaup, Matthew Dering, Somesh Jha, and Patrick 
		McDaniel. Composite Constant Propagation: Application to Android 
		Inter-Component Communication Analysis. <i>Proceedings of the 37th 
		International Conference on Software Engineering (ICSE)</i>, May 2015. 
		Florence, Italy. <i>Acceptance rate: 18.5%</i>.

		<br>
		<br>

		Li Li, Alexandre Bartel, Jacques Klein, Yves Le Traon, Steven Artz, 
		Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick McDaniel. 
		I Know What leaked in Your Pocket: Uncovering Privacy Leaks on Android 
		Apps with Static Taint Analysis. <i>Proceedings of the 37th 
		International Conference on Software Engineering (ICSE)</i>, May 2015. 
		Florence, Italy. <i>Acceptance rate: 18.5%</i>.

		<br>
		<br>

		Basak Guler, Burak Varan, Kaya Tutuncuoglu, Mohamed Nafea, Ahmed A. 
		Zewail, Aylin Yener, and Damien Octeau. Communicating in a 
		Socially-Aware Network: Impact of Relationship Types. <i>Proceedings of 
		the 2nd IEEE Global Conference on Signal and Information Processing 
		(GlobalSIP)</i>, December 2014. Atlanta, GA.

		<br>
		<br>

		Wenhui Hu, Damien Octeau, Patrick McDaniel, and Peng Liu. Duet: Library 
		Integrity Verification for Android Applications. 
		<i> Proceedings of the 7th ACM Conference on Security and Privacy in 
		Wireless and Mobile Networks (WiSec)</i>, July 2014. Oxford, UK. 
		<i>Acceptance rate: 26.0%</i>.

		<br>
		<br>

		Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, 
		Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and 
		Patrick McDaniel. FlowDroid: Precise Context, Flow, Field, 
		Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps. 
		<i> Proceedings of the 35th Conference on Programming Language Design and 
		Implementation (PLDI)</i>, June 2014. Edinburgh, UK. <i>Acceptance 
		rate: 18.1%</i>.

		<br>
		<br>

		Damien Octeau, Patrick McDaniel, Somesh Jha, Alexandre Bartel, 
		Eric Bodden, Jacques Klein, and Yves Le Traon. 
		Effective 
		Inter-Component Communication Mapping in Android with <i>Epicc</i>: An 
		Essential Step Towards Holistic Security Analysis. <i>Proceedings of 
		the 22nd USENIX Security Symposium</i>, August 2013. Washington, DC. 
		<i>Acceptance rate: 16.2%</i>.

		<br>
		<br>

		Damien Octeau, Somesh Jha, and Patrick McDaniel. 
		Retargeting Android Applications to Java Bytecode. 
		<i>Proceedings of the 20th International Symposium on the 
		Foundations of Software Engineering</i>, November 2012. 
		Cary, NC. <i>Acceptance rate: 17.4%</i>. 
		<i><font color = "ff0000">Best Artifact Award</font></i>

		<br>
		<br>

		William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri. 
		A Study of Android Application Security. 
		<i>Proceedings of the 20th USENIX Security Symposium</i>, August 2011. 
		San Francisco, CA. <i>Acceptance rate: 17.2%</i>.
		
		<h3>Other Publications</h3>

		Basak Guler, Burak Varan, Kaya Tutuncuoglu, Mohamed Nafea, Ahmed A. 
		Zewail, Aylin Yener, and Damien Octeau. Optimal Strategies for Targeted 
		Influence in Signed Networks. <i>Proceedings of the ASONAM C3-2014 
		Workshop</i>, August 2014. Beijing, China.

		<br>
		<br>

		Damien Octeau. Analysis of Inter-Component Communication in Mobile 
		Applications Through Retargeting. Ph.D. Dissertation. Pennsylvania 
		State University, University Park, PA, August 2014.

		<br>
		<br>

		Damien Octeau. Automated Certification of Android Applications. 
		Master's Thesis. Pennsylvania State University, University Park, PA, 
		May 2010.

		<br>
		<br>
		
		Damien Octeau, William Enck and Patrick McDaniel. The ded Decompiler. 
		<i>Technical Report NAS-TR-0140-2010</i>, Network and Security 
		Research Center, Department of Computer Science and Engineering, 
		Pennsylvania State University, University Park, PA.
		
		
		<h2 class="vitaheader">Awards</h2>
		<ul>
		<li>AT&T Graduate Fellowship, 2013</li>
		<li>Best Research Artifact Award, 20th International 
		Symposium on the Foundations of Software Engineering (FSE), 2012</li>
		<li>USENIX Security Symposium Travel Grant, 2009, 2011, 2013</li>
		</ul>
		
		
		<h2 class="vitaheader">Presentations</h2>
		Combining Static Analysis with Probabilistic Models to Enable 
		Market-Scale Android Inter-Component Analysis. <i>43rd ACM 
		SIGPLAN-SIGACT Symposium on Principles of Programming Languages 
		(POPL)</i>, St. Petersburg, Florida, USA, January 2016.<br>
		<br>

		Composite Constant Propagation: Application to Android Inter-Component 
		Communication Analysis, <i>37th International Conference on Software 
		Engineering (ICSE)</i>, Florence, Italy, May 2015.<br>
		<br>

		Analysis of Inter-Component Communication in Mobile Applications 
		Through Retargeting, <i>Invited talk at the City University of New 
		York</i>, New York, NY, April 2015.<br>
		<br>

		Analysis of Inter-Component Communication in Mobile Applications 
		Through Retargeting, <i>Invited talk at IBM Research</i>, Yorktown 
		Heights, NY, March 2015.<br>
		<br>

		Analysis of Inter-Component Communication in Mobile Applications 
		Through Retargeting, <i>Invited talk at the Virginia Polytechnic 
		Institute and State University</i>, Blacksburg, VA, March 2015.<br>
		<br>

		Analysis of Inter-Component Communication in Mobile Applications 
		Through Retargeting, <i>Invited talk at the North Carolina State 
		University</i>, Raleigh, NC, March 2015.<br>
		<br>

		Analysis of Inter-Component Communication in Mobile Applications 
		Through Retargeting, <i>Invited talk at the New York University</i>, 
		New York, NY, February 2015.<br>
		<br>

		Duet: Library Integrity Verification for Android Applications, 
		<i>7th ACM Conference of Security and Privacy in Wireless and Mobile 
		Networks</i>, July 2014.<br>
		<br>

		Effective Inter-Component Communication Analysis in Android with 
		<i>Epicc</i>, <i>2014 Network and Distributed Systems Security (NDSS) 
		Symposium</i>, San Diego, CA, February 2014 (poster).<br>
		<br>

		Effective Inter-Component Communication Mapping in Android with 
		<i>Epicc</i>: An Essential Step Towards Holistic Security Analysis, 
		<i>Invited talk at Google Inc.</i>, Mountain View, CA, August 2013.<br>
		<br>

		Effective Inter-Component Communication Mapping in Android with 
		<i>Epicc</i>: An Essential Step Towards Holistic Security Analysis, 
		<i>22nd USENIX Security Symposium</i>, August 2013.<br>
		<br>
		
		Retargeting Android Applications to Java Bytecode, <i>20th 
		International Symposium on the Foundations of Software Engineering</i>, 
		November 2012.<br>
		<br>
		
		Retargeting Android Applications to Java Bytecode for Static Analysis, 
		<i>Invited talk at the University of Luxembourg</i>, September 2012.<br>
		<br>
		
		Android Application Analysis through Retargeting, <i>Network and 
		Security Research Center Industry Day 2012 (poster)</i>.<br>
		<br>
		
		Decompiling Android Applications, <i>Network and 
		Security Research Center Industry Day 2009 (poster)</i>.<br>
		<br>

		Decompiling Android Applications, <i>18th USENIX Security Symposium 
		(work-in-progress report)</i>, Montreal, Canada, August 2009.


		<h2 class="vitaheader">Patents</h2>
		<b>U.S. Patent 8,830,909</b>. Methods and Systems to Determine User 
		Relationships, Events and Spaces using Wireless Fingerprints. Damien 
		Octeau and Arunesh Mishra. Issued September 9, 2014.


		<h2 class="vitaheader">Professional Activities</h2>
		<b>Committees:</b> 
		<ul>
			<li>Mobile Security Technologies (MoST), 2017, PC Member</li>
			<li>Annual ACM CCS Workshop on Security and Privacy in Smartphones 
			and Mobile Devices (SPSM), 2016, PC Member</li>
			<li>ACM Conference on Security and Privacy in Wireless and Mobile 
			Networks (WiSec), 2016, PC Member</li>
			<li>International Workshop on Mobile Computing Security, 2015, PC 
			Member</li>
			<li>International Workshop on System-Level Security of Smartphones, 
			2014, PC Member</li>
		</ul>

		<b>Reviewer (conferences):</b> 
		<ul>
			<li>ACM Symposium on Principles of Programming Languages (POPL): 
			2016</li>
			<li>ACM Workshop on Moving Target Defense: 2015</li>
			<li>IEEE International Conference on Computer and Communication 
			Technology (ICCCT): 2015</li>
			<li>International Symposium on Engineering Secure Software and 
			Systems (ESSoS): 2015</li>
			<li>USENIX Security Symposium: 2014</li>
			<li>IEEE Computer Security Foundations Symposium (CSF): 2014</li>
			<li>International Symposium on Software Testing and Analysis 
			(ISSTA): 2014</li>
			<li>IEEE Symposium on Security and Privacy (Oakland): 2013</li>
			<li>ACM Conference on Computer Security (CCS): 2012</li>
			<li>ACM Annual International Conference on Mobile Computing and 
			Networking (MobiCom): 2012</li>
			<li>Network and Distributed Systems Security Symposium (NDSS): 
			2012</li>
		</ul>

		<b>Reviewer (journals):</b>
		<ul>
			<li>Pervasive and Mobile Computing: 2016</li>
			<li>IEEE Transactions on Services Computing: 2015</li>
			<li>IEEE Pervasive Computing: 2015</li>
			<li>IEEE Security and Privacy: 2014</li>
			<li>Security and Communication Networks: 2014, 2015, 2016</li>
			<li>ACM Computing Surveys: 2014, 2015</li>
			<li>Journal of Computer Security: 2014</li>
			<li>IEEE Transactions on Mobile Computing (TMC): 2013</li>
			<li>IEEE Transactions on Dependable and Secure Computing (TDSC): 2013</li>
			<li>ACM Transactions on Embedded Computing Systems (TECS): 2013</li>
			<li>IEEE Transactions on Parallel and Distributed Systems (TPDS): 2012</li>
		</div>

		<div class="bott">
		<table>
			<tr> <td> </td> </tr>
		</table>
		</div>
	</body>


</html>