research

Overview

My primary research interests are trustworthy systems, information assurance, and wireless network security.

Publications

Journals

• N. Petroni, A. Walters, T. Fraser, and W. Arbaugh, "FATKit: A Framework for the Extraction and Analysis of Digital Forensic Data from Volatile System Memory," Digital Investigation, The International Journal of Digital Forensics & Incident Response. 3(4):197-210, December, 2006.
• J. Branch, N. Petroni, L. Van Doorn, and D. Safford, "Autonomic 802.11 Wireless LAN Security Auditing: A Distributed Approach," IEEE Security and Privacy, May/June, 2004.
• A. Mishra, M. Shin, N. Petroni, T. Clancy, and W. Arbaugh, "Proactive Key Distribution Using Neighbor Graphs," IEEE Wireless Communications, February, 2004.
• A. Mishra, N. Petroni, W. Arbaugh, and T. Fraser, ``Security Issues in IEEE 802.11 Wireless Local Area Networks: A Survey,'' Wiley InterScience Wireless Communications and Mobile Computing Journal, 2004.
• N. Petroni and W. Arbaugh, "The Dangers of Mitigating Security Design Flaws: A Wireless Case Study," IEEE Security and Privacy, January/February, 2003.

Conferences

• N. Petroni and M. Hicks, "Automated Detection of Persistent Kernel Control-Flow Attacks", Proc. of the 14th ACM Conference on Computer and Communications Security, October, 2007.
  A more up to date Technical Report version.
• N. Petroni, T. Fraser, A. Walters, and W. Arbaugh, "An Architecture for Specification-Based Detection of Semantic Integrity Violations in Kernel Dynamic Data," Proc. of the 15th USENIX Security Symposium, August, 2006.
• N. Petroni, T. Fraser, J. Molina, and W. Arbaugh, "Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor," Proc. of the 13th USENIX Security Symposium, August, 2004.

Standards

• J. Vollbrecht, P. Eronen, N. Petroni, and Y. Ohba, "RFC 4137: State Machines for Extensible Authentication Protocol (EAP) Peer and Authenticator", IETF Informational RFC, August 2005.

Presentations

Conferences:

• N. Petroni, "Automated Detection of Persistent Kernel Control-Flow Attacks," 14th ACM Conference on Computer and Communications Security, Alexandria, VA, October 30, 2007. [.pdf]
• A. Walters and N. Petroni, "Volatools: Integrating Volatile Memory into the Digital Investigation Process," Black Hat Briefings, Washington, D.C., February 28, 2007. [.pdf]
• N. Petroni, "An Architecture for Specification-Based Detection of Semantic Integrity Violations in Kernel Dynamic Data," 15th USENIX Security Symposium, Vancouver, B.C., Canada, August, 2006. [.pdf]
• N. Petroni, "Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor," 13th USENIX Security Symposium, San Diego, CA, August, 2004. [.ppt] [.pdf]

Invited Talks:

• N. Petroni, "Coprocessor-based Integrity Monitoring," Thirty-Second Washington Area Trustworthy Systems Hour (WATSH), November 9, 2004. [.ppt] [.pdf]