Michael Bailey

Assistant Research Scientist
Electricial Engineering and Computer Science Department
College of Engineering
University of Michigan

My resume is here.

Research:

My research focuses on the security and availability of complex distributed systems. To date this has included the characterization of specific network threats (e.g., worms) and techniques for measurement of these threats at scale (e.g., distributed network telescopes). More recently I have been focused on the interplay between the attackers and the defenders of these systems including the creation of techniques that allow defenders to hide from attackers as well as through the classification and analysis of complex attacker tool ecosystems. This work is accomplished under the following projects:

Automatic Topology Discovery for Perspective-Aware Internet Threat Detection
Detecting and Dismantling Botnet Command and Control Infrastructure using Behavioral Profilers and Bot Informants
Virtual Center for Network and Security Data as part of PREDICT
Internet Motion Sensor

If you are interested in becoming a graduate student at UM, but are not yet admitted/enrolled, please read this note.

Papers:

Automated Classification and Analysis of Internet Malware
Michael Bailey, Jon Oberheide, Jon Andersen, Z. Morley Mao, Farnam Jahanian, and Jose Nazario
10th International Symposium on Recent Advances in Intrusion Detection (RAID 2007)
Queensland, Australia
September 5-7, 2007
[pdf]
Shedding Light on the Configuration of Dark Addresses
Sushant Sinha, Michael Bailey, Farnam Jahanian
Network and Distributed System Security Symposium (NDSS)
San Diego, California
February 28-March 2, 2007
[pdf]
Dark Oracle: Perspective-Aware Unused and Unreachable Address Discovery
Evan Cooke, Michael Bailey, Farnam Jahanian, and Richard Mortier
3rd Symposium on Networked Systems Design and Implementation (NSDI '06)
San Jose, CA
May 8-10, 2006
[pdf]
Practical Darknet Measurement
Michael Bailey, Evan Cooke, Farnam Jahanian, Andrew Myrick, Sushant Sinha
2006 Conference on Information Sciences and Systems (CISS '06)
Princeton, NJ
March 22-24, 2006
[pdf]
Data Reduction for the Scalable Automated Analysis of Distributed Darknet Traffic
Michael Bailey, Evan Cooke, Farnam Jahanian, Niels Provos, Karl Rosaen, and David Watson
2005 Internet Measurement Conference (IMC 2005)
Berkeley, California
October 19-21, 2005
[pdf]
The Blaster Worm: Then and Now
Michael Bailey, Evan Cooke, David Watson, Farnam Jahanian, and Jose Nazario
IEEE Security & Privacy Magazine
Volume: 3, Issue: 4, pages: 26-31
July-Aug. 2005
[pdf]
The Internet Motion Sensor: A Distributed Blackhole Monitoring System
Michael Bailey, Evan Cooke, David Watson, Farnam Jahanian, and Jose Nazario
Network and Distributed System Security Symposium (NDSS)
San Diego, California
February 3-4, 2005
[pdf]
Toward Understanding Distributed Blackhole Placement
Evan Cooke, Michael Bailey, David Watson, Farnam Jahanian, and Danny McPherson
The 2nd Workshop on Rapid Malcode (WORM)
Fairfax, Virginia
October 29, 2004
[pdf]
A Hybrid Honeypot Architecture for Scalable Network Monitoring
Michael Bailey, Evan Cooke, David Watson, Farnam Jahanian, and Niels Provos
Computer Science and Engineering Technical Report
University of Michigan
CSE-TR-499-04
October 16, 2004
[pdf]
Measuring, Characterizing, and Tracking Internet Threat Dynamics
Michael Bailey, Farnam Jahanian, G. Robert Malan, Jose Nazario, Dug Song and Robert Stone.
OpenSig 2003 Workshop
New York, New York.
October 9-10, 2003
[pdf]
Shining Light on Dark Address Space
Craig Labovitz, Abha Ahuja and Michael Bailey
Arbor Netwoks Technical Report
November 2001; Ann Arbor, Michigan
[pdf]

Contact Information:

Email:

mibailey AT eecs DOT umich DOT edu

U.S. Mail Address:

Deptartment of EECS
Software Systems Laboratory, or Real-Time Computing Laboratory
University of Michigan
2260 Hayward Street
Ann Arbor, MI 48109-2121

Office:

4611 CSE
Phone: (734) 647-8086
Fax: (734) 763-8094

Authentication:

-Mike