Research:
My research focuses on the security and availability of complex
distributed systems. To date this has included the characterization of
specific network threats (e.g., worms) and techniques for measurement
of these threats at scale (e.g., distributed network telescopes). More
recently I have been focused on the interplay between the attackers
and the defenders of these systems including the creation of
techniques that allow defenders to hide from attackers as well as
through the classification and analysis of complex attacker tool
ecosystems. This work is accomplished under the following projects:
If you are interested in becoming a graduate student at UM, but are not yet admitted/enrolled, please read this note.
Papers:
-
David Dittrich, Michael Bailey, Sven Dietrich. Towards Community Standards for Ethical Behavior in Computer Security Research. Stevens CS Technical Report 2009-1, 20 April 2009.
[pdf]
[bib]
-
David Dittrich, Michael D. Bailey, and Sven Dietrich. Have we Crossed the Line? The Growing Ethical Debate
in Modern Computer Security Research. In (Poster at) Proceedings of the 16th ACM Conference on Computer
and Communication Security (CCS-09), Chicago, Illinois USA, November 2009
[pdf]
[bib]
-
Jon Oberheide, Michael Bailey, and Farnam Jahanian. PolyPack: An Automated Online Packing Service for
Optimal Antivirus Evasion. In 3rd USENIX Workshop on Offensive Technologies (WOOT '09), Montreal, Canada,
August 2009.
[pdf]
[bib]
-
Sushant Sinha, Michael D. Bailey, and Farnam Jahanian. One Size Does Not Fit All: 10 Years of Applying Context Aware Security. In Proceedings of the 2009 IEEE International Conference on Technologies for Homeland Security (HST '09), Waltham, Massachusetts, USA, May 2009.
[pdf]
[bib]
-
Michael D. Bailey, Evan Cooke, Farnam Jahanian, Yunjing Xu, and Manish Karir. A Survey of Botnet Technology and Defenses. In Proceedings of the Cybersecurity Applications & Technology Conference For Homeland Security (CATCH '09), pages 299-304, Washington, District of Columbia, USA, March 2009.
[pdf]
[bib]
-
Scott E. Coull, Fabian Monrose, Michael K. Reiter, and Michael D. Bailey. The Challenges of Effectively Anonymizing Network Data. In Proceedings of the Cybersecurity Applications & Technology Conference For Homeland Security (CATCH '09), pages 230-236, Washington, District of Columbia, USA, March 2009.
[pdf]
[bib]
-
Sushant Sinha, Michael D. Bailey, and Farnam Jahanian. Shades of Grey: On the Effectiveness of Reputation-based blacklists. In Proceedings of the 3rd International Conference on Malicious and Unwanted Software (MALWARE '08), pages 57-64, Fairfax, Virginia, USA, October 2008.
[pdf]
[bib]
-
Xu Chen, Jon Andersen, Z. Morley Mao, Michael D. Bailey, and Jose Nazario. Towards an Understanding of Anti-Virtualization and Anti-Debugging Behavior in Modern Malware. In Proceedings of the 38th Annual IEEE International Conference on Dependable Systems and Networks (DSN '08), pages 177-186, Anchorage, Alaska, USA, June 2008.
[pdf]
[bib]
-
Sushant Sinha, Michael D. Bailey, and Farnam Jahanian. Shedding Light on the Configuration of Dark Addresses. In Proceedings of the 14th Annual Network & Distributed System Security Symposium (NDSS '07), pages 125-139, San Diego, California, USA, February-March 2007.
[pdf]
[bib]
-
Michael D. Bailey, Jon Oberheide, Jon Andersen, Zhuoqing Morley Mao, Farnam Jahanian, and Jose Nazario. Automated Classification and Analysis of Internet Malware. In Proceedings of the 10th International Symposium on Recent Advances in Intrusion Detection (RAID '07), pages 178-197, Gold Coast, Australia, September 2007.
[pdf]
[bib]
-
Michael Donald Bailey. A Scalable Hybrid Network Monitoring Architecture for Measuring, Characterizing, and Tracking Internet Threat Dynamics. PhD thesis, University of Michigan, Ann Arbor, MI, USA, 2006.
[pdf]
[bib]
-
Evan Cooke, Michael D. Bailey, Farnam Jahanian, and Richard Mortier. The Dark Oracle: Perspective-Aware Unused and Unreachable Address Discovery. In Proceedings of the 3rd Symposium on Networked Systems Design & Implementation (NSDI '06), pages 101-114, San Jose, California, USA, May 2006.
[pdf]
[bib]
-
Michael D. Bailey, Evan Cooke, Farnam Jahanian, Andrew Myrick, and Sushant Sinha. Practical Darknet Measurement. In Proceedings of the 40th Annual Conference on Information Sciences and Systems (CISS '06), pages 1496-1501, Princeton, New Jersey, USA, March 2006.
[pdf]
[bib]
-
Michael D. Bailey, Evan Cooke, Farnam Jahanian, David Watson, and Jose Nazario. The Blaster Worm: Then and Now. IEEE Security and Privacy, 3(4):26-31, 2005.
[pdf]
[bib]
-
Michael D. Bailey, Evan Cooke, Farnam Jahanian, Niels Provos, Karl Rosaen, and David Watson. Data Reduction for the Scalable Automated Analysis of Distributed Darknet Traffic. In Proceedings of the 5th ACM SIGCOMM Conference on Internet Measurement (IMC '05), pages 239-252, Berkeley, California, USA, October 2005.
[pdf]
[bib]
-
Michael D. Bailey, Evan Cooke, Farnam Jahanian, and Jose Nazario. The Internet Motion Sensor - A Distributed Blackhole Monitoring System. In Proceedings of the 12th Annual Network & Distributed System Security Symposium (NDSS '05), pages 167-179, San Diego, California, USA, February 2005.
[pdf]
[bib]
-
Michael D. Bailey, Evan Cooke, David Watson, Farnam Jahanian, and Niels Provos. A Hybrid Honeypot Architecture for Scalable Network Monitoring. Technical Report CSE-TR-499-04, University of Michigan, Ann Arbor, Michigan, USA, October 2004.
[pdf]
[bib]
-
Evan Cooke, Michael D. Bailey, Z. Morley Mao, David Watson, Farnam Jahanian, and Danny McPherson. Toward Understanding Distributed Blackhole Placement. In Proceedings of the 2nd Workshop on Rapid Malcode (WORM '04), pages 54-64, Washington, District of Columbia, USA, October 2004.
[pdf]
[bib]
-
Michael D. Bailey, Farnam Jahanian, G. Robert Malan, Jose Nazario, Dug Song, and Robert Stone. Measuring, Characterizing, and Tracking Internet Threat Dynamics. In Proceedings of the OpenSig 2003 Workshop (OpenSig '03), New York, New York, USA, October 2003.
[pdf]
[bib]
-
Craig Labovitz, Abha Ahuja, and Michael D. Bailey. Shining light on dark address space. Technical Report TR-2001-01, Arbor Netwoks, Ann Arbor, Michigan, USA, November 2001.
[pdf]
[bib]
Contact Information:
Email:
mibailey AT eecs DOT umich DOT edu
U.S. Mail Address:
4611 CSE
University of Michigan
2260 Hayward Street
Ann Arbor, MI 48109-2121
Voice:
Phone: (734) 647-8086
Fax: (734) 763-8094
Authentication:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP 8.1
mQGiBEDTNKIRBADjKzQPeFtY6jXt7IsO2LoYxw2BnfuF1HVixyX0uQTMYJKgMz9P
JSSjwBAT+S1Ksy/4Fdp7URKxZ4AJ+bfrCMhZBteB5937yuVDBivua4K9N9x7J8qg
njR9SobbeUp/QPTaH017Cr3qvEHMK92Eh5/UzJaZZkOvelFxcAgz6n0t0QCg/7Bm
NecxWjd/Vw3sWeuV206fQEMD+gJ+IpJPq0zrAYxM6QJFjjg3BJYfaRm15N6fS1Nd
Fa7e6MNVSpJggIgh0yeCNh7ahzFDpnHlAcc1dSbQCLKcM/vzZa3ZFeWpVejgz+lK
HMFf46KCJCv5FArEQA/jt85YBXq9imtCc3oyegos2nQPFJQ9E6dtrfjqpLwh6+lm
br9YBACUOsurxZOuwyYWFpbkd5SnSoTokFpBWOkKGm2/BhHDk/mWNB918Fe8IqDm
d+YDIkyD+PGm6S1QCAUn8o5PqzUcQK8M++FCnGZlVPdxR4s5ExhvAOGYFUvn3utB
GtZWoZV7kYg52osrLu5NMG0nYhXrh7u0Chavu05dv0YaO28uhrQoTWljaGFlbCBC
YWlsZXkgPG1pYmFpbGV5QGVlY3MudW1pY2guZWR1PokAXQQQEQIAHQUCQNM0ogcL
CQgHAwIKAhkBBRsDAAAABR4BAAAAAAoJEGyePTSSVZGUpFMAoNJgg8fOiTgmXK/O
ll3N3nSQQnYnAKCX+p06Kj8XBLD05Ff9bYTqtK/FAbkCDQRA0zSiEAgA9kJXtwh/
CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4
DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/
Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUd
D3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGx
KUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkm
uquiXsNV6TILOwACAggAvM4tbDpxqmVLbUfAH1EWvAljPYrrZHNtGKlfeKVpcTCu
7QiH/NiuBGzwTMG5SyEJsruPR9+dfQZQU6RDofeFmuxlJoRMid5Y9WJ0U81eal/g
xsxm/6Nn5KHmEyn3u3HfeYbFEVZljfpNidJ2uXFEA3OgbToif9DlPOpD3/y4iUPz
tbknKMf5/At6tXH3k2u5X64L2H0Rl+/nAU17z3Q2RcCueNyuOM55XW7Y34dXvwKE
QX3OsXA1j2Wqxw9hS7d1ANhN7xGX63VuCmYWgzl82GGCQ6MRkLI1kn3oNEm46xDT
cnKwvbB3ayCc6Xq7bWtxigMxQL2liiQFiVQrS2PzJIkATAQYEQIADAUCQNM0ogUb
DAAAAAAKCRBsnj00klWRlOkyAJ0QNpqriB3obS61XiM3u9Cop9rHQQCeNdJUhQeF
zY+6KvNb3dGi1QFV8pk=
=CI6o
-----END PGP PUBLIC KEY BLOCK-----
-Mike
