Prithvi Bisht

Ph. D. Candidate
Research Assistant
Systems and Internet Security Laboratory
Department of Computer Science
University of Illinois, Chicago
pbisht_remove this part_ @ _remove this part_ cs.uic.edu
Advisor - Professor V.N. Venkatakrishnan

You can find my short CV here.

Research Interests

Code Injection Attacks : SQL Code Injection, Cross Site Scripting
Security Issues in Web Applications and Automated Prevention Techniques
Vulnerability Analysis and Exploit Construction

Publications

XSS-GUARD: Precise Dynamic Prevention of Cross-Site Scripting Attacks [PDF] [PPT] [BIBTEX]
5th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)
Paris, France, July 10-11, 2008. [Acceptance rate: 13 out of 42 submissions, 31%] Springer LNCS link
with V.N. Venkatakrishnan

Analysis of Hypertext Markup Isolation Techniques for XSS Prevention [PDF] [BIBTEX]
In Web 2.0 Security and Privacy Workshop, Oakland, California, May 22, 2008
with Mike Ter Louw and V.N. Venkatakrishnan

CANDID: Preventing SQL Injection Attacks using Dynamic Candidate Evaluations
- ACM Transactions on Information and System Security (TISSEC 2008) [PDF]
  Extended journal version accepted. [Invited submission]
  with P. Madhusudan, and V.N. Venkatakrishnan
- 14th ACM Conference on Computer and Communications Security (CCS) [PDF] [BIBTEX]
  Alexandria, Virginia, November 2007. [Acceptance rate: 55 out of 302 submissions, 18%].
  with Sruthi Bandhakavi, P. Madhusudan, and V.N. Venkatakrishnan

Presentations/Talks

XSS-GUARD: Precise Dynamic Prevention of Cross-Site Scripting Attacks
Paper presentation, 5th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Paris, July 2008
CANDID : Preventing SQL Code Injection Attacks
- Work-in-progress 16th USENIX Security Symposium, Boston, August 2007
- Poster Presentation, 4th Midwest Security Workshop, Chicago, October 2007

Review Activities

Journal of Software - Practice and Experience (SPE), 2008
Recent Advances in Intrusion Detection (RAID) Symposium, 2008
Annual Computer Security Applications Conference (ACSAC), 2008

Degrees

M. Tech. in Computer Science and Engineering, 2002, IIT Kanpur
Advisor - Professor Rajat Moona
B. E. in Computer Science and Engineering, 2000, GBPEC Pauri
Advisor - Professor Man Mohan Singh Rauthan

Professional Experience

Senior Software Engineer, Jul 2003 - Jul 2006
Intel, Bangalore, India
Senior Software Engineer, Mar 2002 - Jul 2003
Novell, Bangalore, India

Teaching Experience

Teaching Assistant, Aug 2006 - Dec 2006, University of Illinois, Chicago, USA
Computer Algorithms - I, Introduction to Computing.
Teaching Assistant, Jul 2000 - Dec 2001, Indian Institute of Technology, Kanpur, India
Introduction to Computing.
Guest Faculty, Jun 2000, Govind Ballabh Pant Engg College, Pauri, India
Analysis and Design of Algorithms.

Thesis/Articles

M. Tech Thesis Generic Disassembler Using Processor Models
Ideas published at www.ip.com

Designing a secure SDK abstract
A greedy algorithm for optimization of queue based systems abstract
Bluetooth based WiFi Access Point management abstract

Miscellaneous

Awards/Grants : Student travel grant for 16th USENIX Security Symposium August 6 - 10, 2007, Boston by USENIX.
A list of attended conferences : here
Courses undertaken : Fall 2006, Spring 2007, Fall 2007 Spring 2008