Current Research

I am currently involved in DARPA's Transparent Computing Program as part of the MARPLE team, consisting of IBM Research, UIC, Stony Brook University, and Northwestern University. The goal of the program is to advance the state of the art in the detection and prevention of Advanced Persistent Threats (APTs).
I am also involved in research in Compiler Security in the context of Self-certifying Compilation, a collaboration between UIC and Bell Labs. The goal of this project is that of improving the state of the art in formal verification of compilers.
I am also a Co-PI in EDU: CySec: A Cybersecurity Collectable Card Game for Children. The goal of this project is that of creating a card games to teach security concepts to children in middle school. This project is a collaboration between the CS Department, the Department of Educational Psychology.

Publications

[1]	Md Nahid Hossain, Sadegh M. Milajerdi, Junao Wang, Birhanu Eshete, Rigel Gjomemo, R. Sekar, Scott Stoller, and V. N. Venkatakrishnan. SLEUTH: real-time attack scenario reconstruction from COTS audit data. In 26th USENIX Security Symposium, USENIX Security 2017, pages 487-504, 2017. [ bib ]
[2]	Abeer Alhuzali, Birhanu Eshete, Rigel Gjomemo, and V. N. Venkatakrishnan. Chainsaw: Chained automated workflow-based exploit generation. In ACM SIGSAC Conference on Computer and Communications Security (CCS 2016), pages 641-652, 2016. [ bib ]
[3]	Rigel Gjomemo, Phu H. Phung, Edmund Ballou, Kedar S. Namjoshi, V. N. Venkatakrishnan, and Lenore D. Zuck. Leveraging static analysis tools for improving usability of memory error sanitization compilers. In International Conference on Software Quality, Reliability and Security, (QRS 2016), pages 323-334, 2016. [ bib ]
[4]	Birhanu Eshete, Rigel Gjomemo, Md Nahid Hossain, Sadegh Momeni, R. Sekar, Scott Stoller, V. N. Venkatakrishnan, and Junao Wang. Attack analysis results for adversarial engagement 1 of the DARPA transparent computing program. CoRR, abs/1610.06936, 2016. [ bib \| arXiv \| http ]
[5]	Daniele Gallingani, Rigel Gjomemo, V. N. Venkatakrishnan, and Stefano Zanero. Practical exploit generation for intent message vulnerabilities in android. In ACM Conference on Data and Application Security and Privacy, (CODASPY 2015), pages 155-157, 2015. [ bib ]
[6]	Rigel Gjomemo, Kedar S. Namjoshi, Phu H. Phung, V. N. Venkatakrishnan, and Lenore D. Zuck. From verification to optimizations. In Verification, Model Checking, and Abstract Interpretation (VMCAI 2015), pages 300-317, 2015. [ bib ]
[7]	Rigel Gjomemo, Hafiz Malik, Nilesh Sumb, V. N. Venkatakrishnan, and Rashid Ansari. Digital check forgery attacks on client check truncation systems. In Financial Cryptography and Data Security (FC 2014), pages 3-20, 2014. [ bib ]
[8]	Rigel Gjomemo and Isabel F. Cruz. Location-based access control using semantic web technologies. In Geospatial Semantics and the Semantic Web - Foundations, Algorithms, and Applications, pages 119-144, 2011. [ bib \| DOI \| http ]
[9]	Isabel F. Cruz, Rigel Gjomemo, and Greg Jarzab. An interoperation framework for secure collaboration among organizations. In ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS, (SPRINGL 2010), pages 4-11, 2010. [ bib \| DOI \| http ]
[10]	Isabel F. Cruz, Rigel Gjomemo, Benjamin Lin, and Mirko Orsini. A constraint and attribute based security framework for dynamic role assignment in collaborative environments. In Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2008), pages 322-339, 2008. [ bib ]
[11]	Isabel F. Cruz, Rigel Gjomemo, Benjamin Lin, and Mirko Orsini. A location aware role and attribute based access control system. In ACM SIGSPATIAL International Symposium on Advances in Geographic Information Systems (ACM-GIS 2008), page 84, 2008. [ bib ]
[12]	Isabel F. Cruz, Rigel Gjomemo, and Mirko Orsini. A secure mediator for integrating multiple level access control policies. In Knowledge-Based Intelligent Information and Engineering Systems (KES 2008), pages 354-362, 2008. [ bib ]
[13]	Daniele Gallingani, Rigel Gjomemo, V.N. Venkatakrishnan, and Stefano Zanero. Static detection and automatic exploitation of intent message vulnerabilities in android applications. In MOBILE SECURITY TECHNOLOGIES (MOST 2015), 2015. [ bib ]