Xinming (Simon) Ou

Assistant Professor
Computing and Information Sciences
Kansas State University
234 Nichols Hall
Manhattan, KS 66506
+1 785 532 7941
xou AT ksu DOT edu

Research interests

Computer and information security, with a focus on applying formal, logic-based techniques in solving real-world security problems.

Education

Tsinghua University B.E. in Computer Science, 1998 (with distinction)
Tsinghua University M.E. in Computer Science, 2000
Princeton University Ph.D. in Computer Science, 2005

Professional appointments

  1. Kansas State University, Manhattan, KS.
    Assistant Professor, August 2006 to present.
  2. Idaho National Laboratory, Idaho Falls, ID.
    Research Associate, May 2006 to August 2006.
  3. Purdue University, West Lafayette, IN.
    Post-doctoral Research Associate, Sept 2005 to May 2006.
  4. HP Labs, Princeton, NJ.
    Research Intern, June 2005 to Sept 2005.
  5. Princeton University, Princeton, NJ.
    Teaching Assistant, Sept 2000 to June 2001;
    Research Assistant, July 2001 to June 2005;
  6. Microsoft Research, Redmond, WA.
    Research Intern, June 2004 to August 2004.
  7. Compaq/HP Systems Research Center (former DEC-SRC), Palo Alto, CA.
    Research Intern, June 2002 to August 2002.
  8. Tsinghua University, Beijing.
    Undergraduate Research Assistant, July 1997 to June 1998;
    Graduate Research Assistant, Sept 1998 to June 2000;

Research grants

  1. Automatic Control-Network Security Management Using Attack Graphs. Department of Energy. $35K, 3/20/2007 - 8/17/2007.
  2. CT-ISG: Model-Based, Automatic Network Security Management. National Science Foundation. $245K, 8/1/2007 -7/31/2009.
  3. REU:CT-ISG: Model-Based, Automatic Network Security Management. National Science Foundation. $6K, 8/1/2007 -7/31/2009.

Publications

  1. SAT-Solving Approaches to Context-Aware Enterprise Network Security Management. John Homer and Xinming Ou, In IEEE JSAC Special Issue on Network Infrastructure Configuration, To appear. Preprint
  2. A Practical Approach to Modeling Uncertainty in Intrusion Analysis. Xinming Ou, Raj Rajagopalan, and Sakthiyuvaraja Sakthivelmurugan Technical report, Kansas State University, Computing and Information Sciences Department. November 2008.
  3. Identifying Critical Attack Assets in Dependency Attack Graphs. Reginald Sawilla and Xinming Ou. In 13th European Symposium on Research in Computer Security (ESORICS 2008), Malaga, Spain, October 2008. The extended version.
  4. Improving Attack Graph Visualization through Data Reduction and Attack Grouping. John Homer, Ashok Varikuti, Xinming Ou, and Miles A. McQueen. In 5th International Workshop on Visualization for Cyber Security (VizSEC 2008), Cambridge, MA, U.S.A., September 2008.
  5. From Attack Graphs to Automated Configuration Management - An Iterative Approach. John Homer, Xinming Ou, and Miles A. McQueen. Technical report, Kansas State University, Computing and Information Sciences Department. January 2008.
  6. Googling attack graphs. Reginald Sawilla and Xinming Ou. Technical report, Defence R & D Canada -- Ottawa TM 2007-205, September 2007.
  7. A scalable approach to attack graph generation. Xinming Ou, Wayne F. Boyer, and Miles A. McQueen. In 13th ACM Conference on Computer and Communications Security (CCS 2006), Alexandria, VA, U.S.A., October 2006.
  8. Authorization Strategies for Virtualized Environments in Grid Computing Systems. Xinming Ou, Anna Squicciarini, Sebastien Goasguen, and Elisa Bertino. In IEEE Workshop on Web Services Security (WSSS), Berkeley, CA, U.S.A., May, 2006.
  9. A logic-programming approach to network security analysis. Xinming Ou. PhD dissertation, Princeton University, 2005.
  10. MulVAL: A logic-based network security analyzer. Xinming Ou, Sudhakar Govindavajhala, and Andrew W. Appel. In 14th USENIX Security Symposium, Baltimore, Maryland, U.S.A., August 2005.
  11. A two-tier technique for supporting quantifiers in a lazily proof-explicating theorem prover. K. Rustan M. Leino, Madan Musuvathi, and Xinming Ou. In 11th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 05), Edinburgh, U.K., April 2005.
  12. Dynamic typing with dependent types. Xinming Ou, Gang Tan, Yitzhak Mandelbaum, and David Walker. In 3rd IFIP International Conference on Theoretical Computer Science (TCS 04) , Toulouse, France, August 2004.
  13. Theorem proving using lazy proof explication. Cormac Flanagan, Rajeev Joshi, Xinming Ou, and James B. Saxe. In 15th Computer-Aided Verification conference (CAV 2003), Boulder, CO, U.S.A., July 2003.
  14. Enforcing resource usage protocols via scoped methods. Gang Tan, Xinming Ou, and David Walker. In 10th International Workshop on Foundations of Object-Oriented Languages (FOOL 10), New Orleans, LA, U.S.A., January 2003.
The documents contained in these pages are included to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.
Last update: Nov 26, 2008. Best viewed with any browser. check html check css