Publications

____________________________________________________

Refereed Journal Publications

  • K. Saur, J. Grizzard, "Locating x86 paging structures in memory images," in Journal of Digital Investigation, 2010, pp. 28-37, vol. 7, no. 1-2.
    [ pdf ] [ bibtex ] [ presentation ]
  • J. Levine, J. Grizzard, and H.Owen, "Detecting and categorizing kernel-level rootkits to aid future detection," in IEEE Security & Privacy, January/ February 2006, pp. 24-32, vol. 4, no. 1. (featured article)
    [ pdf ] [ bibtex ]
  • G. Conti, K. Abdullah, J. Grizzard, J. Stasko, J. Copeland, M. Ahamad, and C. Lee,, "Countering security analyst and network administrator overload through alert and packet visualization," in IEEE Computer Graphics & Applications, March/April 2006, pp. 60-70, vol. 26, no. 2.
    [ pdf ] [ bibtex ]
  • R. Abler, D. Contis, J. Grizzard, and H. Owen, "Georgia Tech information security center "hands on" network security laboratory," in IEEE Transactions on Education, vol. 49, no. 1, February 2006, pp. 82-87.
    [ pdf ] [ bibtex ]
  • S. Krasser, J. Grizzard, H. Owen, and J. Levine, "The use of honeynets to increase computer network security and user awareness," Journal of Security Education, Vol. 1, No. 2/3, pp. 23-37, 2005.
    [ pdf ] [ bibtex ]
  • J. Levine, J. Grizzard, and H. Owen, "Using honeynets to protect large enterprise networks," IEEE Security & Privacy Magazine, Vol. 2, No. 6, 2004.
    [ pdf ] [ bibtex ]

Refereed Conference Publications

  • L. Burns, J. Pendergrass, and J. Grizzard, "KAFÉ: kernel analysis front-end for software assurance," HICSS, January 2011.
    [ pdf ] [ bibtex ]
  • J. Grizzard, V. Sharma, C. Nunnery, B. Kang, and D. Dagon, "Peer-to-peer botnets: overview and case study," HotBots '07, April 2007.
    [ pdf ] [ bibtex ]
  • J. Grizzard, H. Owen, "On a µ-kernel based system architecture enabling recovery from rootkits," in Proceedings of first IEEE International Workshop on Critical Infrastructure Protection, Darmstadt, Germany, pp. 13-21, November 2005.
    [ pdf ] [ bibtex ]
  • G. Conti, J. Grizzard, M. Ahamad, and H. Owen, "Visual exploration of malicious binary objects using semantic zoom, interactive encoding and dynamic queries," accepted VizSEC 2005.
    [ pdf ] [ bibtex ]
  • J. Grizzard, C. Simpson, Jr., S. Krasser, H. Owen, and G. Riley, "Flow based observations from NETI@home and honeynet data," in Proceedings from the sixth IEEE Systems, Man and Cybernetics Information Assurance Workshop, pp. 244-251, June 2005.
    [ pdf ] [ bibtex ]
  • S. Krasser, G. Conti, J. Grizzard, J. Gribschaw, and H. Owen, "Real-time and forensic network data analysis using animated and coordinated visualization," in Proceedings from the sixth IEEE Systems, Man and Cybernetics Information Assurance Workshop, pp. 42-49, June 2005.
    [ pdf ] [ bibtex ]
  • J. Grizzard, J. Levine, and H. Owen, "Re-establishing trust in compromised systems: recovering from rootkits that Trojan the system call table," in Proceedings of 9th European Symposium on Research in Computer Security, Sophia Antipolis, France, pp. 369-384, September 2004.
    [ pdf ] [ bibtex ]
  • D. Dagon, X. Qin, G. Gu, W. Lee, J. Grizzard, J. Levine, and H. Owen, "Honeystat: local worm detection using honeypots," in 7th International Symposium on Recent Advances in Intrusion Detection, Sophia Antipolis, France, September 2004.
    [ pdf ] [ bibtex ]
  • J. Grizzard, S. Krasser, H. Owen, E. Dodson, and G. Conti, "Towards an approach for automatically repairing compromised network systems," in Proceedings of 3rd IEEE International Symposium on Network Computing and Applications, Cambridge, Massachusetts, USA, pp. 389-392, August 2004.
    [ pdf ] [ bibtex ]
  • T. Jackson, J. Levine, J. Grizzard, and H. Owen, "An investigation of a compromised host on a honeynet being used to increase the security of a large enterprise network," in Proceedings from the fifth IEEE Systems, Man and Cybernetics Information Assurance Workshop, pp. 9-14, June 2004.
    [ pdf ] [ bibtex ]
  • J. Levine, J. Grizzard, and H. Owen, "Application of a methodology to characterize rootkits retrieved from honeynets," in Proceedings from the fifth IEEE Systems, Man and Cybernetics Information Assurance Workshop, West Point, NY, pp. 15-21, June 2004.
    [ pdf ] [ bibtex ]
  • J. Grizzard, E. Dodson, G. Conti, J. Levine, and H. Owen, "Towards a trusted immutable kernel extension (TIKE) for self-healing systems: a virtual machine approach," in Proceedings of 5th IEEE Information Assurance Workshop, pp. 444-446, June 2004.
    [ pdf ] [ bibtex ]
  • J. Levine, J. Grizzard, and H. Owen, "A methodology to detect and characterize kernel level rootkit exploits involving redirection of the system call table," in Proceedings of the second IEEE International Information Assurance Workshop, Charlotte, NC, USA, pp. 107-125, April 2004.
    [ pdf ] [ bibtex ]
  • J. Levine, J. Grizzard, P. Hutto, and H. Owen, "A methodology to characterize kernel level rootkit exploits that overwrite the system call table," in Proceedings of IEEE SoutheastCon, Greensboro, NC, USA, pp. 25-31, March 2004.
    [ pdf ] [ bibtex ]