## **Curriculum Vitae**

Jason D. Hiser Department of Computer Science 85 Engineer's Way P.O. Box 400740 Charlottesville, VA 22904-4740

Phone: (434)284-2214 Fax: (434)982-2214

Email: hiser@virginia.edu

http://www.cs.virginia.edu/~jdh8d

### **Education**

Ph.D. (Computer Science) University of Virginia (2005)

M.S. (Computer Science) Michigan Technological University (1999)

B.S. (Computer Science) Michigan Technological University (1997)

# **Employment History**

University of Virginia, Charlottesville, VA

- Senior Scientist, 2012-Present
- Research Scientist, 2008-2012
- Research Associate, 2005-2008
- Research Assistant, 1999-2005
- Teaching Assistant, 1999-2000

Zephyr Software, Charlottesville, VA, Software Consultant 2001-2002, 2012

Wilmer Cutler Pickering Hale and Dorr LLP, Washington, D.C., Expert Consultant, 2008

Michigan Technological University, Houghton, MI

- Research Assistant, 1997-1998
- Teaching Assistant, 1994-1997, 1999

IBM, Rochester, MN, Student Intern, 1998

Superior Software, Brighton, MI, System Programmer, 1995-1996

# **Teaching Experience**

Lab Instructor, 'Intro To Computer Science,' University of Virginia, Fall 1999

Lecturer, 'Introduction to Computer Architecture,' Michigan Technological University, Winter 1998, Spring 1999

## **Professional Activities**

Program Committee, ACM SIGPLAN/SIGBED Conference on Languages, Compilers and Tools for Embedded Systems, 2010.

Reviewer, Computer Languages, Systems and Structures

Reviewer, ACM SIGPLAN Conference on Programming Language Design and Implementation

Reviewer, ACM EMSOFT

Reviewer, ACM International Conference on Compilers, Architectures and Synthesis for Embedded Systems

Reviewer, IEEE International Symposium on Microarchitecture

Reviewer, ACM International Conference on Languages, Compilers, and Tools for Embedded Systems

Reviewer, ACM International Conference on Parallel Architectures and Compilation Techniques

Reviewer, European Network of Excellence on High-Performance Embedded Architecture and Compilation

ACM International Conference on Programming Language Design and Implementation, Student Poster Session, 2004

New Student Mentor, University of Virginia, 2000-2001

### **Awards**

Graduate Research Award, University of Virginia, 2005

Dean's Fellowship Award, University of Virginia, 1999-2001

Best Presentation, 2000 ACM International Conference on Parallel Architectures and Compilation Techniques, Philadelphia, PA

Graduated Summa Cum Laude, Michigan Technological University, 1999

Graduated Summa Cum Laude, Michigan Technological University, 1997

Dean's List, Michigan Technological University, 1993-1999

### **Grants**

Air Force STTR, 2011. \$35,000 subcontract via Zephyr Software, LCC for *Customized Application Security Via Process Virtualization*" (Co-Principle Investigator).

Intelligence Advanced Research Projects Activity (IARPA), 2010. \$3,824,651 subcontract via Grammatech, Inc. for *PEASOUP: Preventing Exploits Against Software Of Untrusted Provenance* (Co-Principle Investigator).

Department of Defense OSD, SBIR, 2010. \$31,538 subcontract via Zephyr Software, LCC for *Lightweight Virtualization to Detect, React, and Adapt to Cyber Attacks*" (Co-Principle Investigator).

National Science Foundation Cyber Trust Program, 2007. \$300,000 for CT-ISG: Secure and Practical Tamper Resistance and Program Obfuscation (Primary grant writer).

## **Advising**

Matthew Hall, Masters Thesis Co-Advisor, 2011-present.

Leandro Machado, Undergraduate Foreign Exchange Project Co-Advisor, 2011-2012.

Sudeep Ghosh, Ph.D. Thesis Co-Advisor, 2010-present.

Weikeng Qin, Masters Thesis Co-Advisor, 2010-2011.

Sudeep Ghosh, Masters Project Co-Advisor, 'Application Security via Process Level Virtualization', 2009-2010.

Kevin C. Chang, Undergraduate Thesis Co-Adviser, 'Computer Vaccination: Protecting Machines Before Infection', 2009.

#### **Publications**

#### Journal Articles

- Baiocchi, J. A., Childers, B. R., Davidson, J. W., Hiser, J. D. 'Enabling DBT in Embedded Systems with Scratchpad Memory,' To appear in *ACM Transactions in Embedded Computing Systems*, accepted December 2011.
- Hiser, J. D., Williams, D. W., Hu, W., Davidson, J. W., Mars, J., Childers, B. R., 'Evaluating Indirect Branch Handling Mechanisms in Software Dynamic Translation Systems,' *ACM Transactions on Architecture and Code Optimization*, June 2011, pp. 9:1–9:28.
- Kulkarni, P., Wankang, Z., Hines, S., Whalley, D., Yuan, X., Hiser, J. D., Davidson, J. W., Cai, B., Bailey, M., Moon, H., Kyunghwan, C., Paek, Y., Jones, D., 'VISTA: VPO Interactive System for Tuning Applications,' ACM Transactions in Embedded Computing Systems, 2005, pp. 819–863.
- Kulkarni, P., Hines, S., Hiser, J. D., Whalley, D., Davidson, J. W., Jones, D., 'Fast and Effective Searches for Effective Optimization Phase Sequences,' ACM Transactions on Architecture and Code Optimization, June 2005, pp. 165–198.

#### • Patent Applications

- Nguyen-Tuong, A., Hiser, J. D., Co, M., Davidson, J. W., Knight, J. C. *Method and System for Securing Applications against Command Injection Attacks*. Patent Pending.
- Hiser, J. D., Davidson, J. W., Nguyen-Tuong, A., Co, M. Method of Fine-Grained Instruction Location Randomization (ILR) and Related System. Patent Pending.
- Davidson, J. D., Hiser, J. D. Protecting Software Via Continuous Anti-Tampering and Obfuscation Transforms. Patent Pending.
- Davidson, J. D., Nguyen-Tuong, A., Rowanhill, J., Evans, D., Knight, J. C., Filipi, A., Hiser, J. D., Hu, W. *Method and System for Software Protection Using Binary Encoding*.

## Refereed Proceedings Publications

- Ghosh, S., Hiser, J. D., Davidson, J., 'Software Protection for Dynamically-Generated Code,' *Second ACM SIGPLAN Program Protection and Reverse Engineering Workshop*, Rome, Italy, January, 2013.
- Goues, C., Nguyen-Tuong, A., Chen, H., Davidson, J. W., Forrest, S., Hiser, J. D., Knight, J. C., Gundy, M., 'Moving Target Defenses in the Helix Self-Regenerative Architecture' in *Moving Target Defense II*, 2013.

Rodes, B., Nguyen-Tuong, A., Hiser, J. D., Knight, J., Davidson, J., Co, M., 'Defense Against Stack-Based Attacks Using Speculative Stack Layout Transformation,' in *Third International Conference on Runtime Verification*, Istanbul, Turkey, September, 2012.

- Hiser, J. D., Nguyen-Tuong, A., Co, M., Hall, M., Davidson, J. D., 'ILR: Where'd My Gadgets Go?' in *IEEE Symposium on Security And Privacy*, San Francisco, CA, May, 2012.
- Ghosh, S., Hiser, J. D., Davidson, J.W., 'Replacement Attacks Against VM-protected Applications' in *Eighth Annual International Conference on Virtual Execution Environments*, London, UK, March, 2012.
- Co, M., Davidson, J. W., Hiser, J. D., Knight, J. C., Nguyen-Tuong, A., Cok, D., Gopan, D., Melski, D., Lee, W., Song, C., Bracewell, T., Hyde, D., Mastropietro, B., 'PEASOUP: Preventing Exploits Against Software Of Uncertain Provenance (Position Paper),' in 7th International Workshop on Software Engineering for Secure Systems, Waikiki, Hawaii, May, 2011.
- Wang, A., Hiser, J.D., Nguyen-Tuong, A., Davidson, J. W., Knight, J. C., 'Component-Oriented Monitoring of Binaries for Security,' in 44th Hawaii International Conference on System Sciences (HICSS), January, 2011.
- Ghosh, S., Hiser, J. D., Davidson, J. W., 'A Secure and Robust Approach to Software Tamper Resistance,' *Information Hiding Conference*, Calgary, Alberta, Canada, June, 2010
- Co, M., Coleman, C. L., Davidson, J. W., Ghosh, S., Hiser, J. D., Knight, J. C., Nguyen-Tuong, A., 'A Lightweight Software Control System for Cyber Awareness and Security,' *International Symposium on Resilient Control Systems*, Idaho Falls, ID, August, 2009.
- Moore, R. W., Baiocchi, J. A., Childers, B. R., Davidson, J. W., and Hiser, J. D. 'Addressing the challenges of DBT for the ARM architecture,' 2009 ACM SIGPLAN/SIGBED Conference on Languages, Compilers, and Tools For Embedded Systems, New York, NY, June 2009, pp. 147–156.
- Hiser, J. W., Coleman, C., Co, M., Davidson, J. W. 'MEDS: The Memory Error Detection System,' International Symposium on Engineering Secure Software and Systems, Leuven, Belgium, February 2009, pp. 164–179.
- Hu, W., Williams, D., Davidson, J. W., Hiser, J. D., Knight, J. C., Nguyen-Tuong, A. 'Security through Diversity: Leveraging Virtual Machine Technology,' *IEEE Security & Privacy: Special Issue on IT Monoculture*, January/February 2009, pp. 26–33.
- Baiocchi, J. A., Childers, B. R., Davidson, J. W., Hiser, J. D. 'Reducing pressure in bounded DBT code caches,' in *Proceedings of the 2008 international Conference on Compilers, Architectures and Synthesis For Embedded Systems*, Atlanta, GA, October 2008, pp. 109–118.
- Baiocchi, J., Childers, B. R., Davidson, J. W., Hiser, J. D., Misurda, J. 'Fragment Cache Management for Dynamic Binary Translators in Embedded Systems with Scratchpad,' in *Proceedings of the International Conference on Compilers, Architecture and Synthesis for Embedded Systems*, October 2007, pp. 75–84.
- Hiser, J. D., Williams, D., Mars, J., Hu, W., Childers, B. R., Davidson, J. W. 'Evaluating Indirect Branch Handling Mechanisms in Software Dynamic Translation Systems,' in 2007 International Symposium on Code Generation and Optimization, San Jose, California, March 2007, pp. 61-73.
- Hiser, J. D., Davidson, J. W., Whalley, D. B. 'Fast, Accurate Design Space Exploration of Embedded Systems Memory Configurations,' in 22nd ACM Symposium on Applied Computing, Seoul, Korea, March 2007, pp. 699-706.
- Cox, B., Evans, D., Filipi, A., Rowanhill, J., Hu, W., Davidson, J. W., Knight, J., Nguyen-Tuong, A., Hiser, J. D. 'N-Variant Systems A Secretless Framework for Security through Diversity,' in *Proceedings of the 15th USENIX Security Symposium*, Vancouver, B. C., Canada, August 2006, pp. 105–120.
- Hiser, J. D., Williams, D., Filipi, A., Davidson, J. W., Childers, B. 'Evaluating Fragment Construction Policies for SDT Systems,' in *Second International Conference on Virtual Execution Environments*, Ottawa, Canada, June 2006, pp. 122–132.

Hu, W., Hiser, J. D., Williams, D., Filipi, A., Davidson, J. W., Evans, W., Knight, J., Nguyen-Tuong, A., Rowanhill, J., 'Secure and Practical Defense Against Code-injection Attacks Using Software Dynamic Translation,' in *Second International Conference on Virtual Execution Environments*, Ottawa, Canada, June 2006, pp. 2–12.

- Kleffner, M., Jones, D., Hiser, J. D., Kulkarni, P., Parent, J., Hines, S., Whalley, D., Davidson, J. W., Gallivan, K., 'On the Use of Compilers in DSP Laboratory Instruction,' in *International Conference on Acoustics, Speech, and Signal Processing*, Toulouse, France, May 2006, pp. 977–980.
- Kulkarni, P., Hines, S., Hiser, J. D., Whalley, D., Davidson, J. W., Jones, D., 'Fast Searches for Effective Optimization Phase Sequences,' in *Proceedings of the ACM SIGPLAN 2004 Conference on Programming Language Design and Implementation*, Washington DC, June 2004, pp. 171-182.
- Hiser, J. D., Davidson, J. W., 'EMBARC: An Efficient Memory Bank Assignment Algorithm for Retargetable Compilers,' in *Proceedings of Conference on Languages, Compilers, and Tools for Embedded Systems*, Washington, DC, June 2004, pp. 182–191.
- Lee, S., Lee, J., Min, S. L., Hiser, J. D., Davidson, J. W., 'Code Generation for a Dual Instruction Set Processor Based on Selective Code Transformation,' in *Proceedings of the 7th International Workshop on Software and Compilers for Embedded Systems*, Vienna, Austria, September 2003, pp. 33–48.
- Zhao, W., Cai, B., Whalley, D., Bailey, M. W., Engelen, R., Yuan, X., Hiser, J. D., Davidson, J. W., Gallivan, K., Jones, D. L., 'VISTA: A System for Interactive Code Improvement,' in *Proceedings of the Joint Conference on Languages, Compilers and Tools for Embedded Systems*, Berlin, Germany, June 2002, pp. 155–164.
- Hiser, J. D., Carr, S., Sweany, P., 'Global Register Partitioning,' in *Proceedings of International Conference on Parallel Architectures and Compilation Techniques*, Philadelphia, Pennsylvania, October 2000, pp. 13–23.
- Hiser, J. D., Carr, S., Sweany, P., Beaty, S.J., 'Register Assignment for Software Pipelining with Partitioned Register Banks,' in *Proceedings of 14th International Parallel and Distributed Processing Symposium*, Cancun, Mexico, May 2000, pp. 211–217.

#### • Unrefereed Publications

- Williams, D., Hiser, J., Davidson, J. 'Using Program Metadata to Support SDT in Object-Oriented Applications,' in Fourth Annual Workshop on the Implementation, Compilation, Optimization of Object-Oriented Languages, Programs and Systems, Genova, Italy, July 2009.
- Guha, A., Hiser, J., Kumar, N., Yang, J., Zhao, M., Zhou, S., Childers, B. R., Davidson, J. W., Hazelwood, K., Soffa, M. L. 'Virtual Execution Environments: Support and Tools,' in *NSF Next Generation Software Program Workshop*, Long Beach, California, March 2007.
- Hiser, J., Kumar, N., Zhao, M., Zhou, S., Childers, B. R., Davidson, J. W., Soffa, M. L., 'Techniques and Tools for Dynamic Optimization', in *NSF Next Generation Software Program Workshop*, April 2006.
- Hiser, J. D. 'Effective Algorithms for Partitioned Memory Hierarchies in Embedded Systems,' Ph.D. Dissertation, University of Virginia, May 2005.
- Hiser, J. D. 'Register Bank Assignment for Partitioned Register File Machines,' Master's Thesis, Michigan Technological University, 1999.
- Hiser, J. D., Sweany, P., Carr, S., Beaty, S. 'Register Assignment for Software Pipelining with Partitioned Register Banks,' Michigan Technological University, 1999, Technical Report CS-TR 99-2 'http://cs.mtu.edu/html/trs.html.'
- Hiser, J. D., Sweany, P., Carr, S., Beaty, S. 'Register Assignment for Architectures with Partitioned Register Banks,' Michigan Technological University, 1999, Technical Report CS-TR 99-1 'http://cs.mtu.edu/html/trs.html.'