Wei Ming Khoo

I am a PhD student in the Security Group at the Computer Laboratory, under the supervision of Prof. Ross Anderson. My second supervisor is Prof. Alan Mycroft.

My research interests lie in search-based (software) reverse engineering, binary similarity/difference, malware analysis and software vulnerabilities.

Publications

Wei Ming Khoo, Decompilation as search, Ph.D. Dissertation, University of Cambridge, August 2013

Wei Ming Khoo, Alan Mycroft, Ross Anderson, Rendezvous: A search engine for binary code , 10th Working Conference on Mining Software Repositories (MSR'13), May 2013 slides

Hyoungshick Kim, Wei Ming Khoo, Pietro Lio, Polymorphic attacks against sequence-based software birthmarks , 2nd Software Security and Protection Workshop (SSP'12), June 2012 slides

Wei Ming Khoo, Pietro Lio, Unity in diversity: Phylogenetic-inspired techniques for reverse engineering and detection of malware families, 1st SysSec Workshop, July 2011 slides

Talks

Rendezvous: A search engine for binary code, 27th CREST Open Workshop on Malware, May 2013. Video (240p) Video (360p)

Measuring the attack surface of LibreOffice, 1st LibreOffice Conference (lightning talk), October 2011.

Do you Skyhoo? (summarises interesting characteristics of an IM botnet we named "Skyhoo" (Skype + Yahoo) ), Security group meeting, Cambridge, November 2010.

Tools

A search engine for binary code, rendezvousalpha.com

Taintgrind, a Valgrind taint analysis tool.

Chronicler, a Pin execution capture tool.

An OpenOffice fuzzer and an OpenOffice test suite

Contact Information

wei-ming.khoo [AT] cl [DOT] cam [DOT] ac [DOT] uk