Carter Yagemann

Assistant Professor of Computer Science and Engineering at the Ohio State University with interests in automated vulnerability discovery, root cause analysis, exploit prevention, and cyber-physical security.

Articles


Awarded DARPA Young Faculty Award

I'm excited to announce that I've been recently awarded a DARPA Young Faculty Award (YFA) under the mentorship of Dr. Lok Yan. More details are available on the Ohio State College of Engineering website, to summarize: Carter Yagemann, who joined the Department of Computer Science and Engineering in 2022, was …

AI Psychiatry to Appear in USENIX'24

My coauthors and I will be presenting the paper "AI Psychiatry: Forensic Investigation of Deep Learning Networks in Memory Images" at USENIX 2024 in August. Below is a preview of the abstract: Online learning is widely used in production to refine model parameters after initial deployment. This opens several vectors …

CheatFighter to Appear in RAID'23

My coauthors and I will be presenting the paper "Extracting Threat Intelligence From Cheat Binaries For Anti-Cheating" at RAID 2023 in October. Below is a preview of the abstract: Rampant cheating remains a serious concern for game developers who fear losing loyal customers and revenue. While numerous anti-cheating techniques have …

A Practical Beginner's Guide to Intel Processor Trace

Greetings, if you're reading this tutorial, chances are you have some interest in Intel Processor Trace (PT) and how it can improve your debugging or program analysis capabilities, but aren't sure how to get started. This is understandable, given that there aren't many practical tutorials on Intel PT and what …

VulChecker Accepted to USENIX 2023

My coauthors and I will be presenting our work on detecting bugs in source code using machine learning at USENIX Security 2023. Below is a preview of the abstract: In software development, it is critical to detect vulnerabilities in a project as early as possible. Although, deep learning has shown …

PUMM Accepted to USENIX 2023

My coauthors and I will be presenting our work on preventing use-after-free and double free vulnerabilities at USENIX Security 2023. Below is a preview of the abstract: Critical software is written in memory unsafe languages that are vulnerable to use-after-free and double free bugs. This has led to proposals to …

Differentiating ARCUS (USENIX'21) and Bunkerbuster (CCS'21)

I've received several questions recently about two papers I published in 2021, one at USENIX (which I'll refer to here as ARCUS) and another at CCS (which I'll refer to as Bunkerbuster). You can find these papers at the USENIX and CCS conference websites, respectively. The question people have is …


Faculty Position at The Ohio State University

I have accepted an offer to become an Assistant Professor at The Ohio State University, starting in the Fall 2022 semester. I am currently looking to hire 1 Ph.D. student as a full-time graduate research assistant (GRA). If you are an incoming student and you're interested in cutting edge …

Case Study: Security Analysis of Halibut

Over the past year I've been studying memory corruption vulnerabilities in Linux C/C++ programs, culminating in the open sourcing of a framework called ARCUS to find and explain them automatically using a combination of dynamic tracing and symbolic analysis. My work has led to two academic conference publications, one …