Carter Yagemann

Carter Yagemann

Assistant Professor of Computer Science and Engineering at the Ohio State University with interests in automated vulnerability discovery, root cause analysis, exploit prevention, and cyber-physical security.

#security Articles

GoSonar to Appear in IEEE S&P 2025

My coauthors and I will be presenting the paper "GoSonar: Detecting Logical Vulnerabilities in Memory Safe Language Using Inductive Constraint Reasoning" at IEEE S&P 2025 in May. Below is a preview of the abstract: As the global community advocates for the adoption of memory-safe programming languages, a significant research …

Awarded DARPA Young Faculty Award

I'm excited to announce that I've been recently awarded a DARPA Young Faculty Award (YFA) under the mentorship of Dr. Lok Yan. More details are available on the Ohio State College of Engineering website, to summarize: Carter Yagemann, who joined the Department of Computer Science and Engineering in 2022, was …

AI Psychiatry to Appear in USENIX'24

My coauthors and I will be presenting the paper "AI Psychiatry: Forensic Investigation of Deep Learning Networks in Memory Images" at USENIX 2024 in August. Below is a preview of the abstract: Online learning is widely used in production to refine model parameters after initial deployment. This opens several vectors …

CheatFighter to Appear in RAID'23

My coauthors and I will be presenting the paper "Extracting Threat Intelligence From Cheat Binaries For Anti-Cheating" at RAID 2023 in October. Below is a preview of the abstract: Rampant cheating remains a serious concern for game developers who fear losing loyal customers and revenue. While numerous anti-cheating techniques have …

VulChecker Accepted to USENIX 2023

My coauthors and I will be presenting our work on detecting bugs in source code using machine learning at USENIX Security 2023. Below is a preview of the abstract: In software development, it is critical to detect vulnerabilities in a project as early as possible. Although, deep learning has shown …

PUMM Accepted to USENIX 2023

My coauthors and I will be presenting our work on preventing use-after-free and double free vulnerabilities at USENIX Security 2023. Below is a preview of the abstract: Critical software is written in memory unsafe languages that are vulnerable to use-after-free and double free bugs. This has led to proposals to …

Bunkerbuster to Appear in CCS'21

My coauthors and I will be presenting the paper, Automated Bug Hunting With Data-Driven Symbolic Root Cause Analysis, at CCS 2021. Below is a preview of the abstract: The increasing cost of successful cyberattacks has caused a mindset shift, whereby defenders now employ proactive defenses, namely software bug hunting, alongside …

MARSARA to Appear in CCS'21

My coauthors and I will be presenting a paper on "Validating the Integrity of Audit Logs Against Execution Repartitioning Attacks" at CCS 2021. Below is a preview of the abstract: Provenance-based causal analysis of audit logs has proven to be an invaluable method of investigating system intrusions. However, it also …

ARCUS System and Dataset Released

We have released the source code and evaluation dataset for "ARCUS: Symbolic Root Cause Analysis of Exploits in Production Systems," which will be appearing at USENIX Security 2021 in August, 2021. The paper will be ready for publication in about a month.