Mike Hicks
Professor Emeritus
5246 Iribe Center
(301) 405-2710
Research Group(s):
Education:
Ph.D. University of Pensylvania (Computer and Information Science)
Special Awards/Honors:
National Science Foundation (NSF) Career Award, ACM SIGPLAN Doctoral Dissertation Award in 2001
Biography:
Michael Hicks is a professor emeritus of computer science in the University of Maryland Institute for Advanced Computer Studies.
His research focuses on enhancing software security, reliability, and availability through programming languages and analysis tools. Hicks’s work includes developing tools for safe software updates, discovering and fixing flaws and vulnerabilities, and exploring distributed systems with an emphasis on adaptivity and security.
Go here to view Hicks's academic publications on Google Scholar.
Publications
2011
2011. Lightweight monadic programming in ML. Proceedings of the 16th ACM SIGPLAN international conference on Functional programming. :15-27.
2011. LOCKSMITH: Practical static race detection for C. ACM Trans. Program. Lang. Syst.. 33(1):3:1–3:55-3:1–3:55.
2011. Evaluating Dynamic Software Update Safety Using Systematic Testing. IEEE Transactions on Software Engineering. PP(99):1-1.
2011. Evolution in Action: Using Active Networking to Evolve Network Support for Mobility. IFIP Lecture Notes in Computer Science (LNCS). 2546(2546):146-161.
2011. MultiOtter: Multiprocess Symbolic Execution. Technical Reports of the Computer Science Department.
2011. Directed Symbolic Execution. Static AnalysisStatic Analysis. 6887:95-111.
2011. Dynamic Enforcement of Knowledge-Based Security Policies. Computer Security Foundations Symposium (CSF), 2011 IEEE 24th. :114-128.
2011. State transfer for clear and efficient runtime updates. 2011 IEEE 27th International Conference on Data Engineering Workshops (ICDEW). :179-184.
2011. Dynamic inference of static types for ruby. Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages. :459-472.
2010
2010. Dynamically checking ownership policies in concurrent c/c++ programs. Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages. :457-470.
2010. Adapting Scrum to Managing a Research Group. Technical Reports of the Computer Science Department.
2010. SCORE: agile research group management. Commun. ACM. 53(10):30-31.
2010. Serializing C intermediate representations for efficient and portable parsing. Software: Practice and Experience. 40(3):225-238.
2010. Viewpoint Adapting agile software development methodology toward more efficient management of academic research groups.. Communications of the ACM. 53(10):30-30.
2009
2009. The ruby intermediate language. SIGPLAN Not.. 44(12):89-98.
2009. Cross-tier, label-based security enforcement for web applications. Proceedings of the 35th SIGMOD international conference on Management of data. :269-282.
2009. Efficient systematic testing for dynamically updatable software. Proceedings of the 2nd International Workshop on Hot Topics in Software Upgrades. :9:1–9:5-9:1–9:5.
2009. A Testing Based Empirical Study of Dynamic Software Update Safety Restrictions. Technical Reports of the Computer Science Department.
2009. Safe and timely updates to multi-threaded programs. SIGPLAN Not.. 44(6):13-24.
2009. A theory of typed coercions and its applications. Proceedings of the 14th ACM SIGPLAN international conference on Functional programming. :329-340.
2009. Directing JavaScript with arrows. Proceedings of the 5th symposium on Dynamic languages. :49-58.
2009. Passive aggressive measurement with MGRP. SIGCOMM Comput. Commun. Rev.. 39(4):279-290.
2009. Efficient systematic testing for dynamically updatable software. Proceedings of the 2nd International Workshop on Hot Topics in Software Upgrades. :9-9.
2009. Verified enforcement of stateful information release policies. SIGPLAN Not.. 43(12):21-31.
2009. Triaging Checklists: a Substitute for a PhD in Static Analysis. Evaluation and Usability of Programming Languages and Tools (PLATEAU) PLATEAU 2009.
2009. Static type inference for Ruby. Proceedings of the 2009 ACM symposium on Applied Computing. :1859-1866.
2009. Dynamic software updates for Java: A VM-centric approach. Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI).
2009. Dynamic software updates: a VM-centric approach. Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation. :1-12.
2009. Tests to the left of me, types to the right: how not to get stuck in the middle of a ruby execution. Proceedings for the 1st workshop on Script to Program Evolution. :14-16.
2008
2008. Contextual effects for version-consistent dynamic software updating and safe concurrent programming. Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages. :37-49.
2008. Modular Information Hiding and Type-Safe Linking for C. IEEE Transactions on Software Engineering. 34(3):357-376.
2008. Verified enforcement of automaton-based information release policies. Proceedings of the 2008 Workshop on Programming Languages and Analysis for Security. ACM Press.
2008. Fable: A Language for Enforcing User-defined Security Policies. IEEE Symposium on Security and Privacy, 2008. SP 2008. :369-383.
2008. Dynamic Rebinding for Marshalling and Update, Via Redex-Time and Destruct-Time Reduction. Journal of Functional Programming. 18(04):437-502.
2008. Path projection for user-centered static analysis tools. Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering. :57-63.
2008. Formalizing Soundness of Contextual Effects. Theorem Proving in Higher Order LogicsTheorem Proving in Higher Order Logics. 5170:262-277.
2008. Implicit Flows: Can’t Live with ‘Em, Can’t Live without ‘Em. Information Systems SecurityInformation Systems Security. 5352:56-70.
2007
2007. Improving software quality with static analysis. Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering. :83-84.
2007. Toward Specifying and Validating Cross-Domain Policies. Technical Reports from UMIACS.
2007. Defeating script injection attacks with browser-enforced embedded policies. Proceedings of the 16th international conference on World Wide Web. :601-610.
2007. Mutatis Mutandis: Safe and predictable dynamic software updating. ACM Trans. Program. Lang. Syst.. 29(4)
2007. Analyzing information flow. Conference on Programming Language Design and Implementation: Proceedings of the 2007 workshop on Programming languages and analysis for security.
2007. Verified Enforcement of Security Policies for Cross-Domain Information Flows. IEEE Military Communications Conference, 2007. MILCOM 2007. :1-7.
2007. Appendix to CMod: Modular Information Hiding and Type-Safe Linking for C. Technical Reports of the Computer Science Department.
2007. Automated detection of persistent kernel control-flow attacks. Proceedings of the 14th ACM conference on Computer and communications security. :103-115.
2007. Combining provenance and security policies in a web-based document management system. On-line Proceedings of the Workshop on Principles of Provenance (PrOPr).
2006
2006. Context-sensitive correlation analysis for detecting races. Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI). :320-331.
2006. LOCKSMITH: context-sensitive correlation analysis for race detection. SIGPLAN Not.. 41(6):320-331.
2006. Practical dynamic software updating for C. SIGPLAN Not.. 41(6):72-83.
2006. Managing policy updates in security-typed languages. 19th IEEE Computer Security Foundations Workshop, 2006. :13pp.-216-13pp.-216.
2006. Trusted declassification:: high-level policy for a security-typed language. Proceedings of the 2006 workshop on Programming languages and analysis for security. :65-74.
2006. Safe manual memory management in Cyclone. Science of Computer Programming. 62(2):122-144.
2006. Existential Label Flow Inference Via CFL Reachability. Static AnalysisStatic Analysis. 4134:88-106.
2005
2005. Dynamic software updating. ACM Trans. Program. Lang. Syst.. 27(6):1049-1096.
2005. Dynamic updating of information-flow policies. Proceedings of the International Workshop on Foundations of Computer Security (FCS).
2005. Merging Network Measurement with Data Transport. Passive and Active Network MeasurementPassive and Active Network Measurement. 3431:368-371.
2005. Cyclone: A type-safe dialect of C. C/C++ Users Journal. 23(1):112-139.
2005. Mutatis mutandis: safe and predictable dynamic software updating. Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages. :183-194.
2005. Understanding source code evolution using abstract syntax tree matching. Proceedings of the 2005 international workshop on Mining software repositories. :1-5.
2005. Toward on-line schema evolution for non-stop systems. 11th High Performance Transaction Systems Workshop.
2005. Dynamic inference of polymorphic lock types. Science of Computer Programming. 58(3):366-383.
2005. Tagged Sets: A Secure and Transparent Coordination Medium. Coordination Models and LanguagesCoordination Models and Languages. 3454:193-205.
2004
2004. Experience with safe manual memory-management in cyclone. Proceedings of the 4th international symposium on Memory management. :73-84.
2003
2003. A secure PLAN. IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews. 33(3):413-426.
2003. Safe and flexible memory management in Cyclone. Technical Reports from UMIACS.
2003. User-specified adaptive scheduling in a streaming media network. 2003 IEEE Conference on Open Architectures and Network Programming. :87-96.
2003. Formalizing dynamic software updating. Proceedings of the Second International Workshop on Unanticipated Software Evolution (USE).
2003. Dynamic rebinding for marshalling and update, with destruct-time ? Proceedings of the eighth ACM SIGPLAN international conference on Functional programming. :99-110.
2002
2002. A secure PLAN (extended version). DARPA Active NEtworks Conference and Exposition, 2002. Proceedings. :224-237.