BABAK SALAMAT

Summary

  • Over 15 years of experience with in-depth knowledge of system software, software security, and compilers.

Work and Research Experience

  • Google, Software Engineer, November 2014 - Present
    • Works on the Google cloud and cluster infrastructure.
  • Cisco, Technical Lead, July 2012 - October 2014
    • Worked on security and infrastructure of Cisco InterCloud Fabric. Cisco InterCloud Fabric is a hybrid cloud solution that enables enterprise customers to move their workloads seamlessly to public clouds.
  • Virtuata (Acquired by Cisco), Research Lead and JIT Security Architect, September 2011 - July 2012
    • Invented and implemented a hypervisor-level mechanism to mitigate JIT spraying attacks. The mechanism rewrites JITed code pages without any modifications to the JIT compiler and has been successfully tested with Firefox JavaScript, Adobe Flash, and Oracle Java Hotspot JIT compilers. (Patent Pending)
  • Qualcomm (Bay Area R&D), Staff System Software Engineer, March 2010 - September 2011
    • Built a JavaScript compiler and DOM binding layer of a web browser prototype for smart phones with the aim of improving power consumption and performance.
    • Led a security project to detect malware on smart phones using behavioral analysis. The prototype detected malware with +95% accuracy.
    • (Two pending patents)
  • Yahoo! Search, Senior System Software Engineer, August 2009 - February 2010
    • Improved performance of the searcher nodes' start-up by more than a factor of two using caching and parallelization techniques.
    • Developed an adaptive optimization technique to significantly reduce network bandwidth usage of the search engine back-end.
    • Profiled and analyzed the real-time search engine for performance improvement purposes.
    • Managed release and deployment of a new version of the search engine.
  • VMware, Summer Intern in Monitor Reliability Group (R&D), June 2008 - September 2008
    • Wrote custom static analysis checkers using Coverity products.
    • Added functionality to memory allocation functions to detect heap-based buffer overflows.
  • UC Irvine, PhD Student Researcher, September 2005 - July 2009
    • Developed a Multi-Variant Execution Environment that runs multiple variants of a single application, synchronizes and monitors them at the granularity of system-calls to prevent exploitation of vulnerabilities. (Patent issued)
    • Modified GCC and also LLVM-GCC to generate executables which write stack in the reverse direction. These executables are used as variants in the multi-variant execution environment to prevent exploitation of buffer overflow vulnerabilities.
    • Introduced fast address generation and way caching to reduce dynamic and static energy consumption of L1 data cache.
    • Developed a simulator and evaluated fast address generation and L0 data cache to reduce memory access latency.
    • Developed the middle- and back-end for an optimizing compiler prototype.
  • Fara Rayaneh, Director of the Software Department and Lead Programmer, February 2001 - August 2004
    • Developed a very successful user management and accounting software package with unique features for ISPs and VoIP service providers. More information can be found at: www.easyisp.info/english
  • Fara Rayaneh, Director of the Network Department, May 1999 - February 2001
    • Expanded the internet service capacity of the company to 20 times of its starting point.
  • Co-founded Fara Rayaneh, which later acquired Morva Net, and became one of the largest Iranian Internet Service Providers, Tehran/Iran, May 1999

Education

  • PhD in Computer Science, System Software
    University of California, Irvine, CA
    Sep. 2005 - Jul. 2009

    Dissertation: "Multi-Variant Execution: Run-Time Defense against Malicious Code Injection Attacks"
    GPA 4.0 out of 4.0
  • MSc in Computer Architecture
    Sharif University of Technology, Tehran, Iran
    Sep. 1998 - Jan. 2001

    Dissertation: "Data Consistency Controller for Distributed Shared Memory"
  • BSc in Computer Engineering
    Sharif University of Technology, Tehran, Iran
    Sep. 1994 - Sep. 1998

    Final project: "Design and implementation of an ALU for a Digital Signal Processor (DSP) on FPGA"

Programming Languages

  • C++, C, C#, Java, PHP, Python

Awards and Honors

  • Best paper and project award, Qualcomm QTech Software Forum, 2011
  • UCIrvine School of Information and Computer Sciences (ICS) Dean's Fellowship for three years ($100,000+), 2005
  • University of Victoria Fellowship ($15000), 2004
  • Ranked 1st among 10 M.Sc. Fellows, Computer Architecture, Sharif University of Technology, 1998-2001
  • Ranked 6th among more than 8000 graduates participating in the nationwide M.Sc. program entrance exam, Iran, August 1998
  • Ranked 115th among more than 400,000 students participating in the nationwide undergraduate entrance exam, Iran, August 1994

Patents

  • "Multi-Variant Parallel Program Execution to Detect Malicious Code Injection,"
    Filed by UC Irvine, issued in August 2012
  • Three other pending patents filed by Qualcomm and Cisco

Publications

  • Book Chapter: "Compiler-Generated Software Diversity,"
    T. Jackson, B. Salamat, A. Homescu, K. Manivannan, G. Wagner, A. Gal, S. Brunthaler, Ch. Wimmer, and M. Franz; In
    "Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats,"
    S. Jajodia, A.K. Ghosh, V. Swarup, C. Wang, and X.S. Wang (Editors), Springer, ISBN-10: 1461409764 | ISBN-13: 978-1461409762, August 2011
  • "Run-Time Defense against Code Injection Attacks using Replicated Execution,"
    Babak Salamat, Todd Jackson, Gregor Wagner, Christian Wimmer, Michael Franz.
    IEEE Transactions on Dependable and Secure Computing, Volume 8, No. 4, IEEE Computer Society, July 2011.
  • "On the Effectiveness of Multi-Variant Program Execution for Vulnerability Detection and Prevention,"
    Todd Jackson, Babak Salamat, Gregor Wagner, Christian Wimmer, and Michael Franz. International Workshop on Security Measurements and Metrics (MetriSec 2010), September 2010
  • "Power-Aware Scoreboard Alternatives for Multimedia Processors,"
    Amirali Baniasadi, Babak Salamat, and Kaveh Jokar Deris. Elsevier Journal of Microprocessors and Microsystems (MICPRO), Volume 33, June 2009
  • "Orchestra: Intrusion Detection Using Parallel Execution and Monitoring of Program Variants in User-Space,"
    Babak Salamat, Todd Jackson, Andreas Gal, and Michael Franz. Proceedings of the European Conference in Computer Systems (EuroSys'09), March 2009
  • "Reverse Stack Execution in a Multi-Variant Execution Environment,"
    Babak Salamat, Andreas Gal, and Michael Franz. The 2008 Workshop on Compiler and Architectural Techniques for Application Reliability and Security (CATARS'08) in conjunction with DSN 2008, June 2008
  • "Multi-Variant Program Execution: Using Multi-Core Systems to Defuse Buffer-Overflow Vulnerabilities,"
    Babak Salamat, Andreas Gal, Todd Jackson, Karthikeyan Manivannan, Gregor Wagner, and Michael Franz. Proceedings of the International Conference on Complex, Intelligent and Software Intensive Systems (CISIS'08), March 2008
  • "Stopping Buffer Overflow Attacks at Run-Time: Simultaneous Multi- Variant Program Execution on a Multicore Processor,"
    Babak Salamat, Andreas Gal, Todd Jackson, Karthik Manivannan, Gregor Wagner, Michael Franz. Technical Report No. 07-13, School of Information and Computer Sciences, University of California, Irvine, December 2007
  • "Reverse Stack Execution,"
    Babak Salamat, Andreas Gal, Alexander Yermolovich, Karthik Manivannan and Michael Franz. Technical Report No. 07-07, School of Information and Computer Sciences, University of California, Irvine, August 2007
  • "Fast Speculative Address Generation and Way Caching for Reducing L1 Data Cache Energy,"
    Dan Nicolaescu, Babak Salamat, Alexander Veidenbaum and Mateo Valero. Proceedings of 24th IEEE International Conference on Computer Design (ICCD'06), October 2006
  • "Area-Aware Optimizations for Resource Constrained Branch Predictors Exploited in Embedded Processors,"
    Babak Salamat, Amirali Baniasadi and Kaveh Jokar Deris. Proceedings of the International Conference on Embedded Computer Systems: Architectures, MOdeling, and Simulation (IC-SAMOS), July 2006
  • "Power-Aware Scoreboard for Multimedia Processors,"
    Amirali Baniasadi and Babak Salamat. 7th workshop on Media and Streaming Processors (MSP-7) held in conjunction with MICRO-38, November 2005
  • "Area-Aware Pipeline Gating for Embedded Processors,"
    Babak Salamat and Amirali Baniasadi. International Workshop on Power and Timing Modeling, Optimization and Simulation (PATMOS'05), SEP 2005
  • "Design and implementation of a system for microprocessor laboratory,"
    Ghassem Miremadi, Babak Salamat and Amin Firoozshahian. Proc. of Sharif Univ. of Tech., 1998-1999