Mike Hicks

Professor
3417 A.V. Williams Building
(301) 405-2710
Education: 
Ph.D. University of Pensylvania (Computer and Information Science)
Special Awards/Honors: 
National Science Foundation (NSF) Career Award, ACM SIGPLAN Doctoral Dissertation Award in 2001
Biography: 

Michael W. Hicks is a professor in the Department of Computer Science with joint appointments in UMIACS and the Maryland Cybersecurity Center.

His research focuses on using programming languages and analyses to improve the security, reliability, and availability of software. Noteworthy among his research accomplishments is the development of analysis and compilation tools for enabling software to be safely updated without shutting it down. He has explored the design of new programming languages and analysis tools for automatically discovering or remediating software flaws and security vulnerabilities. Hicks has also conducted studies on the utility of defect detection tools according on outcomes of human users, and explored distributed systems design and evaluation, particularly when adaptivity and security are system goals.

During his career, Hicks has published more than 80 refereed conference and journal papers, many in highly selective venues. He won the ACM SIGPLAN Doctoral Dissertation Award in 2001, a National Science Foundation (NSF) CAREER Award in 2003, and has won the Department of Computer Science's Faculty Teaching Award three times. Hicks served as program chair for the 2012 ACM Symposium on the Principles of Programming Languages, the premier venue for theoretical contributions to programming languages.

He received a doctorate in computer and information science from the University of Pennsylvania in 2001, and then spent one year as a postdoctoral associate affiliated with the Information Assurance Institute of the Computer Science Department at Cornell University. During the 2008 academic year, he spent his sabbatical in Cambridge, England visiting Microsoft Research and the University of Cambridge Computer Laboratory.

Publications

2011


Hayden CM, Smith EK, Hicks MW, Foster JS.  2011.  State transfer for clear and efficient runtime updates. 2011 IEEE 27th International Conference on Data Engineering Workshops (ICDEW).
:179-184.

An J-hoon(D), Chaudhuri A, Foster JS, Hicks MW.  2011.  Dynamic inference of static types for ruby. Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages.
:459-472.

Swamy N, Guts N, Leijen D, Hicks MW.  2011.  Lightweight monadic programming in ML. Proceedings of the 16th ACM SIGPLAN international conference on Functional programming.
:15-27.

Pratikakis P, Foster JS, Hicks MW.  2011.  LOCKSMITH: Practical static race detection for C. ACM Trans. Program. Lang. Syst.. 33(1):3:1–3:55-3:1–3:55.

Hayden C, Smith E, Hardisty E, Hicks MW, Foster JS.  2011.  Evaluating Dynamic Software Update Safety Using Systematic Testing. IEEE Transactions on Software Engineering. PP(99):1-1.

Hicks MW, Nettles S, Seong-Kyu S, Shannon S.  2011.  Evolution in Action: Using Active Networking to Evolve Network Support for Mobility. IFIP Lecture Notes in Computer Science (LNCS). 2546(2546):146-161.

Turpie J, Reisner E, Foster JS, Hicks MW.  2011.  MultiOtter: Multiprocess Symbolic Execution. Technical Reports of the Computer Science Department.

Ma K-K, Yit Phang K, Foster JS, Hicks MW.  2011.  Directed Symbolic Execution. Static AnalysisStatic Analysis. 6887:95-111.

Mardziel P, Magill S, Hicks MW, Srivatsa M.  2011.  Dynamic Enforcement of Knowledge-Based Security Policies. Computer Security Foundations Symposium (CSF), 2011 IEEE 24th.
:114-128.

2010


Martin J-P, Hicks MW, Costa M, Akritidis P, Castro M.  2010.  Dynamically checking ownership policies in concurrent c/c++ programs. Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages.
:457-470.

Hicks MW, Foster JS.  2010.  Adapting Scrum to Managing a Research Group. Technical Reports of the Computer Science Department.

2009


Hayden CM, Hardisty EA, Hicks MW, Foster JS.  2009.  Efficient systematic testing for dynamically updatable software. Proceedings of the 2nd International Workshop on Hot Topics in Software Upgrades.
:9-9.

Phang KY, Foster JS, Hicks MW, Sazawal V.  2009.  Triaging Checklists: a Substitute for a PhD in Static Analysis. Evaluation and Usability of Programming Languages and Tools (PLATEAU) PLATEAU 2009.

Furr M, An J-hoon(D), Foster JS, Hicks MW.  2009.  Static type inference for Ruby. Proceedings of the 2009 ACM symposium on Applied Computing.
:1859-1866.

Subramanian S, Hicks MW, McKinley KS.  2009.  Dynamic software updates for Java: A VM-centric approach. Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI).

Subramanian S, Hicks MW, McKinley KS.  2009.  Dynamic software updates: a VM-centric approach. Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation.
:1-12.

Furr M, An J-hoon(D), Foster JS, Hicks MW.  2009.  Tests to the left of me, types to the right: how not to get stuck in the middle of a ruby execution. Proceedings for the 1st workshop on Script to Program Evolution.
:14-16.

Furr M, An J-hoon(D), Foster JS, Hicks MW.  2009.  The ruby intermediate language. SIGPLAN Not.. 44(12):89-98.

Corcoran BJ, Swamy N, Hicks MW.  2009.  Cross-tier, label-based security enforcement for web applications. Proceedings of the 35th SIGMOD international conference on Management of data.
:269-282.

Hayden CM, Hardisty EA, Hicks MW, Foster JS.  2009.  Efficient systematic testing for dynamically updatable software. Proceedings of the 2nd International Workshop on Hot Topics in Software Upgrades.
:9:1–9:5-9:1–9:5.

Hayden CM, Hardisty EA, Hicks MW, Foster JS.  2009.  A Testing Based Empirical Study of Dynamic Software Update Safety Restrictions. Technical Reports of the Computer Science Department.

Swamy N, Hicks MW, Bierman GM.  2009.  A theory of typed coercions and its applications. Proceedings of the 14th ACM SIGPLAN international conference on Functional programming.
:329-340.

Khoo Y P, Hicks MW, Foster JS, Sazawal V.  2009.  Directing JavaScript with arrows. Proceedings of the 5th symposium on Dynamic languages.
:49-58.

Papageorge P, McCann J, Hicks MW.  2009.  Passive aggressive measurement with MGRP. SIGCOMM Comput. Commun. Rev.. 39(4):279-290.

2008


Sewell P, Stoyle G, Hicks MW, Bierman G, Wansbrough K.  2008.  Dynamic Rebinding for Marshalling and Update, Via Redex-Time and Destruct-Time Reduction. Journal of Functional Programming. 18(04):437-502.

Khoo Y P, Foster JS, Hicks MW, Sazawal V.  2008.  Path projection for user-centered static analysis tools. Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering.
:57-63.

Pratikakis P, Foster JS, Hicks MW, Neamtiu I.  2008.  Formalizing Soundness of Contextual Effects. Theorem Proving in Higher Order LogicsTheorem Proving in Higher Order Logics. 5170:262-277.

King D, Hicks B, Hicks MW, Jaeger T.  2008.  Implicit Flows: Can’t Live with ‘Em, Can’t Live without ‘Em. Information Systems SecurityInformation Systems Security. 5352:56-70.

Neamtiu I, Hicks MW, Foster JS, Pratikakis P.  2008.  Contextual effects for version-consistent dynamic software updating and safe concurrent programming. Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages.
:37-49.

Srivastava S, Hicks MW, Foster JS, Jenkins P.  2008.  Modular Information Hiding and Type-Safe Linking for C. IEEE Transactions on Software Engineering. 34(3):357-376.

Swamy N, Hicks MW.  2008.  Verified enforcement of automaton-based information release policies. Proceedings of the 2008 Workshop on Programming Languages and Analysis for Security. ACM Press.

Swamy N, Corcoran BJ, Hicks MW.  2008.  Fable: A Language for Enforcing User-defined Security Policies. IEEE Symposium on Security and Privacy, 2008. SP 2008.
:369-383.

2007


Srivastava S, Hicks MW, Foster JS.  2007.  Appendix to CMod: Modular Information Hiding and Type-Safe Linking for C. Technical Reports of the Computer Science Department.

Petroni, Jr. NL, Hicks MW.  2007.  Automated detection of persistent kernel control-flow attacks. Proceedings of the 14th ACM conference on Computer and communications security.
:103-115.

Corcoran BJ, Swamy N, Hicks MW.  2007.  Combining provenance and security policies in a web-based document management system. On-line Proceedings of the Workshop on Principles of Provenance (PrOPr).

Foster JS, Hicks MW, Pugh W.  2007.  Improving software quality with static analysis. Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering.
:83-84.

Hicks MW, Swamy N, Tsang S.  2007.  Toward Specifying and Validating Cross-Domain Policies. Technical Reports from UMIACS.

Jim T, Swamy N, Hicks MW.  2007.  Defeating script injection attacks with browser-enforced embedded policies. Proceedings of the 16th international conference on World Wide Web.
:601-610.

Stoyle G, Hicks MW, Bierman G, Sewell P, Neamtiu I.  2007.  Mutatis Mutandis: Safe and predictable dynamic software updating. ACM Trans. Program. Lang. Syst.. 29(4)

Hicks MW.  2007.  Analyzing information flow. Conference on Programming Language Design and Implementation: Proceedings of the 2007 workshop on Programming languages and analysis for security.

Swamy N, Hicks MW, Tsang S.  2007.  Verified Enforcement of Security Policies for Cross-Domain Information Flows. IEEE Military Communications Conference, 2007. MILCOM 2007.
:1-7.

2006


Pratikakis P, Foster JS, Hicks MW.  2006.  Context-sensitive correlation analysis for detecting races. Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI).
:320-331.

Neamtiu I, Hicks MW, Stoyle G, Oriol M.  2006.  Practical dynamic software updating for C. SIGPLAN Not.. 41(6):72-83.

Swamy N, Hicks MW, Tse S, Zdancewic S.  2006.  Managing policy updates in security-typed languages. 19th IEEE Computer Security Foundations Workshop, 2006.
:13pp.-216-13pp.-216.

Hicks B, King D, McDaniel P, Hicks MW.  2006.  Trusted declassification:: high-level policy for a security-typed language. Proceedings of the 2006 workshop on Programming languages and analysis for security.
:65-74.

Swamy N, Hicks MW, Morrisett G, Grossman D, Jim T.  2006.  Safe manual memory management in Cyclone. Science of Computer Programming. 62(2):122-144.

Pratikakis P, Foster JS, Hicks MW.  2006.  Existential Label Flow Inference Via CFL Reachability. Static AnalysisStatic Analysis. 4134:88-106.

2005


Oriol M, Hicks MW.  2005.  Tagged Sets: A Secure and Transparent Coordination Medium. Coordination Models and LanguagesCoordination Models and Languages. 3454:193-205.

Hicks MW, Nettles S.  2005.  Dynamic software updating. ACM Trans. Program. Lang. Syst.. 27(6):1049-1096.

Hicks MW, Tse S, Hicks B, Zdancewic S.  2005.  Dynamic updating of information-flow policies. Proceedings of the International Workshop on Foundations of Computer Security (FCS).

Papageorgiou P, Hicks MW.  2005.  Merging Network Measurement with Data Transport. Passive and Active Network MeasurementPassive and Active Network Measurement. 3431:368-371.

Grossman D, Hicks MW, Jim T, Morrisett G.  2005.  Cyclone: A type-safe dialect of C. C/C++ Users Journal. 23(1):112-139.

Stoyle G, Hicks MW, Bierman G, Sewell P, Neamtiu I.  2005.  Mutatis mutandis: safe and predictable dynamic software updating. Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages.
:183-194.

Neamtiu I, Foster JS, Hicks MW.  2005.  Understanding source code evolution using abstract syntax tree matching. Proceedings of the 2005 international workshop on Mining software repositories.
:1-5.

Deshpande A, Hicks MW.  2005.  Toward on-line schema evolution for non-stop systems. 11th High Performance Transaction Systems Workshop.

Rose J, Swamy N, Hicks MW.  2005.  Dynamic inference of polymorphic lock types. Science of Computer Programming. 58(3):366-383.

2004


Hicks MW, Morrisett G, Grossman D, Jim T.  2004.  Experience with safe manual memory-management in cyclone. Proceedings of the 4th international symposium on Memory management.
:73-84.

2003


Bierman G, Hicks MW, Sewell P, Stoyle G.  2003.  Formalizing dynamic software updating. Proceedings of the Second International Workshop on Unanticipated Software Evolution (USE).

Bierman G, Hicks MW, Sewell P, Stoyle G, Wansbrough K.  2003.  Dynamic rebinding for marshalling and update, with destruct-time ? Proceedings of the eighth ACM SIGPLAN international conference on Functional programming.
:99-110.

Hicks MW, Keromytis AD, Smith JM.  2003.  A secure PLAN. IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews. 33(3):413-426.

Hicks MW, Morrisett G, Grossman D, Jim T.  2003.  Safe and flexible memory management in Cyclone. Technical Reports from UMIACS.

Hicks MW, Nagarajan A, van Renesse R.  2003.  User-specified adaptive scheduling in a streaming media network. 2003 IEEE Conference on Open Architectures and Network Programming.
:87-96.

2002


Hicks MW, Keromytis AD, Smith JM.  2002.  A secure PLAN (extended version). DARPA Active NEtworks Conference and Exposition, 2002. Proceedings.
:224-237.

Pages