Chao Zhang

Orcid: 0000-0001-7894-8828

Affiliations:
  • Tsinghua University, Institute for Network Science and Cyberspace, Beijing, China
  • University of California, Berkeley, CA, USA (2013 - 2016)
  • Peking University, Institute of Computer Science, Beijing, China (PhD 2013)


According to our database1, Chao Zhang authored at least 103 papers between 2010 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
KextFuzz: A Practical Fuzzer for macOS Kernel EXTensions on Apple Silicon.
IEEE Trans. Dependable Secur. Comput., 2024

CEBin: A Cost-Effective Framework for Large-Scale Binary Code Similarity Detection.
CoRR, 2024

CLAP: Learning Transferable Binary Code Representations with Natural Language Supervision.
CoRR, 2024

Improving ML-based Binary Function Similarity Detection by Assessing and Deprioritizing Control Flow Graph Features.
Proceedings of the 33rd USENIX Security Symposium, 2024

SDFuzz: Target States Driven Directed Fuzzing.
Proceedings of the 33rd USENIX Security Symposium, 2024

On the Effectiveness of Function-Level Vulnerability Detectors for Inter-Procedural Vulnerabilities.
Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024

2023
Mechanism Study of Symmetric Mechanism-Rolling Bearing Dynamic System Considering the Influence of Temperature Factor.
Symmetry, December, 2023

NSFuzz: Towards Efficient and State-Aware Network Service Fuzzing.
ACM Trans. Softw. Eng. Methodol., November, 2023

NSFuzz: Towards Efficient and State-Aware Network Service Fuzzing - RCR Report.
ACM Trans. Softw. Eng. Methodol., November, 2023

TAICHI: Transform Your Secret Exploits Into Mine From a Victim's Perspective.
IEEE Trans. Dependable Secur. Comput., 2023

Automatic Generation of Adversarial Readable Chinese Texts.
IEEE Trans. Dependable Secur. Comput., 2023

Efficient 3PC for Binary Circuits with Application to Maliciously-Secure DNN Inference.
IACR Cryptol. ePrint Arch., 2023

kTrans: Knowledge-Aware Transformer for Binary Code Embedding.
CoRR, 2023

Understanding Deep Neural Networks via Linear Separability of Hidden Layers.
CoRR, 2023

Tunter: Assessing Exploitability of Vulnerabilities with Taint-Guided Exploitable States Exploration.
Comput. Secur., 2023

DDRace: Finding Concurrency UAF Vulnerabilities in Linux Drivers with Directed Fuzzing.
Proceedings of the 32nd USENIX Security Symposium, 2023

KextFuzz: Fuzzing macOS Kernel EXTensions on Apple Silicon via Exploiting Mitigations.
Proceedings of the 32nd USENIX Security Symposium, 2023

Aegis: Mitigating Targeted Bit-flip Attacks against Deep Neural Networks.
Proceedings of the 32nd USENIX Security Symposium, 2023

AlphaEXP: An Expert System for Identifying Security-Sensitive Kernel Objects.
Proceedings of the 32nd USENIX Security Symposium, 2023

AIFORE: Smart Fuzzing Based on Automatic Input Format Reverse Engineering.
Proceedings of the 32nd USENIX Security Symposium, 2023

Efficient 3PC for Binary Circuits with Application to Maliciously-Secure DNN Inference.
Proceedings of the 32nd USENIX Security Symposium, 2023

Temporal CDN-Convex Lens: A CDN-Assisted Practical Pulsing DDoS Attack.
Proceedings of the 32nd USENIX Security Symposium, 2023

MTSan: A Feasible and Practical Memory Sanitizer for Fuzzing COTS Binaries.
Proceedings of the 32nd USENIX Security Symposium, 2023

Callee: Recovering Call Graphs for Binaries with Transfer and Contrastive Learning.
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023

ODDFuzz: Discovering Java Deserialization Vulnerabilities via Structure-Aware Directed Greybox Fuzzing.
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023

One Simple API Can Cause Hundreds of Bugs An Analysis of Refcounting Bugs in All Modern Linux Kernels.
Proceedings of the 29th Symposium on Operating Systems Principles, 2023

Thunderkaller: Profiling and Improving the Performance of Syzkaller.
Proceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering, 2023

1dFuzz: Reproduce 1-Day Vulnerabilities with Directed Differential Fuzzing.
Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2023

Unmasking Role-Play Attack Strategies in Exploiting Decentralized Finance (DeFi) Systems.
Proceedings of the 2023 Workshop on Decentralized Finance and Security, 2023

MPass: Bypassing Learning-based Static Malware Detectors.
Proceedings of the 60th ACM/IEEE Design Automation Conference, 2023

PTStore: Lightweight Architectural Support for Page Table Isolation.
Proceedings of the 60th ACM/IEEE Design Automation Conference, 2023

Under the Dark: A Systematical Study of Stealthy Mining Pools (Ab)use in the Wild.
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

RaceBench: A Triggerable and Observable Concurrency Bug Benchmark.
Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security, 2023

2022
Path Sensitive Fuzzing for Native Applications.
IEEE Trans. Dependable Secur. Comput., 2022

Preface to Special Issue on System Software Security.
Int. J. Softw. Informatics, 2022

CAMFuzz: Explainable Fuzzing with Local Interpretation.
Cybersecur., 2022

AL-iGAN: An Active Learning Framework for Tunnel Geological Reconstruction Based on TBM Operational Data.
CoRR, 2022

jTrans: Jump-Aware Transformer for Binary Code Similarity.
CoRR, 2022

PACSan: Enforcing Memory Safety Based on ARM PA.
CoRR, 2022

StateFuzz: System Call-Based State-Aware Linux Driver Fuzzing.
Proceedings of the 31st USENIX Security Symposium, 2022

AutoDA: Automated Decision-based Iterative Adversarial Attacks.
Proceedings of the 31st USENIX Security Symposium, 2022

NCScope: hardware-assisted analyzer for native code in Android apps.
Proceedings of the ISSTA '22: 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, Virtual Event, South Korea, July 18, 2022

jTrans: jump-aware transformer for binary code similarity detection.
Proceedings of the ISSTA '22: 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, Virtual Event, South Korea, July 18, 2022

BET: black-box efficient testing for convolutional neural networks.
Proceedings of the ISSTA '22: 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, Virtual Event, South Korea, July 18, 2022

PrIntFuzz: fuzzing Linux drivers via automated virtual device simulation.
Proceedings of the ISSTA '22: 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, Virtual Event, South Korea, July 18, 2022

An Empirical Study on Implicit Constraints in Smart Contract Static Analysis.
Proceedings of the 44th IEEE/ACM International Conference on Software Engineering: Software Engineering in Practice, 2022

RoChBert: Towards Robust BERT Fine-tuning for Chinese.
Proceedings of the Findings of the Association for Computational Linguistics: EMNLP 2022, 2022

PACMem: Enforcing Spatial and Temporal Memory Safety via ARM Pointer Authentication.
Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

Evocatio: Conjuring Bug Capabilities from a Single PoC.
Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

2021
Trade or Trick?: Detecting and Characterizing Scam Tokens on Uniswap Decentralized Exchange.
Proc. ACM Meas. Anal. Comput. Syst., 2021

ESRFuzzer: an enhanced fuzzing framework for physical SOHO router devices to discover multi-Type vulnerabilities.
Cybersecur., 2021

iCallee: Recovering Call Graphs for Binaries.
CoRR, 2021

Demystifying Scam Tokens on Uniswap Decentralized Exchange.
CoRR, 2021

Towards Making Deep Learning-based Vulnerability Detectors Robust.
CoRR, 2021

MAZE: Towards Automated Heap Feng Shui.
Proceedings of the 30th USENIX Security Symposium, 2021

Sharing More and Checking Less: Leveraging Common Input Keywords to Detect Bugs in Embedded Systems.
Proceedings of the 30th USENIX Security Symposium, 2021

VScape: Assessing and Escaping Virtual Call Protections.
Proceedings of the 30th USENIX Security Symposium, 2021

POP and PUSH: Demystifying and Defending against (Mach) Port-oriented Programming.
Proceedings of the 28th Annual Network and Distributed System Security Symposium, 2021

RAProducer: efficiently diagnose and reproduce data race bugs for binaries via trace analysis.
Proceedings of the ISSTA '21: 30th ACM SIGSOFT International Symposium on Software Testing and Analysis, 2021

iDEV: exploring and exploiting semantic deviations in ARM instruction processing.
Proceedings of the ISSTA '21: 30th ACM SIGSOFT International Symposium on Software Testing and Analysis, 2021

Code is the (F)Law: Demystifying and Mitigating Blockchain Inconsistency Attacks Caused by Software Bugs.
Proceedings of the 40th IEEE Conference on Computer Communications, 2021

A Deep Transfer Learning-Based Object Tracking Algorithm for Hyperspectral Video.
Proceedings of the Image and Graphics - 11th International Conference, 2021

ROLoad: Securing Sensitive Operations with Pointee Integrity.
Proceedings of the 58th ACM/IEEE Design Automation Conference, 2021

ZKCPlus: Optimized Fair-exchange Protocol Supporting Practical and Flexible Data Exchange.
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

Igor: Crash Deduplication Through Root-Cause Clustering.
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

ARGUS: Assessing Unpatched Vulnerable Devices on the Internet via Efficient Firmware Recognition.
Proceedings of the ASIA CCS '21: ACM Asia Conference on Computer and Communications Security, 2021

2020
FANS: Fuzzing Android Native System Services via Automated Interface Analysis.
Proceedings of the 29th USENIX Security Symposium, 2020

GREYONE: Data Flow Sensitive Fuzzing.
Proceedings of the 29th USENIX Security Symposium, 2020

DRAMD: Detect Advanced DRAM-based Stealthy Communication Channels with Neural Networks.
Proceedings of the 39th IEEE Conference on Computer Communications, 2020

Argot: Generating Adversarial Readable Chinese Texts.
Proceedings of the Twenty-Ninth International Joint Conference on Artificial Intelligence, 2020

A large-scale empirical study on vulnerability distribution within projects and the lessons learned.
Proceedings of the ICSE '20: 42nd International Conference on Software Engineering, Seoul, South Korea, 27 June, 2020

RIPT - An Efficient Multi-Core Record-Replay System.
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

Finding Cracks in Shields: On the Security of Control Flow Integrity Mechanisms.
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

2019
From proof-of-concept to exploitable.
Cybersecur., 2019

Fractional Sparse Representation Based Classification and Multi-view Extension for Face Recognition.
Aust. J. Intell. Inf. Process. Syst., 2019

ATOS: Adaptive Program Tracing With Online Control Flow Graph Support.
IEEE Access, 2019

MOPT: Optimized Mutation Scheduling for Fuzzers.
Proceedings of the 28th USENIX Security Symposium, 2019

Fuzzing IPC with Knowledge Inference.
Proceedings of the 38th Symposium on Reliable Distributed Systems, 2019

SRFuzzer: an automatic fuzzing framework for physical SOHO router devices to discover multi-type vulnerabilities.
Proceedings of the 35th Annual Computer Security Applications Conference, 2019

2018
Fuzzing: a survey.
Cybersecur., 2018

Abusing CDNs for Fun and Profit: Security Issues in CDNs' Origin Validation.
Proceedings of the 37th IEEE Symposium on Reliable Distributed Systems, 2018

CollAFL: Path Sensitive Fuzzing.
Proceedings of the 2018 IEEE Symposium on Security and Privacy, 2018

αDiff: cross-version binary code similarity detection with DNN.
Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, 2018

ICUFuzzer: Fuzzing ICU Library for Exploitable Bugs in Multiple Software.
Proceedings of the Information Security - 21st International Conference, 2018

Revery: From Proof-of-Concept to Exploitable.
Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018

2017
Accurate and efficient exploit capture and classification.
Sci. China Inf. Sci., 2017

Towards Efficient Heap Overflow Discovery.
Proceedings of the 26th USENIX Security Symposium, 2017

vCFI: Visible Control Flow Integrity for Cloud Tenants.
Proceedings of the 2nd Workshop on System Software for Trusted Execution, SysTEX@SOSP 2017, 2017

2016
VTrust: Regaining Trust on Virtual Calls.
Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016

2015
Improving lookup reliability in Kad.
Peer-to-Peer Netw. Appl., 2015

SF-DRDoS: The store-and-flood distributed reflective denial of service attack.
Comput. Commun., 2015

VTint: Protecting Virtual Function Tables' Integrity.
Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015

Exploiting and Protecting Dynamic Code Generation.
Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015

JITScope: Protecting web users from control-flow hijacking attacks.
Proceedings of the 2015 IEEE Conference on Computer Communications, 2015

2014
The store-and-flood distributed reflective denial of service attack.
Proceedings of the 23rd International Conference on Computer Communication and Networks, 2014

Android low entropy demystified.
Proceedings of the IEEE International Conference on Communications, 2014

POSTER: UAFChecker: Scalable Static Detection of Use-After-Free Vulnerabilities.
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

Splider: A split-based crawler of the BT-DHT network and its applications.
Proceedings of the 11th IEEE Consumer Communications and Networking Conference, 2014

2013
Practical Control Flow Integrity and Randomization for Binary Executables.
Proceedings of the 2013 IEEE Symposium on Security and Privacy, 2013

Protecting function pointers in binary.
Proceedings of the 8th ACM Symposium on Information, Computer and Communications Security, 2013

2012
A Framework to Eliminate Backdoors from Response-Computable Authentication.
Proceedings of the IEEE Symposium on Security and Privacy, 2012

2011
Using type analysis in compiler to mitigate integer-overflow-to-buffer-overflow threat.
J. Comput. Secur., 2011

2010
IntPatch: Automatically Fix Integer-Overflow-to-Buffer-Overflow Vulnerability at Compile-Time.
Proceedings of the Computer Security, 2010


  Loading...