Heng Yin

Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024

2023

SeqTrans: Automatic Vulnerability Fix Via Sequence to Sequence Learning.

[BibT_eX]

[DOI]

IEEE Trans. Software Eng., February, 2023

Augmenting Greybox Fuzzing with Generative AI.

[BibT_eX]

[DOI]

Jie Hu

Qian Zhang

CoRR, 2023

R-Fuzz at SBFT'2023.

[BibT_eX]

[DOI]

Ju Chen

Chengyu Song

Proceedings of the IEEE/ACM International Workshop on Search-Based and Fuzz Testing, 2023

2022

Codee: A Tensor Embedding Scheme for Binary Code Search.

[BibT_eX]

[DOI]

IEEE Trans. Software Eng., 2022

Probabilistic Path Prioritization for Hybrid Fuzzing.

[BibT_eX]

[DOI]

IEEE Trans. Dependable Secur. Comput., 2022

DeepDi: Learning a Relational Graph Convolutional Network Model on Instructions for Fast and Accurate Disassembly.

[BibT_eX]

[DOI]

Proceedings of the 31st USENIX Security Symposium, 2022

SYMSAN: Time and Space Efficient Concolic Execution via Dynamic Data-flow Analysis.

[BibT_eX]

[DOI]

Proceedings of the 31st USENIX Security Symposium, 2022

JIGSAW: Efficient and Scalable Path Constraints Fuzzing.

[BibT_eX]

[DOI]

Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022

LogicMEM: Automatic Profile Generation for Binary-Only Memory Forensics via Logic Inference.

[BibT_eX]

[DOI]

Zhenxiao Qi

Proceedings of the 29th Annual Network and Distributed System Security Symposium, 2022

SymFusion: Hybrid Instrumentation for Concolic Execution.

[BibT_eX]

[DOI]

Emilio Coppa

Camil Demetrescu

Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering, 2022

MAB-Malware: A Reinforcement Learning Framework for Blackbox Generation of Adversarial Malware.

[BibT_eX]

[DOI]

Proceedings of the ASIA CCS '22: ACM Asia Conference on Computer and Communications Security, Nagasaki, Japan, 30 May 2022, 2022

Alphuzz: Monte Carlo Search on Seed-Mutation Tree for Coverage-Guided Fuzzing.

[BibT_eX]

[DOI]

Proceedings of the Annual Computer Security Applications Conference, 2022

2021

Leveraging developer information for efficient effort-aware bug prediction.

[BibT_eX]

[DOI]

Jianlei Chi

Inf. Softw. Technol., 2021

Evaluating network embedding techniques' performances in software bug prediction.

[BibT_eX]

[DOI]

Empir. Softw. Eng., 2021

PalmTree: Learning an Assembly Language Model for Instruction Embedding.

[BibT_eX]

[DOI]

Xuezixiang Li

Qu Yu

CoRR, 2021

Android SmartTVs Vulnerability Discovery via Log-Guided Fuzzing.

[BibT_eX]

[DOI]

Proceedings of the 30th USENIX Security Symposium, 2021

Reinforcement Learning-based Hierarchical Seed Scheduling for Greybox Fuzzing.

[BibT_eX]

[DOI]

Jinghan Wang

Chengyu Song

Proceedings of the 28th Annual Network and Distributed System Security Symposium, 2021

SpecTaint: Speculative Taint Analysis for Discovering Spectre Gadgets.

[BibT_eX]

[DOI]

Proceedings of the 28th Annual Network and Distributed System Security Symposium, 2021

PalmTree: Learning an Assembly Language Model for Instruction Embedding.

[BibT_eX]

[DOI]

Xuezixiang Li

Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

2020

Automatic Generation of Adversarial Examples for Interpreting Malware Classifiers.

[BibT_eX]

[DOI]

CoRR, 2020

AOMDroid: Detecting Obfuscation Variants of Android Malware Using Transfer Learning.

[BibT_eX]

[DOI]

Proceedings of the Security and Privacy in Communication Networks, 2020

Parallel Space Traveling: A Security Analysis of App-Level Virtualization in Android.

[BibT_eX]

[DOI]

Proceedings of the 25th ACM Symposium on Access Control Models and Technologies, 2020

DeepBinDiff: Learning Program-Wide Code Representations for Binary Diffing.

[BibT_eX]

[DOI]

Proceedings of the 27th Annual Network and Distributed System Security Symposium, 2020

Chaser: An Enhanced Fault Injection Tool for Tracing Soft Errors in MPI Applications.

[BibT_eX]

[DOI]

Proceedings of the 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2020

PatchScope: Memory Object Centric Patch Diffing.

[BibT_eX]

[DOI]

Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

Klotski: Efficient Obfuscated Execution against Controlled-Channel Attacks.

[BibT_eX]

[DOI]

Proceedings of the ASPLOS '20: Architectural Support for Programming Languages and Operating Systems, 2020

2019

FIRM-AFL: High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation.

[BibT_eX]

[DOI]

Proceedings of the 28th USENIX Security Symposium, 2019

ChaffyScript: Vulnerability-Agnostic Defense of JavaScript Exploits via Memory Perturbation.

[BibT_eX]

[DOI]

Xunchao Hu

Brian Testa

Proceedings of the Security and Privacy in Communication Networks, 2019

Be Sensitive and Collaborative: Analyzing Impact of Coverage Metrics in Greybox Fuzzing.

[BibT_eX]

[DOI]

Proceedings of the 22nd International Symposium on Research in Attacks, 2019

Automatic Generation of Non-intrusive Updates for Third-Party Libraries in Android Applications.

[BibT_eX]

[DOI]

Proceedings of the 22nd International Symposium on Research in Attacks, 2019

DECAF++: Elastic Whole-System Dynamic Taint Analysis.

[BibT_eX]

[DOI]

Proceedings of the 22nd International Symposium on Research in Attacks, 2019

Send Hardest Problems My Way: Probabilistic Path Prioritization for Hybrid Fuzzing.

[BibT_eX]

[DOI]

Proceedings of the 26th Annual Network and Distributed System Security Symposium, 2019

2018

RARE: A Systematic Augmented Router Emulation for Malware Analysis.

[BibT_eX]

[DOI]

Proceedings of the Passive and Active Measurement - 19th International Conference, 2018

Measuring and Disrupting Anti-Adblockers Using Differential Execution Analysis.

[BibT_eX]

[DOI]

Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018

Things You May Not Know About Android (Un)Packers: A Systematic Study based on Whole-System Emulation.

[BibT_eX]

[DOI]

Yue Duan

Abhishek Vasisht Bhaskar

Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018

DeepMem: Learning Graph Neural Network Models for Fast and Robust Memory Forensic Analysis.

[BibT_eX]

[DOI]

Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018

2017

DECAF: A Platform-Neutral Whole-System Dynamic Binary Analysis Platform.

[BibT_eX]

[DOI]

IEEE Trans. Software Eng., 2017

A Framework for Developing Cyber-Physical Systems.

[BibT_eX]

[DOI]

Int. J. Softw. Eng. Knowl. Eng., 2017

JSForce: A Forced Execution Engine for Malicious JavaScript Detection.

[BibT_eX]

[DOI]

Proceedings of the Security and Privacy in Communication Networks, 2017

VDF: Targeted Evolutionary Fuzz Testing of Virtual Devices.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2017

Dark Hazard: Learning-based, Large-Scale Discovery of Hidden Sensitive Operations in Android Apps.

[BibT_eX]

[DOI]

Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017

Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection.

[BibT_eX]

[DOI]

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

Capturing Malware Propagations with Code Injections and Code-Reuse Attacks.

[BibT_eX]

[DOI]

David Korczynski

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

Extracting Conditional Formulas for Cross-Platform Bug Search.

[BibT_eX]

[DOI]

Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, 2017

2016

Android Application Security - A Semantics and Context-Aware Approach

[BibT_eX]

[DOI]

Springer Briefs in Computer Science, Springer, ISBN: 978-3-319-47812-8, 2016

Semantics-Preserving Dissection of JavaScript Exploits via Dynamic JS-Binary Analysis.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2016

Extract Me If You Can: Abusing PDF Parsers in Malware Detectors.

[BibT_eX]

[DOI]

Curtis Carmony

Xunchao Hu

Abhishek Vasisht Bhaskar

Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016

Scalable Graph-based Bug Search for Firmware Images.

[BibT_eX]

[DOI]

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

ORIGEN: Automatic Extraction of Offset-Revealing Instructions for Cross-Version Memory Analysis.

[BibT_eX]

[DOI]

Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, 2016

2015

On the Trustworthiness of Memory Analysis - An Empirical Study from the Perspective of Binary Execution.

[BibT_eX]

[DOI]

IEEE Trans. Dependable Secur. Comput., 2015

vfGuard: Strict Protection for Virtual Function Calls in COTS C++ Binaries.

[BibT_eX]

[DOI]

Aravind Prakash

Xunchao Hu

Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015

Privacy-Preserving Offloading of Mobile App to the Public Cloud.

[BibT_eX]

[DOI]

Proceedings of the 7th USENIX Workshop on Hot Topics in Cloud Computing, 2015

Towards Automatic Generation of Security-Centric Descriptions for Android Apps.

[BibT_eX]

[DOI]

Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

Binary Code Continent: Finer-Grained Control Flow Integrity for Stripped Binaries.

[BibT_eX]

[DOI]

Minghua Wang

Abhishek Vasisht Bhaskar

Purui Su

Dengguo Feng

Proceedings of the 31st Annual Computer Security Applications Conference, 2015

Defeating ROP Through Denial of Stack Pivot.

[BibT_eX]

[DOI]

Aravind Prakash

Proceedings of the 31st Annual Computer Security Applications Conference, 2015

2014

Multi-Aspect, Robust, and Memory Exclusive Guest OS Fingerprinting.

[BibT_eX]

[DOI]

IEEE Trans. Cloud Comput., 2014

A Light-Weight Software Environment for Confining Android Malware.

[BibT_eX]

[DOI]

Proceedings of the IEEE Eighth International Conference on Software Security and Reliability, 2014

AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications.

[BibT_eX]

[DOI]

Proceedings of the 21st Annual Network and Distributed System Security Symposium, 2014

Make it work, make it right, make it fast: building a platform-neutral whole-system dynamic binary analysis platform.

[BibT_eX]

[DOI]

Proceedings of the International Symposium on Software Testing and Analysis, 2014

Efficient, context-aware privacy leakage confinement for android applications without firmware modding.

[BibT_eX]

[DOI]

Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, 2014

Semantics-Aware Android Malware Classification Using Weighted Contextual API Dependency Graphs.

[BibT_eX]

[DOI]

Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

Code Injection Attacks on HTML5-based Mobile Apps: Characterization, Detection and Mitigation.

[BibT_eX]

[DOI]

Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

MACE: high-coverage and robust memory analysis for commodity operating systems.

[BibT_eX]

[DOI]

Proceedings of the 30th Annual Computer Security Applications Conference, 2014

2013

Automatic Malware Analysis - An Emulator Based Approach.

[BibT_eX]

[DOI]

Dawn Song

Springer Briefs in Computer Science, Springer, ISBN: 978-1-4614-5523-3, 2013

DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android.

[BibT_eX]

[DOI]

Yousra Aafer

Wenliang Du

Proceedings of the Security and Privacy in Communication Networks, 2013

TransBlocker: Transforming and Taming Privacy-Breaching Android Applications.

[BibT_eX]

[DOI]

Proceedings of the 20th Annual Network and Distributed System Security Symposium, 2013

A Software Environment for Confining Malicious Android Applications via Resource Virtualization.

[BibT_eX]

[DOI]

Proceedings of the 2013 18th International Conference on Engineering of Complex Computer Systems, 2013

Manipulating semantic values in kernel data structures: Attack assessments and implications.

[BibT_eX]

[DOI]

Proceedings of the 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2013

Enforcing system-wide control flow integrity for exploit detection and diagnosis.

[BibT_eX]

[DOI]

Aravind Prakash

Zhenkai Liang

Proceedings of the 8th ACM Symposium on Information, Computer and Communications Security, 2013

2012

V2E: combining hardware virtualization and softwareemulation for transparent and extensible malware analysis.

[BibT_eX]

[DOI]

Lok-Kwong Yan

Manjukumar Jayachandra

Proceedings of the 8th International Conference on Virtual Execution Environments, 2012

DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis.

[BibT_eX]

[DOI]

Lok-Kwong Yan

Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012, 2012

Identifying and Analyzing Pointer Misuses for Sophisticated Memory-corruption Exploit Diagnosis.

[BibT_eX]

[DOI]

Proceedings of the 19th Annual Network and Distributed System Security Symposium, 2012

Hubble: Transparent and Extensible Malware Analysis by Combining Hardware Virtualization and Software Emulation.

[BibT_eX]

[DOI]

Lok-Kwong Yan

Manjukumar Jayachandra

Proceedings of the 19th Annual Network and Distributed System Security Symposium, 2012

OS-Sommelier: memory-only operating system fingerprinting in the cloud.

[BibT_eX]

[DOI]

Proceedings of the ACM Symposium on Cloud Computing, SOCC '12, 2012

2011

Attacks on WebView in the Android system.

[BibT_eX]

[DOI]

Proceedings of the Twenty-Seventh Annual Computer Security Applications Conference, 2011

2010

Keychain-Based Signatures for Securing BGP.

[BibT_eX]

[DOI]

IEEE J. Sel. Areas Commun., 2010

HookScout: Proactive Binary-Centric Hook Detection.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, 2010

2009

Emulating emulation-resistant malware.

[BibT_eX]

[DOI]

Proceedings of the 1st ACM Workshop on Virtual Machine Security, 2009

2008

Automatically Identifying Trigger-based Behavior in Malware.

[BibT_eX]

[DOI]

Proceedings of the Botnet Detection: Countering the Largest Security Threat, 2008

Thwarting E-mail Spam Laundering.

[BibT_eX]

[DOI]

Mengjun Xie

Haining Wang

ACM Trans. Inf. Syst. Secur., 2008

HookFinder: Identifying and Understanding Malware Hooking Behaviors.

[BibT_eX]

[DOI]

Zhenkai Liang

Dawn Song

Proceedings of the Network and Distributed System Security Symposium, 2008

BitBlaze: A New Approach to Computer Security via Binary Analysis.

[BibT_eX]

[DOI]

Proceedings of the Information Systems Security, 4th International Conference, 2008

2007

Building an application-aware IPsec policy system.

[BibT_eX]

[DOI]

Haining Wang

IEEE/ACM Trans. Netw., 2007

Dynamic Spyware Analysis.

[BibT_eX]

[DOI]

Proceedings of the 2007 USENIX Annual Technical Conference, 2007

Securing BGP through Keychain-based Signatures.

[BibT_eX]

[DOI]

Proceedings of the Fifteenth IEEE International Workshop on Quality of Service, 2007

Panorama: capturing system-wide information flow for malware detection and analysis.

[BibT_eX]

[DOI]

Proceedings of the 2007 ACM Conference on Computer and Communications Security, 2007

Polyglot: automatic extraction of protocol message format using dynamic binary analysis.

[BibT_eX]

[DOI]

Proceedings of the 2007 ACM Conference on Computer and Communications Security, 2007

2006

An effective defense against email spam laundering.

[BibT_eX]

[DOI]

Mengjun Xie