Zhiqiang Lin

Huan Sun

Ness B. Shroff

CoRR, June, 2025

ELFuzz: Efficient Input Generation via LLM-driven Synthesis Over Fuzzer Space.

[BibT_eX]

[DOI]

Chuyang Chen

Brendan Dolan-Gavitt

CoRR, June, 2025

C2RUST-BENCH: A Minimized, Representative Dataset for C-to-Rust Transpilation Evaluation.

[BibT_eX]

[DOI]

Melih Sirlanci

Carter Yagemann

CoRR, April, 2025

Demystifying Private Transactions and Their Impact in PoW and PoS Ethereum.

[BibT_eX]

[DOI]

CoRR, March, 2025

Ultraverse: An Efficient What-if Analysis Framework for Software Applications Interacting with Database Systems.

[BibT_eX]

[DOI]

Proc. ACM Manag. Data, February, 2025

ARMOUR US: Android Runtime Zero-permission Sensor Usage Monitoring from User Space.

[BibT_eX]

[DOI]

Proceedings of the 18th ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2025

CarPlay at Risk: Unveiling Security Threats of Third-Party Infotainment Adapters.

[BibT_eX]

[DOI]

Proceedings of the 3rd USENIX Symposium on Vehicle Security and Privacy, 2025

Code Speaks Louder: Exploring Security and Privacy Relevant Regional Variations in Mobile Applications.

[BibT_eX]

[DOI]

Proceedings of the IEEE Symposium on Security and Privacy, 2025

GoSonar: Detecting Logical Vulnerabilities in Memory Safe Language Using Inductive Constraint Reasoning.

[BibT_eX]

[DOI]

Md Sakib Anwar

Carter Yagemann

Proceedings of the IEEE Symposium on Security and Privacy, 2025

Repurposing Neural Networks for Efficient Cryptographic Computation.

[BibT_eX]

[DOI]

Xin Jin

Shiqing Ma

Proceedings of the 32nd Annual Network and Distributed System Security Symposium, 2025

Beyond Classification: Inferring Function Names in Stripped Binaries via Domain Adapted LLMs.

[BibT_eX]

[DOI]

Linxi Jiang

Xin Jin

Proceedings of the 32nd Annual Network and Distributed System Security Symposium, 2025

Deanonymizing Device Identities via Side-channel Attacks in Exclusive-use IoTs & Mitigation.

[BibT_eX]

[DOI]

Proceedings of the 32nd Annual Network and Distributed System Security Symposium, 2025

Understanding Miniapp Malware: Identification, Dissection, and Characterization.

[BibT_eX]

[DOI]

Yuqing Yang

Proceedings of the 32nd Annual Network and Distributed System Security Symposium, 2025

An Empirical Study of Proxy Contracts at the Ethereum Ecosystem Scale.

[BibT_eX]

[DOI]

Proceedings of the 47th IEEE/ACM International Conference on Software Engineering, 2025

2024

SimLLM: Calculating Semantic Similarity in Code Summaries using a Large Language Model-Based Approach.

[BibT_eX]

[DOI]

Xin Jin

Shaileshh Bojja Venkatakrishnan

Proc. ACM Softw. Eng., 2024

Cocoon: Static Information Flow Control in Rust.

[BibT_eX]

[DOI]

Proc. ACM Program. Lang., 2024

Ditto: Elastic Confidential VMs with Secure and Dynamic CPU Scaling.

[BibT_eX]

[DOI]

CoRR, 2024

Flashback: Enhancing Proposer-Builder Design with Future-Block Auctions in Proof-of-Stake Ethereum.

[BibT_eX]

[DOI]

Yifan Mao

Mengya Zhang

CoRR, 2024

Where's the "up"?! A Comprehensive (bottom-up) Study on the Security of Arm Cortex-M Systems.

[BibT_eX]

[DOI]

CoRR, 2024

SoK: Where's the "up"?! A Comprehensive (bottom-up) Study on the Security of Arm Cortex-M Systems.

[BibT_eX]

[DOI]

Proceedings of the 18th USENIX WOOT Conference on Offensive Technologies, 2024

From Virtual Touch to Tesla Command: Unlocking Unauthenticated Control Chains From Smart Glasses for Vehicle Takeover.

[BibT_eX]

[DOI]

Proceedings of the IEEE Symposium on Security and Privacy, 2024

Security of Cross-chain Bridges: Attack Surfaces, Defenses, and Open Problems.

[BibT_eX]

[DOI]

Proceedings of the 27th International Symposium on Research in Attacks, 2024

5G-Spector: An O-RAN Compliant Layer-3 Cellular Attack Detection Service.

[BibT_eX]

[DOI]

Proceedings of the 31st Annual Network and Distributed System Security Symposium, 2024

6G-XSec: Explainable Edge Security for Emerging OpenRAN Architectures.

[BibT_eX]

[DOI]

Proceedings of the 23rd ACM Workshop on Hot Topics in Networks, 2024

SaTS '24: The 2nd ACM Workshop on Secure and Trustworthy Superapps.

[BibT_eX]

[DOI]

Luyi Xing

Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024

BaseMirror: Automatic Reverse Engineering of Baseband Commands from Android's Radio Interface Layer.

[BibT_eX]

[DOI]

Wenqiang Li

Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024

When Compiler Optimizations Meet Symbolic Execution: An Empirical Study.

[BibT_eX]

[DOI]

Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024

RootFree Attacks: Exploiting Mobile Platform's Super Apps From Desktop.

[BibT_eX]

[DOI]

Proceedings of the 19th ACM Asia Conference on Computer and Communications Security, 2024

Breaking the Privacy Barrier: On the Feasibility of Reorganization Attacks on Ethereum Private Transactions.

[BibT_eX]

[DOI]

Proceedings of the Annual Computer Security Applications Conference, 2024

2023

Detecting and Measuring Aggressive Location Harvesting in Mobile Apps via Data-flow Path Embedding.

[BibT_eX]

[DOI]

Proc. ACM Meas. Anal. Comput. Syst., March, 2023

SoK: Security of Cross-chain Bridges: Attack Surfaces, Defenses, and Open Problems.

[BibT_eX]

[DOI]

CoRR, 2023

Binary Code Summarization: Benchmarking ChatGPT/GPT-4 and Other Large Language Models.

[BibT_eX]

[DOI]

CoRR, 2023

Cocoon: Static Information Flow Control in Rust.

[BibT_eX]

[DOI]

CoRR, 2023

SoK: Decoding the Super App Enigma: The Security Mechanisms, Threats, and Trade-offs in OS-alike Apps.

[BibT_eX]

[DOI]

CoRR, 2023

A Peek into the Metaverse: Detecting 3D Model Clones in Mobile Games.

[BibT_eX]

[DOI]

Proceedings of the 32nd USENIX Security Symposium, 2023

Egg Hunt in Tesla Infotainment: A First Look at Reverse Engineering of Qt Binaries.

[BibT_eX]

[DOI]

Proceedings of the 32nd USENIX Security Symposium, 2023

One Size Does Not Fit All: Uncovering and Exploiting Cross Platform Discrepant APIs in WeChat.

[BibT_eX]

[DOI]

Proceedings of the 32nd USENIX Security Symposium, 2023

Controlled Data Races in Enclaves: Attacks and Detection.

[BibT_eX]

[DOI]

Sanchuan Chen

Proceedings of the 32nd USENIX Security Symposium, 2023

Reusable Enclaves for Confidential Serverless Computing.

[BibT_eX]

[DOI]

Proceedings of the 32nd USENIX Security Symposium, 2023

Your Exploit is Mine: Instantly Synthesizing Counterattack Smart Contract.

[BibT_eX]

[DOI]

Proceedings of the 32nd USENIX Security Symposium, 2023

ADC-Bank: Detecting Acoustic Out-of-Band Signal Injection on Inertial Sensors.

[BibT_eX]

[DOI]

Proceedings of the Security and Privacy in Cyber-Physical Systems and Smart Vehicles, 2023

Renewable Just-In-Time Control-Flow Integrity.

[BibT_eX]

[DOI]

Proceedings of the 26th International Symposium on Research in Attacks, 2023

Extracting Threat Intelligence From Cheat Binaries For Anti-Cheating.

[BibT_eX]

[DOI]

Proceedings of the 26th International Symposium on Research in Attacks, 2023

Thwarting Smartphone SMS Attacks at the Radio Interface Layer.

[BibT_eX]

[DOI]

Proceedings of the 30th Annual Network and Distributed System Security Symposium, 2023

Extrapolating Formal Analysis to Uncover Attacks in Bluetooth Passkey Entry Pairing.

[BibT_eX]

[DOI]

Mohit Kumar Jangid

Proceedings of the 30th Annual Network and Distributed System Security Symposium, 2023

Demystifying Exploitable Bugs in Smart Contracts.

[BibT_eX]

[DOI]

Proceedings of the 45th IEEE/ACM International Conference on Software Engineering, 2023

Taintmini: Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis.

[BibT_eX]

[DOI]

Proceedings of the 45th IEEE/ACM International Conference on Software Engineering, 2023

PwrLeak: Exploiting Power Reporting Interface for Side-Channel Attacks on AMD SEV.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2023

Don't Leak Your Keys: Understanding, Measuring, and Exploiting the AppSecret Leaks in Mini-Programs.

[BibT_eX]

[DOI]

Yuqing Yang

Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

Uncovering and Exploiting Hidden APIs in Mobile Super Apps.

[BibT_eX]

[DOI]

Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

SaTS'23: The 1st ACM Workshop on Secure and Trustworthy Superapps.

[BibT_eX]

[DOI]

Xiaojing Liao

Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

FreePart: Hardening Data Processing Software via Framework-based Partitioning and Isolation.

[BibT_eX]

[DOI]

Proceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, 2023

Uncovering Vulnerabilities of Bluetooth Low Energy IoT from Companion Mobile Apps with Ble-Guuide.

[BibT_eX]

[DOI]

Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security, 2023

2022

vTrust: Remotely Executing Mobile Apps Transparently With Local Untrusted OS.

[BibT_eX]

[DOI]

IEEE Trans. Computers, 2022

Replay (Far) Away: Exploiting and Fixing Google/Apple Exposure Notification Contact Tracing.

[BibT_eX]

[DOI]

Proc. Priv. Enhancing Technol., 2022

Ultraverse: Efficient Retroactive Operation for Attack Recovery in Database Systems and Web Frameworks.

[BibT_eX]

[DOI]

CoRR, 2022

An Empirical Study on Ethereum Private Transactions and the Security Implications.

[BibT_eX]

[DOI]

CoRR, 2022

Playing Without Paying: Detecting Vulnerable Payment Verification in Native Binaries of Unity Mobile Games.

[BibT_eX]

[DOI]

Proceedings of the 31st USENIX Security Symposium, 2022

vSGX: Virtualizing SGX Enclaves on AMD SEV.

[BibT_eX]

[DOI]

Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022

What You See is Not What You Get: Revealing Hidden Memory Mapping for Peripheral Modeling.

[BibT_eX]

[DOI]

Jun Yeon Won

Proceedings of the 25th International Symposium on Research in Attacks, 2022

Multi-Certificate Attacks against Proof-of-Elapsed-Time and Their Countermeasures.

[BibT_eX]

[DOI]

Proceedings of the 29th Annual Network and Distributed System Security Symposium, 2022

A fine-grained telemetry stream for security services in 5G open radio access networks.

[BibT_eX]

[DOI]

Proceedings of the 1st International Workshop on Emerging Topics in Wireless, 2022

Leveraging Synergies Between AI and Networking to Build Next Generation Edge Networks.

[BibT_eX]

[DOI]

Proceedings of the 8th IEEE International Conference on Collaboration and Internet Computing, 2022

Detecting and Measuring Misconfigured Manifests in Android Apps.

[BibT_eX]

[DOI]

Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

Cross Miniapp Request Forgery: Root Causes, Attacks, and Vulnerability Detection.

[BibT_eX]

[DOI]

Yuqing Yang

Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

SymLM: Predicting Function Names in Stripped Binaries via Context-Sensitive Execution-Aware Code Embeddings.

[BibT_eX]

[DOI]

Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

Understanding IoT Security from a Market-Scale Perspective.

[BibT_eX]

[DOI]

Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

When Good Becomes Evil: Tracking Bluetooth Low Energy Devices via Allowlist-based Side Channel and Its Countermeasure.

[BibT_eX]

[DOI]

Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

PeriScope: Comprehensive Vulnerability Analysis of Mobile App-defined Bluetooth Peripherals.

[BibT_eX]

[DOI]

Proceedings of the ASIA CCS '22: ACM Asia Conference on Computer and Communications Security, Nagasaki, Japan, 30 May 2022, 2022

2021

A Measurement Study of Wechat Mini-Apps.

[BibT_eX]

[DOI]

Proc. ACM Meas. Anal. Comput. Syst., 2021

WLAN-Log-Based Superspreader Detection in the COVID-19 Pandemic.

[BibT_eX]

[DOI]

CoRR, 2021

Automatic Policy Generation for Inter-Service Access Control of Microservices.

[BibT_eX]

[DOI]

Proceedings of the 30th USENIX Security Symposium, 2021

Towards Formal Verification of State Continuity for Enclave Programs.

[BibT_eX]

[DOI]

Proceedings of the 30th USENIX Security Symposium, 2021

SelectiveTaint: Efficient Data Flow Tracking With Static Binary Rewriting.

[BibT_eX]

[DOI]

Sanchuan Chen

Proceedings of the 30th USENIX Security Symposium, 2021

iTOP: Automating Counterfeit Object-Oriented Programming Attacks.

[BibT_eX]

[DOI]

Proceedings of the RAID '21: 24th International Symposium on Research in Attacks, 2021

Keynote: Uncovering Vulnerabilities in Bluetooth Devices with Automated Binary Analysis.

[BibT_eX]

[DOI]

Proceedings of the 19th IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events, 2021

Specularizer : Detecting Speculative Execution Attacks via Performance Tracing.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2021

CrossLine: Breaking "Security-by-Crash" based Memory Isolation in AMD SEV.

[BibT_eX]

[DOI]

Mengyuan Li

Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

2020

SgxPectre: Stealing Intel Secrets From SGX Enclaves via Speculative Execution.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2020

ACOUSTIC-TURF: Acoustic-based Privacy-Preserving COVID-19 Contact Tracing.

[BibT_eX]

[DOI]

CoRR, 2020

TXSPECTOR: Uncovering Attacks in Ethereum from Transactions.

[BibT_eX]

[DOI]

Proceedings of the 29th USENIX Security Symposium, 2020

Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack Surface in Automotive IoT.

[BibT_eX]

[DOI]

Qi Alfred Chen

Proceedings of the 29th USENIX Security Symposium, 2020

SAVIOR: Securing Autonomous Vehicles with Robust Physical Invariants.

[BibT_eX]

[DOI]

Proceedings of the 29th USENIX Security Symposium, 2020

FIRMSCOPE: Automatic Uncovering of Privilege-Escalation Vulnerabilities in Pre-Installed Apps in Android Firmware.

[BibT_eX]

[DOI]

Proceedings of the 29th USENIX Security Symposium, 2020

Breaking Secure Pairing of Bluetooth Low Energy Using Downgrade Attacks.

[BibT_eX]

[DOI]

Proceedings of the 29th USENIX Security Symposium, 2020

Energy Attacks on Mobile Devices.

[BibT_eX]

[DOI]

Ashish Kundu

Joshua Hammond

Proceedings of the Second IEEE International Conference on Trust, 2020

Automatic Uncovering of Hidden Behaviors From Input Validation in Mobile Apps.

[BibT_eX]

[DOI]

Proceedings of the 2020 IEEE Symposium on Security and Privacy, 2020

On the Accuracy of Measured Proximity of Bluetooth-Based Contact Tracing Apps.

[BibT_eX]

[DOI]

Proceedings of the Security and Privacy in Communication Networks, 2020

A Study of the Privacy of COVID-19 Contact Tracing Apps.

[BibT_eX]

[DOI]

Proceedings of the Security and Privacy in Communication Networks, 2020

On the Effectiveness of Behavior-Based Ransomware Detection.

[BibT_eX]

[DOI]

Jaehyun Han

Donald E. Porter

Proceedings of the Security and Privacy in Communication Networks, 2020

Automated Cross-Platform Reverse Engineering of CAN Bus Commands From Mobile Apps.

[BibT_eX]

[DOI]

Proceedings of the 27th Annual Network and Distributed System Security Symposium, 2020

FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities From Bare-Metal Firmware.

[BibT_eX]

[DOI]

Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

ρFEM: Efficient Backward-edge Protection Using Reversed Forward-edge Mappings.

[BibT_eX]

[DOI]

Proceedings of the ACSAC '20: Annual Computer Security Applications Conference, 2020

2019

On the (In)security of Bluetooth Low Energy One-Way Secure Connections Only Mode.

[BibT_eX]

[DOI]

CoRR, 2019

CONFIRM: Evaluating Compatibility and Relevance of Control-flow Integrity Protections for Modern Software.

[BibT_eX]

[DOI]

Proceedings of the 28th USENIX Security Symposium, 2019

Exploiting Unprotected I/O Operations in AMD's Secure Encrypted Virtualization.

[BibT_eX]

[DOI]

Proceedings of the 28th USENIX Security Symposium, 2019

The Betrayal At Cloud City: An Empirical Analysis Of Cloud-Based Mobile Backends.

[BibT_eX]

[DOI]

Brendan Saltaformaggio

Proceedings of the 28th USENIX Security Symposium, 2019

Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps.

[BibT_eX]

[DOI]

Proceedings of the 2019 IEEE Symposium on Security and Privacy, 2019

Towards Automated Inter-Service Authorization for Microservice Applications.

[BibT_eX]

[DOI]

Xing Li

Yan Chen

Proceedings of the ACM SIGCOMM 2019 Conference Posters and Demos, 2019

Time and Order: Towards Automatically Identifying Side-Channel Vulnerabilities in Enclave Binaries.

[BibT_eX]

[DOI]

Wubing Wang

Proceedings of the 22nd International Symposium on Research in Attacks, 2019

Geo-locating Drivers: A Study of Sensitive Data Leakage in Ride-Hailing Services.

[BibT_eX]

[DOI]

Proceedings of the 26th Annual Network and Distributed System Security Symposium, 2019

Probabilistic disassembly.

[BibT_eX]

[DOI]

Proceedings of the 41st International Conference on Software Engineering, 2019

Your IoTs Are (Not) Mine: On the Remote Binding Between IoT Devices and Users.

[BibT_eX]

[DOI]

Proceedings of the 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2019

Automatic Fingerprinting of Vulnerable BLE IoT Devices with Static UUIDs from Mobile Apps.

[BibT_eX]

[DOI]

Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019

Towards Memory Safe Enclave Programming with Rust-SGX.

[BibT_eX]

[DOI]

Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019

Running Language Interpreters Inside SGX: A Lightweight, Legacy-Compatible Script Code Hardening Approach.

[BibT_eX]

[DOI]

Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, 2019

Analyzing control flow integrity with LLVM-CFI.

[BibT_eX]

[DOI]

Proceedings of the 35th Annual Computer Security Applications Conference, 2019

2018

SgxPectre Attacks: Leaking Enclave Secrets via Speculative Execution.

[BibT_eX]

[DOI]

CoRR, 2018

Injected and Delivered: Fabricating Implicit Control over Actuation Systems by Spoofing Inertial Sensors.

[BibT_eX]

[DOI]

Proceedings of the 27th USENIX Security Symposium, 2018

Guarder: A Tunable Secure Allocator.

[BibT_eX]

[DOI]

Proceedings of the 27th USENIX Security Symposium, 2018

Using Virtual Machine Introspection for Operating Systems Security Education.

[BibT_eX]

[DOI]

Manish Bhatt

Irfan Ahmed

Proceedings of the 49th ACM Technical Symposium on Computer Science Education, 2018

τCFI: Type-Assisted Control Flow Integrity for x86-64 Binaries.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2018

IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing.

[BibT_eX]

[DOI]

Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018

Superset Disassembly: Statically Rewriting x86 Binaries Without Heuristics.

[BibT_eX]

[DOI]

Kevin W. Hamlen

Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018

Towards Interface-Driven COTS Binary Hardening.

[BibT_eX]

[DOI]

Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation, 2018

SGXElide: enabling enclave code secrecy via self-modification.

[BibT_eX]

[DOI]

Proceedings of the 2018 International Symposium on Code Generation and Optimization, 2018

K-Hunt: Pinpointing Insecure Cryptographic Keys from Execution Traces.

[BibT_eX]

[DOI]

Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018

BCD: Decomposing Binary Code Into Components Using Graph-Based Clustering.

[BibT_eX]

[DOI]

Proceedings of the 2018 on Asia Conference on Computer and Communications Security, 2018

A Measurement Study of Authentication Rate-Limiting Mechanisms of Modern Websites.

[BibT_eX]

[DOI]

Proceedings of the 34th Annual Computer Security Applications Conference, 2018

2017

SMARTGEN: Exposing Server URLs of Mobile Apps With Selective Symbolic Execution.

[BibT_eX]

[DOI]

Proceedings of the 26th International Conference on World Wide Web, 2017

Sgx-Lapd: Thwarting Controlled Side Channel Attacks via Enclave Verifiable Page Faults.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2017

Securing Data Analytics on SGX with Randomization.

[BibT_eX]

[DOI]

Bhavani Thuraisingham

Proceedings of the Computer Security - ESORICS 2017, 2017

PT-CFI: Transparent Backward-Edge Control Flow Violation Detection Using Intel Processor Trace.

[BibT_eX]

[DOI]

Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy, 2017

AUTHSCOPE: Towards Automatic Discovery of Vulnerable Authorizations in Online Services.

[BibT_eX]

[DOI]

Qingchuan Zhao

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

FreeGuard: A Faster Secure Heap Allocator.

[BibT_eX]

[DOI]

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

SGX-BigMatrix: A Practical Encrypted Data Analytic Framework With Trusted Processors.

[BibT_eX]

[DOI]

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

CCS'17 Tutorial Abstract / SGX Security and Privacy.

[BibT_eX]

[DOI]

Taesoo Kim

Chia-Che Tsai

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

SGX-Log: Securing System Logs With SGX.

[BibT_eX]

[DOI]

Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, 2017

Building a Security OS With Software Defined Infrastructure.

[BibT_eX]

[DOI]

Proceedings of the 8th Asia-Pacific Workshop on Systems, Mumbai, India, September 2, 2017, 2017

2016

Type Inference on Executables.

[BibT_eX]

[DOI]

Juan Caballero

ACM Comput. Surv., 2016

Automatic Uncovering of Tap Points from Kernel Executions.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2016

Detecting Stack Layout Corruptions with Robust Stack Unwinding.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2016

Automatic Forgery of Cryptographically Consistent Messages to Identify Security Vulnerabilities in Mobile Services.

[BibT_eX]

[DOI]

Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016

A Case for Protecting Computer Games With SGX.

[BibT_eX]

[DOI]

Proceedings of the 1st Workshop on System Software for Trusted Execution, 2016

Derandomizing Kernel Address Space Layout for Memory Introspection and Forensics.

[BibT_eX]

[DOI]

Yufei Gu

Proceedings of the Sixth ACM on Conference on Data and Application Security and Privacy, 2016

Adaptive encrypted traffic fingerprinting with bi-directional dependence.

[BibT_eX]

[DOI]

Bhavani Thuraisingham

Proceedings of the 32nd Annual Conference on Computer Security Applications, 2016

2015

On the Trustworthiness of Memory Analysis - An Empirical Study from the Perspective of Binary Execution.

[BibT_eX]

[DOI]

IEEE Trans. Dependable Secur. Comput., 2015

A Survey on Hypervisor-Based Monitoring: Approaches, Applications, and Evolutions.

[BibT_eX]

[DOI]

Gbadebo Ayoade

ACM Comput. Surv., 2015

PEMU: A Pin Highly Compatible Out-of-VM Dynamic Binary Instrumentation Framework.

[BibT_eX]

[DOI]

Proceedings of the 11th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, 2015

You Shouldn't Collect My Secrets: Thwarting Sensitive Keystroke Leakage in Mobile IME Apps.

[BibT_eX]

[DOI]

Proceedings of the 24th USENIX Security Symposium, 2015

Automatically deriving pointer reference expressions from binary code for memory dump analysis.

[BibT_eX]

[DOI]

David Brumley

Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, 2015

Towards Automatic Inference of Kernel Object Semantics from Binary Code.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2015

Half a Century of Practice: Who Is Still Storing Plaintext Passwords?

[BibT_eX]

[DOI]

Yafeng Lu

Proceedings of the Information Security Practice and Experience, 2015

A Practical Approach for Adaptive Data Structure Layout Randomization.

[BibT_eX]

[DOI]

Proceedings of the Computer Security - ESORICS 2015, 2015

Enhancing Software Dependability and Security with Hardware Supported Instruction Address Space Randomization.

[BibT_eX]

[DOI]

Proceedings of the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2015

2014

Data-Centric OS Kernel Malware Characterization.

[BibT_eX]

[DOI]

IEEE Trans. Inf. Forensics Secur., 2014

Multi-Aspect, Robust, and Memory Exclusive Guest OS Fingerprinting.

[BibT_eX]

[DOI]

IEEE Trans. Cloud Comput., 2014

X-Force: Force-Executing Binary Programs for Security Applications.

[BibT_eX]

[DOI]

Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

Preventing Cryptographic Key Leakage in Cloud Virtual Machines.

[BibT_eX]

[DOI]

Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

HYPERSHELL: A Practical Hypervisor Layer Guest OS Shell for Automated In-VM Management.

[BibT_eX]

[DOI]

Proceedings of the 2014 USENIX Annual Technical Conference, 2014

Towards a Systematic Study of the Covert Channel Attacks in Smartphones.

[BibT_eX]

[DOI]

Proceedings of the International Conference on Security and Privacy in Communication Networks, 2014

GoldenEye: Efficiently and Effectively Unveiling Malware's Targeted Environment.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions and Defenses, 2014

SMV-Hunter: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps.

[BibT_eX]

[DOI]

Proceedings of the 21st Annual Network and Distributed System Security Symposium, 2014

Hybrid-Bridge: Efficiently Bridging the Semantic-Gap in VMI via Decoupled Execution and Training Memoization.

[BibT_eX]

[DOI]

Alireza Saberi

Proceedings of the 21st Annual Network and Distributed System Security Symposium, 2014

SigPath: A Memory Graph Based Approach for Program Data Introspection and Modification.

[BibT_eX]

[DOI]

Proceedings of the Computer Security - ESORICS 2014, 2014

Programmable decoder and shadow threads: Tolerate remote code injection exploits with diversified redundancy.

[BibT_eX]

[DOI]

Proceedings of the Design, Automation & Test in Europe Conference & Exhibition, 2014

MACE: high-coverage and robust memory analysis for commodity operating systems.

[BibT_eX]

[DOI]

Proceedings of the 30th Annual Computer Security Applications Conference, 2014

2013

Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection.

[BibT_eX]

[DOI]

ACM Trans. Inf. Syst. Secur., 2013

EXTERIOR: using a dual-VM based external shell for guest-OS introspection, configuration, and recovery.

[BibT_eX]

[DOI]

Proceedings of the ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (co-located with ASPLOS 2013), 2013

CPU transparent protection of OS kernel and hypervisor integrity with programmable DRAM.

[BibT_eX]

[DOI]

Proceedings of the 40th Annual International Symposium on Computer Architecture, 2013

AUTOVAC: Automatically Extracting System Resource Constraints and Generating Vaccines for Malware Immunization.

[BibT_eX]

[DOI]

Proceedings of the IEEE 33rd International Conference on Distributed Computing Systems, 2013

Manipulating semantic values in kernel data structures: Attack assessments and implications.

[BibT_eX]

[DOI]

Proceedings of the 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2013

Obfuscation resilient binary code reuse through trace-oriented programming.

[BibT_eX]

[DOI]

Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

Subverting system authentication with context-aware, reactive virtual machine introspection.

[BibT_eX]

[DOI]

Kevin W. Hamlen

Proceedings of the Annual Computer Security Applications Conference, 2013

2012

Bin-Carver: Automatic recovery of binary executable files.

[BibT_eX]

[DOI]

Scott Hand

Guofei Gu

Bhavani Thuraisingham

Digit. Investig., 2012

Space Traveling across VM: Automatically Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection.

[BibT_eX]

[DOI]

Proceedings of the IEEE Symposium on Security and Privacy, 2012

Discovering Semantic Data of Interest from Un-mappable Memory with Confidence.

[BibT_eX]

[DOI]

Proceedings of the 19th Annual Network and Distributed System Security Symposium, 2012

OS-Sommelier: memory-only operating system fingerprinting in the cloud.

[BibT_eX]

[DOI]

Proceedings of the ACM Symposium on Cloud Computing, SOCC '12, 2012

Automatic generation of vaccines for malware immunization.

[BibT_eX]

[DOI]

Proceedings of the ACM Conference on Computer and Communications Security, 2012

Binary stirring: self-randomizing instruction addresses of legacy x86 binary code.

[BibT_eX]

[DOI]

Proceedings of the ACM Conference on Computer and Communications Security, 2012

Securing untrusted code via compiler-agnostic binary rewriting.

[BibT_eX]

[DOI]

Proceedings of the 28th Annual Computer Security Applications Conference, 2012

2011

SigGraph: Brute Force Scanning of Kernel Data Structure Instances Using Graph-based Signatures.

[BibT_eX]

[DOI]

Proceedings of the Network and Distributed System Security Symposium, 2011

Characterizing kernel malware behavior with kernel data access patterns.

[BibT_eX]

[DOI]

Junghwan Rhee

Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, 2011

2010

Reverse Engineering Input Syntactic Structure from Program Execution and Its Applications.

[BibT_eX]

[DOI]

IEEE Trans. Software Eng., 2010

Automatic Reverse Engineering of Data Structures from Binary Execution.

[BibT_eX]

[DOI]

Proceedings of the Network and Distributed System Security Symposium, 2010

Strict control dependence and its effect on dynamic information flow analyses.

[BibT_eX]

[DOI]

Proceedings of the Nineteenth International Symposium on Software Testing and Analysis, 2010

Reuse-oriented camouflaging trojan: Vulnerability detection and attack construction.

[BibT_eX]

[DOI]

Proceedings of the 2010 IEEE/IFIP International Conference on Dependable Systems and Networks, 2010

2009

IntScope: Automatically Detecting Integer Overflow Vulnerability in X86 Binary Using Symbolic Execution.

[BibT_eX]

[DOI]

Proceedings of the Network and Distributed System Security Symposium, 2009

Polymorphing Software by Randomizing Data Structure Layout.

[BibT_eX]

[DOI]

Ryan D. Riley

Proceedings of the Detection of Intrusions and Malware, 2009

2008

Deriving input syntactic structure from execution.

[BibT_eX]

[DOI]

Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2008

Automatic Protocol Format Reverse Engineering through Context-Aware Monitored Execution.

[BibT_eX]

[DOI]

Proceedings of the Network and Distributed System Security Symposium, 2008

Convicting exploitable software vulnerabilities: An efficient input provenance based approach.

[BibT_eX]

[DOI]

Proceedings of the 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2008

2006

Transparent Run-Time Prevention of Format-String Attacks Via Dynamic Taint and Flexible Validation.

[BibT_eX]

[DOI]

Proceedings of the Information Security, 9th International Conference, 2006

A Practical Framework for Dynamically Immunizing Software Security Vulnerabilities.

[BibT_eX]

[DOI]