About

• I am a Distinguished Professor of Engineering in the Department of Computer Science and Engineering (CSE), and the director of Institute for Cybersecurity and Digital Trust (ICDT) at The Ohio State University (OSU).
• I am also the founding director of Computer Security Laboratory (SecLab), a faculty member in Center for Automotive Research (CAR), Translational Data Analytics Institute (TDAI), and NSF AI Institute for Future Edge Networks and Distributed Intelligence (AI-Edge).
• In addition, I am the founding faculty advisor of Women in Cyber Security (WiCys) chapter at OSU, and I am also one of the faculty advisors of OSU Cybersecurity Club (OSUCyber).
• I am broadly interested in most of the cybersecurity problems (e.g., vulnerability discovery, authentication, authorization, introspection, deception, applied cryptography, and side channel analysis), with a key focus on advancing or using program analysis to solve the security problems.
• More specifically, I have been working on developing novel or using existing program analysis and reverse engineering techniques for vulnerability discovery with native binary code in the past decade, and recently also on byte code (Java), script code (JavaScript), or even source code (C/C++/Rust), covering the entire software stack from firmware to applications, from web, mobile, IoT (particularly Bluetooth), to blockchain. In addition to finding vulnerabilities, I also work on hardening the software against various attacks, particularly on improving or using binary code rewriting, virtual machine introspection, and trusted execution environment (TEE) towards this goal.
• Sometimes, I also use program (binary or source code) analysis as a tool for measurement studies in order to gain insights and understanding on the security problems of interest.
• My research has been supported in part by federal agencies such as AFOSR, ARO, DARPA, NHTSA, NSA, NSF, and ONR, and industry such as Amazon, Cisco, Meta, Raytheon, and VMware.
• I am an IEEE Fellow, an ACM Distinguished Member, a recipient of NSF CAREER Award and AFOSR YIP Award. I also received the Harrison Faculty Award for Excellence in Engineering Education from College of Engineering, and the Outstanding Faculty Teaching Award from Department of Computer Science and Engineering at OSU.
• My short bio can be found here
• The best way to reach me is through my email:
• My office: DL 798
• Phone: (614) 292-0055
• Fax: (614) 292-2911
• PGP key: zlin.pub
• Mail Address:

      Zhiqiang Lin
      798 Dreese Laboratories
      2015 Neil Avenue
      Columbus, OH 43210-1277
  

Research

• Current Interests:
  • Mobile Security (mobile app analysis, automotive security, contact tracing, 5G, Bluetooth/IoT security)
    • Mobile Super/Mini App Security
      • RootFree Attacks [ASIACCS'24]
      • APIDiff [USENIX-SEC'23]
      • APIScope [CCS'23]
      • Detecting AppSecret Leaks in Miniapps [CCS'23]
      • TaintMini [ICSE'23]
      • Cross Miniapp Request Forgeory (CMRF) [CCS'22]
      • MiniCrawler [SIGMETRICS'21]
    • Bluetooth Security and Privacy
      • BleGuuide [AsiaCCS'23]
      • Formal verification of BLE Passkey Entry pairing [NDSS'23]
      • Allowlist-based Side Channel Attacks [CCS'22][Best Paper Award Honorable Mention]
      • Google/Apple Exposure Notification+ [PETS'22]
      • Bluetooth Downgrading Attacks [USENIX-SEC'20]
      • FirmXRay [CCS'20]
      • BleScope [CCS'19]
    • Automotive Security
      • SmartGlass Attack [SP'24] [Distinguished Paper Award]
      • QtRE [USENIX-SEC'23]
      • CAN-Hunter [NDSS'20]
      • DongleScope [USENIX-SEC'20]
      • SAVIOR [USENIX-SEC'20]
    • 5G-Spector [NDSS'24] [Distinguished Artifact Award]
    • 3DScan [USENIX-SEC'23]
    • RILDefender [NDSS'23]
    • LocationScope [SIGMETRICS'23]
    • IoTSpotter [CCS'22]
    • ManiScope [CCS'22]
    • InputScope [S&P'20]
    • FirmScope [USENIX-SEC'20]
    • SkyWalker [USENIX-SEC'19]
    • Leaks in Ride-hailing Services [NDSS'19]
    • LeakScope [S&P'19]
    • IoTFuzzer [NDSS'18]
    • AuthScope [CCS'17]
    • SmartGen [WWW'17]
    • AutoForge [NDSS'16]
    • SMV-Hunter [NDSS'14]
  • Software Security (binary or firmware code analysis, vulnerability discovery, and software hardening)
    • BaseMirror [CCS'24]
    • Moose [CCS'24]
    • Cocoon [OOPSLA'24]
    • FSE [FSE'24]
    • STING [USENIX-SEC'23]
    • QtRE [USENIX-SEC'23]
    • Smart Contract Vulnerability Analysis [ICSE'23]
    • SymLM [CCS'22]
    • PaymentScope [USENIX-SEC'22]
    • SelectiveTaint [USENIX-SEC'21]
    • FirmScope [USENIX-SEC'20]
    • TxSpector [USENIX-SEC'20]
    • CONFIRM: CFI Benchmarks [USENIX-SEC'19]
    • Probabilistic Disassembly [ICSE'19]
    • Superset Disassembly [NDSS'18]
    • K-Hunt [CCS'18]
    • Guarder [USENIX-SEC'18]
    • FreeGuard [CCS'17],
    • X-Force [USENIX-SEC'14]
    • Trace-oriented Programming [CCS'13]
    • STIR [CCS'12]
    • REWARDS [NDSS'10]
    • IntScope [NDSS'09]
    • AutoFormat [NDSS'08]
  • Systems Security (OS kernel and hypervisor security, trusted computing)
    • Reusable Enclave [USENIX-SEC'23]
    • SGX-Racer [USENIX-SEC'23]
    • vSGX [S&P'22]
    • SGX State Continuity Vulnerability Detection [USENIX-SEC'21]
    • CrossLine Attack [CCS'21][Best Paper Award Runner-up]
    • Rust-SGX [CCS'19]
    • AMD-SEV-IO-Security [USENIX-SEC'19]
    • SGX-Pectre [EUROSP'19]
    • SGX-BigMatrix [CCS'17]
    • SGX-Elide [CGO'18]
    • SGX-LAPD [RAID'17]
    • Hybrid-Bridge [NDSS'14]
    • HyperShell [USENIX-ATC'14]
    • Crypto-key Protection [USENIX-SEC'14]
    • VM Space Travler [S&P'12]
    • SigGraph [NDSS'11]

• Groups:
  • The Computer Security Laboratory (SecLab) at The Ohio State University.
  • The talented students I have the fortune to have advised and worked with.

• Recent Publications [Complete list]
  • [CCS'24] "Automatic Reverse Engineering of Baseband Commands from Android’s Radio Interface Layer"
  • [CCS'24] "When Compiler Optimizations Meet Symbolic Execution: An Empirical Study"
  • [FSE'24] "SimLLM: Calculating Semantic Similarity in Code Summaries Using a Large Language Model-Based Approach"
  • [S&P'24] "From Virtual Touch to Tesla Command: Unlocking Unauthenticated Control Chains From Smart Glasses for Vehicle Takeover"
  • [OOPSLA'24] "Cocoon: Static Information Flow Control in Rust"
  • [NDSS'24] 5G-Spector: An O-RAN Compliant Layer-3 Cellular Attack Detection Service
  • [CCS'23] "Uncovering and Exploiting Hidden APIs in Mobile Super Apps"
  • [CCS'23] "Don’t Leak Your Keys: Understanding, Measuring, and Exploiting the AppSecret Leaks in Mini-Programs"
  • [USENIX-SEC'23] "Egg Hunt in Tesla Infotainment: A First Look at Reverse Engineering of Qt Binaries''
  • [USENIX-SEC'23] "Controlled Data Races in Enclaves: Attacks and Detection''
  • [USENIX-SEC'23] "One Size Does Not Fit All: Uncovering and Exploiting Cross Platform Discrepant APIs in WeChat''
  • [USENIX-SEC'23] "Reusable Enclaves for Confidential Serverless Computing''
  • [USENIX-SEC'23] "Your Exploit is Mine: Instantly Synthesizing Counterattack Smart Contract''
  • [USENIX-SEC'23] "A Peek into the Metaverse: Detecting 3D Model Clones in Mobile Games''
  • [NDSS'23] Thwarting Smartphone SMS Attacks at the Radio Interface Layer
  • [SIGMETRICS'23] "Detecting and Measuring Aggressive Location Harvesting in Mobile Apps via Data-flow Path Embedding"
  • [ICSE'23] TaintMini: Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis
  • [ICSE'23] Demystifying Exploitable Bugs in Smart Contracts
  • [NDSS'23] Extrapolating Formal Analysis to Uncover Attacks in Bluetooth Passkey Entry Pairing
  • [CCS'22] "When Good Becomes Evil: Tracking Bluetooth Low Energy Devices via Allowlist-based Side Channel and Its Countermeasure"
  • [CCS'22] "Cross Miniapp Request Forgery: Root Causes, Attacks, and Vulnerability Detection"
  • [CCS'22] "Detecting and Measuring of Misconfigured Manifest in Android Apps"
  • [CCS'22] "SymLM: Predicating Function Name in Stripped Binaries through Context-Sensitive Execution-Aware Code Embeddings"
  • [CCS'22] "Understanding IoT Security from a Market-Scale Perspective"
  • [USENIX-SEC'22] "Playing Without Paying: Detecting Vulnerable Payment Verification in Native Binaries of Mobile Games''
  • [PETS'22] "Replay (Far) Away: Exploiting and Fixing Google/Apple Exposure Notification Contact Tracing"
  • [S&P'22] "vSGX: Virtualizing SGX Enclaves on AMD SEV''
  • [NDSS'22] Multi-Certificate Attacks Against Proof-of-Elapsed-Time And Their Countermeasures

Teaching

• CSE 5474: Software Security (Spring 24, 23, 22, 21, 18)
• CSE 5473: Network Security (Fall 20, 18)
• CSE 4471: Information Security (Fall 19)
• Recent Talks
  • 05/08/2024, Unpacking the Threats of All-in-One Mobile Super Apps [PDF], Distinguished Lecture at Washington State University.
  • 05/02/2024, Rethinking the Security and Privacy of Bluetooth Low Energy [PDF], Gerald M. Masson Distinguished Lecture at Johns Hopkins University
  • More ...

Service

• Editorial Service:
  • Associate Editor: ACM Transactions on Privacy and Security (TOPS), 20~
  • Associate Editor: ACM/IEEE Transactions on Networking (ToN), 21~22
  • Associate Editor: IEEE Transactions on Mobile Computing (TMC), 20~22
  • Associate Editor: IEEE Transactions on Dependable and Secure Computing (TDSC), 16~22
• Conference Organization:
  • Program co-chair: International Conf. on Security and Privacy in Comm. Networks (SECURECOMM), 22
  • Program co-chair: ACM ASIA Conference on Computer and Communications Security (ASIACCS), 21
  • Program co-chair: Information Security Conference (ISC), 19
  • Program co-chair: Workshop on Forming an Ecosystem Around Software Transformation (FEAST), 19
  • Program co-chair: ACM Workshop on Secure and Trustworthy Superapps (SaTS), 23, 24
  • Area chair: ACM Conference on Computer and Communications Security (CCS), 19
  • Area chair: World Wide Web (WWW) Conference, 24
  • Area chair: International Conference on Distributed Computing Systems (ICDCS), 25
  • Steering committee: International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 17~
  • Steering committee: Information Security Conference, 19~
  • Steering committee chair: ACM Workshop on Secure and Trustworthy Superapps (SaTS), 23~
  • Local arrangement chair: ACM Conference on Computer and Communications Security (CCS), 17
• Technical Program Committee (TPC) Member:
  • ACM Conference on Computer and Communications Security (CCS), 14, 15, 16, 18, 19, 20, 22, 23, 24
  • IEEE Symposium on Security and Privacy, 21, 22, 24, 25
  • USENIX Security Symposium, 17, 21, 22, 24, 25
  • ISOC Network and Distributed System Security Symposium (NDSS), 15, 19, 20
  • World Wide Web (WWW) Conference, 18
  • IEEE International Conference on Mobility: Operations, Services, and Technologies (MOST), 23, 24
  • ISOC Symposium on Vehicle Security & Privacy (VehicleSec), 23, 24
  • IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 20, 21, 22
  • ACM ASIA Conference on Computer and Communications Security (ASIACCS), 13, 14, 15, 16, 18
  • Annual Computer Security Applications Conference (ACSAC), 14, 16, 17, 18, 19, 20, 21, 22, 23, 24
  • International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 16
  • European Symposium on Research in Computer Security (ESORICS), 21, 22
  • Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 16, 17, 18, 19, 22
  • International Conference on Applied Cryptography and Network Security (ACNS), 20 21
  • International Conf. on Security and Privacy in Comm. Networks (SECURECOMM), 15, 16, 17, 18, 19, 20
  • Annual Digital Forensics Research Conference (DFRWS), 13, 14, 15, 16, 17, 18, 19, 20
  • International Conference on Privacy, Security and Trust (PST), 13, 14, 15, 18, 19
  • ACM Cloud Computing Security Workshop (CCSW), 19, 21
  • Workshop on Automotive and Autonomous Vehicle Security (AutoSec), 21, 22
  • Program Analysis and Verification on Trusted Platforms (PAVeTrust) 21, 22
  • Information Security Conference (ISC), 17, 19
  • Workshop on System Software for Trusted Execution (SysTex), 16, 17
  • Workshop on Forming an Ecosystem Around Software Transformation (FEAST), 17, 18, 19
  • IEEE International Conference on Distributed Computing Systems (ICDCS), 14
  • IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid), 13, 14
  • IEEE International Conference on Big Data (BigData), 13, 14, 16
  • International Congress on Big Data (BigData), 14, 17
  • International Symposium on Foundations and Applications of Big Data Analytics (FAB), 15, 16
  • International Symposium on Big Data Management and Analytics (BIDMA), 16
  • IEEE International Conference on Cyber Security and Cloud Computing (CSCloud), 15
  • International Workshop on Cloud Compliance (IWCC), 15
  • The European Workshop on Systems Security (EuroSec), 14
  • IEEE International Performance Computing and Communications Conference (IPCCC), 11, 12, 13, 14, 15
  • Workshop on Hardware and Architectural Support for Security and Privacy (HASP), 12, 13, 14, 15, 16
  • International Symposium on Secure Virtual Infrastructures, 13, 14
• Panelist:
  • NSF proposal review panels, 12, 16, 17, 18, 19, 20, 21, 22
• Artifact Evaluation Committee Member:
  • Annual Computer Security Applications Conference (ACSAC), 19, 20, 21, 22, 23

Misc

• My calendar

HOME