Note: these publication materials are presented to ensure a timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each paper's copyright (e.g., ACM/IEEE/USENIX/ISOC Copyright Policy).
Publications
Venue | Paper Details |
---|---|
2024 | |
ACSAC | "Breaking the Privacy Barrier: On the Feasibility of Reorganization Attacks on Ethereum Private Transactions". Mengya Zhang, Xingyu Lyu, Jianyu Niu, Xiaokuan Zhang, Yinqian Zhang, and Zhiqiang Lin. In Proceedings of the 40th Annual Computer Security Applications Conference, December 2024. [PDF][Bibtex] |
CCS | "BaseMirror: Automatic Reverse Engineering of Baseband Commands from Android’s Radio Interface Layer". Wenqiang Li*, Haohuang Wen*, and Zhiqiang Lin (* indicates equal contribution). In Proceedings of the 31st ACM Conference on Computer and Communications Security. October 2024. [PDF][Slides][Bibtex] |
CCS | "When Compiler Optimizations Meet Symbolic Execution: An Empirical Study". Yue Zhang, Melih Sirlanci, Ruoyu "Fish" Wang, and Zhiqiang Lin. In Proceedings of the 31st ACM Conference on Computer and Communications Security. October 2024. [PDF][Slides][Bibtex] |
OOPSLA | "Cocoon: Static Information Flow Control in Rust". Ada Lamba, Max Taylor, Vincent Beardsley, Jacob Bambeck, Michael D. Bond, and Zhiqiang Lin. In Proceedings of the ACM on Programming Languages (OOPSLA-edition). October 2024. [PDF][Bibtex] |
RAID | "Security of Cross-chain Bridges: Attack Surfaces, Defenses, and Open Problems". Mengya Zhang, Xiaokuan Zhang, Yinqian Zhang, Zhiqiang Lin. In Proceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses, October 2024. [PDF][Slides][Bibtex] |
FSE | "SimLLM: Calculating Semantic Similarity in Code Summaries Using a Large Language Model-Based Approach".Xin Jin, and Zhiqiang Lin. In Proceedings of the ACM International Conference on the Foundations of Software Engineering. July 2024. [PDF][Bibtex][Slides] |
ASIACCS | "Root Free Attacks: Exploiting Mobile Platform’s Super Apps From Desktop". Chao Wang, Yue Zhang, and Zhiqiang Lin. In Proceedings of the 19th ACM Asia Conference on Computer and Communications Security, July 2024. [PDF][Slides][Bibtex] |
S&P | "From Virtual Touch to Tesla Command: Unlocking Unauthenticated Control Chains From Smart Glasses for Vehicle Takeover". Xiangli Zhang, Yazhou Tu, Yan Long, Liqun Shan, Mohamed A Elsaadani, Kevin Fu, Zhiqiang Lin, and Xiali Hei. In Proceedings of the 45th IEEE Symposium on Security and Privacy, San Fransisco, CA, May 2024. [PDF][Bibtex] (Distinguished Paper Award) |
ASPLOS | "FreePart: Hardening Data Processing Software via Framework-based Partitioning and Isolation". Ali Ahad, Gang Wang, Chung Hwan Kim, Suman Jana, Zhiqiang Lin, Yonghwi Kwon. In Proceedings of the ACM International Conference on Architectural Support for Programming Languages and Operating Systems. March 2024. [PDF][Bibtex] |
NDSS | "5G-Spector: An O-RAN Compliant Layer-3 Cellular Attack Detection Service". Haohuang Wen, Phillip Porras, Vinod Yegneswaran, Ashish Gehani, and Zhiqiang Lin. In Network and Distributed System Security Symposium. March 2024. [PDF][Bibtex] (Distinguished Artifact Award) |
2023 | |
Arxiv | "Binary Code Summarization: Benchmarking ChatGPT/GPT-4 and Other Large Language Models". Xin Jin, Jonathan Larson, Weiwei Yang, and Zhiqiang Lin. In arxiv. December 2023. [PDF] |
CCS | "Uncovering and Exploiting Hidden APIs in Mobile Super Apps". Chao Wang, Yue Zhang, and Zhiqiang Lin. In Proceedings of the 30th ACM Conference on Computer and Communications Security. November 2023. [PDF][Slides][Bibtex] |
CCS | "Don’t Leak Your Keys: Understanding, Measuring, and Exploiting the AppSecret Leaks in Mini-Programs". Yue Zhang, Yuqing Yang, and Zhiqiang Lin. In Proceedings of the 30th ACM Conference on Computer and Communications Security. November 2023. [PDF][Slides][Bibtex] |
RAID | "Extracting Threat Intelligence From Cheat Binaries For Anti-Cheating". Md Sakib Anwar, Chaoshun Zuo, Carter Yagemann, and Zhiqiang Lin. In Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses, October 2023. [PDF][Slides][Bibtex] |
RAID | "Renewable Just-In-Time Control-Flow Integrity". Erick Barman, Kevin Hamlin, Juan Duan, and Zhiqiang Lin. In Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses, October 2023. [PDF][Slides][Bibtex] |
SMARTSP | "ADC-Bank: Detecting Acoustic Out-of-Band Signal Injection on Inertial Sensors".Jianyi Zhang, Yuchen Wang, Yazhou Tu, Sara Rampazzi, Zhiqiang Lin, Insup Lee, and Xiali Hei.. In Proceedings of The inaugural EAI International Conference on Security and Privacy in Cyber-Physical Systems and Smart Vehicles, October 2023. [PDF] (Best Paper Award) |
USENIX-SEC | "Egg Hunt in Tesla Infotainment: A First Look at Reverse Engineering of Qt Binaries". Haohuang Wen, and Zhiqiang Lin. In Proceedings of the 32nd USENIX Security Symposium, August 2023. [PDF][Slides][Bibtex] |
USENIX-SEC | "Controlled Data Races in Enclaves: Attacks and Detection". Sanchuan Chen, Zhiqiang Lin, Yinqian Zhang. In Proceedings of the 32nd USENIX Security Symposium, August 2023. [PDF][Slides][Bibtex] |
USENIX-SEC | "One Size Does Not Fit All: Uncovering and Exploiting Cross Platform Discrepant APIs in WeChat". Chao Wang, Yue Zhang, and Zhiqiang Lin. In Proceedings of the 32nd USENIX Security Symposium, August 2023. [PDF][Slides][Bibtex] |
USENIX-SEC | "Reusable Enclaves for Confidential Serverless Computing". Shixuan Zhao, Pinshen Xu, Guoxing Chen, Mengya Zhang, Yinqian Zhang, and Zhiqiang Lin. In Proceedings of the 32nd USENIX Security Symposium, August 2023. [PDF][Slides][Bibtex] |
USENIX-SEC | "Your Exploit is Mine: Instantly Synthesizing Counterattack Smart Contract". Zhuo Zhang, Zhiqiang Lin, Marcelo Morales, Xiangyu Zhang, and Kaiyuan Zhang. In Proceedings of the 32nd USENIX Security Symposium, August 2023. [PDF][Slides][Bibtex] |
USENIX-SEC | "A Peek into the Metaverse: Detecting 3D Model Clones in Mobile Games". Chaoshun Zuo, Chao Wang, and Zhiqiang Lin. In Proceedings of the 32nd USENIX Security Symposium, August 2023. [PDF][Slides][Bibtex] |
ASIACCS | "Uncovering Vulnerabilities of Bluetooth Low Energy IoT from Companion Mobile Apps with Ble-Guuide". Pallavi Sivakumaran, Chaoshun Zuo, Zhiqiang Lin, and Jorge Blasco. In Proceedings of the 18th ACM Asia Conference on Computer and Communications Security, July 2023. [PDF][Slides][Bibtex] |
DIMVA | "PWRLEAK: Exploiting Power Reporting Interface for Side-channel Attacks on AMD SEV". Wubing Wang, Mengyuan Li, Yinqian Zhang, Zhiqiang Lin. In Proceedings of the 20th Conference on Detection of Intrusions and Malware & Vulnerability Assessment. July 2023. [PDF][Bibtex] |
SIGMETRICS | "Detecting and Measuring Aggressive Location Harvesting in Mobile Apps via Data-flow Path Embedding". Haoran Lu, Qingchuan Zhao, Yongliang Chen, Xiaojing Liao, and Zhiqiang Lin. In Proceedings of the ACM on Measurement and Analysis of Computing Systems (POMACS). June 2023. [PDF][Bibtex] |
ICSE | "TaintMini: Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis". Chao Wang, Ronny Ko, Yue Zhang, Allen Yuqing Yang, and Zhiqiang Lin. In Proceedings of 45th ACM/IEEE International Conference on Software Engineering, May 2023. [PDF][Bibtex] |
ICSE | "Demystifying Exploitable Bugs in Smart Contracts". Zhuo Zhang, Brian Zhang, Wen Xu, and Zhiqiang Lin. In Proceedings of 45th ACM/IEEE International Conference on Software Engineering, May 2023. [PDF][Bibtex] |
NDSS | "Extrapolating Formal Analysis to Uncover Attacks in Bluetooth Passkey Entry Pairing". Mohit K. Jangid, Yue Zhang and Zhiqiang Lin. In Proceedings of the 30th ISOC Network and Distributed System Security Symposium, San Diego, CA, April 2023. [PDF][Slides][Bibtex] |
NDSS | "Thwarting Smartphone SMS Attacks at the Radio Interface Layer". Haohuang Wen, Phil Porras, Vinod Yegneswaran, and Zhiqiang Lin. In Proceedings of the 30th ISOC Network and Distributed System Security Symposium, San Diego, CA, April 2023. [PDF][Slides][Bibtex] |
2022 | |
EmgWireless | "A Fine-Grained Telemetry Stream for Security Services in 5G Open Radio Access Networks". Haohuang Wen, Phillip Porras, Vinod Yegneswaran, and Zhiqiang Lin. In Proceedings of the 1st Workshop on Emerging Topics in Wireless. December 2022. [PDF][Slides][Bibtex] |
CCS | "When Good Becomes Evil: Tracking Bluetooth Low Energy Devices via Allowlist-based Side Channel and Its Countermeasure". Yue Zhang, and Zhiqiang Lin. In Proceedings of the 29th ACM Conference on Computer and Communications Security. November 2022. [PDF][Slides][Bibtex] (Best Paper Award Honorable Mention) |
CCS | "Cross Miniapp Request Forgery: Root Causes, Attacks, and Vulnerability Detection". Allen Y. Yang, Yue Zhang, Zhiqiang Lin. In Proceedings of the 29th ACM Conference on Computer and Communications Security. November 2022. [PDF][Slides][Bibtex] |
CCS | "Detecting and Measuring Misconfigured Manifest in Android Apps". Allen Y. Yang, Mohamed Elsabagh, Chaoshun Zuo, Ryan Johnson, Angelos Stavrou, and Zhiqiang Lin. In Proceedings of the 29th ACM Conference on Computer and Communications Security. November 2022. [PDF][Slides][Bibtex] |
CCS | "SymLM: Predicating Function Name in Stripped Binaries through Context-Sensitive Execution-Aware Code Embeddings". Xin Jin, Kexin Pei, Jun Y. Wong, and Zhiqiang Lin. In Proceedings of the 29th ACM Conference on Computer and Communications Security. November 2022. [PDF][Slides][Bibtex] |
CCS | "Understanding IoT Security from a Market-Scale Perspective". Xin Jin, Sunil Manandhar, Kaushal Kafle, Zhiqiang Lin, and Adwait Nadkarni. In Proceedings of the 29th ACM Conference on Computer and Communications Security. November 2022. [PDF][Slides][Bibtex] |
RAID | "What You See is Not What You Get: Revealing Hidden Memory Mapping for Peripheral Modeling". Jun Y. Wong, Haohuang Wen, and Zhiqiang Lin. In Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses, October 2022. [PDF][Slides][Bibtex] |
USENIX-SEC | "Playing Without Paying: Detecting Vulnerable Payment Verification in Native Binaries of Mobile Games". Chaoshun Zuo, and Zhiqiang Lin. In Proceedings of the 31st USENIX Security Symposium, August 2022. [PDF][Slides][Bibtex] |
PETS | "Replay (Far) Away: Exploiting and Fixing Google/Apple Exposure Notification Contact Tracing". Christopher Ellis , Haohuang Wen, Zhiqiang Lin, and Anish Arora. In Proceedings of the 29th Privacy Enhancing Technologies Symposium, July 2022. [PDF][Slides][Bibtex] |
ASIACCS | "PeriScope: Comprehensive Vulnerability Analysis of Mobile App-defined Bluetooth Peripherals". Qingchuan Zhao, Chaoshun Zuo, Jorge Blasco, and Zhiqiang Lin. In Proceedings of the 17th ACM Asia Conference on Computer and Communications Security, June 2022. [PDF][Slides][Bibtex] |
S&P | "vSGX: Virtualizing SGX Enclaves on AMD SEV". Shixuan Zhao, Mengyuan Li, Yinqian Zhang, and Zhiqiang Lin. In Proceedings of the 43rd IEEE Symposium on Security and Privacy, San Fransisco, CA, May 2022. [PDF][Slides][Bibtex] |
AutoSec | "Towards A TEE-based V2V Protocol For Connected And Autonomous Vehicles". Mohit Jangid, and Zhiqiang Lin. In Proceedings of the Automotive and Autonomous Vehicle Security (AutoSec) Workshop 2022, San Diego, CA, April 2022. [PDF][Slides][Bibtex] |
NDSS | "Multi-Certificate Attacks Against Proof-of-Elapsed-Time and Their Countermeasures". Huibo Wang, Guoxing Chen, Yinqian Zhang, and Zhiqiang Lin. In Proceedings of the 29th ISOC Network and Distributed System Security Symposium, San Diego, CA, April 2022. [PDF][Slides][Bibtex] |
TC | "vTrust: Remotely Executing Mobile Apps Transparently With Local Untrusted OS.". Yutao Tang, Zhengrui Qin, Yue Li, Zhiqiang Lin, Shanhe Yi, Fengyuan Xu, and Qun Li. In IEEE Transactions on Computers, February 2022. [PDF][Bibtex] |
2021 | |
CCS | "CROSSLINE: Breaking 'Security-by-Crash' based Memory Isolation in AMD SEV". Mengyuan Li, Yinqian Zhang, Zhiqiang Lin. In Proceedings of the 28th ACM Conference on Computer and Communications Security. November 2021. [PDF][Slides][Bibtex] (Best Paper Award Runner-up) |
RAID | "iTOP: Automating Counterfeit Object Oriented Programming Attacks". Paul Muntean, Richard Viehoever, Zhiqiang Lin, Gang Tan, Jens Grossklags, and Claudia Eckert. In Proceedings of the 24th International Symposium on Research in Attacks, Intrusions and Defenses, October 2021. [PDF][Slides][Bibtex] |
USENIX-SEC | "SelectiveTaint: Efficient Data Flow Tracking With Static Binary Rewriting". Sanchuan Chen, Zhiqiang Lin, Yinqian Zhang. In Proceedings of the 30th USENIX Security Symposium, August 2021. [PDF][Slides][Bibtex] |
USENIX-SEC | "Automatic Policy Generation for Inter-Service Access Control of Microservices". Xing Li, Yan Chen, Zhiqiang Lin, Xiao Wang, and Jim Hao Chen. In Proceedings of the 30th USENIX Security Symposium, August 2021. [PDF][Slides][Bibtex] |
USENIX-SEC | "Towards Formal Verification of State Continuity for Enclave Programs". Mohit Kumar Jangid, Guoxing Chen, Yinqian Zhang, Zhiqiang Lin. In Proceedings of the 30th USENIX Security Symposium, August 2021. [PDF][Slides][Bibtex] |
DIMVA | "SPECULARIZER: Detecting Speculative ExecutionAttacks via Performance Tracing". Wubing Wang, Guoxing Chen, Yueqiang Cheng, Yinqian Zhang, Zhiqiang Lin. In Proceedings of theThe 18th Conference on Detection of Intrusions and Malware & Vulnerability Assessment. July 2021. [PDF][Bibtex] |
SIGMETRICS | "A Measurement Study of Wechat Mini-Apps". Yue Zhang, Bayan Turkistani, Allen Yuqing Yang, Chaoshun Zuo, and Zhiqiang Lin. In Proceedings of the ACM on Measurement and Analysis of Computing Systems (POMACS). June 2021. [PDF][Bibtex] |
HCC-Journal | "WLAN-Log-Based Superspreader Detection in the COVID-19 Pandemic". Cheng Zhang, Yunze Pan, Yunqi Zhang, Adam C Champion, Zhaohui Shen, Dong Xuan, Zhiqiang Lin, Ness B Shroff. In Journal of High Confidence Computing. [PDF][Bibtex] |
2020 | |
ITU-Journal | "A Blueprint For Effective Pandemic Mitigation". Rahul Singh, Wenbo Ren, Fang Liu, Dong Xuan, Zhiqiang Lin, Ness B Shroff. In ITU Journal on Future and Evolving Technologies, Volume 1 (2020), Issue 1, 15 December 2020. [PDF][Bibtex] |
ACSAC | "ρFEM: Efficient Backward-edge Protection Using Reversed Forward-edge Mappings". Paul Muntean, Matthias Neumayer, Zhiqiang Lin, Gang Tan, Jens Grossklags, and Claudia Eckert. In Proceedings of the 35th Annual Computer Security Applications Conference, December 2020. [PDF][Bibtex] |
CCS | "FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities from Bare-Metal Firmware". Haohuang Wen, Zhiqiang Lin, and Yinqian Zhang. In Proceedings of the 27th ACM Conference on Computer and Communications Security. November 2020. [PDF][Slides][Bibtex] |
SECURECOMM | "A Study of the Privacy of COVID-19 Contact Tracing Apps''. Haohuang Wen, Qingchuan Zhao, Zhiqiang Lin, Dong Xuan, Ness Shroff. In Proceedings of the 16th International Conference on Security and Privacy in Communication Networks (Late Track). October 2020. [PDF][Bibtex] |
SECURECOMM | "On the Accuracy of Measured Proximity of Bluetooth-based Contact Tracing Apps'' (short paper). Qingchuan Zhao, Haohuang Wen, Zhiqiang Lin, Dong Xuan, Ness Shroff. In Proceedings of the 16th International Conference on Security and Privacy in Communication Networks (Late Track). October 2020. [PDF][Bibtex] |
SECURECOMM | "On the Effectiveness of Behavior-based Ransomware Detection''. Jaehyun Han, Zhiqiang Lin, and Donald Porter. In Proceedings of the 16th International Conference on Security and Privacy in Communication Networks. October 2020. [PDF][Bibtex] |
USENIX-SEC | "Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack Surface (in Automotive IoT)", Haohuang Wen, Qi Alfred Chen, and Zhiqiang Lin. In Proceedings of the 29th USENIX Security Symposium, Boston, MA. August 2020. [PDF][Slides][Bibtex] |
USENIX-SEC | "FirmScope: Automatic Uncovering of Privilege-Escalation Vulnerabilitiesin Pre-Installed Apps in Android Firmware". Mohamed Elsabagh, Ryan Johnson, Angelos Stavrou, Chaoshun Zuo, Qingchuan Zhao, and Zhiqiang Lin. In Proceedings of the 29th USENIX Security Symposium, Boston, MA. August 2020. [PDF][Slides][Bibtex] |
USENIX-SEC | "SAVIOR: Securing Autonomous Vehicles with Robust Physical Invariants", Raul Quinonez, Jairo Giraldo, Luis Salazar, Erick Bauman, Alvaro Cardenas, and Zhiqiang Lin In Proceedings of the 29th USENIX Security Symposium, Boston, MA. August 2020. [PDF][Slides][Bibtex] |
USENIX-SEC | "Breaking Secure Pairing of Bluetooth Low Energy Using Downgrade Attacks", Yue Zhang, Jian Weng, Rajib Dey, Yier Jin, Zhiqiang Lin, and Xinwen Fu. In Proceedings of the 29th USENIX Security Symposium, Boston, MA. August 2020. [PDF][Slides][Bibtex] |
USENIX-SEC | "TXSPECTOR: Uncovering Attacks in Ethereum from Transactions", Mengya Zhang, Xiaokuan Zhang, Yinqian Zhang, and Zhiqiang Lin. In Proceedings of the 29th USENIX Security Symposium, Boston, MA. August 2020. [PDF][Slides][Bibtex] |
S&P | "Automatic Uncovering of Hidden Behaviors From Input Validation in Mobile Apps". Qingchuan Zhao, Chaoshun Zuo, Dolan-Gavitt Brendan, Giancarlo Pellegrino, and Zhiqiang Lin. In Proceedings of the 41st IEEE Symposium on Security and Privacy, San Fransisco, CA, May 2020. [PDF][Slides][Bibtex] |
NDSS | "Automated Cross-Platform Reverse Engineering of CAN Bus Commands From Mobile Apps". Haohuang Wen, Qingchuan Zhao, Qi Alfred Chen, and Zhiqiang Lin. In Proceedings of the 27th ISOC Network and Distributed System Security Symposium, San Diego, CA, February 2020. [PDF][Slides][Bibtex] |
2019 | |
ACSAC | "Analyzing Control Flow Integrity with LLVM-CFI". Paul Muntean, Matthias Neumayer, Zhiqiang Lin, Gang Tan, Jens Grossklags, and Claudia Eckert. In Proceedings of the 35th Annual Computer Security Applications Conference, December 2019. (60/266=22.6%) [PDF][Bibtex] |
CCS | "Automatic Fingerprinting of Vulnerable BLE IoT Devices with Static UUIDs from Mobile Apps". Chaoshun Zuo, Haohuang Wen, Zhiqiang Lin, and Yinqian Zhang. In Proceedings of the 26th ACM Conference on Computer and Communications Security, London, UK. November 2019. [PDF][Slides][Bibtex] |
CCS | "Towards Memory Safe Enclave Programming with Rust-SGX". Huibo Wang, Pei Wang, Yu Ding, Mingshen Sun, Yiming Jing, Ran Duan, Long Li, Yulong Zhang, Tao Wei, and Zhiqiang Lin. In Proceedings of the 26th ACM Conference on Computer and Communications Security, London, UK. November 2019. [PDF][Slides][Bibtex] |
RAID | "Time and Order: Towards Automatically Identifying Side-Channel Vulnerabilities in Enclave Binaries". Wubing Wang, Yinqian Zhang, and Zhiqiang Lin. In Proceedings of the 22nd International Symposium on Research in Attacks, Intrusions and Defenses, September 2019. [PDF][Slides][Bibtex] |
USENIX-SEC | "The Betrayal At Cloud City: An Empirical Analysis Of Cloud-Based Mobile Backends", Omar Alrawi*, Chaoshun Zuo*, Ruian Duan, Ranjita Kasturi, Zhiqiang Lin, Brendan Saltaformaggio. (*authors contributed equally) In Proceedings of the 2019 USENIX Security Symposium, Santa Clara. August 2019. [PDF][Slides][Bibtex] |
USENIX-SEC | "CONFIRM: Evaluating Compatibility and Relevance of Control-flow Integrity Protections for Modern Software", Xiaoyang Xu, Masoud Ghaffarinia, Wenhao Wang, Kevin W. Hamlen, and Zhiqiang Lin. In Proceedings of the 2019 USENIX Security Symposium, Santa Clara. August 2019. [PDF][Slides][Bibtex] |
USENIX-SEC | "Exploiting Unprotected I/O Operations in AMD's Secure Encrypted Virtualization", Mengyuan Li, Yinqian Zhang, Zhiqiang Lin, Yan Solihin. In Proceedings of the 2019 USENIX Security Symposium, Santa Clara. August 2019. [PDF][Bibtex] |
ASIACCS | "Running Language Interpreters Inside SGX: A Lightweight Legacy-Compatible Script Code Hardening Approach" (short paper). Huibo Wang, Erick Bauman, Vishal Karande, Zhiqiang Lin, Yueqiang Cheng, Yinqian Zhang. In Proceedings of the 14th ACM Asia Conference on Computer and Communications Security, July 2019. [PDF][Slides][Bibtex] |
DSN | "Your IoTs Are (Not) Mine: On the Remote Binding Between IoT Devices and Users". Jiongyi Chen, Chaoshun Zuo, Wenrui Diao, Shuaike Dong, Qingchuan Zhao, Menghan Sun, Zhiqiang Lin, Yinqian Zhang, and Kehuan Zhang. In Proceedings of the 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. June 2019 [PDF][Bibtex] |
EUROS&P | "Stealing Intel Secrets from SGX Enclaves via Speculative Execution". Guoxing Chen, Sanchuan Chen, Yuan Xiao, Yinqian Zhang, Zhiqiang Lin, and Ten H. Lai. In Proceedings of the 4th IEEE European Symposium on Security and Privacy, June 2019. [PDF][Bibtex] |
ICSE | "Probabilistic Disassembly". Kenneth Miller, Yonghwi Kwon, Yi Sun, Zhuo Zhang, Xiangyu Zhang, and Zhiqiang Lin. In Proceedings of 41st ACM/IEEE International Conference on Software Engineering, May 2019. [PDF][Bibtex] |
S&P | "Why Does Your Data Leak? Uncovering the Data Leakage in Cloud From Mobile Apps". Chaoshun Zuo, Zhiqiang Lin, and Yinqian Zhang. In Proceedings of the 40th IEEE Symposium on Security and Privacy, San Fransisco, CA, May 2019. [PDF][Slides][Bibtex] |
NDSS | "Geo-locating Drivers: A Study of Sensitive Data Leakagein Ride-Hailing Services". Qingchuan Zhao, Chaoshun Zuo, Giancarlo Pellegrino, and Zhiqiang Lin. In Proceedings of the 26th ISOC Network and Distributed System Security Symposium, San Diego, CA, February 2019. [PDF][Slides][Bibtex] |
2018 | |
ACSAC | "A Measurement Study of Authentication Rate-Limiting Mechanisms of Modern Websites". Bo Lu, Xiaokuan Zhang, Ziman Ling, Yinqian Zhang, and Zhiqiang Lin. In Proceedings of the 34th Annual Computer Security Applications Conference, December 2018. (60/299=20.1%) [PDF][Bibtex] |
CCS | "K-Hunt: Pinpointing Insecure Cryptographic Keys from Execution Traces". Juanru Li, Zhiqiang Lin. Juan Caballer, Yuanyuan Zhang, Dawu Gu. In Proceedings of the 25th ACM Conference on Computer and Communications Security, Toronto. November 2018. (134/770=17.4%) [PDF][Slides][Bibtex] |
FEAST | "Towards Interface-Driven COTS Binary Hardening". Xiaoyang Xu, Wenhao Wang, Kevin W. Hamlen, and Zhiqiang Lin. In Proceedings of the 3rd Workshop on Forming an Ecosystem Around Software Transformation, October 2018. [PDF][Bibtex] |
RAID | "{tauCFI}: Type-Assisted Control Flow Integrity for x86-64 Binaries". Paul Muntean, Matthias Fischer, Gang Tan, Zhiqiang Lin, Jens Grossklags ,and Claudia Eckert. In Proceedings of the 21st International Symposium on Research in Attacks, Intrusions and Defenses, September 2018. [PDF][Slides][Bibtex] |
USENIX-SEC | "Injected and Delivered: Fabricating Implicit Control over Actuation Systems by Spoofing Inertial Sensors", Yazhou Tu, Zhiqiang Lin, Insup Lee and Xiali Hei. In Proceedings of the 2018 USENIX Security Symposium, Baltimore, MD. August 2018. [PDF][Bibtex] |
USENIX-SEC | "Guarder: A Tunable Secure Allocator", Sam Silvestro, Hongyu Liu, Tianyi Liu, Zhiqiang Lin, and Tongping Liu. In Proceedings of the 2018 USENIX Security Symposium, Baltimore, MD. August 2018. [PDF][Bibtex] |
ASIACCS | "BCD: Decomposing Binary Code Into Components Using Graph-Based Clustering" (short paper). Vishal Karande, Swarup Chandra, Zhiqiang Lin, Juan Caballero, Latifur Khan, and Kevin Hamlen. In Proceedings of the 13th ACM Asia Conference on Computer and Communications Security, June 2018. [PDF][Slides][Bibtex] |
CGO | "SGX-Elide: Enabling Enclave Code Secrecy via Self-Modification". Erick Bauman, Huibo Wang, Mingwei Zhang, and Zhiqiang Lin. In Proceedings of International Symposium on Code Generation and Optimization, Vienna, Austria, February 2018. [PDF][Slides][Bibtex] |
NDSS | "Superset Disassembly: Statically Rewriting x86 Binaries Without Heuristics". Erick Bauman, Zhiqiang Lin, and Kevin Hamlen. In Proceedings of the 25th ISOC Network and Distributed System Security Symposium, San Diego, CA, February 2018. [PDF][Slides][Bibtex] |
NDSS | "IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing". Jiongyi Chen, Wenrui Diao, Qingchuan Zhao, Chaoshun Zuo, Zhiqiang Lin, XiaoFeng Wang, Wing Cheong Lau, Menghan Sun, Ronghai Yang, Kehuan Zhang. In Proceedings of the 25th ISOC Network and Distributed System Security Symposium, San Diego, CA, February 2018. [PDF][Slides][Bibtex] |
SIGCSE | "Using Virtual Machine Introspection for Kernel Security Education". Manish Bhatt, Irfan Ahmed, and Zhiqiang Lin. In Proceedings of The 49th ACM Technical Symposium on Computer Science Education, Baltimore, MD, February 2018. [PDF][Slides][Bibtex] |
2017 | |
CCS | "AuthScope: Towards Automatic Discovery of Vulnerable Authorizations in Online Services". Chaoshun Zuo, Qingchuan Zhao, and Zhiqiang Lin. In Proceedings of the 24th ACM Conference on Computer and Communications Security, Dallas, Texas. November 2017. (151/843=17.9%) [PDF][Slides][Bibtex] |
CCS | "SGX-BigMatrix: A Practical Encrypted Data Analytic Framework With Trusted Processors". Fahad Shaon, Murat Kantarcioglu, Zhiqiang Lin, and Latifur Khan. In Proceedings of the 24th ACM Conference on Computer and Communications Security, Dallas, Texas. November 2017. (151/843=17.9%) [PDF][Slides][Bibtex] |
CCS | "FreeGuard: A Faster Secure Heap Allocator". Sam Silvestro, Hongyu Liu, Corey Crosser, Zhiqiang Lin, and Tongping Liu. In Proceedings of the 24th ACM Conference on Computer and Communications Security, Dallas, Texas. November 2017. (151/843=17.9%) [PDF][Slides][Bibtex] |
RAID | "Thwarting Controlled Side Channel Attacks via Enclave Verifiable Page Faults". Yangchun Fu, Erick Bauman, Raul Quinonez, and Zhiqiang Lin. In Proceedings of the 20th International Symposium on Research in Attacks, Intrusions and Defenses, Atlanta, Georgia. September 2017 (21/106 = 19.8%). [PDF][Slides][Bibtex] |
ESORICS | "Securing Data Analytics on SGX With Randomization". Swarup Chandra, Vishal Karande, Zhiqiang Lin, Latifur Khan, Murat Kantarcioglu, and Bhavani Thuraisingham. In Proceedings of the 22nd European Symposium on Research in Computer Security, Oslo, Norway. September, 2017. [PDF][Bibtex] |
APSYS | "Building a Security OS With Software Defined Infrastructure". Guofei Gu, Hongxin Hu, Eric Keller, Zhiqiang Lin, Donald E. Porter. In The 8th ACM SIGOPS Asia-Pacific Workshop on Systems, Mumbai, India. September, 2017. [PDF][Bibtex] |
WWW | "Exposing Server URLs of Mobile Apps With Selective Symbolic Execution". Chaoshun Zuo, and Zhiqiang Lin. In Proceedings of the 26th World Wide Web Conference, Perth, Australia. April 2017. (164/966=17%) [PDF][Slides][Bibtex] |
ASIACCS | "SGX-Log: Securing System Logs With SGX". Vishal Karande, Erick Buaman, Zhiqiang Lin, and Latifur Khan. In Proceedings of the 12th ACM Asia Conference on Computer and Communications Security, Abu Dhabi. April 2017. [PDF][Slides][Bibtex] |
CODASPY | "PT-CFI: Transparent Backward-Edge Control Flow Violation Detection Using Intel Processor Trace". Yufei Gu, Qingchuan Zhao, Yinqian Zhang, and Zhiqiang Lin. In Proceedings of the 7th ACM Conference on Data and Application Security and Privacy, Scottsdale, Arizona. March 2017. [PDF][Slides][Bibtex] |
2016 | |
ACSAC | "Adaptive Encrypted Traffic Fingerprinting With Bi-Directional Dependence". Khaled Al Naami, Swarup Chandra, Ahmad Mustafa, Latifur Khan, Zhiqiang Lin, Kevin Hamlen, and Bhavani Thuraisingham. In Proceedings of the 32nd Annual Computer Security Applications Conference, Los Angelos, CA, December 2016. (48/210=22.8%) [PDF][Bibtex] |
SYSTEX | "A Case for Protecting Computer Games With SGX". Erick Bauman, and Zhiqiang Lin. In Proceedings of the 1st Workshop on System Software for Trusted Execution, Trento, Italy. December 2016. [PDF][Slides][Bibtex] |
RAID | "Detecting Stack Layout Corruptions with Robust Stack Unwinding". Yangchun Fu, Jungwhan Rhee, Zhiqiang Lin, Zhichun Li, Hui Zhang, Guofei Jiang. In Proceedings of the 19th International Symposium on Research in Attacks, Intrusions and Defenses, Paris, France. September 2016 (21/81 = 25.9%). [PDF][Bibtex] |
RAID | "Automatic Uncovering of Tap Points From Kernel Executions". Junyuan Zeng, Yangchun Fu, and Zhiqiang Lin. In Proceedings of the 19th International Symposium on Research in Attacks, Intrusions and Defenses, Paris, France. September 2016 (21/81 = 25.9%). [PDF][Slides][Bibtex] |
CSUR-Journal | "Type Inference on Executables'', Juan Caballero and Zhiqiang Lin. in ACM Computing Surveys, 2016. [PDF]Bibtex] |
CODASPY | "Derandomizing Kernel Address Space Layout for Introspection and Forensics". Yufei Gu, and Zhiqiang Lin. in Proceedings of the 6th ACM Conference on Data and Application Security and Privacy, New Orleans, LA, March 2016. [PDF][Slides][Bibtex] |
NDSS | "Automatic Forgery of Cryptographically Consistent Messages to Identify Security Vulnerabilities in Mobile Services"(or How to brute-force user's password when given a mobile app). Chaoshun Zuo, Wubing Wang, Rui Wang, and Zhiqiang Lin. in Proceedings of the 23rd ISOC Network and Distributed System Security Symposium, San Diego, CA, February 2016 (60/389 = 15.4%). [PDF][Slides][Bibtex] |
2015 | |
RAID | "Towards Automatic Inference of Kernel Object Semantics from Binary Code". Junyuan Zeng and Zhiqiang Lin. In Proceedings of the 18th International Symposium on Research in Attacks, Intrusions and Defenses, Kyoto, Japan. November 2015 (28/147 = 19%). [PDF][Slides][Bibtex] |
ESEC/FSE | "Automatically Deriving Pointer Reference Expressions From Executions For Memory Dump Analysis". Yangchun Fu, Zhiqiang Lin, and David Brumley. In Proceedings of the 10th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering. BERGAMO, ITALY, September 2015. [PDF][Bibtex][Slides] |
CSUR-Journal | "A Survey on Hypervisor Based Monitoring: Approaches, Applications, and Evolutions'', Erick Bauman, Gbadebo Ayoade, and Zhiqiang Lin. In ACM Computing Surveys, August 2015. [PDF]Bibtex] |
ESORICS | "A Practical Approach for Adaptive Data Structure Layout Randomization". Ping Chen, Jun Xu, Zhiqiang Lin, Dongyan Xu, Bing Mao and Peng Liu. In Proceedings of the 20th European Symposium on Research in Computer Security, Vienna, Austria, September, 2015. [PDF][Bibtex] |
USENIX-SEC | "You Shouldn't Collect My Secrets: Thwarting Sensitive Keystroke Leakage in Mobile IME Apps". Jin Chen, Haibo Chen, Erick Bauman, Zhiqiang Lin, Binyu Zang, Haibing Guan. In Proceedings of the 2015 USENIX Security Symposium, Washington DC. August 2015 (67/426 = 15.7%). [PDF][Bibtex] |
DSN | "Enhancing Software Dependability and Security with Hardware Supported Instruction Address Space Randomization". Seung Hun Kim, Lei Xu, Ziyi Liu, Zhiqiang Lin, Won Woo Ro, and Weidong Shi . In Proceedings of the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Rio De Janeiro, Brazil. June 2015 [PDF][Bibtex] |
ISPEC | "Half a Century of Practice: Who Is Still Storing Plaintext Passwords?'' Erick Bauman, Yafeng Lu, and Zhiqiang Lin. In Proceedings of the 11th International Conference on Information Security Practice and Experience, Beijing, China. May 2015 [PDF][Bibtex] |
VEE | "PEMU: A Pin Highly Compatible Out-of-VM Dynamic Binary Instrumentation Framework". Junyuan Zeng, Yangchun Fu, and Zhiqiang Lin. In Proceedings of the 11th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, Istanbul, Turkey, March 2013 [PDF][Slides][Bibtex] |
2014 | |
ACSAC | "MACE: High-Coverage and Robust Memory Analysis For Commodity Operating Systems". Qian Feng, Aravind Prakash, Heng Yin, and Zhiqiang Lin. In Proceedings of the 30th Annual Computer Security Applications Conference, New Orleans, Louisiana, December 2014. (19%) [PDF][Bibtex] |
TDSC-Journal | "On the Trustworthiness of Memory Analysis---An Empirical Study from the Perspective of Binary Execution", Aravind Prakash, Eknath Venkataramani, Heng Yin, and Zhiqiang Lin. IEEE Transactions on Dependable and Secure Computing (TDSC), October 2014. [PDF][Bibtex] |
SECURECOMM | "A Systematic Study of the Covert-Channel Attacks in Smartphones'' (short paper). Swarup Chandra, Zhiqiang Lin, Ashish Kundu and Latifur Khan. In Proceedings of the 10th International Conference on Security and Privacy in Communication Networks, Beijing, China. September 2014. [PDF][Bibtex] |
ESORICS | "SigPath: A Memory Graph Based Approach for Program Data Introspection and Modification". David Urbina, Yufei Gu, Juan Caballero, and Zhiqiang Lin. In Proceedings of the 19th European Symposium on Research in Computer Security, Wroclaw, Poland, September, 2014 (58/234 = 24.8%). [PDF][Slides][Bibtex] |
RAID | "GoldenEye: Efficiently and Effectively Unveiling Malware's Targeted Environment". Zhaoyan Xu, Jialong Zhang, Guofei Gu, and Zhiqiang Lin. In Proceedings of the 17th International Symposium on Research in Attacks, Intrusions and Defenses, Gothenburg, Sweden. September 2014 (22/113 = 19.5%). [PDF][Slides][Bibtex] |
USENIX-SEC | "Preventing Cryptographic Key Leakage in Cloud Virtual Machines". Erman Pattuk, Murat Kantarcioglu, Zhiqiang Lin, and Huseyin Ulusoy. In Proceedings of the 2014 USENIX Security Symposium, San Diego, CA, August 2014 (67/350 = 19%). [PDF][Slides][Bibtex] |
USENIX-SEC | "X-Force: Force-Executing Binary Programs for Security Applications". Fei Peng, Zhui Deng, Xiangyu Zhang, Dongyan Xu, Zhiqiang Lin, and Zhendong Su. In Proceedings of the 2014 USENIX Security Symposium, San Diego, CA, August 2014 (67/350 = 19%). [PDF][Slides][Bibtex] |
TCC-Journal | "Multi-Aspect, Robust, and Memory Exclusive Guest OS Fingerprinting". Yufei Gu, Yangchun Fu, Aravind Prakash, Zhiqiang Lin, and Heng Yin. IEEE Transactions on Cloud Computing. July 2014. [PDF][Bibtex] |
USENIX-ATC | "HyperShell: A Practical Hypervisor Layer Guest OS Shell for Automated In-VM Management". Yangchun Fu, Junyuan Zeng, and Zhiqiang Lin. In Proceedings of the 2014 USENIX Annual Technical Conference, Philadephia, PA, June 2014 (36/205 = 14.9%). [PDF][Slides][Bibtex] |
DATE | "Programmable Decoder and Shadow Threads: Tolerate Remote Code Injection Exploits with Diversified Redundancy". Ziyi Liu, Weidong Shi, Shouhuai Xu, and Zhiqiang Lin. In Proceedings of the 2014 Design, Automation and Test in Europe, Dresden, Germany, March 2014 (206/1090 = 23.1%). [PDF][Bibtex] |
NDSS | "Hybrid-Bridge: Efficiently Bridging the Semantic-Gap in Virtual Machine Introspection via Decoupled Execution and Training Memoization". Alireza Saberi, Yangchun Fu, and Zhiqiang Lin. in Proceedings of the 21st ISOC Network and Distributed System Security Symposium, San Diego, CA, February 2014 (55/295 = 18.6%). [PDF][Slides][Bibtex] |
NDSS | "SMV-Hunter: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps". David Sounthiraraj, Justin Sahs, Garrett Greenwood, Zhiqiang Lin, and Latifur Khan. In Proceedings of the 21st ISOC Network and Distributed System Security Symposium, San Diego, CA, February 2014 (55/295 = 18.6%). [PDF][Slides][Bibtex] |
TIFS | "Data-Centric OS Kernel Malware Characterization". Junghwan Rhee, Ryan Riley, Zhiqiang Lin, Xuxian Jiang, Dongyan Xu. IEEE Transactions on Information Forensics and Security, Volume 9 Issue 1, January 2014. [PDF][Bibtex] |
2013 | |
VMTJ-Journal | "Toward Guest OS Writable Virtual Machine Introspection". Zhiqiang Lin. VMware Technical Journal, 2(2), December 2013. [PDF][HTML][Bibtex] |
ACSAC | "Subverting System Authentication with Context-Aware, Reactive Virtual Machine Introspection". Yangchun Fu, Zhiqiang Lin, and Kevin Hamlen. In Proceedings of the 29th Annual Computer Security Applications Conference, New Orleans, Louisiana, December 2013. (19%) [PDF][Slides][Bibtex] |
CCS | "Obfuscation-resilient Binary Code Reuse through Trace-oriented Programming". Junyuan Zeng, Yangchun Fu, Kenneth Miller, Zhiqiang Lin, Xiangyu Zhang, and Dongyan Xu. In Proceedings of the 20th ACM Conference on Computer and Communications Security, Berlin, Germany, November 2013. (105/530=19.8%) [PDF][Slides][Bibtex] |
TISSEC | "Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection". Yangchun Fu, and Zhiqiang Lin. In ACM Transactions on Information and System Security (TISSEC), Volume 16 Issue 2, September 2013. [PDF][Bibtex] |
ISCA | "CPU Transparent Protection of OS Kernel and Hypervisor Integrity with Programmable DRAM". Ziyi Liu, Jonghyuk Lee, Junyuan Zeng, Yuanfeng Wen, Zhiqiang Lin, and Weidong Shi. In Proceedings of the 40th International Symposium on Computer Architecture, Tel-Aviv, Israel. June 2013. (56/282=19.9%) [PDF]][Bibtex] |
ICDCS | "AUTOVAC: Towards Automatically Extracting System Resource Constraints and Generating Vaccines for Malware Immunization". Zhaoyan Xu, Jialong Zhang, Guofei Gu, and Zhiqiang Lin. In Proceedings of the 33rd International Conference on Distributed Computing Systems, Philadelphia, USA. July 2013. (61/464=13%) [PDF][Bibtex] |
DSN | "Manipulating Semantic Values in Kernel Data Structures: Attack Assessments and Implications". Aravind Prakash, Eknath Venkataramani, Heng Yin, and Zhiqiang Lin. In Proceedings of the 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN-PDS), Budapest, Hungary, June 2013 [PDF][Bibtex] |
VEE | "Exterior: Using a Dual-VM Based External Shell for Guest-OS Introspection, Configuration, and Recovery". Yangchun Fu, and Zhiqiang Lin. In Proceedings of the 9th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, Houston, TX, March 2013 [PDF][Slides][Bibtex] |
2012 | |
ACSAC | "Securing Untrusted Code via Compiler-Agnostic Binary Rewriting". Richard Wartel, Vishwath Mohan, Kevin Hamlen, and Zhiqiang Lin. In Proceedings of the 28th Annual Computer Security Applications Conference, Orlando, FL, December 2012. (44/231=19%) [PDF][Slides][Bibtex] (Outstanding Student Paper Award) |
SOCC | "OS-Sommelier: Memory-Only Operating System Fingerprinting in the Cloud". Yufei Gu, Yangchun Fu, Aravind Prakash, Zhiqiang Lin, and Heng Yin. In Proceedings of the 3rd ACM Symposium on Cloud Computing, San Jose, CA, October 2012. ((21+4)/165=15.3%) [PDF][Slides][Bibtex] |
CCS | "Binary Stirring: Self-randomizing Instruction Addresses of Legacy x86 Binary Code". Richard Wartel, Vishwath Mohan, Kevin Hamlen, and Zhiqiang Lin. In Proceedings of the 19th ACM Conference on Computer and Communications Security, Raleigh, NC, October 2012. (80/423=18.9%) [PDF][Slides][Bibtex] (This paper wins the 2nd place in the NYU-Poly AT&T Best Applied Security Paper of the Year 2012) |
DFRWS | "Bin-Carver: Automatic Recovery of Binary Executable Files". Scott Hand, Zhiqiang Lin, Guofei Gu, and Bhavani Thuraisingham. In Proceedings of the 12th Annual Digital Forensics Research Conference, Washington DC, August 2012 (14/47=29.8%). [PDF][Slides][Bibtex] |
S&P | "Space Traveling across VM: Automatically Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection". Yangchun Fu, and Zhiqiang Lin. In Proceedings of the 33rd IEEE Symposium on Security and Privacy, San Fransisco, CA, May 2012 (40/307=13%). [PDF][Slides][Slides-Handout][Demo][Bibtex] |
NDSS | "DIMSUM: Discovering Semantic Data of Interest from Un-mappable Memory with Confidence". Zhiqiang Lin, Junghwan Rhee, Chao Wu, Xiangyu Zhang, and Dongyan Xu. In Proceedings of the 19th ISOC Network and Distributed System Security Symposium, San Diego, CA, February 2012 (46/258 = 17.8%). [PDF][Slides][Bibtex] |
2011 and Before | |
AsiaCCS | "Characterizing Kernel Malware Behavior with Kernel Data Access Patterns". Junghwan Rhee, Zhiqiang Lin, and Dongyan Xu. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, Hong Kong, March 2011 (35/217 = 16.1%).[PDF] [Bibtex] |
NDSS | "SigGraph: Brute Force Scanning of Kernel Data Structure Instances Using Graph-based Signatures". Zhiqiang Lin, Junghwan Rhee, Xiangyu Zhang, Dongyan Xu, and Xuxian Jiang. In Proceedings of the 18th Network and Distributed System Security Symposium, San Diego, CA, February 2011 (28/139 = 20.1%). [Abstract][PDF][Bibtex][Demo][Slides] |
ISSTA | "Strict Control Dependence and its Effect on Dynamic Information Flow Analyses". Tao Bao, Yunhui Zheng, Zhiqiang Lin, Xiangyu Zhang and Dongyan Xu. In Proceedings of the 2010 International Symposium on Software Testing and Analysis,Trento, Italy. July 2010 (24/105 = 23%). [Bibtex][PDF] |
DSN | "Reuse-Oriented Camouflaging Trojan: Vulnerability Detection and Attack Construction". Zhiqiang Lin, Xiangyu Zhang, and Dongyan Xu. In Proceedings of the 40th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN-DCCS), Chicago, IL, June 2010 (39/168=23.2%). [Abstract][PDF][Bibtex][Slides] |
NDSS | "Automatic Reverse Engineering of Data Structures from Binary Execution. Zhiqiang Lin, Xiangyu Zhang, and Dongyan Xu. In Proceedings of the 17th Network and Distributed System Security Symposium, San Diego, CA, February 2010 (24/156=15.4%). [Abstract][PDF][Bibtex][Slides][Demo] (Note that this paper wins the 1st place in the Poster Competition of 2010 CERIAS Annual Information Security Symposium) |
TSE-Journal | "Reverse Engineering Input Syntactic Structure from Program Execution and Its Applications". Zhiqiang Lin, Xiangyu Zhang, and Dongyan Xu. IEEE Transactions on Software Engineering. 36(5), 2010. [PDF][Bibtex] |
DIMVA | "Polymorphing Software by Randomizing Data Structure Layout". Zhiqiang Lin, Ryan Riley, and Dongyan Xu. In Proceedings of the 6th SIG SIDAR Conference on Detection of Intrusions and Malware and Vulnerability Assessment. Milan, Italy, July 2009 ((10+3)/44=29.5%). [Abstract][PDF][Bibtex][Code] |
NDSS | "IntScope: Automatically Detecting Integer Overflow Vulnerability In X86 Binary Using Symbolic Execution". Tielei Wang, Tao Wei, Zhiqiang Lin, and Wei Zou. In Proceedings of the 16th Network and Distributed System Security Symposium, San Diego, CA, February 2009 (20/171=11.7%). [Abstract][PDF][Bibtex] |
FSE | "Deriving Input Syntactic Structure From Execution". Zhiqiang Lin, and Xiangyu Zhang. In Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering. Atlanta, Georgia, USA, November 2008 (31/152=20.5%). [Abstract][PDF][Bibtex][Slides] |
DSN | "Convicting Exploitable Software Vulnerabilities: An Efficient Input Provenance Based Approach". Zhiqiang Lin, Xiangyu Zhang, and Dongyan Xu. In Proceedings of the 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN-DCCS), Anchorage, Alaska, USA, June 2008 (34/149=23%). [Abstract][PDF][Bibtex][Slides] |
NDSS | "Automatic Protocol Format Reverse Engineering Through Context-Aware Monitored Execution". Zhiqiang Lin, Xuxian Jiang, Dongyan Xu, and Xiangyu Zhang. In Proceedings of the 15th Network and Distributed System Security Symposium,San Diego, CA, February 2008 (21/118=17.8%) [Abstract][PDF][Bibtex][Slides] |
AsiaCCS | "AutoPaG: Towards Automated Software Patch Generation with Source Code Root Cause Identification and Repair". Zhiqiang Lin, Xuxian Jiang, Dongyan Xu, Bing Mao, and Li Xie. In Proceedings of ACM Symposium on InformAtion, Computer and Communications Security, Singapore, March 2007 (Acceptance ratio: 33/188=17.6%). [PDF][Bibtex][Slides] |
ISC | "Transparent Run-Time Prevention of Format-String Attacks via Dynamic Taint and Flexible Validation". Zhiqiang Lin, Nai Xia, Guole Li, Bing Mao, and Li Xie. In Proceedings of the 9th Information Security Conference. Greece. Sept, 2006 (Acceptance ratio: 38/188=20.2%). [PDF][Bibtex][Code] |
ARES | "A Practical Framework for Dynamically Immunizing Software Security Vulnerabilities". Zhiqiang Lin, Bing Mao, and Li Xie. In Proceedings of the First International Conference on Availability, Reliability and Security. Austria. April, 2006. [PDF][Bibtex] |
IAW | "LibsafeXP: A Practical and Transparent Tool for Run-time Buffer Overflow Preventions". Zhiqiang Lin, Bing Mao, and Li Xie. In Proceedings of the 7th Annual IEEE Information Assurance Workshop. West Point, NY. USA. June, 2006. [PDF][Bibtex][Slides][Code] |