News :

07/2014 We have two papers accepted by CCS'14. The first paper is about Android malware classification. This work is entirely accomplished by PhD students under my guidance. The second paper is about code injection attacks on HTML5-based mobile apps. This is a collaborative work with Dr. Kevin Du's research group. Congratulations to everyone who contributed to these two papers!

03/2014 Our paper describing our new binary analysis platform DECAF has been accepted by ISSTA'14. It is a great team work! If you are interested in trying our tool, please follow this google code link.

03/2014 My joint proposal with Dr. Dawn Song at UC Berkeley has been recommended for funding by DARPA Cyber Grand Challenge. We are going to use and extend DECAF to discover vulnerabilities in the challege binaries and generate mission-oriented exploits.

02/2014 Our paper is accepted by ASIACCS'14. It proposes to apply bytecode rewriting technique and a context-aware policy enforcement to contain privacy leakage in Android apps.

11/2013 Our paper ``AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications'' has been accepted by NDSS'14. Great work, Mu!

05/2013 Lok Yan received All University Doctoral Prize for his outstanding PhD dissertation work. Congratulations!

02/2013 Our paper ``Manipulating Semantic Values in Kernel Data Structures: Attack Assessments and Implications'' has been accepted by DSN'13. Great work, Aravind and Eknath!

01/2013 Our paper ``Enforcing System-Wide Control Flow Integrity for Exploit Detection and Diagnosis'' has been accepted by ASIACCS'13. Great work, Aravind!

01/2013 We have just released the source code of Droidscope. Check it out!

11/2012 Lok Yan has successfully passed his PhD defense. Congratulations!

09/2012 The paper ``OS-Sommelier: Memory-Only Operating System Fingerprinting in the Cloud'' has been accepted by SoCC'12. This is a collaborative work with Prof. Zhiqiang Lin at UT Dallas.

07/2012 My book entitled ``Automatic Malware Analysis: An Emulator based Approach'' will be published in the Springer Briefs in Computer Science.

06/2012 McAfee (a leading anti-malware company) sponsored a one-year project to conduct automatic malware analysis using our dynamic binary analysis framework.

04/2012 our paper ``DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis'' has been accepted by USENIX Security 2012.

12/2011 our paper ``V2E: Combining Hardware Virtualization and Software Emulation for Transparent and Extensible Malware Analysis'' has been accepted by VEE'12.

11/2011 our paper ``Transparent and Extensible Malware Analysis by Combining Hardware Virtualization and Software Emulation'' has been accepted as an Invited Paper in NDSS'12.

10/2011 The paper ``Identifying and Analyzing Pointer Misuses for Sophisticated Memory-corruption Exploit Diagnosis'' has been accepted by NDSS'12.

08/2011 The paper ``Attacks on WebView in the Android System'' with Tongbo Luo, Hao Hao, Wenliang Du, and Yifei Wang, has been accepted by ACSAC'11.

01/2011 I receive the NSF 2011 Career Award.

07/2010 Our paper ``Keychain-based Signatures for Securing BGP'' will appear in the IEEE Journal on Selected Areas in Communications (J-SAC), October 2010.

07/2010, Our paper ``HookScout: Proactive and Binary-Centric Hook Detection'' was presented in DIMVA'10, July 8-9, 2010, in Bonn Germany.

06/2010 My proposal ``Mining Operating System Semantics: Techniques and Applications'' was awarded by NSF Trustworthy Computing Program.

Last update: July 2014