Network and Information Security Lab @ Tsinghua University

A research team focusing on cyber security at Tsinghua University.
A playground for fun hacking and fundamental research.
Base of the CTF teams Blue-Lotus and RedBud.

News

Feb 2021 - Our paper ROLoad: Securing Sensitive Operations with Pointee Integrity was accepted by Design Automation Conference (DAC) 2021.

Jan 2021 - Our paper VScape: Assessing and Escaping Virtual Call Protections was accepted by USENIX Security 2021.

Jan 2021 - Our paper MAZE: Towards Automated Heap Feng Shui was accepted by USENIX Security 2021.

Jan 2021 - Our paper Sharing More and Checking Less: Leveraging Common Input Keywords to Detect Bugs in Embedded Systems was accepted by USENIX Security 2021.

Dec 2020 - Our paper Code is the (F)Law: Demystifying and Mitigating Blockchain Inconsistency AttacksCaused by Software Bugs was accepted by INFOCOM 2021.

Sep 2020 - Our paper Weak Links in Authentication Chains: A Large-scale Analysis of Email Sender Spoofing Attacks was accepted by USENIX Security 2021.

Sep 2020 - Our paper POP and PUSH: Demystifying and Defending against (Mach) Port-Oriented Programming was accepted by NDSS 2021.

Aug 2020 - Our paper Lies in the Air: Characterizing Fake-base-station Spam Ecosystem in China was accepted by CCS 2020.

Aug 2020 - Our paper Finding Cracks in Shields: On the Security of Control Flow Integrity Mechanisms was accepted by CCS 2020.

July 2020 - Our paper CDN Backfired: Amplification Attacks Based on HTTP Range Requests received Best Paper Award in DSN 2020.

June 2020 - Our paper Talking with Familiar Strangers: An Empirical Study on HTTPS Context Confusion Attacks was accepted by CCS 2020.

May 2020 - Our paper Poison Over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices was accepted by USENIX Security 2020.

Apr 2020 - Our paper Argot: Generating Adversarial Readable Chinese Texts was accepted by IJCAI 2020.

Mar 2020 - Our paper FANS: Fuzzing Android Native System Services via Automated Interface Analysis was accepted by USENIX Security 2020.

Feb 2020 - Our paper CDN Judo: Breaking the CDN DoS Protection with Itself was accepted by NDSS 2020.

Feb 2020 - Our paper When Match Fields Do Not Need to Match: Buffered Packets Hijacking in SDN was accepted by NDSS 2020.

Feb 2020 - Our paper Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches was accepted by NDSS 2020.

Feb 2020 - Our paper A Large-Scale Empirical Study on Vulnerability Distribution within Projects and the Lessons Learned was accepted by ICSE 2020.

More......

Web Security

Cookie Integrity...

Network Security

Protocol security analysis and design, HTTPS, SDN, 5G, IPv6.
Link...

System Security

BlockChain Security, IoT Security, ICS Security

Software Security

Vulnerability analysis, discovery, exploit and mitigation. Malware analysis.

Data-driven Security

Intrusion detection, underground economy analysis.

AI Security

AI for security, and Secure AI.

Announcement

Looking for highly motivated students, postdoc, and research assistants.

Faculty positions are available as well.

Read more ...