Talking with Familiar Strangers: An Empirical Study on HTTPS Context Confusion Attacks
HTTPS MITM attacks based on the shared TLS certificates as HTTPS Context Confusion Attack (SCC Attack)
Publications
2020
Finding Cracks in Shields: On the Security of Control Flow Integrity Mechanisms
Measurement of CFI solutions’ security
Poison Over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices
A cache poisoning attack targeting DNS forwarders.
GREYONE: Data Flow Sensitive Fuzzing
Improve fuzzing efficiency with lightweight data flow analysis.
FANS: Fuzzing Android Native System Services via Automated Interface Analysis
Fuzzing Android Binder services with automated interface analysis.
DRAMD: Detect Advanced DRAM-based Stealthy Communication Channels with Neural Networks
AI-based Side Channel and Covert Channel Detection.
Argot: Generating Adversarial Readable Chinese Texts
Generate adversarial Chinese texts with Glyph and Pinyin mutation.
A Large-Scale Empirical Study on Vulnerability Distribution within Projects and the Lessons Learned
Empirical Study on Vulnerability Distribution within Projects.
CDN Backfired: Amplification Attacks Based on HTTP Range Requests
Amplification Attacks Based on HTTP Range Requests
Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches
Mitigating DDoS Attacks with P4
When Match Fields Do Not Need to Match: Buffered Packets Hijacking in SDN
Packet Hijacking in SDN
CDN Judo: Breaking the CDN DoS Protection with Itself
abuse CDN for DDoS attacks
A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices
A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices. Selected as the journal issue cover Paper.
A Market in Dream: the Rapid Development of Anonymous Cybercrime
Measurement of a darknet market - dream market.
2019
Detecting Fake Accounts in Online Social Networks at the Time of Registrations
Fake account detection for WeChat
Certificate Transparency in the Wild: Exploring the Reliability of Monitors
Exploring the Reliability of CT Monitors
MOPT: Optimized Mutation Scheduling for Fuzzers
A fuzzing mutation scheduling strategy based on PSO.
The CrossPath Attack: Disrupting the SDN Control Channel via Shared Link
Shared channels in SDN: attacks and defenses
2018
Revery: from Proof-of-Concept to Exploitable (One Step towards Automatic Exploit Generation)
Generate exploits for POCs that do not crash.
αDiff: Cross-Version Binary Code Similarity Detection with DNN
Detect binary code similarity with DNN.
CollAFL: Path Sensitive Fuzzing
Improve fuzzing efficiency with high accuracy control flow information.
2017
Towards Efficient Heap Overflow Discovery
Detect heap overflow vulnerabilities thoroughly with symbolic execution.