This work explored the vulnerabilities of the chain-based authentication structure in the email ecosystem. We conducted a large-scale analysis of 30 popular email services and 23 email clients.
HTTPS MITM attacks based on the shared TLS certificates as HTTPS Context Confusion Attack (SCC Attack)
Measurement of CFI solutions’ security
Adapting to local conditions: Similarities and differences in anonymous online market between Chinese and English Speaking Communities
A comparative analysis of anonymous online market between Chinese and English speaking communities
A cache poisoning attack targeting DNS forwarders.
Improve fuzzing efficiency with lightweight data flow analysis.
Fuzzing Android Binder services with automated interface analysis.
AI-based Side Channel and Covert Channel Detection.
Generate adversarial Chinese texts with Glyph and Pinyin mutation.
Empirical Study on Vulnerability Distribution within Projects.
Amplification Attacks Based on HTTP Range Requests
Mitigating DDoS Attacks with P4
Packet Hijacking in SDN
abuse CDN for DDoS attacks
A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices. Selected as the journal issue cover Paper.
Measurement of a darknet market - dream market.
Fake account detection for WeChat
Exploring the Reliability of CT Monitors
A fuzzing mutation scheduling strategy based on PSO.
Shared channels in SDN: attacks and defenses
Generate exploits for POCs that do not crash.
Detect binary code similarity with DNN.
Improve fuzzing efficiency with high accuracy control flow information.
Detect heap overflow vulnerabilities thoroughly with symbolic execution.