Protect sensitive operations with hardware support.
Bypass virtual protections towards AEG.
Finding vulnerabilities in embedded systems
Manipulate heap layouts automatically.
This work explored the vulnerabilities of the chain-based authentication structure in the email ecosystem. We conducted a large-scale analysis of 30 popular email services and 23 email clients.
Code is the (F)Law: Demystifying and Mitigating Blockchain Inconsistency AttacksCaused by Software Bugs
Exploit vulnerabilities in blockchains
Mitigate port-oriented programming attacks for macOS
Generate adversarial Chinese texts with Glyph and Pinyin mutation.
HTTPS MITM attacks based on the shared TLS certificates as HTTPS Context Confusion Attack (SCC Attack)
Measurement of CFI solutions’ security
Adapting to local conditions: Similarities and differences in anonymous online market between Chinese and English Speaking Communities
A comparative analysis of anonymous online market between Chinese and English speaking communities
A cache poisoning attack targeting DNS forwarders.
Improve fuzzing efficiency with lightweight data flow analysis.
Fuzzing Android Binder services with automated interface analysis.
AI-based Side Channel and Covert Channel Detection.
Empirical Study on Vulnerability Distribution within Projects.
Amplification Attacks Based on HTTP Range Requests
Mitigating DDoS Attacks with P4
Packet Hijacking in SDN
abuse CDN for DDoS attacks
A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices. Selected as the journal issue cover Paper.
Measurement of a darknet market - dream market.
Fake account detection for WeChat
Exploring the Reliability of CT Monitors
A fuzzing mutation scheduling strategy based on PSO.
Shared channels in SDN: attacks and defenses
Generate exploits for POCs that do not crash.
Detect binary code similarity with DNN.
Improve fuzzing efficiency with high accuracy control flow information.
Detect heap overflow vulnerabilities thoroughly with symbolic execution.