2024
CodeArt: Better Code Models by Attention Regularization When Symbols Are Lacking.
Proc. ACM Softw. Eng., 2024
SICode: Embedding-Based Subgraph Isomorphism Identification for Bug Detection.
Proceedings of the 32nd IEEE/ACM International Conference on Program Comprehension, 2024
Define-Use Guided Path Exploration for Better Forced Execution.
Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2024
FuzzInMem: Fuzzing Programs via In-memory Structures.
Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024
Raisin: Identifying Rare Sensitive Functions for Bug Detection.
Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024
2023
Scalably Detecting Third-Party Android Libraries With Two-Stage Bloom Filtering.
IEEE Trans. Software Eng., April, 2023
Fight Fire with Fire: Combating Adversarial Patch Attacks using Pattern-randomized Defensive Patches.
CoRR, 2023
Operand-Variation-Oriented Differential Analysis for Fuzzing Binding Calls in PDF Readers.
Proceedings of the 45th IEEE/ACM International Conference on Software Engineering, 2023
A Good Fishman Knows All the Angles: A Critical Evaluation of Google's Phishing Page Classifier.
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023
2022
Precise Dynamic Symbolic Execution for Nonuniform Data Access in Smart Contracts.
IEEE Trans. Computers, 2022
Hunting bugs with accelerated optimal graph vertex matching.
Proceedings of the ISSTA '22: 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, Virtual Event, South Korea, July 18, 2022
2021
Hunting Vulnerable Smart Contracts via Graph Embedding Based Bytecode Matching.
IEEE Trans. Inf. Forensics Secur., 2021
Detecting the Capacitance-Based Gamepad for Protecting Mobile Game Fairness.
IEEE Trans. Computers, 2021
We Can Always Catch You: Detecting Adversarial Patched Objects WITH or WITHOUT Signature.
CoRR, 2021
2020
Do not jail my app: Detecting the Android plugin environments by time lag contradiction.
J. Comput. Secur., 2020
Identifying parasitic malware as outliers by code clustering.
J. Comput. Secur., 2020
SinkFinder: harvesting hundreds of unknown interesting function pairs with just one seed.
Proceedings of the ESEC/FSE '20: 28th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2020
2019
ProFuzzer: On-the-fly Input Type Probing for Better Zero-Day Vulnerability Discovery.
Proceedings of the 2019 IEEE Symposium on Security and Privacy, 2019
2018
NAR-miner: discovering negative association rules from code for bug detection.
Proceedings of the 2018 ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2018
AceDroid: Normalizing Diverse Android Access Control Checks for Inconsistency Detection.
Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018
Precise Android API Protection Mapping Derivation and Reasoning.
Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018
2017
Static Analysis of Android Apps with Text Analysis and Bi-directional Propagation
PhD thesis, 2017
UI driven Android application reduction.
Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering, 2017
2016
Detecting sensitive data disclosure via bi-directional text correlation analysis.
Proceedings of the 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2016
Automatic model generation from documentation for Java API functions.
Proceedings of the 38th International Conference on Software Engineering, 2016
2015
SUPOR: Precise and Scalable Sensitive User Input Detection for Android Apps.
Proceedings of the 24th USENIX Security Symposium, 2015
2014
AsDroid: detecting stealthy behaviors in Android applications by user interface and program behavior contradiction.
Proceedings of the 36th International Conference on Software Engineering, 2014