2024
Magnifier: Detecting Network Access via Lightweight Traffic-based Fingerprints.
CoRR, 2024
From Promises to Practice: Evaluating the Private Browsing Modes of Android Browser Apps.
Proceedings of the ACM on Web Conference 2024, 2024
More Haste, Less Speed: Cache Related Security Threats in Continuous Integration Services.
Proceedings of the IEEE Symposium on Security and Privacy, 2024
Enhanced Fast and Reliable Statistical Vulnerability Root Cause Analysis with Sanitizer.
Proceedings of the IEEE Conference on Software Testing, Verification and Validation, 2024
MiniCAT: Understanding and Detecting Cross-Page Request Forgery Vulnerabilities in Mini-Programs.
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024
PowerPeeler: A Precise and General Dynamic Deobfuscation Method for PowerShell Scripts.
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024
Toward Understanding the Security of Plugins in Continuous Integration Services.
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024
2023
Can We Trust the Phone Vendors? Comprehensive Security Measurements on the Android Firmware Ecosystem.
,
,
,
,
,
,
,
,
,
,
IEEE Trans. Software Eng., July, 2023
RecMaL: Rectify the malware family label via hybrid analysis.
Comput. Secur., May, 2023
LoadLord: Loading on the Fly to Defend Against Code-Reuse Attacks.
CoRR, 2023
Investigating Package Related Security Threats in Software Registries.
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023
Continuous Intrusion: Characterizing the Security of Continuous Integration Services.
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023
Wolf in Sheep's Clothing: Evaluating Security Risks of the Undelegated Record on DNS Hosting Services.
Proceedings of the 2023 ACM on Internet Measurement Conference, 2023
2022
SeqNet: An Efficient Neural Network for Automatic Malware Detection.
CoRR, 2022
Understanding and Mitigating Label Bias in Malware Classification: An Empirical Study.
Proceedings of the 22nd IEEE International Conference on Software Quality, 2022
High-Efficient and Few-shot Adaptive Encrypted Traffic Classification with Deep Tree.
Proceedings of the IEEE Military Communications Conference, 2022
Large-scale Security Measurements on the Android Firmware Ecosystem.
Proceedings of the 44th IEEE/ACM 44th International Conference on Software Engineering, 2022
Invoke-Deobfuscation: AST-Based and Semantics-Preserving Deobfuscation for PowerShell Scripts.
Proceedings of the 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2022
A Composite Discover Method for Gadget Chains in Java Deserialization Vulnerability.
Proceedings of the Joint Proceedings of the 10th International Workshop on Quantitative Approaches to Software Quality (QuASoQ 2022) & the 6th Software Engineering Education Workshop (SEED 2022) co-located with 29th Asia Pacific Software Engineering Conference 2022, 2022
DitDetector: Bimodal Learning based on Deceptive Image and Text for Macro Malware Detection.
Proceedings of the Annual Computer Security Applications Conference, 2022
2020
NativeX: Native Executioner Freezes Android.
Proceedings of the ASIA CCS '20: The 15th ACM Asia Conference on Computer and Communications Security, 2020
2017
A study on a feasible no-root approach on Android.
J. Comput. Secur., 2017
JGRE: An Analysis of JNI Global Reference Exhaustion Vulnerabilities in Android.
Proceedings of the 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2017
2016
Exploiting Android System Services Through Bypassing Service Helpers.
Proceedings of the Security and Privacy in Communication Networks, 2016
Attacks and Defence on Android Free Floating Windows.
Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, 2016
2015
Xede: Practical Exploit Early Detection.
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2015
A Rapid and Scalable Method for Android Application Repackaging Detection.
Proceedings of the Information Security Practice and Experience, 2015
2014
Long Term Tracking and Characterization of P2P Botnet.
Proceedings of the 13th IEEE International Conference on Trust, 2014
Automated User Profiling in Location-Based Mobile Messaging Applications.
Proceedings of the 13th IEEE International Conference on Trust, 2014
Revisiting Node Injection of P2P Botnet.
Proceedings of the Network and System Security - 8th International Conference, 2014
2013
Automatic Polymorphic Exploit Generation for Software Vulnerabilities.
Proceedings of the Security and Privacy in Communication Networks, 2013
OSNGuard: Detecting Worms with User Interaction Traces in Online Social Networks.
Proceedings of the Information and Communications Security - 15th International Conference, 2013
Bind your phone number with caution: automated user profiling through address book matching on smartphone.
Proceedings of the 8th ACM Symposium on Information, Computer and Communications Security, 2013
2010
DepSim: A Dependency-Based Malware Similarity Comparison System.
Proceedings of the Information Security and Cryptology - 6th International Conference, 2010
2009
ReconBin: Reconstructing Binary File from Execution for Software Analysis.
Proceedings of the Third IEEE International Conference on Secure Software Integration and Reliability Improvement, 2009
2008
Exploring Malware Behaviors Based on Environment Constitution.
Proceedings of the 2008 International Conference on Computational Intelligence and Security, 2008