Xiapu Luo

Orcid: 0000-0002-9082-3208

Affiliations:
  • Hong Kong Polytechnic University, Hong Kong


According to our database1, Xiapu Luo authored at least 403 papers between 2005 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
SCAnoGenerator: Automatic Anomaly Injection for Ethereum Smart Contracts.
IEEE Trans. Software Eng., November, 2024

Examiner-Pro: Testing Arm Emulators Across Different Privileges.
IEEE Trans. Software Eng., November, 2024

Unravelling Token Ecosystem of EOSIO Blockchain.
IEEE Trans. Knowl. Data Eng., October, 2024

Data Transparency Design in Internet of Things: A Systematic Review.
Int. J. Hum. Comput. Interact., September, 2024

End-Users Know Best: Identifying Undesired Behavior of Alexa Skills Through User Review Analysis.
Proc. ACM Interact. Mob. Wearable Ubiquitous Technol., August, 2024

A constructivist and pragmatic training framework for blockchain education for IT practitioners.
Educ. Inf. Technol., August, 2024

ChatGPT vs SBST: A Comparative Assessment of Unit Test Suite Generation.
IEEE Trans. Software Eng., June, 2024

No Need to Lift a Finger Anymore? Assessing the Quality of Code Generation by ChatGPT.
IEEE Trans. Software Eng., June, 2024

Website Fingerprinting on Encrypted Proxies: A Flow-Context-Aware Approach and Countermeasures.
IEEE/ACM Trans. Netw., June, 2024

FocusedCleaner: Sanitizing Poisoned Graphs for Robust GNN-Based Node Classification.
IEEE Trans. Knowl. Data Eng., June, 2024

Coverage Goal Selector for Combining Multiple Criteria in Search-Based Unit Test Generation.
IEEE Trans. Software Eng., April, 2024

On Smartly Scanning of the Internet of Things.
IEEE/ACM Trans. Netw., April, 2024

Characterizing and Detecting WebAssembly Runtime Bugs.
ACM Trans. Softw. Eng. Methodol., February, 2024

A comprehensive analysis of website fingerprinting defenses on Tor.
Comput. Secur., January, 2024

Guest Editorial Introduction to the Special Section on Advanced Networking Technologies for Web 3.0.
IEEE Trans. Netw. Sci. Eng., 2024

Toward Secrecy-Aware Attacks Against Trust Prediction in Signed Social Networks.
IEEE Trans. Inf. Forensics Secur., 2024

Intrusion Device Detection in Fieldbus Networks Based on Channel-State Group Fingerprint.
IEEE Trans. Inf. Forensics Secur., 2024

An Empirical Study on the Insecurity of End-of-Life (EoL) IoT Devices.
IEEE Trans. Dependable Secur. Comput., 2024

Obfuscating Verifiable Random Functions for Proof-of-Stake Blockchains.
IEEE Trans. Dependable Secur. Comput., 2024

Attribute-Based Proxy Re-Encryption With Direct Revocation Mechanism for Data Sharing in Clouds.
IEEE Trans. Dependable Secur. Comput., 2024

Special Issue on Selected Tools from the Tool Track of the 30th IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER 2023 Tool Track).
Sci. Comput. Program., 2024

Learning to Detect and Localize Multilingual Bugs.
Proc. ACM Softw. Eng., 2024

ReenRepair: Automatic and semantic equivalent repair of reentrancy in smart contracts.
J. Syst. Softw., 2024

Modeling Electromagnetic Signal Injection Attacks on Camera-based Smart Systems: Applications and Mitigation.
CoRR, 2024

Demystifying the DAO Governance Process.
CoRR, 2024

LLM-CompDroid: Repairing Configuration Compatibility Bugs in Android Apps with Pre-trained Large Language Models.
CoRR, 2024

The Devil Behind the Mirror: Tracking the Campaigns of Cryptocurrency Abuses on the Dark Web.
CoRR, 2024

The Vulnerability Is in the Details: Locating Fine-grained Information of Vulnerable Code Identified by Graph-based Detectors.
CoRR, 2024

MalModel: Hiding Malicious Payload in Mobile Deep Learning Models with Black-box Backdoor Attack.
CoRR, 2024

Understanding GDPR Non-Compliance in Privacy Policies of Alexa Skills in European Marketplaces.
Proceedings of the ACM on Web Conference 2024, 2024

Unveiling the Paradox of NFT Prosperity.
Proceedings of the ACM on Web Conference 2024, 2024

Contrastive Fingerprinting: A Novel Website Fingerprinting Attack over Few-shot Traces.
Proceedings of the ACM on Web Conference 2024, 2024

All Your Tokens are Belong to Us: Demystifying Address Verification Vulnerabilities in Solidity Smart Contracts.
Proceedings of the 33rd USENIX Security Symposium, 2024

LLMIF: Augmented Large Language Model for Fuzzing IoT Devices.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

Revisiting Automotive Attack Surfaces: a Practitioners' Perspective.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

Nurgle: Exacerbating Resource Consumption in Blockchain State Storage via MPT Manipulation.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

Towards Smart Contract Fuzzing on GPUs.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

Abusing the Ethereum Smart Contract Verification Services for Fun and Profit.
Proceedings of the 31st Annual Network and Distributed System Security Symposium, 2024

Beyond the Surface: Uncovering the Unprotected Components of Android Against Overlay Attack.
Proceedings of the 31st Annual Network and Distributed System Security Symposium, 2024

Keep Me Updated: An Empirical Study on Embedded JavaScript Engines in Android Apps.
Proceedings of the 21st IEEE/ACM International Conference on Mining Software Repositories, 2024

Global Prosperity or Local Monopoly? Understanding the Geography of App Popularity.
Proceedings of the 21st IEEE/ACM International Conference on Mining Software Repositories, 2024

EVMBT: A Binary Translation Scheme for Upgrading EVM Smart Contracts to WASM.
Proceedings of the 25th ACM SIGPLAN/SIGBED International Conference on Languages, 2024

LENT-SSE: Leveraging Executed and Near Transactions for Speculative Symbolic Execution of Smart Contracts.
Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2024

Following the "Thread": Toward Finding Manipulatable Bottlenecks in Blockchain Clients.
Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2024

FDI: Attack Neural Code Generation Systems through User Feedback Channel.
Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2024

Empirical Study of Move Smart Contract Security: Introducing MoveScan for Enhanced Analysis.
Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2024

The Dark Side of NFTs: A Large-Scale Empirical Study of Wash Trading.
Proceedings of the 15th Asia-Pacific Symposium on Internetware, 2024

ConFuzz: Towards Large Scale Fuzz Testing of Smart Contracts in Ethereum.
Proceedings of the IEEE INFOCOM 2024, 2024

Trace-agnostic and Adversarial Training-resilient Website Fingerprinting Defense.
Proceedings of the IEEE INFOCOM 2024, 2024

DNSScope: Fine-Grained DNS Cache Probing for Remote Network Activity Characterization.
Proceedings of the IEEE INFOCOM 2024, 2024

The Age of DDoScovery: An Empirical Comparison of Industry and Academic DDoS Assessments.
Proceedings of the 2024 ACM on Internet Measurement Conference, 2024

Are We There Yet? Unraveling the State-of-the-Art Smart Contract Fuzzers.
Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024

VGX: Large-Scale Sample Generation for Boosting Learning-Based Software Vulnerability Analyses.
Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024

MalCertain: Enhancing Deep Neural Network Based Android Malware Detection by Tackling Prediction Uncertainty.
Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024

An Empirical Study on Oculus Virtual Reality Applications: Security and Privacy Perspectives.
Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024

Attention! Your Copied Data is Under Monitoring: A Systematic Study of Clipboard Usage in Android Apps.
Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024

Understanding Impacts of Electromagnetic Signal Injection Attacks on Object Detection.
Proceedings of the IEEE International Conference on Multimedia and Expo, 2024

Graph Anomaly Detection at Group Level: A Topology Pattern Enhanced Unsupervised Approach.
Proceedings of the 40th IEEE International Conference on Data Engineering, 2024

Exploring the Security Issues of Real World Assets (RWA).
Proceedings of the Workshop on Decentralized Finance and Security, 2024

DoubleUp Roll: Double-spending in Arbitrum by Rolling It Back.
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024

Towards Automatic Discovery of Denial of Service Weaknesses in Blockchain Resource Models.
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024

A First Look at Security and Privacy Risks in the RapidAPI Ecosystem.
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024

fAmulet: Finding Finalization Failure Bugs in Polygon zkRollup.
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024

CapsuleFormer: A Capsule and Transformer combined model for Decentralized Application encrypted traffic classification.
Proceedings of the 19th ACM Asia Conference on Computer and Communications Security, 2024

Detect Llama - Finding Vulnerabilities in Smart Contracts Using Large Language Models.
Proceedings of the Information Security and Privacy - 29th Australasian Conference, 2024

Transfer of Learning from Metaverse to Blockchain for Secondary Students: Implementation and Effectiveness Evaluation.
Proceedings of the 26th Australasian Computing Education Conference, 2024

Rethinking Mesh Watermark: Towards Highly Robust and Adaptable Deep 3D Mesh Watermarking.
Proceedings of the Thirty-Eighth AAAI Conference on Artificial Intelligence, 2024

2023
Tracking phishing on Ethereum: Transaction network embedding approach for accounts representation learning.
Comput. Secur., December, 2023

Do Pretrained Language Models Indeed Understand Software Engineering Tasks?
IEEE Trans. Software Eng., October, 2023

BiAn: Smart Contract Source Code Obfuscation.
IEEE Trans. Software Eng., September, 2023

A Comparative Study on Method Comment and Inline Comment.
ACM Trans. Softw. Eng. Methodol., September, 2023

STRE: An Automated Approach to Suggesting App Developers When to Stop Reading Reviews.
IEEE Trans. Software Eng., August, 2023

BlockExplorer: Exploring Blockchain Big Data Via Parallel Processing.
IEEE Trans. Computers, August, 2023

ADCL: Toward an Adaptive Network Intrusion Detection System Using Collaborative Learning in IoT Networks.
IEEE Internet Things J., July, 2023

Dual-Anonymous Off-Line Electronic Cash for Mobile Payment.
IEEE Trans. Mob. Comput., June, 2023

User-Oriented Edge Node Grouping in Mobile Edge Computing.
IEEE Trans. Mob. Comput., June, 2023

Towards Automatically Localizing Function Errors in Mobile Apps With User Reviews.
IEEE Trans. Software Eng., April, 2023

Towards Saving Blockchain Fees via Secure and Cost-Effective Batching of Smart-Contract Invocations.
IEEE Trans. Software Eng., April, 2023

Open Science in Software Engineering: A Study on Deep Learning-Based Vulnerability Detection.
IEEE Trans. Software Eng., April, 2023

A Comprehensive Study on ARM Disassembly Tools.
IEEE Trans. Software Eng., April, 2023

Calling relationship investigation and application on Ethereum Blockchain System.
Empir. Softw. Eng., March, 2023

Large-Scale Empirical Study of Inline Assembly on 7.6 Million Ethereum Smart Contracts.
IEEE Trans. Software Eng., February, 2023

TokenAware: Accurate and Efficient Bookkeeping Recognition for Token Smart Contracts.
ACM Trans. Softw. Eng. Methodol., January, 2023

Exploring Smart Contract Recommendation: Towards Efficient Blockchain Development.
IEEE Trans. Serv. Comput., 2023

Java Code Clone Detection by Exploiting Semantic and Syntax Information From Intermediate Code-Based Graph.
IEEE Trans. Reliab., 2023

Resisting DNN-Based Website Fingerprinting Attacks Enhanced by Adversarial Training.
IEEE Trans. Inf. Forensics Secur., 2023

Obfuscation-Resilient Android Malware Analysis Based on Complementary Features.
IEEE Trans. Inf. Forensics Secur., 2023

Boros: Secure and Efficient Off-Blockchain Transactions via Payment Channel Hub.
IEEE Trans. Dependable Secur. Comput., 2023

Demystifying DeFi MEV Activities in Flashbots Bundle.
IACR Cryptol. ePrint Arch., 2023

Security Threat Mitigation for Smart Contracts: A Comprehensive Survey.
ACM Comput. Surv., 2023

The Dark Side of NFTs: A Large-Scale Empirical Study of Wash Trading.
CoRR, 2023

Towards Function Space Mesh Watermarking: Protecting the Copyright of Signed Distance Fields.
CoRR, 2023

Software Engineering for OpenHarmony: A Research Roadmap.
CoRR, 2023

Large Language Models for Software Engineering: A Systematic Literature Review.
CoRR, 2023

WM-NET: Robust Deep 3D Watermarking with Limited Data.
CoRR, 2023

Exploring Unconfirmed Transactions for Effective Bitcoin Address Clustering.
CoRR, 2023

Security Threat Mitigation For Smart Contracts: A Survey.
CoRR, 2023

TFE-GNN: A Temporal Fusion Encoder Using Graph Neural Networks for Fine-grained Encrypted Traffic Classification.
Proceedings of the ACM Web Conference 2023, 2023

Know Your Transactions: Real-time and Generic Transaction Semantic Representation on Blockchain & Web3 Ecosystem.
Proceedings of the ACM Web Conference 2023, 2023

Automata-Guided Control-Flow-Sensitive Fuzz Driver Generation.
Proceedings of the 32nd USENIX Security Symposium, 2023

SHELTER: Extending Arm CCA with Isolation in User Space.
Proceedings of the 32nd USENIX Security Symposium, 2023

DDRace: Finding Concurrency UAF Vulnerabilities in Linux Drivers with Directed Fuzzing.
Proceedings of the 32nd USENIX Security Symposium, 2023

On the Security Risks of Knowledge Graph Reasoning.
Proceedings of the 32nd USENIX Security Symposium, 2023

Panda: Security Analysis of Algorand Smart Contracts.
Proceedings of the 32nd USENIX Security Symposium, 2023

An Input-Agnostic Hierarchical Deep Learning Framework for Traffic Fingerprinting.
Proceedings of the 32nd USENIX Security Symposium, 2023

PolyFuzz: Holistic Greybox Fuzzing of Multi-Language Systems.
Proceedings of the 32nd USENIX Security Symposium, 2023

DISTDET: A Cost-Effective Distributed Cyber Threat Detection System.
Proceedings of the 32nd USENIX Security Symposium, 2023

Black-box Adversarial Example Attack towards FCG Based Android Malware Detection under Incomplete Feature Information.
Proceedings of the 32nd USENIX Security Symposium, 2023

MATH - Finding and Fixing Exploits in Algorand.
Proceedings of the 22nd IEEE International Conference on Trust, 2023

Mew: Enabling Large-Scale and Dynamic Link-Flooding Defenses on Programmable Switches.
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023

Uncovering User Interactions on Smartphones via Contactless Wireless Charging Side Channels.
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023

DeepInfer: Deep Type Inference from Smart Contract Bytecode.
Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2023

BehavSniffer: Sniff User Behaviors from the Encrypted Traffic by Traffic Burst Graphs.
Proceedings of the 20th Annual IEEE International Conference on Sensing, 2023

Phish2vec: A Temporal and Heterogeneous Network Embedding Approach for Detecting Phishing Scams on Ethereum.
Proceedings of the 20th Annual IEEE International Conference on Sensing, 2023

Exploiting Contactless Side Channels in Wireless Charging Power Banks for User Privacy Inference via Few-shot Learning.
Proceedings of the 29th Annual International Conference on Mobile Computing and Networking, 2023

WADIFF: A Differential Testing Framework for WebAssembly Runtimes.
Proceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering, 2023

Alligator in Vest: A Practical Failure-Diagnosis Framework via Arm Hardware Features.
Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2023

1dFuzz: Reproduce 1-Day Vulnerabilities with Directed Differential Fuzzing.
Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2023

CydiOS: A Model-Based Testing Framework for iOS Apps.
Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2023

Understanding and Tackling Label Errors in Deep Learning-Based Vulnerability Detection (Experience Paper).
Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2023

BSHUNTER: Detecting and Tracing Defects of Bitcoin Scripts.
Proceedings of the 45th IEEE/ACM International Conference on Software Engineering, 2023

Demystifying Privacy Policy of Third-Party Libraries in Mobile Apps.
Proceedings of the 45th IEEE/ACM International Conference on Software Engineering, 2023

State-Aware Unsafe Driving Action Detection and Defense.
Proceedings of the 43rd IEEE International Conference on Distributed Computing Systems, 2023

Poster: Uncovering Vulnerabilities in Wasm Smart Contracts.
Proceedings of the 43rd IEEE International Conference on Distributed Computing Systems, 2023

Poster: SigRec - Automatic Recovery of Function Signatures in Smart Contracts.
Proceedings of the 43rd IEEE International Conference on Distributed Computing Systems, 2023

PyRTFuzz: Detecting Bugs in Python Runtimes via Two-Level Collaborative Fuzzing.
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

Are we there yet? An Industrial Viewpoint on Provenance-based Endpoint Detection and Response Tools.
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

2022
A Systematic Assessment on Android Third-Party Library Detection Tools.
IEEE Trans. Software Eng., 2022

Research on Third-Party Libraries in Android Apps: A Taxonomy and Systematic Literature Review.
IEEE Trans. Software Eng., 2022

PackerGrind: An Adaptive Unpacking System for Android Apps.
IEEE Trans. Software Eng., 2022

XDebloat: Towards Automated Feature-Oriented App Debloating.
IEEE Trans. Software Eng., 2022

A Systematical Study on Application Performance Management Libraries for Apps.
IEEE Trans. Software Eng., 2022

Change-Patterns Mapping: A Boosting Way for Change Impact Analysis.
IEEE Trans. Software Eng., 2022

DefectChecker: Automated Smart Contract Defect Detection by Analyzing EVM Bytecode.
IEEE Trans. Software Eng., 2022

Defining Smart Contract Defects on Ethereum.
IEEE Trans. Software Eng., 2022

SigRec: Automatic Recovery of Function Signatures in Smart Contracts.
IEEE Trans. Software Eng., 2022

Time-travel Investigation: Toward Building a Scalable Attack Detection Framework on Ethereum.
ACM Trans. Softw. Eng. Methodol., 2022

Dynamic Virtual Resource Allocation Mechanism for Survivable Services in Emerging NFV-Enabled Vehicular Networks.
IEEE Trans. Intell. Transp. Syst., 2022

Aeolus: Distributed Execution of Permissioned Blockchain Transactions via State Sharding.
IEEE Trans. Ind. Informatics, 2022

A Consortium Blockchain-Based Access Control Framework With Dynamic Orderer Node Selection for 5G-Enabled Industrial IoT.
IEEE Trans. Ind. Informatics, 2022

Efficient Verifiably Encrypted ECDSA-Like Signatures and Their Applications.
IEEE Trans. Inf. Forensics Secur., 2022

EBSNN: Extended Byte Segment Neural Network for Network Traffic Classification.
IEEE Trans. Dependable Secur. Comput., 2022

DAENet: Making Strong Anonymity Scale in a Fully Decentralized Network.
IEEE Trans. Dependable Secur. Comput., 2022

MalRadar: Demystifying Android Malware in the New Era.
Proc. ACM Meas. Anal. Comput. Syst., 2022

Efficient and DoS-resistant Consensus for Permissioned Blockchains.
Perform. Evaluation, 2022

Toward Tailored Resource Allocation of Slices in 6G Networks With Softwarization and Virtualization.
IEEE Internet Things J., 2022

Reviewing rounds prediction for code patches.
Empir. Softw. Eng., 2022

Do Pre-trained Language Models Indeed Understand Software Engineering Tasks?
CoRR, 2022

A Survey on EOSIO Systems Security: Vulnerability, Attack, and Mitigation.
CoRR, 2022

iLibScope: Reliable Third-Party Library Detection for iOS Mobile Apps.
CoRR, 2022

Towards Secrecy-Aware Attacks Against Trust Prediction in Signed Graphs.
CoRR, 2022

From Bi-Level to One-Level: A Framework for Structural Attacks to Graph Anomaly Detection.
CoRR, 2022

Lie to Me: Abusing the Mobile Content Sharing Service for Fun and Profit.
Proceedings of the WWW '22: The ACM Web Conference 2022, Virtual Event, Lyon, France, April 25, 2022

Resource Allocation of E2E Slices in Softwarized UAVs-Assisted 6G Terrestrial Networks.
Proceedings of the 14th International Conference on Wireless Communications and Signal Processing, 2022

Towards Automatically Reverse Engineering Vehicle Diagnostic Protocols.
Proceedings of the 31st USENIX Security Symposium, 2022

On the Security Risks of AutoML.
Proceedings of the 31st USENIX Security Symposium, 2022

FOAP: Fine-Grained Open-World Android App Fingerprinting.
Proceedings of the 31st USENIX Security Symposium, 2022

PolyCruise: A Cross-Language Dynamic Information Flow Analysis.
Proceedings of the 31st USENIX Security Symposium, 2022

SAID: State-aware Defense Against Injection Attacks on In-vehicle Network.
Proceedings of the 31st USENIX Security Symposium, 2022

SOTER: Guarding Black-box Inference for General Neural Networks at the Edge.
Proceedings of the 2022 USENIX Annual Technical Conference, 2022

Demystifying "removed reviews" in iOS app store.
Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2022

Demystifying the underground ecosystem of account registration bots.
Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2022

What did you pack in my app? a systematic analysis of commercial Android packers.
Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2022

Design and Implementation of Web-Based Speed Test Analysis Tool Kit.
Proceedings of the Passive and Active Measurement - 23rd International Conference, 2022

Uncovering Cross-Context Inconsistent Access Control Enforcement in Android.
Proceedings of the 29th Annual Network and Distributed System Security Symposium, 2022

Packet-Level Open-World App Fingerprinting on Wireless Traffic.
Proceedings of the 29th Annual Network and Distributed System Security Symposium, 2022

CRONUS: Fault-isolated, Secure and High-performance Heterogeneous Computing for Trusted Execution Environment.
Proceedings of the 55th IEEE/ACM International Symposium on Microarchitecture, 2022

SelfAPR: Self-supervised Program Repair with Test Execution Diagnostics.
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering, 2022

Effectively Generating Vulnerable Transaction Sequences in Smart Contracts with Reinforcement Learning-guided Fuzzing.
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering, 2022

MalWhiteout: Reducing Label Errors in Android Malware Detection.
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering, 2022

NCScope: hardware-assisted analyzer for native code in Android apps.
Proceedings of the ISSTA '22: 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, Virtual Event, South Korea, July 18, 2022

Park: accelerating smart contract vulnerability detection via parallel-fork symbolic execution.
Proceedings of the ISSTA '22: 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, Virtual Event, South Korea, July 18, 2022

PrIntFuzz: fuzzing Linux drivers via automated virtual device simulation.
Proceedings of the ISSTA '22: 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, Virtual Event, South Korea, July 18, 2022

WASAI: uncovering vulnerabilities in Wasm smart contracts.
Proceedings of the ISSTA '22: 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, Virtual Event, South Korea, July 18, 2022

Landing Reinforcement Learning onto Smart Scanning of The Internet of Things.
Proceedings of the IEEE INFOCOM 2022, 2022

Challenges in decentralized name management: the case of ENS.
Proceedings of the 22nd ACM Internet Measurement Conference, 2022

An Empirical Study on Implicit Constraints in Smart Contract Static Analysis.
Proceedings of the 44th IEEE/ACM International Conference on Software Engineering: Software Engineering in Practice, 2022

APER: Evolution-Aware Runtime Permission Misuse Detection for Android Apps.
Proceedings of the 44th IEEE/ACM 44th International Conference on Software Engineering, 2022

BinarizedAttack: Structural Poisoning Attacks to Graph-based Anomaly Detection.
Proceedings of the 38th IEEE International Conference on Data Engineering, 2022

TrojanZoo: Towards Unified, Holistic, and Practical Evaluation of Neural Backdoors.
Proceedings of the 7th IEEE European Symposium on Security and Privacy, 2022

A Fine-grained Chinese Software Privacy Policy Dataset for Sequence Labeling and Regulation Compliant Identification.
Proceedings of the 2022 Conference on Empirical Methods in Natural Language Processing, 2022

Uncovering Intent based Leak of Sensitive Data in Android Framework.
Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

EXAMINER: automatically locating inconsistent instructions between real devices and CPU emulators for ARM.
Proceedings of the ASPLOS '22: 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Lausanne, Switzerland, 28 February 2022, 2022

2021
Resource-Ability Assisted Service Function Chain Embedding and Scheduling for 6G Networks With Virtualization.
IEEE Trans. Veh. Technol., 2021

Where2Change: Change Request Localization for App Reviews.
IEEE Trans. Software Eng., 2021

PPChecker: Towards Accessing the Trustworthiness of Android Apps' Privacy Policies.
IEEE Trans. Software Eng., 2021

Garou: An Efficient and Secure Off-Blockchain Multi-Party Payment Hub.
IEEE Trans. Netw. Serv. Manag., 2021

GasChecker: Scalable Analysis for Discovering Gas-Inefficient Smart Contracts.
IEEE Trans. Emerg. Top. Comput., 2021

Trade or Trick?: Detecting and Characterizing Scam Tokens on Uniswap Decentralized Exchange.
Proc. ACM Meas. Anal. Comput. Syst., 2021

SADPonzi: Detecting and Characterizing Ponzi Schemes in Ethereum Smart Contracts.
Proc. ACM Meas. Anal. Comput. Syst., 2021

A comprehensive comparative study of clustering-based unsupervised defect prediction models.
J. Syst. Softw., 2021

Special Issue on New Generation of Bug Fixing.
J. Syst. Softw., 2021

An Evolutionary Study of IoT Malware.
IEEE Internet Things J., 2021

Feature selection and embedding based cross project framework for identifying crashing fault residence.
Inf. Softw. Technol., 2021

A survey of Intel SGX and its applications.
Frontiers Comput. Sci., 2021

Beyond the virus: a first look at coronavirus-themed Android malware.
Empir. Softw. Eng., 2021

Editorial for special issue on "security and privacy protection in the era of IoT devices".
Digit. Commun. Networks, 2021

Towards Robust Reasoning over Knowledge Graphs.
CoRR, 2021

Understanding the Evolution of Blockchain Ecosystems: A Longitudinal Measurement Study of Bitcoin, Ethereum, and EOSIO.
CoRR, 2021

Demystifying Scam Tokens on Uniswap Decentralized Exchange.
CoRR, 2021

Research on Third-Party Libraries in AndroidApps: A Taxonomy and Systematic LiteratureReview.
CoRR, 2021

iBatch: Saving Ethereum Fees via Secure and Cost-Effective Batching of Smart-Contract Invocations.
CoRR, 2021

A Measurement Study on the (In)security of End-of-Life (EoL) Embedded Devices.
CoRR, 2021

Ethereum Name Service: the Good, the Bad, and the Ugly.
CoRR, 2021

Towards Understanding and Demystifying Bitcoin Mixing Services.
Proceedings of the WWW '21: The Web Conference 2021, 2021

Robust Android Malware Detection against Adversarial Example Attacks.
Proceedings of the WWW '21: The Web Conference 2021, 2021

Demystifying Illegal Mobile Gambling Apps.
Proceedings of the WWW '21: The Web Conference 2021, 2021

Inaccurate Prediction Is Not Always Bad: Open-World Driver Recognition via Error Analysis.
Proceedings of the 93rd IEEE Vehicular Technology Conference, 2021

Too Good to Be Safe: Tricking Lane Detection in Autonomous Driving with Crafted Perturbations.
Proceedings of the 30th USENIX Security Symposium, 2021

EOSAFE: Security Analysis of EOSIO Smart Contracts.
Proceedings of the 30th USENIX Security Symposium, 2021

Happer: Unpacking Android Apps via a Hardware-Assisted Approach.
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

Detecting concurrency vulnerabilities based on partial orders of memory and thread events.
Proceedings of the ESEC/FSE '21: 29th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2021

iBatch: saving Ethereum fees via secure and cost-effective batching of smart-contract invocations.
Proceedings of the ESEC/FSE '21: 29th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2021

CLUE: towards discovering locked cryptocurrencies in ethereum.
Proceedings of the SAC '21: The 36th ACM/SIGAPP Symposium on Applied Computing, 2021

As Strong As Its Weakest Link: How to Break Blockchain DApps at RPC Service.
Proceedings of the 28th Annual Network and Distributed System Security Symposium, 2021

Finding the Missing Piece: Permission Specification Analysis for Android NDK.
Proceedings of the 36th IEEE/ACM International Conference on Automated Software Engineering, 2021

FirmGuide: Boosting the Capability of Rehosting Embedded Linux Kernels through Model-Guided Kernel Execution.
Proceedings of the 36th IEEE/ACM International Conference on Automated Software Engineering, 2021

Byte-Label Joint Attention Learning for Packet-grained Network Traffic Classification.
Proceedings of the 29th IEEE/ACM International Symposium on Quality of Service, 2021

Parema: an unpacking framework for demystifying VM-based Android packers.
Proceedings of the ISSTA '21: 30th ACM SIGSOFT International Symposium on Software Testing and Analysis, 2021

Secure and Efficient White-box Encryption Scheme for Data Protection against Shared Cache Attacks in Cloud Computing.
Proceedings of the 32nd IEEE International Symposium on Software Reliability Engineering, 2021

Privacy-Preserving Contact Tracing Protocol for Mobile Devices: A Zero-Knowledge Proof Approach.
Proceedings of the Information Security Practice and Experience: 16th International Conference, 2021

Context-aware Website Fingerprinting over Encrypted Proxies.
Proceedings of the 40th IEEE Conference on Computer Communications, 2021

ATVHUNTER: Reliable Version Detection of Third-Party Libraries for Vulnerability Identification in Android Applications.
Proceedings of the 43rd IEEE/ACM International Conference on Software Engineering, 2021

Smart Contract Security: A Practitioners' Perspective: The Artifact of a Paper Accepted in the 43rd IEEE/ACM International Conference on Software Engineering (ICSE 2021).
Proceedings of the 43rd IEEE/ACM International Conference on Software Engineering: Companion Proceedings, 2021

Smart Contract Security: a Practitioners' Perspective.
Proceedings of the 43rd IEEE/ACM International Conference on Software Engineering, 2021

CHAMP: Characterizing Undesired App Behaviors from User Comments based on Market Policies.
Proceedings of the 43rd IEEE/ACM International Conference on Software Engineering, 2021

Structural Attack against Graph Based Android Malware Detection.
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

ECMO: Peripheral Transplantation to Rehost Embedded Linux Kernels.
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

2020
CTDroid: Leveraging a Corpus of Technical Blogs for Android Malware Analysis.
IEEE Trans. Reliab., 2020

Understanding Ethereum via Graph Analysis.
ACM Trans. Internet Techn., 2020

SDSRS: A Novel White-Box Cryptography Scheme for Securing Embedded Devices in IIoT.
IEEE Trans. Ind. Informatics, 2020

DINA: Detecting Hidden Android Inter-App Communication in Dynamic Loaded Code.
IEEE Trans. Inf. Forensics Secur., 2020

Randomized Security Patrolling for Link Flooding Attack Detection.
IEEE Trans. Dependable Secur. Comput., 2020

Understanding (Mis)Behavior on the EOSIO Blockchain.
Proc. ACM Meas. Anal. Comput. Syst., 2020

Tracking Counterfeit Cryptocurrency End-to-end.
Proc. ACM Meas. Anal. Comput. Syst., 2020

Bug severity prediction using question-and-answer pairs from Stack Overflow.
J. Syst. Softw., 2020

CommtPst: Deep learning source code for commenting positions prediction.
J. Syst. Softw., 2020

Towards automatically generating block comments for code snippets.
Inf. Softw. Technol., 2020

Privacy-Preserving COVID-19 Contact Tracing App: A Zero-Knowledge Proof Approach.
IACR Cryptol. ePrint Arch., 2020

A survey on the security of blockchain systems.
Future Gener. Comput. Syst., 2020

Credible seed identification for large-scale structural network alignment.
Data Min. Knowl. Discov., 2020

Beyond the Virus: A First Look at Coronavirus-themed Mobile Malware.
CoRR, 2020

EthScope: A Transaction-centric Security Analytics Framework to Detect Malicious Smart Contracts on Ethereum.
CoRR, 2020

Feature Location Benchmark for Decomposing and Reusing Android Apps.
CoRR, 2020

AxeChain: A Secure and Decentralized blockchain for solving Easily-Verifiable problems.
CoRR, 2020

Security Analysis of EOSIO Smart Contracts.
CoRR, 2020

Characterizing EOSIO Blockchain.
CoRR, 2020

MadDroid: Characterising and Detecting Devious Ad Content for Android Apps.
CoRR, 2020

Characterizing cryptocurrency exchange scams.
Comput. Secur., 2020

MadDroid: Characterizing and Detecting Devious Ad Contents for Android Apps.
Proceedings of the WWW '20: The Web Conference 2020, Taipei, Taiwan, April 20-24, 2020, 2020

Resource Race Attacks on Android.
Proceedings of the 27th IEEE International Conference on Software Analysis, 2020

Interpretable Deep Learning under Fire.
Proceedings of the 29th USENIX Security Symposium, 2020

Programmable In-Network Security for Context-aware BYOD Policies.
Proceedings of the 29th USENIX Security Symposium, 2020

All your app links are belong to us: understanding the threats of instant apps based attacks.
Proceedings of the ESEC/FSE '20: 28th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2020

STAN: Towards Describing Bytecodes of Smart Contract.
Proceedings of the 20th IEEE International Conference on Software Quality, 2020

SODA: A Generic Online Detection Framework for Smart Contracts.
Proceedings of the 27th Annual Network and Distributed System Security Symposium, 2020

AdvMind: Inferring Adversary Intent of Black-Box Attacks.
Proceedings of the KDD '20: The 26th ACM SIGKDD Conference on Knowledge Discovery and Data Mining, 2020

Demystifying Diehard Android Apps.
Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering, 2020

UI Obfuscation and Its Effects on Automated UI Analysis for Android Apps.
Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering, 2020

Automated Third-Party Library Detection for Android Applications: Are We There Yet?
Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering, 2020

Characterizing Erasable Accounts in Ethereum.
Proceedings of the Information Security - 23rd International Conference, 2020

An empirical study on ARM disassembly tools.
Proceedings of the ISSTA '20: 29th ACM SIGSOFT International Symposium on Software Testing and Analysis, 2020

An Empirical Evaluation of GDPR Compliance Violations in Android mHealth Apps.
Proceedings of the 31st IEEE International Symposium on Software Reliability Engineering, 2020

A Framework and DataSet for Bugs in Ethereum Smart Contracts.
Proceedings of the IEEE International Conference on Software Maintenance and Evolution, 2020

Improving the Efficiency of Blockchain Applications with Smart Contract based Cyber-insurance.
Proceedings of the 2020 IEEE International Conference on Communications, 2020

Don't Fish in Troubled Waters! Characterizing Coronavirus-themed Cryptocurrency Scams.
Proceedings of the APWG Symposium on Electronic Crime Research, 2020

A Tale of Evil Twins: Adversarial Inputs versus Poisoned Models.
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

Source Code Obfuscation for Smart Contracts.
Proceedings of the 27th Asia-Pacific Software Engineering Conference, 2020

2019
ROSF: Leveraging Information Retrieval and Supervised Learning for Recommending Code Snippets.
IEEE Trans. Serv. Comput., 2019

NDroid: Toward Tracking Information Flows Across Multiple Android Contexts.
IEEE Trans. Inf. Forensics Secur., 2019

A Light-Weight White-Box Encryption Scheme for Securing Distributed Embedded Devices.
IEEE Trans. Computers, 2019

Bug Reports for Desktop Software and Mobile Apps in GitHub: What's the Difference?
IEEE Softw., 2019

A GPS Spoofing Generator Using an Open Sourced Vector Tracking-Based Receiver.
Sensors, 2019

LDFR: Learning deep feature representation for software defect prediction.
J. Syst. Softw., 2019

TSTSS: A two-stage training subset selection framework for cross version defect prediction.
J. Syst. Softw., 2019

Cross Project Defect Prediction via Balanced Distribution Adaptation Based Transfer Learning.
J. Comput. Sci. Technol., 2019

Software defect prediction based on kernel PCA and weighted extreme learning machine.
Inf. Softw. Technol., 2019

A Commit Messages-Based Bug Localization for Android Applications.
Int. J. Softw. Eng. Knowl. Eng., 2019

Exploring the Monero Peer-to-Peer Network.
IACR Cryptol. ePrint Arch., 2019

Boros: Secure Cross-Channel Transfers via Channel Hub.
CoRR, 2019

SolidityCheck : Quickly Detecting Smart Contract Problems Through Regular Expressions.
CoRR, 2019

The Tale of Evil Twins: Adversarial Inputs versus Backdoored Models.
CoRR, 2019

Automated Deobfuscation of Android Native Binary Code.
CoRR, 2019

Domain Specific Code Smells in Smart Contracts.
CoRR, 2019

Virtual Laboratory: Facilitating Teaching and Learning in Cybersecurity for Students with Diverse Disciplines.
Proceedings of the IEEE International Conference on Engineering, Technology and Education, 2019

Towards a First Step to Understand the Cryptocurrency Stealing Attack on Ethereum.
Proceedings of the 22nd International Symposium on Research in Attacks, 2019

A Blockchain-Based IoT Data Management System for Secure and Scalable Data Sharing.
Proceedings of the Network and System Security - 13th International Conference, 2019

Demystifying Application Performance Management Libraries for Android.
Proceedings of the 34th IEEE/ACM International Conference on Automated Software Engineering, 2019

Identifying Crashing Fault Residence Based on Cross Project Model.
Proceedings of the 30th IEEE International Symposium on Software Reliability Engineering, 2019

Detecting Vulnerable Android Inter-App Communication in Dynamically Loaded Code.
Proceedings of the 2019 IEEE Conference on Computer Communications, 2019

Graph embedding based familial analysis of Android malware using unsupervised learning.
Proceedings of the 41st International Conference on Software Engineering, 2019

DataEther: Data Exploration Framework For Ethereum.
Proceedings of the 39th IEEE International Conference on Distributed Computing Systems, 2019

A Large-Scale Empirical Study on Control Flow Identification of Smart Contracts.
Proceedings of the 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement, 2019

TokenScope: Automatically Detecting Inconsistent Behaviors of Cryptocurrency Tokens in Ethereum.
Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019

2018
Enhancing the Description-to-Behavior Fidelity in Android Apps with Privacy Policy.
IEEE Trans. Software Eng., 2018

LinkScope: Toward Detecting Target Link Flooding Attacks.
IEEE Trans. Inf. Forensics Secur., 2018

SkyShield: A Sketch-Based Defense System Against Application Layer DDoS Attacks.
IEEE Trans. Inf. Forensics Secur., 2018

Android Malware Familial Classification and Representative Sample Selection via Frequent Subgraph Analysis.
IEEE Trans. Inf. Forensics Secur., 2018

Guest editorial: special issue on concurrent software quality.
Softw. Qual. J., 2018

System-level attacks against android by exploiting asynchronous programming.
Softw. Qual. J., 2018

Exploiting Proximity-Based Mobile Apps for Large-Scale Location Privacy Probing.
Secur. Commun. Networks, 2018

PADetective: A Systematic Approach to Automate Detection of Promotional Attackers in Mobile App Store.
J. Inf. Process., 2018

Camera Placement Based on Vehicle Traffic for Better City Security Surveillance.
IEEE Intell. Syst., 2018

A Survey on Access Control in Fog Computing.
IEEE Commun. Mag., 2018

Cross-version defect prediction via hybrid active learning with kernel principal component analysis.
Proceedings of the 25th International Conference on Software Analysis, 2018

Cross version defect prediction with representative data via sparse subset selection.
Proceedings of the 26th Conference on Program Comprehension, 2018

Can We Learn what People are Doing from Raw DNS Queries?
Proceedings of the 2018 IEEE Conference on Computer Communications, 2018

Understanding Ethereum via Graph Analysis.
Proceedings of the 2018 IEEE Conference on Computer Communications, 2018

A detailed and real-time performance monitoring framework for blockchain systems.
Proceedings of the 40th International Conference on Software Engineering: Software Engineering in Practice, 2018

Towards saving money in using smart contracts.
Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results, 2018

DeepMatching: A Structural Seed Identification Framework for Social Network Alignment.
Proceedings of the 38th IEEE International Conference on Distributed Computing Systems, 2018

Enforcing Context-Aware BYOD Policies with In-Network Security.
Proceedings of the 10th USENIX Workshop on Hot Topics in Cloud Computing, 2018

Localizing Function Errors in Mobile Apps with User Reviews.
Proceedings of the 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2018

PERDICE: Towards Discovering Software Inefficiencies Leading to Cache Misses and Branch Mispredictions.
Proceedings of the 2018 IEEE 42nd Annual Computer Software and Applications Conference, 2018

Analyzing Use of High Privileges on Android: An Empirical Case Study of Screenshot and Screen Recording Applications.
Proceedings of the Information Security and Cryptology - 14th International Conference, 2018

Model-Reuse Attacks on Deep Learning Systems.
Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018

2017
Toward Automatically Generating Privacy Policy for Android Apps.
IEEE Trans. Inf. Forensics Secur., 2017

CloudBot: Advanced mobile botnets using ubiquitous cloud technologies.
Pervasive Mob. Comput., 2017

Vehicle Traffic Driven Camera Placement for Better Metropolis Security Surveillance.
CoRR, 2017

Under-optimized smart contracts devour your money.
Proceedings of the IEEE 24th International Conference on Software Analysis, 2017

Cloud-based parallel concolic execution.
Proceedings of the IEEE 24th International Conference on Software Analysis, 2017

Malton: Towards On-Device Non-Invasive Mobile Malware Analysis for ART.
Proceedings of the 26th USENIX Security Symposium, 2017

AutoFlowLeaker: Circumventing Web Censorship through Automation Services.
Proceedings of the 36th IEEE Symposium on Reliable Distributed Systems, 2017

vCFI: Visible Control Flow Integrity for Cloud Tenants.
Proceedings of the 2nd Workshop on System Software for Trusted Execution, SysTEX@SOSP 2017, 2017

Bug report enrichment with application of automated fixer recommendation.
Proceedings of the 25th International Conference on Program Comprehension, 2017

An Adaptive Gas Cost Mechanism for Ethereum to Defend Against Under-Priced DoS Attacks.
Proceedings of the Information Security Practice and Experience, 2017

Is what you measure what you expect? Factors affecting smartphone-based mobile network measurement.
Proceedings of the 2017 IEEE Conference on Computer Communications, 2017

Characterizing the Impacts of Application Layer DDoS Attacks.
Proceedings of the 2017 IEEE International Conference on Web Services, 2017

Adaptive unpacking of Android apps.
Proceedings of the 39th International Conference on Software Engineering, 2017

Are HTTP/2 Servers Ready Yet?
Proceedings of the 37th IEEE International Conference on Distributed Computing Systems, 2017

Characterizing Promotional Attacks in Mobile App Store.
Proceedings of the Applications and Techniques in Information Security, 2017

Performance of Digital Signature Schemes on Mobile Devices.
Proceedings of the Mobile Security and Privacy, 2017

On Discovering Vulnerabilities in Android Applications.
Proceedings of the Mobile Security and Privacy, 2017

2016
Towards more accurate severity prediction and fixer recommendation of software bugs.
J. Syst. Softw., 2016

MVPSys: Toward practical multi-view based false alarm reduction system in network intrusion detection.
Comput. Secur., 2016

Characterizing mobile <sup>*</sup>-box applications.
Comput. Networks, 2016

A Literature Review of Research in Bug Resolution: Tasks, Challenges and Future Directions.
Comput. J., 2016

Revisiting the Description-to-Behavior Fidelity in Android Applications.
Proceedings of the IEEE 23rd International Conference on Software Analysis, 2016

Design and Evaluation of Advanced Collusion Attacks on Collaborative Intrusion Detection Networks in Practice.
Proceedings of the 2016 IEEE Trustcom/BigDataSE/ISPA, 2016

Modeling User Browsing Activity for Application Layer DDoS Attack Detection.
Proceedings of the Security and Privacy in Communication Networks, 2016

Frequent Subgraph Based Familial Classification of Android Malware.
Proceedings of the 27th IEEE International Symposium on Software Reliability Engineering, 2016

Can We Trust the Privacy Policies of Android Apps?
Proceedings of the 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2016

I Know Where You All Are! Exploiting Mobile Social Apps for Large-Scale Location Privacy Probing.
Proceedings of the Information Security and Privacy - 21st Australasian Conference, 2016

MUSE: Towards Robust and Stealthy Mobile Botnets via Multiple Message Push Services.
Proceedings of the Information Security and Privacy - 21st Australasian Conference, 2016

2015
VulHunter: Toward Discovering Vulnerabilities in Android Applications.
IEEE Micro, 2015

AndroidPerf: A cross-layer profiling system for Android applications.
Proceedings of the 23rd IEEE International Symposium on Quality of Service, 2015

DexHunter: Toward Extracting Hidden Code from Packed Android Applications.
Proceedings of the Computer Security - ESORICS 2015, 2015

AutoPPG: Towards Automatic Generation of Privacy Policy for Android Applications.
Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, 2015

2014
Building a Scalable System for Stealthy P2P-Botnet Detection.
IEEE Trans. Inf. Forensics Secur., 2014

Modeling the Vulnerability of Feedback-Control Based Internet Services to Low-Rate DoS Attacks.
IEEE Trans. Inf. Forensics Secur., 2014

A Sink-driven Approach to Detecting Exposed Component Vulnerabilities in Android Apps.
CoRR, 2014

RootGuard: Protecting Rooted Android Phones.
Computer, 2014

Speeding Up Multi-level Route Analysis Through Improved Multi-LCS Algorithm.
Proceedings of the Testbeds and Research Infrastructure: Development of Networks and Communities, 2014

Towards Detecting Target Link Flooding Attack.
Proceedings of the 28th Large Installation System Administration Conference, 2014

kTRxer: A portable toolkit for reliable internet probing.
Proceedings of the IEEE 22nd International Symposium of Quality of Service, 2014

On Measuring One-Way Path Metrics from a Web Server.
Proceedings of the 22nd IEEE International Conference on Network Protocols, 2014

On Tracking Information Flows through JNI in Android Applications.
Proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2014

Towards a scalable resource-driven approach for detecting repackaged Android applications.
Proceedings of the 30th Annual Computer Security Applications Conference, 2014

2013
Characterizing Inter-Domain Rerouting by Betweenness Centrality after Disruptive Events.
IEEE J. Sel. Areas Commun., 2013

Inference attacks against trust-based onion routing: Trust degree to the rescue.
Comput. Secur., 2013

SGor: Trust graph based onion routing.
Comput. Networks, 2013

ACC: Anonymous Cooperative Caching in Wireless Ad Hoc Networks.
Proceedings of the IEEE 10th International Conference on Mobile Ad-Hoc and Sensor Systems, 2013

MonoScope: Automating network faults diagnosis based on active measurements.
Proceedings of the 2013 IFIP/IEEE International Symposium on Integrated Network Management (IM 2013), 2013

An efficient approach to multi-level route analytics.
Proceedings of the 2013 IFIP/IEEE International Symposium on Integrated Network Management (IM 2013), 2013

2012
Robust Network Covert Communications Based on TCP and Enumerative Combinatorics.
IEEE Trans. Dependable Secur. Comput., 2012

Flow level detection and filtering of low-rate DDoS.
Comput. Networks, 2012

ARDEN: Anonymous networking in delay tolerant networks.
Ad Hoc Networks, 2012

More Anonymity through Trust Degree in Trust-Based Onion Routing.
Proceedings of the Security and Privacy in Communication Networks, 2012

Characterizing Inter-domain Rerouting after Japan Earthquake.
Proceedings of the NETWORKING 2012, 2012

QDASH: a QoE-aware DASH system.
Proceedings of the Third Annual ACM SIGMM Conference on Multimedia Systems, 2012

2011
STor: Social Network based Anonymous Communication in Tor
CoRR, 2011

Inferring the QoE of HTTP video streaming from user-viewing activities.
Proceedings of the first ACM SIGCOMM workshop on Measurements up the stack, 2011

Non-cooperative Diagnosis of Submarine Cable Faults.
Proceedings of the Passive and Active Measurement - 12th International Conference, 2011

HTTPOS: Sealing Information Leaks with Browser-side Obfuscation of Encrypted Flows.
Proceedings of the Network and Distributed System Security Symposium, 2011

Planetopus: A system for facilitating collaborative network monitoring.
Proceedings of the 12th IFIP/IEEE International Symposium on Integrated Network Management, 2011

Detecting stealthy P2P botnets using statistical traffic fingerprints.
Proceedings of the 2011 IEEE/IFIP International Conference on Dependable Systems and Networks, 2011

A combinatorial approach to network covert communications with applications in Web Leaks.
Proceedings of the 2011 IEEE/IFIP International Conference on Dependable Systems and Networks, 2011

An integrative multi-level analysis of internet path changes.
Proceedings of The ACM CoNEXT Student Workshop, 2011

TRIO: measuring asymmetric capacity with three minimum round-trip times.
Proceedings of the 2011 Conference on Emerging Networking Experiments and Technologies, 2011

Boosting the scalability of botnet detection using adaptive traffic sampling.
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, 2011

Exposing invisible timing-based traffic watermarks with BACKLIT.
Proceedings of the Twenty-Seventh Annual Computer Security Applications Conference, 2011

2010
A Centralized Monitoring Infrastructure for Improving DNS Security.
Proceedings of the Recent Advances in Intrusion Detection, 13th International Symposium, 2010

Measurement of loss pairs in network paths.
Proceedings of the 10th ACM SIGCOMM Internet Measurement Conference, 2010

Neighbor-Cooperative Measurement of Network Path Quality.
Proceedings of the Global Communications Conference, 2010

On the Secrecy of Spread-Spectrum Flow Watermarks.
Proceedings of the Computer Security, 2010

Control of low-rate denial-of-service attacks on web servers and TCP flows.
Proceedings of the 49th IEEE Conference on Decision and Control, 2010

2009
Detecting Pulsing Denial-of-Service Attacks with Nondeterministic Attack Intervals.
EURASIP J. Adv. Signal Process., 2009

Design and Implementation of TCP Data Probes for Reliable and Metric-Rich Network Path Monitoring.
Proceedings of the 2009 USENIX Annual Technical Conference, 2009

Recursive DNS Architectures and Vulnerability Implications.
Proceedings of the Network and Distributed System Security Symposium, 2009

On generalized low-rate denial-of-quality attack against Internet services.
Proceedings of the 17th International Workshop on Quality of Service, 2009

CLACK: A Network Covert Channel Based on Partial Acknowledgment Encoding.
Proceedings of IEEE International Conference on Communications, 2009

WSEC DNS: Protecting recursive DNS resolvers from poisoning attacks.
Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks, 2009

Reliable asymmetric path capacity measurement.
Proceedings of the 5th international student workshop on Emerging networking experiments and technologies, 2009

A minimum-delay-difference method for mitigating cross-traffic impact on capacity measurement.
Proceedings of the 2009 ACM Conference on Emerging Networking Experiments and Technology, 2009

2008
TCP covert timing channels: Design and detection.
Proceedings of the 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2008

2007
Crafting Web Counters into Covert Channels.
Proceedings of the New Approaches for Security, 2007

Protecting Internet Services from Low-Rate DoS Attacks.
Proceedings of the Critical Infrastructure Protection, 2007

Cloak: A Ten-Fold Way for Reliable Covert Communications.
Proceedings of the Computer Security, 2007

2006
Vanguard: A New Detection Scheme for a Class of TCP-targeted Denial-of-Service Attacks.
Proceedings of the Management of Integrated End-to-End Communications and Services, 2006

2005
On a New Class of Pulsing Denial-of-Service Attacks and the Defense.
Proceedings of the Network and Distributed System Security Symposium, 2005

Performance Analysis of TCP/AQM Under Denial-of-Service Attacks.
Proceedings of the 13th International Symposium on Modeling, 2005

Novel Approaches to End-to-End Packet Reordering Measurement.
Proceedings of the 5th Internet Measurement Conference, 2005

Optimizing the Pulsing Denial-of-Service Attacks.
Proceedings of the 2005 International Conference on Dependable Systems and Networks (DSN 2005), 28 June, 2005


  Loading...