Yuan Zhang

Orcid: 0000-0003-0726-9996

Affiliations:
  • Fudan University, China


According to our database1, Yuan Zhang authored at least 44 papers between 2012 and 2024.

Collaborative distances:
  • Dijkstra number2 of four.
  • Erdős number3 of four.

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
Component Security Ten Years Later: An Empirical Study of Cross-Layer Threats in Real-World Mobile Applications.
Proc. ACM Softw. Eng., 2024

Interface Illusions: Uncovering the Rise of Visual Scams in Cryptocurrency Wallets.
Proceedings of the ACM on Web Conference 2024, 2024

RecurScan: Detecting Recurring Vulnerabilities in PHP Web Applications.
Proceedings of the ACM on Web Conference 2024, 2024

Efficient Detection of Java Deserialization Gadget Chains via Bottom-up Gadget Search and Dataflow-aided Payload Construction.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

How Well Industry-Level Cause Bisection Works in Real-World: A Study on Linux Kernel.
Proceedings of the Companion Proceedings of the 32nd ACM International Conference on the Foundations of Software Engineering, 2024

VioHawk: Detecting Traffic Violations of Autonomous Driving Systems through Criticality-Guided Simulation Testing.
Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2024

SCTrans: Constructing a Large Public Scenario Dataset for Simulation Testing of Autonomous Driving Systems.
Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024

Accurate and Efficient Recurring Vulnerability Detection for IoT Firmware.
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024

2023
Slowing Down the Aging of Learning-Based Malware Detectors With API Knowledge.
IEEE Trans. Dependable Secur. Comput., 2023

Remote Code Execution from SSTI in the Sandbox: Automatically Detecting and Exploiting Template Escape Bugs.
Proceedings of the 32nd USENIX Security Symposium, 2023

AEM: Facilitating Cross-Version Exploitability Assessment of Linux Kernel Vulnerabilities.
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023

TrustedDomain Compromise Attack in App-in-app Ecosystems.
Proceedings of the 2023 ACM Workshop on Secure and Trustworthy Superapps, 2023

SyzDirect: Directed Greybox Fuzzing for Linux Kernel.
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

NestFuzz: Enhancing Fuzzing with Comprehensive Understanding of Input Processing Logic.
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

2022
Preface to Special Issue on System Software Security.
Int. J. Softw. Informatics, 2022

Refcount Field Identification for Linux Kernel Based on Deep Learning.
Int. J. Softw. Informatics, 2022

Understanding the Practice of Security Patch Management across Multiple Branches in OSS Projects.
Proceedings of the WWW '22: The ACM Web Conference 2022, Virtual Event, Lyon, France, April 25, 2022

Backporting Security Patches of Web Applications: A Prototype Design and Implementation on Injection Vulnerability Patches.
Proceedings of the 31st USENIX Security Symposium, 2022

Identity Confusion in WebView-based Mobile App-in-app Ecosystems.
Proceedings of the 31st USENIX Security Symposium, 2022

Exploit the Last Straw That Breaks Android Systems.
Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022

Precise (Un)Affected Version Analysis for Web Vulnerabilities.
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering, 2022

2021
Detecting Kernel Refcount Bugs with Two-Dimensional Consistency Checking.
Proceedings of the 30th USENIX Security Symposium, 2021

Locating the Security Patches for Disclosed OSS Vulnerabilities with Vulnerability-Commit Correlation Ranking.
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

Facilitating Vulnerability Assessment through PoC Migration.
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

2020
Hybrid malware detection approach with feedback-directed machine learning.
Sci. China Inf. Sci., 2020

An Ever-evolving Game: Evaluation of Real-world Attacks and Defenses in Ethereum Ecosystem.
Proceedings of the 29th USENIX Security Symposium, 2020

BScout: Direct Whole Patch Presence Test for Java Executables.
Proceedings of the 29th USENIX Security Symposium, 2020

TextExerciser: Feedback-driven Text Input Exercising for Android Applications.
Proceedings of the 2020 IEEE Symposium on Security and Privacy, 2020

How Android developers handle evolution-induced API compatibility issues: a large-scale study.
Proceedings of the ICSE '20: 42nd International Conference on Software Engineering, Seoul, South Korea, 27 June, 2020

Enhancing State-of-the-art Classifiers with API Semantics to Detect Evolved Android Malware.
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

PDiff: Semantic-based Patch Presence Testing for Downstream Kernels.
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

2019
App in the Middle: Demystify Application Virtualization in Android and its Security Threats.
Proc. ACM Meas. Anal. Comput. Syst., 2019

2018
Detecting third-party libraries in Android applications with high precision and recall.
Proceedings of the 25th International Conference on Software Analysis, 2018

An Empirical Study of Web Resource Manipulation in Real-world Mobile Applications.
Proceedings of the 27th USENIX Security Symposium, 2018

Finding Clues for Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps.
Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018

Invetter: Locating Insecure Input Validations in Android Services.
Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018

How You Get Shot in the Back: A Systematical Study about Cryptojacking in the Real World.
Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018

2017
Identifying User-Input Privacy in Mobile Applications at a Large Scale.
IEEE Trans. Inf. Forensics Secur., 2017

2016
Rethinking Permission Enforcement Mechanism on Mobile Systems.
IEEE Trans. Inf. Forensics Secur., 2016

2015
FineDroid: Enforcing Permissions with System-Wide Application Execution Context.
Proceedings of the Security and Privacy in Communication Networks, 2015

2014
Permission Use Analysis for Vetting Undesirable Behaviors in Android Apps.
IEEE Trans. Inf. Forensics Secur., 2014

2013
Vetting undesirable behaviors in android apps with permission use analysis.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

AppIntent: analyzing sensitive data transmission in android for privacy leakage detection.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

2012
Swift: a register-based JIT compiler for embedded JVMs.
Proceedings of the 8th International Conference on Virtual Execution Environments, 2012


  Loading...