Zhenkai Liang

Orcid: 0000-0001-7138-5030

Affiliations:
  • National University of Singapore


According to our database1, Zhenkai Liang authored at least 113 papers between 2002 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
Fuzzing the PHP Interpreter via Dataflow Fusion.
CoRR, 2024

MASKDROID: Robust Android Malware Detection with Masked Graph Representations.
CoRR, 2024

VulZoo: A Comprehensive Vulnerability Intelligence Dataset.
CoRR, 2024

Unraveling the Key of Machine Learning Solutions for Android Malware Detection.
CoRR, 2024

UIHash: Detecting Similar Android UIs through Grid-Based Visual Appearance Representation.
Proceedings of the 33rd USENIX Security Symposium, 2024

CrypTody: Cryptographic Misuse Analysis of IoT Firmware via Data-flow Reasoning.
Proceedings of the 27th International Symposium on Research in Attacks, 2024

KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities.
Proceedings of the 27th International Symposium on Research in Attacks, 2024

Detecting Logic Bugs in Graph Database Management Systems via Injective and Surjective Graph Query Transformation.
Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024

The HitchHiker's Guide to High-Assurance System Observability Protection with Efficient Permission Switches.
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024

2023
I Know Your Social Network Accounts: A Novel Attack Architecture for Device-Identity Association.
IEEE Trans. Dependable Secur. Comput., 2023

Learning Graph-based Code Representations for Source-level Functional Similarity Detection.
Proceedings of the 45th IEEE/ACM International Conference on Software Engineering, 2023

2022
Semantic-Fuzzing-Based Empirical Analysis of Voice Assistant Systems of Asian Symbol Languages.
IEEE Internet Things J., 2022

FlowMatrix: GPU-Assisted Information-Flow Analysis through Matrix-Based Representation.
Proceedings of the 31st USENIX Security Symposium, 2022

FreeWill: Automatically Diagnosing Use-after-free Bugs via Reference Miscounting Detection on Binaries.
Proceedings of the 31st USENIX Security Symposium, 2022

SHADEWATCHER: Recommendation-guided Cyber Threat Analysis using System Audit Records.
Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022

TeLL: log level suggestions via modeling multi-level code block information.
Proceedings of the ISSTA '22: 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, Virtual Event, South Korea, July 18, 2022

AttacKG: Constructing Technique Knowledge Graph from Cyber Threat Intelligence Reports.
Proceedings of the Computer Security - ESORICS 2022, 2022

Extensible Virtual Call Integrity.
Proceedings of the Computer Security - ESORICS 2022, 2022

PalanTír: Optimizing Attack Provenance with Hardware-enhanced System Observability.
Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

Non-uniform Deformation Behavior of Magneto-Sensitive Elastomer Containing Uniform Sphere Particles with V-ShapedArrangement.
Proceedings of the Bio-Inspired Computing: Theories and Applications, 2022

RecIPE: Revisiting the Evaluation of Memory Error Defenses.
Proceedings of the ASIA CCS '22: ACM Asia Conference on Computer and Communications Security, Nagasaki, Japan, 30 May 2022, 2022

2021
Scrutinizing Implementations of Smart Home Integrations.
IEEE Trans. Software Eng., 2021

WATSON: Abstracting Behaviors from Audit Logs via Aggregation of Contextual Semantics.
Proceedings of the 28th Annual Network and Distributed System Security Symposium, 2021

Identifying privacy weaknesses from multi-party trigger-action integration platforms.
Proceedings of the ISSTA '21: 30th ACM SIGSOFT International Symposium on Software Testing and Analysis, 2021

2020
Asia's surging interest in binary analysis.
Commun. ACM, 2020

Robust P2P Primitives Using SGX Enclaves.
Proceedings of the 40th IEEE International Conference on Distributed Computing Systems, 2020

2019
I Can See Your Brain: Investigating Home-Use Electroencephalography System Security.
IEEE Internet Things J., 2019

Phishing page detection via learning classifiers from page layout feature.
EURASIP J. Wirel. Commun. Netw., 2019

Adversarial Neural Network Inversion via Auxiliary Knowledge Alignment.
CoRR, 2019

Understanding Rowhammer Attacks through the Lens of a Unified Reference Framework.
CoRR, 2019

Fuzzing Program Logic Deeply Hidden in Binary Program Stages.
Proceedings of the 26th IEEE International Conference on Software Analysis, 2019

Detecting Android Side Channel Probing Attacks Based on System States.
Proceedings of the Wireless Algorithms, Systems, and Applications, 2019

One Engine To Serve 'em All: Inferring Taint Rules Without Architectural Semantics.
Proceedings of the 26th Annual Network and Distributed System Security Symposium, 2019

LightSense: A Novel Side Channel for Zero-permission Mobile User Tracking.
Proceedings of the Information Security - 22nd International Conference, 2019

Neural Network Inversion in Adversarial Setting via Background Knowledge Alignment.
Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019

2018
SplitPass: A Mutually Distrusting Two-Party Password Manager.
J. Comput. Sci. Technol., 2018

Automated identification of sensitive data from implicit user specification.
Cybersecur., 2018

Detecting Malicious Behaviors in JavaScript Applications.
IEEE Access, 2018

Automated Identification of Sensitive Data via Flexible User Requirements.
Proceedings of the Security and Privacy in Communication Networks, 2018

A Novel Graph-based Mechanism for Identifying Traffic Vulnerabilities in Smart Home IoT.
Proceedings of the 2018 IEEE Conference on Computer Communications, 2018

HOMESCAN: Scrutinizing Implementations of Smart Home Integrations.
Proceedings of the 23rd International Conference on Engineering of Complex Computer Systems, 2018

Robust Detection of Android UI Similarity.
Proceedings of the 2018 IEEE International Conference on Communications, 2018

DTaint: Detecting the Taint-Style Vulnerability in Embedded Device Firmware.
Proceedings of the 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2018

2017
Monet: A User-Oriented Behavior-Based Malware Variants Detection System for Android.
IEEE Trans. Inf. Forensics Secur., 2017

Toward Exposing Timing-Based Probing Attacks in Web Applications.
Sensors, 2017

Robust Synchronous P2P Primitives Using SGX Enclaves.
IACR Cryptol. ePrint Arch., 2017

RoppDroid: Robust permission re-delegation prevention in Android inter-component communication.
Comput. Secur., 2017

Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component Similarity.
IEEE Access, 2017

Phishing Website Detection Based on Effective CSS Features of Web Pages.
Proceedings of the Wireless Algorithms, Systems, and Applications, 2017

Neural Nets Can Learn Function Type Signatures From Binaries.
Proceedings of the 26th USENIX Security Symposium, 2017

Privilege Leakage and Information Stealing through the Android Task Mechanism.
Proceedings of the IEEE Symposium on Privacy-Aware Computing, 2017

Automatically assessing crashes from heap overflows.
Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering, 2017

Detecting Phishing Websites via Aggregation Analysis of Page Layouts.
Proceedings of the 2017 International Conference on Identification, 2017

Enabling practical experimentation in cyber-security training.
Proceedings of the IEEE Conference on Dependable and Secure Computing, 2017

2016
A Framework for Practical Dynamic Software Updating.
IEEE Trans. Parallel Distributed Syst., 2016

Anonymity in Peer-assisted CDNs: Inference Attacks and Mitigation.
Proc. Priv. Enhancing Technol., 2016

Automatic permission inference for hybrid mobile apps.
J. High Speed Networks, 2016

Data-Oriented Programming: On the Expressiveness of Non-control Data Attacks.
Proceedings of the IEEE Symposium on Security and Privacy, 2016

A Function-Level Behavior Model for Anomalous Behavior Detection in Hybrid Mobile Applications.
Proceedings of the International Conference on Identification, 2016

"The Web/Local" Boundary Is Fuzzy: A Security Study of Chrome's Process-based Sandboxing.
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

2015
I Know Where You've Been: Geo-Inference Attacks via the Browser Cache.
IEEE Internet Comput., 2015

Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning.
Comput. Secur., 2015

Automatic Generation of Data-Oriented Exploits.
Proceedings of the 24th USENIX Security Symposium, 2015

Identifying Arbitrary Memory Access Vulnerabilities in Privilege-Separated Software.
Proceedings of the Computer Security - ESORICS 2015, 2015

Web-to-Application Injection Attacks on Android: Characterization and Detection.
Proceedings of the Computer Security - ESORICS 2015, 2015

2014
A Light-Weight Software Environment for Confining Android Malware.
Proceedings of the IEEE Eighth International Conference on Software Security and Reliability, 2014

You Can't Be Me: Enabling Trusted Paths and User Sub-origins in Web Browsers.
Proceedings of the Research in Attacks, Intrusions and Defenses, 2014

AirBag: Boosting Smartphone Resistance to Malware Infection.
Proceedings of the 21st Annual Network and Distributed System Security Symposium, 2014

A Usage-Pattern Perspective for Privacy Ranking of Android Apps.
Proceedings of the Information Systems Security - 10th International Conference, 2014

SQLR: Grammar-Guided Validation of SQL Injection Sanitizers.
Proceedings of the 2014 19th International Conference on Engineering of Complex Computer Systems, 2014

DroidVault: A Trusted Data Vault for Android Devices.
Proceedings of the 2014 19th International Conference on Engineering of Complex Computer Systems, 2014

Understanding Complex Binary Loading Behaviors.
Proceedings of the 2014 19th International Conference on Engineering of Complex Computer Systems, 2014

TrustFound: Towards a Formal Foundation for Model Checking Trusted Computing Platforms.
Proceedings of the FM 2014: Formal Methods, 2014

CCS'14 Co-Located Workshop Summary for SPSM 2014.
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

2013
SafeStack: Automatically Patching Stack-Based Buffer Overflow Vulnerabilities.
IEEE Trans. Dependable Secur. Comput., 2013

BaitAlarm: Detecting Phishing Sites Using Similarity in Fundamental Visual Features.
Proceedings of the 2013 5th International Conference on Intelligent Networking and Collaborative Systems, 2013

Rating Web Pages Using Page-Transition Evidence.
Proceedings of the Information and Communications Security - 15th International Conference, 2013

A Software Environment for Confining Malicious Android Applications via Resource Virtualization.
Proceedings of the 2013 18th International Conference on Engineering of Complex Computer Systems, 2013

A Comprehensive Client-Side Behavior Model for Diagnosing Attacks in Ajax Applications.
Proceedings of the 2013 18th International Conference on Engineering of Complex Computer Systems, 2013

A Quantitative Evaluation of Privilege Separation in Web Browser Designs.
Proceedings of the Computer Security - ESORICS 2013, 2013

Enforcing system-wide control flow integrity for exploit detection and diagnosis.
Proceedings of the 8th ACM Symposium on Information, Computer and Communications Security, 2013

Protecting sensitive web content from client-side vulnerabilities with CRYPTONS.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

CRYPTSERVER: strong data protection in commodity LAMP servers.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

2012
DARWIN: An approach to debugging evolving programs.
ACM Trans. Softw. Eng. Methodol., 2012

A Framework to Eliminate Backdoors from Response-Computable Authentication.
Proceedings of the IEEE Symposium on Security and Privacy, 2012

Identifying and Analyzing Pointer Misuses for Sophisticated Memory-corruption Exploit Diagnosis.
Proceedings of the 19th Annual Network and Distributed System Security Symposium, 2012

An Empirical Study of Dangerous Behaviors in Firefox Extensions.
Proceedings of the Information Security - 15th International Conference, 2012

Detecting and Preventing ActiveX API-Misuse Vulnerabilities in Internet Explorer.
Proceedings of the Information and Communications Security - 14th International Conference, 2012

Codejail: Application-Transparent Isolation of Libraries with Tight Program Interactions.
Proceedings of the Computer Security - ESORICS 2012, 2012

Tracking the Trackers: Fast and Scalable Dynamic Analysis of Web Content for Privacy Violations.
Proceedings of the Applied Cryptography and Network Security, 2012

2011
Towards Fine-Grained Access Control in JavaScript Contexts.
Proceedings of the 2011 International Conference on Distributed Computing Systems, 2011

Jump-oriented programming: a new class of code-reuse attack.
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, 2011

AdSentry: comprehensive and flexible confinement of JavaScript-based advertisements.
Proceedings of the Twenty-Seventh Annual Computer Security Applications Conference, 2011

2010
Golden implementation driven software debugging.
Proceedings of the 18th ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2010

Transparent Protection of Commodity OS Kernels Using Hardware Virtualization.
Proceedings of the Security and Privacy in Communication Networks, 2010

Test generation to expose changes in evolving programs.
Proceedings of the ASE 2010, 2010

Heap Taichi: exploiting memory allocation granularity in heap-spraying attacks.
Proceedings of the Twenty-Sixth Annual Computer Security Applications Conference, 2010

2009
Alcatraz: An Isolated Environment for Experimenting with Untrusted Software.
ACM Trans. Inf. Syst. Secur., 2009

Darwin: an approach for debugging evolving programs.
Proceedings of the 7th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2009

Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration.
Proceedings of the Recent Advances in Intrusion Detection, 12th International Symposium, 2009

2008
Automatically Identifying Trigger-based Behavior in Malware.
Proceedings of the Botnet Detection: Countering the Largest Security Threat, 2008

HookFinder: Identifying and Understanding Malware Hooking Behaviors.
Proceedings of the Network and Distributed System Security Symposium, 2008

BitBlaze: A New Approach to Computer Security via Binary Analysis.
Proceedings of the Information Systems Security, 4th International Conference, 2008

AGIS: Towards automatic generation of infection signatures.
Proceedings of the 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2008

Expanding Malware Defense by Securing Software Installations.
Proceedings of the Detection of Intrusions and Malware, 2008

2007
Towards Automatic Discovery of Deviations in Binary Implementations with Applications to Error Detection and Fingerprint Generation.
Proceedings of the 16th USENIX Security Symposium, Boston, MA, USA, August 6-10, 2007, 2007

Polyglot: automatic extraction of protocol message format using dynamic binary analysis.
Proceedings of the 2007 ACM Conference on Computer and Communications Security, 2007

2005
Automatic Synthesis of Filters to Discard Buffer Overflow Attacks: A Step Towards Realizing Self-Healing Systems.
Proceedings of the 2005 USENIX Annual Technical Conference, 2005

One-Way Isolation: An Effective Approach for Realizing Safe Execution Environments.
Proceedings of the Network and Distributed System Security Symposium, 2005

Fast and automated generation of attack signatures: a basis for building self-protecting servers.
Proceedings of the 12th ACM Conference on Computer and Communications Security, 2005

Automatic Generation of Buffer Overflow Attack Signatures: An Approach Based on Program Behavior Models.
Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC 2005), 2005

2003
Isolated Program Execution: An Application Transparent Approach for Executing Untrusted Programs.
Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC 2003), 2003

2002
An Approach for Secure Software Installation.
Proceedings of the 16th Conference on Systems Administration (LISA 2002), 2002


  Loading...