Recent Publications

(2019). Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms. 28th USENIX Security Symposium (USENIX Security 19).

(2019). Protecting Mobile Devices from Physical Memory Attacks with Targeted Encryption. 12th ACM Conference on Security and Privacy in Wireless and MobileNetworks, WiSec’19.

(2019). Mimosa: Protecting Private Keys against Memory Disclosure Attacks using Hardware Transactional Memory. IEEE Transactions on Dependable and Secure Computing.

DOI

(2019). Poster: Energy Distribution Matters in Greybox Fuzzing. 41th International Conference on Software Engineering, ICSE’19.

(2018). Copker: A Cryptographic Engine Against Cold-Boot Attacks. IEEE Transactions on Dependable and Secure Computing.

DOI

(2018). Building a Trustworthy Execution Environment to Defeat Exploits from both Cyber Space and Physical Space for ARM. IEEE Transactions on Dependable and Secure Computing.

DOI

(2018). VaultIME: Regaining User Control for Password Managers through Auto-correction. EAI Endorsed Transactions on Security and Safety.

DOI

(2018). CryptMe: Data Leakage Prevention for Unmodified Programs on ARM Devices. Research in Attacks, Intrusions, and Defenses, RAID’18 (Acceptance rate: 33145=22.8%).

(2018). Enforcing Access Controls for the Cryptographic Cloud Service Invocation Based on Virtual Machine Introspection. Information Security.

(2017). Supporting Transparent Snapshot for Bare-metal Malware Analysis on Mobile Devices. Proceedings of the 33rd Annual Computer Security Applications Conference, ACSAC’17 (Acceptance rate: 48244=19.7%, Best Paper Award).

PDF DOI

(2017). TrustShadow: Secure Execution of Unmodified Applications with ARM TrustZone. Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys’17 (Acceptance rate: 34188=18.1%).

(2017). VCIDS: Collaborative Intrusion Detection of Sensor and Actuator Attacks on Connected Vehicles. Security and Privacy in Communication Networks: 13th International Conference, SecureComm 2017.

(2017). VaultIME: Regaining User Control For Password Managers through Auto-correction. Security and Privacy in Communication Networks: 13th International Conference, SecureComm 2017.

(2016). Secure Computing Using Registers and Caches: The Problem, Challenges, and Solutions. IEEE Security Privacy.

DOI

(2016). From Physical to Cyber: Escalating Protection for Personalized Auto Insurance. Proceedings of the 14th ACM Conference on Embedded Network Sensor Systems, SenSys’16 (Acceptance rate: 21119=17.6%).

(2015). Protecting private keys against memory disclosure attacks using hardware transactional memory. 2015 IEEE Symposium on Security and Privacy, Oakland’15 (Acceptance rate: 55407=13.5%).

(2015). virtio-ct: A Secure Cryptographic Token Service in Hypervisors. International Conference on Security and Privacy in Communication Networks: 10th International ICST Conference, SecureComm 2014, Beijing, China, September 24-26, 2014, Revised Selected Papers, Part II.

(2014). Copker: Computing with Private Keys without RAM. 21st Annual Network and Distributed System Security Symposium, NDSS’14 (Acceptance rate: 55295=18.6%).

(2014). Implementing a Covert Timing Channel Based on Mimic Function. Information Security Practice and Experience: 10th International Conference, ISPEC 2014, Fuzhou, China, May 5-8, 2014. Proceedings.

(2013). Fingerprint Embedding: A Proactive Strategy of Detecting Timing Channels. Information and Communications Security: 15th International Conference, ICICS 2013, Beijing, China, November 20-22, 2013. Proceedings.

Teaching

  • Spring 2019: CSCI 4250 /6250: Computer Security
  • Fall 2019, CSCI 8965: IoT Security

Contact