Publications | Le Guan

Jiameng Shi, Wenqiang Li, Wenwen Wang, Le Guan. Facilitating Non-Intrusive In-Vivo Firmware Testing with Stateless Instrumentation. 31st Network and Distributed System Security Symposium (NDSS ‘24), 2023.

Lingyun Situ, Chi Zhang, Le Guan, Zhiqiang Zuo, Linzhang Wang, Xuandong Li, Peng Liu, Jin Shi. Physical Devices-Agnostic Hybrid Fuzzing of IoT Firmware. IEEE Internet of Things Journal, 2023.

Shariful Alam, Le Guan, Zeyu Chen, Haining Wang, Jidong Xiao. CAUSEC: Cache-based Secure Key Computation with (Mostly) Deprivileged Execution. 2023 IEEE 43nd International Conference on Distributed Computing Systems (ICDCS ‘23), 2023.

Kai Cheng, Yaowen Zheng, Tao Liu, Le Guan, Peng Liu, Hong Li, Hongsong Zhu, Kejiang Ye, Limin Sun. Detecting Vulnerabilities in Linux-based Embedded Firmware with SSE-based On-demand Alias Analysis. 2023 ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA ‘23), 2023.

Wei Zhou, Zhouqi Jiang, Le Guan. Understanding MPU Usage in Microcontroller-based Systems in the Wild. Workshop on Binary Analysis Research (BAR ‘23), 2023.

Wei Zhou, Zhouqi Jiang, Le Guan. Good Motive but Bad Design: Pitfalls in MPU Usage in Embedded Systems in the Wild. Black Hat Europe ‘22, 2022.

Wei Zhou, Lan Zhang, Le Guan, Peng Liu, Yuqing Zhang. What Your Firmware Tells You Is Not How You Should Emulate It: A Speciﬁcation-Guided Approach for Firmware Emulation. 2022 ACM Conference on Computer and Communications Security (CCS ‘22), 2022.

Jiameng Shi, Le Guan, Wenqiang Li, Dayou Zhang, Ping Chen, Ning Zhang. HARM: Hardware-assisted Continuous Re-randomization for Microcontrollers. 2022 IEEE European Symposium on Security and Privacy (EuroS&P ‘22), 2022.

Wenqiang Li, Jiameng Shi, and Fengjun Li, Jingqiang Lin, Wei Wang, Le Guan. 𝜇AFL: Non-intrusive Feedback-driven Fuzzing for Microcontroller Firmware. 2022 IEEE/ACM 44rd International Conference on Software Engineering (ICSE ‘22), 2022.

Dongliang Fang, Zhanwei Song, Le Guan, Puzhuo Liu, Anni Peng, Kai Cheng, Yaowen Zheng, Peng Liu, Hongsong Zhu, Limin Sun. ICS3Fuzzer: A Framework for Discovering Protocol Implementation Bugs in ICS Supervisory Software by Fuzzing. Proceedings of the 37th Annual Computer Security Applications Conference (ACSAC ‘21), 2021.

Wei Zhou, Chen Cao, Dongdong Huo, Kai Cheng, Lan Zhang, Le Guan, Tao Liu, Yan Jia, Yaowen Zheng, Yuqing Zhang, Limin Sun, Yazhe Wang, Peng Liu. Reviewing IoT Security via Logic Bugs in IoT Platforms and Systems. IEEE Internet of Things Journal, 2021.

Wenqiang Li, Le Guan, Jingqiang Lin, Jiameng Shi, Fengjun Li. From Library Portability to Para-rehosting: Natively Executing Open-source Microcontroller OSs on Commodity Hardware. 28th Network and Distributed System Security Symposium, NDSS ‘21, 2021.

Wei Zhou, Le Guan, Peng Liu, Yuqing Zhang. Automatic Firmware Emulation through Invalidity-guided Knowledge Inference. 30th USENIX Security Symposium, Security ‘21, 2021.

Chen Cao*, Le Guan*, Jiang Ming, Peng Liu. Device-Agnostic Firmware Execution is Possible: A Concolic Execution Approach for Peripheral Emulation. Annual Computer Security Applications Conference, ACSAC’20 (Acceptance rate 23.2% = ⁷⁰⁄₃₀₂)(*equal contribution), 2020.

PDF DOI

J. Ye, L. Guo, B. Yang, F. Li, L. Du, L. Guan, W. Song. Cyber-Physical Security of Powertrain Systems in Modern Electric Vehicles: Vulnerabilities, Challenges and Future Visions. IEEE Journal of Emerging and Selected Topics in Power Electronics, 2020.

DOI

L. Guo, B. Yang, J. Ye, H. Chen, F. Li, W. Song, L. Du, L. Guan. Systematic Assessment of Cyber-physical Security of Energy Management System for Connected and Automated Electric Vehicles. IEEE Transactions on Industrial Informatics, 2020.

DOI

Fangjie Jiang, Quanwei Cai, Jingqiang Lin, Bo Luo, Le Guan, Ziqiang Ma. TF-BIV: Transparent and Fine-grained Binary Integrity Verification in the Cloud. Proceedings of the 35rd Annual Computer Security Applications Conference, ACSAC’19, 2019.

Dawei Chu, Kaijie Zhu, Quanwei Cai, Jingqiang Lin, Fengjun Li, Le Guan, Lingchen Zhang. Secure Cryptography Infrastructures in the Clouds. 2019 IEEE Global Communications Conference, GLOBECOM’19, 2019.

Wei Zhou, Yan Jia, Yao Yao, Lipeng Zhu, Le Guan, Yuhang Mao, Peng Liu, Yuqing Zhang. Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms. 28th USENIX Security Symposium, Security’19, 2019.

Lingyun Situ, Linzhang Wang, Xuandong Li, Le Guan, Wenhui Zhang, Peng Liu. Poster: Energy Distribution Matters in Greybox Fuzzing. 41th International Conference on Software Engineering, ICSE’19, 2019.

Congwu Li, Le Guan, Jingqiang Lin, Bo Luo, Quanwei Cai, Jiwu Jing, Jing Wang. Mimosa: Protecting Private Keys against Memory Disclosure Attacks using Hardware Transactional Memory. IEEE Transactions on Dependable and Secure Computing, 2019.

DOI

Le Guan, Chen Cao, Sencun Zhu, Jingqiang Lin, Peng Liu, Yubin Xia, Bo Luo. Protecting Mobile Devices from Physical Memory Attacks with Targeted Encryption. 12th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec’19, 2019.

L. Guan, J. Lin, Z. Ma, B. Luo, L. Xia, J. Jing. Copker: A Cryptographic Engine Against Cold-Boot Attacks. IEEE Transactions on Dependable and Secure Computing, 2018.

DOI

Le Guan, Chen Cao, Peng Liu, Xinyu Xing, Xinyang Ge, Shengzhi Zhang, Meng Yu, Trent Jaeger. Building a Trustworthy Execution Environment to Defeat Exploits from both Cyber Space and Physical Space for ARM. IEEE Transactions on Dependable and Secure Computing, 2018.

DOI

Le Guan, Sadegh Farhang, Yu Pu, Pinyao Guo, Jens Grossklags, Peng Liu. VaultIME: Regaining User Control for Password Managers through Auto-correction. EAI Endorsed Transactions on Security and Safety, 2018.

DOI

Fangjie Jiang, Quanwei Cai, Le Guan, Jingqiang Lin. Enforcing Access Controls for the Cryptographic Cloud Service Invocation Based on Virtual Machine Introspection. Information Security, 2018.

Chen Cao, Le Guan, Ning Zhang, Neng Gao, Jingqiang Lin, Bo Luo, Peng Liu, Ji Xiang, Wenjing Lou. CryptMe: Data Leakage Prevention for Unmodified Programs on ARM Devices. Research in Attacks, Intrusions, and Defenses, 2018.

Pinyao Guo, Hunmin Kim, Le Guan, Minghui Zhu, Peng Liu. VCIDS: Collaborative Intrusion Detection of Sensor and Actuator Attacks on Connected Vehicles. Security and Privacy in Communication Networks: 13th International Conference, SecureComm 2017, 2017.

Pinyao Guo, Hunmin Kim, Le Guan, Minghui Zhu, Peng Liu. VCIDS: Collaborative Intrusion Detection of Sensor and Actuator Attacks on Connected Vehicles. Security and Privacy in Communication Networks: 13th International Conference, SecureComm 2017, 2017.

Le Guan, Peng Liu, Xinyu Xing, Xinyang Ge, Shengzhi Zhang, Meng Yu, Trent Jaeger. TrustShadow: Secure Execution of Unmodified Applications with ARM TrustZone. Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys’17 (Acceptance rate: ³⁴⁄₁₈₈=18.1%), 2017.

Le Guan, Shijie Jia, Bo Chen, Fengwei Zhang, Bo Luo, Jingqiang Lin, Peng Liu, Xinyu Xing, Luning Xia. Supporting Transparent Snapshot for Bare-metal Malware Analysis on Mobile Devices. Proceedings of the 33rd Annual Computer Security Applications Conference, ACSAC’17 (Acceptance rate: ⁴⁸⁄₂₄₄=19.7%, Best Paper Award), 2017.

PDF DOI

Le Guan, Sadegh Farhang, Yu Pu, Pinyao Guo, Jens Grossklags, Peng Liu. VaultIME: Regaining User Control For Password Managers through Auto-correction. Security and Privacy in Communication Networks: 13th International Conference, SecureComm 2017, 2017.

Jingqiang Lin, Bo Luo, Le Guan, Jiwu Jing. Secure Computing Using Registers and Caches: The Problem, Challenges, and Solutions. IEEE Security Privacy, 2016.

DOI

Le Guan, Jun Xu, Shuai Wang, Xinyu Xing, Lin Lin, Heqing Huang, Peng Liu, Wenke Lee. From Physical to Cyber: Escalating Protection for Personalized Auto Insurance. Proceedings of the 14th ACM Conference on Embedded Network Sensor Systems, SenSys’16 (Acceptance rate: ²¹⁄₁₁₉=17.6%), 2016.

Le Guan, Jingqiang Lin, Bo Luo, Jiwu Jing, Jing Wang. Protecting private keys against memory disclosure attacks using hardware transactional memory. 2015 IEEE Symposium on Security and Privacy, Oakland’15 (Acceptance rate: ⁵⁵⁄₄₀₇=13.5%), 2015.

Le Guan, Fengjun Li, Jiwu Jing, Jing Wang, Ziqiang Ma. virtio-ct: A Secure Cryptographic Token Service in Hypervisors. International Conference on Security and Privacy in Communication Networks: 10th International ICST Conference, SecureComm 2014, Beijing, China, September 24-26, 2014, Revised Selected Papers, Part II, 2015.

Le Guan, Jingqiang Lin, Bo Luo, Jiwu Jing. Copker: Computing with Private Keys without RAM. 21st Annual Network and Distributed System Security Symposium, NDSS’14 (Acceptance rate: ⁵⁵⁄₂₉₅=18.6%), 2014.

Jing Wang, Le Guan, Limin Liu, Daren Zha. Implementing a Covert Timing Channel Based on Mimic Function. Information Security Practice and Experience: 10th International Conference, ISPEC 2014, Fuzhou, China, May 5-8, 2014. Proceedings, 2014.

Jing Wang, Peng Liu, Limin Liu, Le Guan, Jiwu Jing. Fingerprint Embedding: A Proactive Strategy of Detecting Timing Channels. Information and Communications Security: 15th International Conference, ICICS 2013, Beijing, China, November 20-22, 2013. Proceedings, 2013.