InfoSec Research Group

Welcome to CURIOSITY!

CURIOSITY is a cybersecurity research group led by Prof. Zhenkai Liang at NUS.

Our research mainly focuses on system security, covering provenance, anomaly detection, trusted computing, Android malware detection, cyber range and attack replay, vulnerability detection and management, program analysis, fuzzing and testing, AI for security, etc.

Group Motto: Understanding systems, abstracting knowledge, and connecting facts.

理解系统,提炼知识,参悟规律。

research loop

Latest News

Sep 2024

🎉 Our recent work on high-assurance system observability protection is accepted in CCS'24!

Jul 2024

🎉 Our recent work on mobile malware detection is accepted in ASE'24!

Jul 2024

🎉 Our recent work on cryptographic misuse detection is accepted in RAID'24!

Jun 2024

🎉 Our recent work on kernel vulnerability reproduction is accepted in RAID'24 and wins the Best Practical Paper Award!

Jun 2024

🎉 Our VulZoo vulnerability intelligence dataset is released!

May 2024

🎉 Our recent work on Android UI similarity is accepted in USENIX Security'24!

Selected Publications

Refer to this link for the full list of publications.

The HitchHiker's Guide to High-Assurance System Observability Protection with Efficient Permission Switches

Chuqi Zhang, Jun Zeng, Yiming Zhang, Adil Ahmad, Fengwei Zhang, Zhenkai Liang, and Hai Jin.

In Proceedings of the 31th ACM Conference on Computer and Communications Security, 2024.

MaskDroid: Robust Android Malware Detection with Masked Graph Representations

Jingnan Zheng*, Jiahao Liu*, An Zhang, Jun Zeng, Ziqi Yang, Zhenkai Liang, and Tat-Seng Chua.

In Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering, 2024.

CrypTody: Cryptographic Misuse Analysis of IoT Firmware via Data-flow Reasoning

Jianing Wang, Shanqing Guo, Wenrui Diao, Yue Liu, Haixin Duan, Yichen Liu, and Zhenkai Liang.

In 27th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2024).

KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities

Bonan Ruan, Jiahao Liu, Chuqi Zhang, Zhenkai Liang.

In 27th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2024).

UIHASH: Detecting Similar Android UIs through Grid-Based Visual Appearance Representation

Jiawei Li, Jian Mao, Jun Zeng, Qixiao Lin, Shaowen Feng, and Zhenkai Liang.

In Proceedings of the 33rd USENIX Security Symposium, 2024.

Detecting Logic Bugs in Graph Database Management Systems via Injective and Surjective Graph Query Transformation

Yuancheng Jiang, Jiahao Liu, Jinsheng Ba, Roland Yap, Zhenkai Liang, Manuel Rigger.

In Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024.

Learning Graph-based Code Representations for Source-level Functional Similarity Detection

Jiahao Liu*, Jun Zeng*, Xiang Wang and Zhenkai Liang.

In Proceedings of the 45th International Conference on Software Engineering, 2023.

PalanTír: Optimizing Attack Provenance with Hardware-enhanced System Observability

Jun Zeng*, Chuqi Zhang*, and Zhenkai Liang.

In Proceedings of the 29th ACM Conference on Computer and Communications Security, 2022.

FlowMatrix: GPU-Assisted Information-Flow Analysis through Matrix-Based Representation

Kaihang Ji, Jun Zeng, Yuancheng Jiang, Zhenkai Liang, Zheng Leong Chua, Prateek Saxena, and Abhik Roychoudhury.

In Proceedings of the 31st USENIX Security Symposium, 2022.

Tell: Log Level Suggestions via Modeling Multi-level Code Block Information

Jiahao Liu, Jun Zeng, Xiang Wang, Kaihang Ji, and Zhenkai Liang.

In Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, 2022.

ShadeWatcher: Recommendation-guided Cyber Threat Analysis using System Audit Records

Jun Zeng, Xiang Wang, Jiahao Liu, Yinfang Chen, Zhenkai Liang, Tat-Seng Chua, and Zheng Leong Chua.

In Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022.

Watson: Abstracting Behaviors from Audit logs via Aggregation of Contextual Semantics

Jun Zeng, Zheng Leong Chua, Yinfang Chen, Kaihang Ji, Zhenkai Liang, and Jian Mao.

In Proceedings of the 28th Annual Network and Distributed System Security Symposium, 2021.