Research Group

Publication List

Conference and Workshop

  1. Kernel Auditing using Augmented Reference Behavior Analysis and Virtualized Selective Tracing.

    Chuqi Zhang, Spencer Faith, Feras Al-Qassas, Theodorus Wensan Februanto, Zhenkai Liang, and Adil Ahmad.

    In the 47th IEEE Symposium on Security and Privacy (S&P), 2026.

  2. PromoGuardian: Detecting Promotion Abuse Fraud with Multi-Relation Fused Graph Neural Networks.

    Shaofei Li, Xiao Han, Ziqi Zhang, Zhenkai Liang, Yao Guo, Xiangqun Chen, Ding Li, Shuli Gao, and Minyao Hua.

    In the 47th IEEE Symposium on Security and Privacy (S&P), 2026.

  3. RSafe: Incentivizing proactive reasoning to build robust and adaptive LLM safeguards.

    Jingnan Zheng, Xiangtian Ji, Yijun Lu, Chenhang Cui, Weixiang Zhao, Gelei Deng, Zhenkai Liang, An Zhang, and Tat-Seng Chua.

    In the 39th Annual Conference on Neural Information Processing Systems (NeurIPS), 2025.

  4. Improving LLM-based Log Parsing by Learning from Errors in Reasoning Traces.

    Jialai Wang, Juncheng Lu, Jie Yang, Junjie Wang, Zeyu Gao, Chao Zhang, Zhenkai Liang, and Ee-Chien Chang.

    In the 40th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2025.

  5. Propagation-Based Vulnerability Impact Assessment for Software Supply Chains.

    Bonan Ruan, Zhiwei Lin, Jiahao Liu, Chuqi Zhang, Kaihang Ji, and Zhenkai Liang.

    In the 40th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2025.

  6. PsyScam: A Benchmark for Psychological Techniques in Real-World Scams.

    Shang Ma, Tianyi Ma, Jiahao Liu, Wei Song, Zhenkai Liang, Xusheng Xiao, and Yanfang Ye.

    In the 2025 Conference on Empirical Methods in Natural Language Processing (EMNLP), 2025.

  7. TAPPecker: TAP Logic Inference and Violation Detection in Heterogeneous Smart Home Systems.

    Qixiao Lin, Jian Mao, Ziwen Liu, and Zhenkai Liang.

    In International Symposium on Research in Attacks, Intrusions, and Defenses (RAID), 2025.

  8. TANS: A Chess-Inspired Notation System for Strategy Analysis of Tennis Games.

    Yuexi Song, Chuanfei Li, Hao Cao, Ling Wu, Huanhuan Zheng, and Zhenkai Liang.

    In the 2nd International Sports Analytics Conference and Exhibition (ISACE), 2025.

    Distinguished Paper Award

  9. Signals and Symptoms: ICS Attack Dataset from Railway Cyber Range.

    Anis Yusof, Yuancheng Liu, Niklaus Kang, Choon Meng Seah, and Zhenkai Liang and Ee-Chien Chang.

    In the 11th Workshop on the Security of Industrial Control Systems & of Cyber-Physical Systems, 2025.

  10. Evaluating Disassembly Errors With Only Binaries.

    Lambang Akbar, Yuancheng Jiang, Roland Yap, Zhenkai Liang, and Zhuohao Liu.

    In the 20th ACM ASIA Conference on Computer and Communications Security (AsiaCCS), 2025.

  11. Fuzzing the PHP Interpreter via Dataflow Fusion.

    Yuancheng Jiang, Chuqi Zhang, Bonan Ruan, Jiahao Liu, Manuel Rigger, Roland H. C. Yap, and Zhenkai Liang.

    In the 34th USENIX Security Symposium, 2025.

    Distinguished Paper Award

  12. Your Scale Factors are My Weapon: Targeted Bit-Flip Attacks on Vision Transformers via Scale Factor Manipulation..

    Jialai Wang, Yuxiao Wu, Weiye Xu, Yating Huang, Chao Zhang, Zongpeng Li, Mingwei Xu, and Zhenkai Liang.

    In the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), 2025.

  13. Fork State-Aware Differential Fuzzing for Blockchain Consensus Implementations.

    Wonhoi Kim, Hocheol Nam, Muoi Tran, Amin Jalilov, Zhenkai Liang, Sang Kil Cha, and Min Suk Kang.

    In International Conference on Software Engineering (ICSE), 2025.

  14. Erebor: A Drop-In Sandbox Solution for Private Data Processing in Untrusted Confidential Virtual Machines.

    Chuqi Zhang, Rahul Priolkar, Yuancheng Jiang, Yuan Xiao, Mona Vij, Zhenkai Liang, and Adil Ahmad.

    In European Conference on Computer Systems (EuroSys), 2025.

  15. Scrutinizer: Towards Secure Forensics on Compromised TrustZone.

    Yiming Zhang, Fengwei Zhang, Xiapu Luo, Rui Hou, Xuhua Ding, Zhenkai Liang, Shoumeng Yan, Tao Wei, and Zhengyu He.

    In the 32nd Annual Network and Distributed System Security Symposium (NDSS), 2025.

  16. UI-CTX: Understanding UI Behaviors with Code Contexts for Mobile Applications.

    Jiawei Li, Jiahao Liu, Jian Mao, Jun Zeng, and Zhenkai Liang.

    In the 32nd Annual Network and Distributed System Security Symposium (NDSS), 2025.

  17. ProvGuard: Detecting SDN Control Policy Manipulation via Contextual Semantics of Provenance Graphs.

    Ziwen Liu, Jian Mao, Jun Zeng, Jiawei Li, Qixiao Lin, Jiahao Liu, Jianwei Zhuge, and Zhenkai Liang.

    In the 32nd Annual Network and Distributed System Security Symposium (NDSS), 2025.

  18. From Observations to Insights: Constructing Effective Cyberattack Provenance with PROVCON.

    Anis Yusof, Shaofei Li, Arshdeep Singh Kawatra, Ding Li, and Ee-Chien Chang and Zhenkai Liang.

    In Workshop on SOC Operations and Construction (WOSOC) 2025, 2025.

  19. VulZoo: A Comprehensive Vulnerability Intelligence Dataset (Tool Demonstration Track).

    Bonan Ruan, Jiahao Liu, Weibo Zhao, and Zhenkai Liang.

    In the 39th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2024.

  20. MaskDroid: Robust Android Malware Detection with Masked Graph Representations.

    Jingnan Zheng, Jiahao Liu, An Zhang, Jun Zeng, Ziqi Yang, Zhenkai Liang, and Tat-Seng Chua.

    In the 39th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2024.

  21. The HitchHiker's Guide to High-Assurance System Observability  Protection with Efficient Permission Switches.

    Chuqi Zhang, Jun Zeng, Yiming Zhang, Adil Ahmad, Fengwei Zhang, Zhenkai Liang, and Hai Jin.

    In ACM SIGSAC Conference on Computer and Communications Security (CCS), 2024.

  22. KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities.

    Bonan Ruan, Jiahao Liu, Chuqi Zhang, and Zhenkai Liang.

    In International Symposium on Research in Attacks, Intrusions, and Defenses (RAID), 2024.

    Best Practical Paper Award

  23. CrypTody: Cryptographic Misuse Analysis of IoT Firmware via Data-flow Reasoning.

    Jianing Wang, Shanqing Guo, Wenrui Diao, Yue Liu, Haixin Duan, Yichen Liu, and Zhenkai Liang.

    In International Symposium on Research in Attacks, Intrusions, and Defenses (RAID), 2024.

  24. UIHash: Detecting Similar Android UIs through Grid-Based Visual Appearance Representation.

    Jiawei Li, Jian Mao, Jun Zeng, Qixiao Lin, Shaowen Feng, and Zhenkai Liang.

    In the 33rd USENIX Security Symposium, 2024.

  25. Detecting Logic Bugs in Graph Database Management Systems via Injective and Surjective Graph Query Transformation.

    Yuancheng Jiang, Jiahao Liu, Jinsheng Ba, Roland Yap, Zhenkai Liang, and Manuel Rigger.

    In International Conference on Software Engineering (ICSE), 2024.

  26. Evaluating Disassembly Ground Truth Through Dynamic Tracing.

    Lambang Akbar, Yuancheng Jiang, Roland Yap, Zhenkai Liang, and Zhuohao Liu.

    In Workshop on Binary Analysis Research (BAR), 2024.

  27. Securing Web Inputs Using Parallel Session Attachments.

    Ziqi Yang, Ruite Xu, Qixiao Lin, Shikun Wu, Jian Mao, and Zhenkai Liang.

    In International Conference on Security and Privacy in Communication Networks (SecureComm), 2023.

  28. Learning Graph-based Code Representations for Source-level Functional Similarity Detection.

    Jiahao Liu, Jun Zeng, Xiang Wang, and Zhenkai Liang.

    In International Conference on Software Engineering (ICSE), 2023.

  29. PalanTír: Optimizing Attack Provenance with Hardware-enhanced System Observability.

    Jun Zeng, Chuqi Zhang, and Zhenkai Liang.

    In the 17th ACM ASIA Conference on Computer and Communications Security (CCS), 2022.

  30. Extensible Virtual Call Integrity.

    Yuancheng Jiang, Gregory J. Duck, Roland Yap, Zhenkai Liang, and Pinghai Yuan.

    In the 27th European Symposium on Research in Computer Security (ESORICS), 2022.

  31. AttacKG: Constructing Technique Knowledge Graph from Cyber Threat Intelligence Reports.

    Zhenyuan Li, Jun Zeng, Yan Chen, and Zhenkai Liang.

    In the 27th European Symposium on Research in Computer Security (ESORICS), 2022.

  32. FlowMatrix: GPU-Assisted Information-Flow Analysis through Matrix-Based Representation.

    Kaihang Ji, Jun Zeng, Yuancheng Jiang, Zhenkai Liang, Zheng Leong Chua, Prateek Saxena, and Abhik Roychoudhury.

    In the 31st USENIX Security Symposium, 2022.

  33. FreeWill: Automatically Diagnosing Use-after-free Bugs via Reference Miscounting Detection on Binaries.

    Liang He, Hong Hu, Purui Su, Yan Cai, and Zhenkai Liang.

    In the 31st USENIX Security Symposium, 2022.

  34. TeLL: Log Level Suggestions via Modeling Multi-level Code Block Information.

    Jiahao Liu, Jun Zeng, Xiang Wang, Kaihang Ji, and Zhenkai Liang.

    In the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), 2022.

  35. RecIPE: Revisiting the Evaluation of Memory Error Defenses.

    Yuancheng Jiang, Roland Yap, Zhenkai Liang, and Hubert Rosier.

    In the 17th ACM ASIA Conference on Computer and Communications Security (AsiaCCS), 2022.

  36. ShadeWatcher: Recommendation-guided Cyber Threat Analysis using System Audit Records.

    Jun Zeng, Xiang Wang, Jiahao Liu, Yinfang Chen, Zhenkai Liang, Tat-Seng Chua, and Zheng Leong Chua.

    In the 2022 IEEE Symposium on Security and Privacy (S&P), 2022.

  37. Identifying privacy weaknesses from multi-party trigger-action integration platforms.

    Kulani Mahadewa, Yanjun Zhang, Guangdong Bai, Lei Bu, Zhiqiang Zuo, Dileepa Fernando, Zhenkai Liang, and Jin Song Dong.

    In International Symposium on Software Testing and Analysis (ISSTA), 2021.

  38. Watson: Abstracting Behaviors from Audit logs via Aggregation of Contextual Semantics.

    Jun Zeng, Zheng Leong Chua, Yinfang Chen, Kaihang Ji, Zhenkai Liang, and Jian Mao.

    In the 28th Annual Network and Distributed System Security Symposium (NDSS), 2021.

  39. Robust P2P Primitives Using SGX Enclaves.

    Yaoqi Jia, Shruti Tople, Tarik Moataz, Deli Gong, Prateek Saxena, and Zhenkai Liang.

    In International Symposium on Research in Attacks, Intrusions, and Defenses (RAID), 2020.

  40. Neural Network Inversion in Adversarial Setting via Background Knowledge Alignment.

    Ziqi Yang, Jiyi Zhang, Ee-Chien Chang, and Zhenkai Liang.

    In ACM SIGSAC Conference on Computer and Communications Security (CCS), 2019.

  41. LightSense: A Novel Side Channel for Zero-permission Mobile User Tracking.

    Quanqi Ye, Yan Zhang, Guangdong Bai, Naipeng Dong, Zhenkai Liang, Jin Song Dong, and Haoyu Wang.

    In Information Security Conference (ICS), 2019.

  42. Detecting Android Side Channel Probing Attacks Based on System States.

    Qixiao Lin, Jian Mao, Futian Shi, Shishi Zhu, and Zhenkai Liang.

    In International Conference on Wireless Algorithms, Systems, and Applications (WASA), 2019.

    Best Paper Award

  43. One Engine To Serve 'em All: Inferring Taint Rules Without Architectural Semantics.

    Zheng Leong Chua, Yanhao Wang, Teodora Baluta, Prateek Saxena, Zhenkai Liang, and Purui Su.

    In Network and Distributed System Security Symposium (NDSS), 2019.

    Distinguished Paper Award Honorable Mentions

  44. Fuzzing Program Logic Deeply Hidden in Binary Program Stages.

    Yanhao Wang, Zheng Leong Chua, Yuwei Liu, Purui Su, and Zhenkai Liang.

    In the 26th IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2019.

  45. HOMESCAN: Scrutinizing Implementations of Smart Home Integrations.

    Kulani Tharaka Mahadewa, Kailong Wang, Guangdong Bai, Ling Shi, Jin Song Dong, and Zhenkai Liang.

    In the 23rd International Conference on Engineering of Complex Computer Systems (ICECCS), 2018.

  46. Automated Identification of Sensitive Data via Flexible User Requirements.

    Ziqi Yang, and Zhenkai Liang.

    In International Conference on Security and Privacy in Communication Networks (SecureComm), 2018.

  47. DTaint: Detecting the Taint-Style Vulnerability in Embedded Device Firmware.

    Kai Cheng, Qiang Li, Lei Wang, Qian Chen, Yaowen Zheng, Limin Sun, and Zhenkai Liang.

    In the 48th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2018.

  48. Robust Detection of Android UI Similarity.

    Jian Mao, Jingdong Bian, Hanjun Ma, Yaoqi Jia, Zhenkai Liang, and Xuxian Jiang.

    In IEEE International Conference on Communications (ICC), 2018.

  49. A Novel Graph-based Mechanism for Identifying Traffic Vulnerabilities in Smart Home IoT.

    Yizhen Jia, Yinhao Xiao, Jiguo Yu, Xiuzhen Cheng, Zhenkai Liang, and Zhiguo Wan.

    In IEEE Conference on Computer Communications (INFOCOM), 2018.

  50. Automatically Assessing Crashes From Heap Overflows.

    Liang He, Yan Cai, Hong Hu, Purui Su, Zhenkai Liang, Yi Yang, Huafeng Huang, Jia Yan, Xiangkun Jia, and Dengguo Feng.

    In the 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE), 2017.

  51. Detecting Phishing Websites via Aggregation Analysis of Page Layouts.

    Jian Mao, Jingdong Bian, Wenqian Tian, Shishi Zhu, Tao Wei, Aili Li, and Zhenkai Liang.

    In International Conference on Identification, Information and Knowledge in the Internet of Things (IIKI), 2017.

  52. Enabling practical experimentation in cyber-security training.

    Jian Mao, Zheng Leong Chua, and Zhenkai Liang.

    In International Conference on Dependable Systems and Communications (DSC), 2017.

  53. Privilege Leakage and Information Stealing through the Android Task Mechanism.

    Yinhao Xiao, Guangdong Bai, Jian Mao, Zhenkai Liang, and Wei Cheng.

    In International Conference on Pervasive and Ubiquitous Computing Adjunct (PAC), 2017.

  54. Neural Nets Can Learn Function Type Signatures From Binaries.

    Zheng Leong Chua, Shiqi Shen, Prateek Saxena, and Zhenkai Liang.

    In the 26th USENIX Security Symposium, 2017.

  55. Phishing Website Detection Based on Effective CSS Features of Web Pages.

    Jian Mao, Wenqian Tian, Pei Li, Tao Wei, and Zhenkai Liang.

    In International Conference on Wireless Algorithms, Systems, and Applications (WASA), 2017.

  56. "The Web/Local" Boundary Is Fuzzy: A Security Study of Chrome's Process-based Sandboxing.

    Yaoqi Jia, Zheng Leong Chua, Hong Hu, Shuo Chen, Prateek Saxena, and Zhenkai Liang.

    In ACM SIGSAC Conference on Computer and Communications Security (CCS), 2016.

  57. A Function-Level Behavior Model for Anomalous Behavior Detection in Hybrid Mobile Applications.

    Jian Mao, Ruilong Wang, Yue Chen, Yinhao Xiao, Yaoqi Jia, and Zhenkai Liang.

    In International Conference on Identification, Information and Knowledge in the Internet of Things (IIKI), 2016.

  58. Toward Exposing Timing-Based Probing Attacks in Web Applications.

    Jian Mao, Yue Chen, Futian Shi, Yaoqi Jia, and Zhenkai Liang.

    In International Conference on Wireless Algorithms, Systems, and Applications 2016 (WASA), 2016.

  59. Anonymity in Peer-assisted CDNs: Inference Attacks and Mitigation.

    Yaoqi Jia, Guangdong Bai, Prateek Saxena, and Zhenkai Liang.

    In the 16th Privacy Enhancing Technologies Symposium (PETS), 2016.

  60. Data-Oriented Programming: On the Expressiveness of Non-control Data Attacks.

    Hong Hu, Shweta Shinde, Sendroiu Adrian, Zheng Leong Chua, Prateek Saxena, and Zhenkai Liang.

    In IEEE Symposium on Security and Privacy 2016 (S&P), 2016.

  61. Web-to-Application Injection Attacks on Android: Characterization and Detection.

    Behnaz Hassanshahi, Yaoqi Jia, Roland H. C. Yap, Prateek Saxena, and Zhenkai Liang.

    In European Symposium on Research in Computer Security 2015 (ESORICS), 2015.

  62. Identifying Arbitrary Memory Access Vulnerabilities in Privilege-Separated Software.

    Hong Hu, Zheng Leong Chua, Sendroiu Adrian, Prateek Saxena, and Zhenkai Liang.

    In European Symposium on Research in Computer Security 2015 (ESORICS), 2015.

  63. Automatic Generation of Data-Oriented Exploits.

    Hong Hu, Zheng Leong Chua, Sendroiu Adrian, Prateek Saxena, and Zhenkai Liang.

    In the 24th USENIX Security Symposium, 2015.

  64. A Usage-Pattern Perspective for Privacy Ranking of Android Apps.

    Xiaolei Li, Xinshu Dong, and Zhenkai Liang.

    In the 2014 International Conference on Intelligent Science and Systems (ICISS), 2014.

  65. You Can't Be Me: Enabling Trusted Paths and User Sub-origins in Web Browsers.

    Enrico Budianto, Yaoqi Jia, Xinshu Dong, Prateek Saxena, and Zhenkai Liang.

    In the 17th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2014.

  66. DroidVault: A Trusted Data Vault for Android Devices.

    Xiaolei Li, Hong Hu, Guangdong Bai, Yaoqi Jia, Zhenkai Liang, and Prateek Saxena.

    In the 19th International Conference on Engineering of Complex Computer Systems (ICECCS), 2014.

    Best Paper Award

  67. Understanding Complex Binary Loading Behaviors.

    Ting Dai, Mingwei Zhang, Roland H. C. Yap, and Zhenkai Liang.

    In the 19th International Conference on Engineering of Complex Computer Systems (ICECCS), 2014.

  68. SQLR: Grammar-Guided Validation of SQL Injection Sanitizers (short paper).

    Sai Sathyanarayan, Dawei Qi, Zhenkai Liang, and Abhik Roychoudary.

    In the 19th International Conference on Engineering of Complex Computer Systems (ICECCS), 2014.

  69. A Light-Weight Software Environment for Confining Android Malware.

    Xiaolei Li, Guangdong Bai, Benjamin Thian, Zhenkai Liang, and Heng Yin.

    In International Workshop on Trustworthy Computing, 2014.

  70. I Know Where You’ve Been: Geo-Inference Attacks via the Browser Cache.

    Yaoqi Jia, Xinshu Dong, Zhenkai Liang, and Prateek Saxena.

    In Web 2.0 Security & Privacy Workshop 2014 (W2SP), 2014.

  71. TrustFound: Towards a Formal Foundation for Model Checking Trusted Computing Platforms.

    Guangdong Bai, Jianan Hao, Jianliang Wu, Yang Liu, Zhenkai Liang, and Andrew P. Martin.

    In the 19th International Symposium on Formal Method (FM), 2014.

  72. AirBag: Boosting Smartphone Resistance to Malware Infection.

    Chiachih Wu, Yajin Zhou, Kunal Patel, Zhenkai Liang, and Xuxian Jiang.

    In the 21st Network & Distributed System Security Symposium (NDSS), 2014.

  73. Rating Web Pages Using Page-Transition Evidence.

    Jian Mao, Xinshu Dong, Pei Li, Tao Wei, and Zhenkai Liang.

    In the 15th International Conference on Information and Communications Security (ICICS), 2013.

  74. Protecting sensitive web content from client-side vulnerabilities with CRYPTONS.

    Xinshu Dong, Zhaofeng Chen, Hossein Siadati, Shruti Tople, Prateek Saxena, and Zhenkai Liang.

    In the 20th ACM Conference on Computer and Communications Security (CCS), 2013.

  75. A Quantitative Evaluation of Privilege Separation in Web Browser Designs.

    Xinshu Dong, Hong Hu, Prateek Saxena, and Zhenkai Liang.

    In the 18th European Symposium on Computer Security (ESORICS), 2013.

  76. BaitAlarm: Detecting Phishing Sites Using Similarity in Fundamental Visual Features.

    Jian Mao, Pei Li, Kun Li, Tao Wei, and Zhenkai Liang.

    In the 5th International Conference on Intelligent Networking and Collaborative Systems (INCoS), 2013.

  77. A Comprehensive Client-Side Behavior Model for Diagnosing Attacks in Ajax Applications.

    Xinshu Dong, Kailas Patil, Jian Mao, and Zhenkai Liang.

    In the 18th International Conference on Engineering of Complex Computer Systems (ICECCS), 2013.

  78. A Software Environment for Confining Malicious Android Applications via Resource Virtualization (Short paper).

    Xiaolei Li, Guangdong Bai, Zhenkai Liang, and Heng Yin.

    In the 18th International Conference on Engineering of Complex Computer Systems (ICECCS), 2013.

  79. Enforcing system-wide control flow integrity for exploit detection and diagnosis.

    Aravind Prakash, Heng Yin, and Zhenkai Liang.

    In the 8th ACM SIGSAC symposium on Information, computer and communications security (AsiaCCS), 2013.

  80. Detecting and Preventing ActiveX API-Misuse Vulnerabilities in Internet Explorer.

    Ting Dai, Sai Sathyanarayan, Roland H. C. Yap, and Zhenkai Liang.

    In the 14th International Conference on Information and Communications Security (ICICS), 2012.

  81. An Empirical Study of Dangerous Behaviors in Firefox Extensions.

    Jiangang Wang, Xiaohong Li, Xuhui Liu, Xinshu Dong, Junjie Wang, Zhenkai Liang, and Zhiyong Feng.

    In the 15th International Conference on Information Security (ISC), 2012.

  82. Codejail: Application-Transparent Isolation of Libraries with Tight Program Interactions.

    Yongzheng Wu, Sai Sathyanarayan, Roland H. C. Yap, and Zhenkai Liang.

    In the 17th European Symposium on Computer Security (ESORICS), 2012.

  83. Tracking the Trackers: Fast and Scalable Dynamic Analysis of Web Content for Privacy Violations.

    Minh Tran, Xinshu Dong, Zhenkai Liang, and Xuxian Jiang.

    In the 10th International Conference on Applied Cryptography and Network Security (ACNS), 2012.

  84. A Framework to Eliminate Backdoors from Response-Computable Authentication.

    Shuaifu Dai, Tao Wei, Chao Zhang, Tielei Wang, Yu Ding, Zhenkai Liang, and Wei Zou.

    In the 33rd IEEE Symposium on Security and Privacy (S&P), 2012.

  85. Identifying and Analyzing Pointer Misuses for Sophisticated Memory-corruption Exploit Diagnosis.

    Mingwei Zhang, Aravind Prakash, Xiaolei Li, Zhenkai Liang, and Heng Yin.

    In the 19th Annual Network & Distributed System Security Symposium (NDSS), 2012.

  86. AdSentry: comprehensive and flexible confinement of JavaScript-based advertisements.

    Xinshu Dong, Minh Tran, Zhenkai Liang, and Xuxian Jiang.

    In the 27th Annual Computer Security Applications Conference (ACSAC), 2011.

  87. Towards Fine-Grained Access Control in JavaScript Contexts.

    Kailas Patil, Xinshu Dong, Xiaolei Li, Zhenkai Liang, and Xuxian Jiang.

    In the 31st IEEE International Conference on Distributed Computing Systems (ICDCS), 2011.

  88. Jump-Oriented Programming: A New Class of Code-Reuse Attack.

    Tyler Bletsch, Xuxian Jiang, Vince Freeh, and Zhenkai Liang.

    In the 6th ACM Symposium on Information, Computer and Communications Security (AsiaCCS), 2011.

  89. Heap Taichi: exploiting memory allocation granularity in heap-spraying attacks.

    Yu Ding, Tao Wei, Tielei Wang, Zhenkai Liang, and Wei Zou.

    In the 26th Annual Computer Security Applications Conference (ACSAC), 2010.

  90. Golden implementation driven software debugging.

    Ansuman Banerjee, Abhik Roychoudhury, Johannes A. Harlie, and Zhenkai Liang.

    In the 18th ACM SIGSOFT international symposium on Foundations of software engineering (FSE), 2010.

  91. Test generation to expose changes in evolving programs.

    Dawei Qi, Abhik Roychoudhury, and Zhenkai Liang.

    In the 25th IEEE/ACM International Conference on Automated Software Engineering, 2010.

  92. Transparent Protection of Commodity OS Kernels Using Hardware Virtualization.

    Michael C. Grace, Zhi Wang, Deepa Srinivasan, Jinku Li, Xuxian Jiang, Zhenkai Liang, and Siarhei Liakh.

    In the 6th International Conference on Security and Privacy in Communication Systems (SecureComm), 2010.

  93. Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration.

    Juan Caballero, Zhenkai Liang, Pongsin Poosankam, and Dawn Song.

    In the 12th International Symposium on Recent Advances in Intrusion Detection (RAID), 2009.

  94. DARWIN: an approach for debugging evolving programs.

    Dawei Qi, Abhik Roychoudhury, Zhenkai Liang, and Kapil Vaswani.

    In the 7th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT International Symposium on Foundations of Software Engineering (ESEC/SIGSOFT FSE), 2009.

    Distinguished Paper Award

Journal

  1. I Know Your Social Network Accounts: A Novel Attack Architecture for Device-identity Association.

    Yinhao Xiao, Yizhen Jia, Xiuzhen Cheng, Shengling Wang, Jian Mao, and Zhenkai Liang.

    In IEEE Transactions on Dependable and Secure Computing (TDSC), Volume 20, Issue 2, 2023.

  2. Semantic-fuzzing-based Empirical Analysis of Voice Assistant Systems of Asian Symbol Languages.

    Jian Mao, Ziwen Liu, Qixiao Lin, and Zhenkai Liang.

    In IEEE Internet of Things Journal, Volume 9, Issue 12, 2022.

  3. Scrutinizing Implementations of Smart Home Integrations.

    Kulani Mahadewa, Kailong Wang, Guangdong Bai, Ling Shi, Yan Liu, Jin Song Dong, and Zhenkai Liang.

    In IEEE Transactions on Software Engineering (TSE), Volume 47, Issue 12, 2021.

  4. Asia's Surging Interest in Binary Analysis.

    Sang Kil Cha, and Zhenkai Liang.

    In Communications of the ACM, Volume 63, Issue 4, 2020.

  5. Phishing Page Detection via Learning Classifiers from Page Layout Feature.

    Jian Mao, Jingdong Bian, Wenqian Tian, Shishi Zhu, Tao Wei, Aili Li, and Zhenkai Liang.

    In EURASIP Journal on Wireless Communications and Networking (EURASIP JWCN), Volume 2019, 2019.

  6. I Can See Your Brain: Investigating Home-Use Electroencephalography System Security.

    Yinhao Xiao, Yizhen Jia, Xiuzhen Cheng, Jiguo Yu, Zhenkai Liang, and Zhi Tian.

    In IEEE Internet of Things Journal (IoT-J), Volume 6, Issue 4, 2019.

  7. Automated Identification of Sensitive Data from Implicit User Specification.

    Ziqi Yang, and Zhenkai Liang.

    In Cybersecurity, Volume 1, Issue 1, 2018.

  8. Detecting Malicious Behaviors in JavaScript Applications.

    Jian Mao, Jingdong Bian, Ruilong Wang, Yue Chen, Yinhao Xiao, and Zhenkai Liang.

    In IEEE Access, Volume 6, 2018.

  9. SplitPass: A Mutually Distrusting Two-Party Password Manager.

    Yutao Liu, Dong Du, Yubin Xia, Haibo Chen, Binyu Zang, and Zhenkai Liang.

    In Journal of Computer Science and Technology (JCST), Volume 33, Issue 1, 2018.

  10. Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component Similarity.

    Jian Mao, Jingdong Bian, Wenqian Tian, Pei Li, Tao Wei, and Zhenkai Liang.

    In IEEE Access, Volume 5, 2017.

  11. RoppDroid: Robust Permission Re-delegation Prevention in Android Inter-component Communication.

    Ting Dai, Xiaolei Li, Behnaz Hassanshahi, Roland H. C. Yap, and Zhenkai Liang.

    In Computers & Security, Volume 68, 2017.

  12. Monet: A User-Oriented Behavior-Based Malware Variants Detection System for Android.

    Mingshen Sun, Xiaolei Li, John C.S. Lui, Richard T. Ma, and Zhenkai Liang.

    In IEEE Transactions on Information Forensics and Security (TIFS), Volume 12, Issue 5, 2017.

  13. A Framework for Practical Dynamic Software Updating.

    Gang Chen, Hai Jin, Deqing Zou, Zhenkai Liang, Bing Bing Zhou, and Hao Wang.

    In IEEE Transactions on Parallel and Distributed Systems (TPDS), Volume 27, Issue 4, 2017.

  14. Toward Exposing Timing-Based Probing Attacks in Web Application.

    Jian Mao, Yue Chen, Futian Shi, Yaoqi Jia, and Zhenkai Liang.

    In Sensors, Volume 17, Issue 3, 2017.

  15. Man-in-the-browser-cache: Persisting HTTPS Attacks via Browser Cache Poisoning.

    Yaoqi Jia, Yue Chen, Xinshu Dong, Prateek Saxena, Jian Mao, and Zhenkai Liang.

    In Computer & Security, Volume 55, 2016.

  16. A Framework for Practical Dynamic Software Updating.

    Gang Chen, Hai Jin, Deqing Zou, Zhenkai Liang, Bing Bing Zhou, and Hao Wang.

    In IEEE Transactions on Parallel and Distributed Systems (TPDS), Volume 27, Issue 4, 2016.

  17. Automatic Permission Inference for Hybrid Mobile Apps.

    Jian Mao, Hanjun Ma, Yue Chen, Yaoqi Jia, and Zhenkai Liang.

    In Journal of High Speed Networks, Volume 22, Issue 1, 2016.

  18. SafeStack: Automatically Patching Stack-based Buffer Overflow Vulnerabilities.

    Gang Chen, Hai Jin, Deqing Zou, Bing Bing Zhou, Zhenkai Liang, Weide Zheng, and Xuanhua Shi.

    In IEEE Transactions on Dependable and Secure Computing (TDSC), Volume 10, Issue 6, 2015.

  19. Tool, Technique, and Tao in Computer Security Education.

    Zhenkai Liang, and Jian Mao.

    In IEEE Reliability Newsletter Special Issues, 2015.

  20. I Know Where You’ve Been: Geo-Inference Attacks via the Browser Cache.

    Yaoqi Jia, Xinshu Dong, Zhenkai Liang, and Prateek Saxena.

    In IEEE Internet Computing, Volume 19, Issue 1, 2015.

  21. DARWIN: An Approach for Debugging Evolving Programs.

    Dawei Qi, Abhik Roychoudhury, Zhenkai Liang, and Kapil Vaswani.

    In ACM Transactions on Software Engineering and Methodology (TOSEM), Volume 21, Issue 3, 2013.