Publications

(2025). [S&P '25] Inspecting Virtual Machine Diversification Inside Virtualization Obfuscation. In Proceedings of the 46th IEEE Symposium on Security and Privacy, San Francisco, CA, May 12-14, 2025. (Acceptance rate 14.3%=106/739 (Cycle 1)).

(2025). [NDSS '25] Retrofitting XoM for Stripped Binaries without Embedded Data Relocation. In Proceedings of the 32nd Network and Distributed System Security Symposium, San Diego, California, 24 February – 28 February, 2025..

(2024). [NSDI '24] Towards Intelligent Automobile Cockpit via A New Container Architecture. In Proceedings of the 21st USENIX Symposium on Networked Systems Design and Implementation, Santa Clara, CA, April 16–18, 2024. (Acceptance rate 18.6%=112/601).

(2023). [CCS '23] PackGenome: Automatically Generating Robust YARA Rules for Accurate Malware Packer Detection. In Proceedings of the 30th ACM Conference on Computer and Communications Security, Copenhagen, Denmark, November 26-30, 2023. (Acceptance rate 19.1%=234/1222).

(2023). [ESORICS '23] Intelligent Zigbee Protocol Fuzzing via Constraint-Field Dependency Inference. In Proceedings of the 28th European Symposium on Research in Computer Security, Hague, The Netherlands, September 25-29, 2023. (Acceptance rate 19.5%=93/478).

(2023). [USENIX Security '23] On the Feasibility of Malware Unpacking via Hardware-assisted Loop Profiling. In Proceedings of the 32nd USENIX Security Symposium, Anaheim, CA, August 09-11, 2023. (Acceptance rate 29.2%=422/1444).

(2022). [USENIX Security '22] PolyCruise: A Cross-Language Dynamic Information Flow Analysis. In Proceedings of the 31st USENIX Security Symposium, Boston, MA, USA, August 10-12, 2022. (Acceptance rate 17.2%=256/1492).

(2022). [ASPLOS '22] One Size Does Not Fit All: Security Hardening of MIPS Embedded Systems via Static Binary Debloating for Shared Libraries. In Proceedings of the 27th International Conference on Architectural Support for Programming Languages and Operating Systems, Lausanne, Switzerland, Feb 28-March 4, 2022. (Acceptance rate 20.1%=80/397).

(2022). [NDSS '22] Chosen-Instruction Attack Against Commercial Code Virtualization Obfuscators. In Proceedings of the 29th Network and Distributed System Security Symposium, San Diego, California, 27 February – 3 March, 2022. (Acceptance rate 16.2%=83/513).

(2021). [CCS '21] Towards Transparent and Stealthy Android OS Sandboxing via Customizable Container-Based Virtualization. In Proceedings of the 28th ACM Conference on Computer and Communications Security, Virtual Conference, November 15-19, 2021. (Acceptance rate 22.3%=196/879).

(2021). [USENIX Security '21] MBA-Blast: Unveiling and Simplifying Mixed Boolean-Arithmetic Obfuscation. In Proceedings of the 30th USENIX Security Symposium, Virtual Event, August 11-13, 2021. (Acceptance rate 18.8%=248/1319).

(2021). [USENIX Security '21] Obfuscation-Resilient Executable Payload Extraction From Packed Malware. In Proceedings of the 30th USENIX Security Symposium, Virtual Event, August 11-13, 2021. (Acceptance rate 18.8%=248/1319).

(2021). [PLDI '21] Unleashing the Hidden Power of Compiler Optimization on Binary Code Difference: An Empirical Study. In Proceedings the 42nd ACM SIGPLAN Conference on Programming Language Design and Implementation, Virtual Event, June 23-25, 2021. (Acceptance rate 27.2%=87/320).

(2021). [PLDI '21] Boosting SMT Solver Performance on Mixed-Bitwise-Arithmetic Expressions. In Proceedings the 42nd ACM SIGPLAN Conference on Programming Language Design and Implementation, Virtual Event, June 23-25, 2021. (Acceptance rate 27.2%=87/320).

(2021). [ICSE '21] App's Auto-Login Function Security Testing via Android OS-Level Virtualization. In Proceedings of the 43rd International Conference on Software Engineering, Virtual Event, May 25-28, 2021. (Acceptance rate 22.4%=138/615).

(2021). [WiSec '21] Z-Fuzzer: Device-agnostic Fuzzing of Zigbee Protocol Implementation. In Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Virtual Event, June 28 - July 2, 2021. (Acceptance rate 28.1%=34/121).

(2020). [ACSAC '20] Device-agnostic Firmware Execution is Possible: A Concolic Execution Approach for Peripheral Emulation. In Proceedings of the 36th Annual Computer Security Applications Conference, Virtual Event, December 7–11, 2020. (Acceptance rate 23.2%=70/302).

(2020). [CCS '20] VAHunt: Warding Off New Repackaged Android Malware in App-Virtualization's Clothing. In Proceedings of the 27th ACM Conference on Computer and Communications Security, Virtual Event, November 9-13, 2020. (Acceptance rate 16.9%=121/715).

(2020). [CCS '20] PatchScope: Memory Object Centric Patch Diffing. In Proceedings of the 27th ACM Conference on Computer and Communications Security, Virtual Event, November 9-13, 2020. (Acceptance rate 16.9%=121/715).

(2019). [ICICS '19] Capturing the Persistence of Facial Expression Features for Deepfake Video Detection. In Proceedings of the 21st International Conference on Information and Communications Security, Beijing, China, December 15-17, 2019. (Acceptance rate 24%=48/199).

(2019). [MobiSys '19] "Jekyll and Hyde" is Risky: Shared-Everything Threat Mitigation in Dual-Instance Apps. In Proceedings of the 17th ACM International Conference on Mobile Systems, Applications, and Services, Seoul, South Korea, June 17-21, 2019. (Acceptance rate 22.7%=39/172).

(2018). [ACSAC '18] StateDroid: Stateful Detection of Stealthy Attacks in Android Apps via Horn-Clause Verification. In Proceedings of the 34th Annual Computer Security Applications Conference, San Juan, Puerto Rico, December 3–7, 2018. (Acceptance rate 20.1%=60/299).

(2018). [CCS '18] Towards Paving the Way for Large-Scale Windows Malware Analysis: Generic Binary Unpacking with Orders-of-Magnitude Performance Boost. In Proceedings of the 25th ACM Conference on Computer and Communications Security, Toronto, Canada, October 15-19, 2018. (Acceptance rate 16.6%=134/809).

(2018). [CCS '18] VMHunt: A Verifiable Approach to Partial-Virtualized Binary Code Simplification. In Proceedings of the 25th ACM Conference on Computer and Communications Security, Toronto, Canada, October 15-19, 2018. (Acceptance rate 16.6%=134/809).

(2018). [USENIX Security '18] Towards Predicting Efficient and Anonymous Tor Circuits. In Proceedings of the 27th USENIX Security Symposium, Baltimore, MD, USA, August 15-17, 2018. (Acceptance rate 19.1%=100/524).

(2017). [USENIX Security '17] BinSim: Trace-based Semantic Binary Diffing via System Call Sliced Segment Equivalence Checking. In Proceedings of the 26th USENIX Security Symposium, Vancouver, BC, Canada, August 16-18, 2017. (Acceptance rate 16.3%=85/522).

(2017). [S&P '17] Cryptographic Function Detection in Obfuscated Binaries via Bit-precise Symbolic Loop Mapping. In Proceedings of the 38th IEEE Symposium on Security and Privacy, San Jose, CA, May 22-24, 2017. (Acceptance rate 13.3%=60/450).

(2016). [SCAM '16] BinCFP: Efficient Multi-threaded Binary Code Control Flow Profiling. In 16th IEEE International Working Conference on Source Code Analysis and Manipulation, Engineering Track, Raleigh, NC, October 2-3, 2016.

(2016). [ISC '16] Generalized Dynamic Opaque Predicates: A New Control Flow Obfuscation Method. In Proceedings of the 19th Information Security Conference, Honolulu, Hawaii, September 7-9, 2016.

(2016). [ASE '16] StraightTaint: Decoupled Offline Symbolic Taint Analysis. In Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering, Singapore, September 3-7, 2016. (Acceptance rate 19.1%=57/298).

(2016). [Euro S&P '16] Translingual Obfuscation. In Proceedings of the 1st IEEE European Symposium on Security and Privacy, Saarbrücken, GERMANY, March 21-24, 2016. (Acceptance rate 17.3%=29/168).

(2016). [CODASPY '16] Program-object Level Data Flow Analysis with Applications to Data Leakage and Contamination Forensics. In Proceedings of the 6th ACM Conference on Data and Application Security and Privacy, New Orleans, LA, March 9-11, 2016. (Apcceptance rate 19.1%=22/115).

(2015). [CCS '15] LOOP: Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code. In Proceedings of the 22nd ACM Conference on Computer and Communications Security, Denver, Colorado, October 12-16, 2015. (Acceptance rate 19.3%=128/660).

(2015). [USENIX Security '15] TaintPipe: Pipelined Symbolic Taint Analysis. In Proceedings of the 24th USENIX Security Symposium, Washington, D.C., August 12-14, 2015. (Acceptance rate 15.7%=67/426).

(2015). [ACNS '15] Replacement Attacks: Automatically Impeding Behavior-based Malware Specifications. In Proceedings of the 13th International Conference on Applied Cryptography and Network Security, New York, June 2-5, 2015. (Acceptance rate 21.0%=33/157).

(2015). [IFIP SEC '15] Memoized Semantics-Based Binary Diffing with Application to Malware Lineage Inference. In Proceedings of the 30th IFIP TC-11 SEC International Information Security and Privacy Conference, Hamburg, Germany, May 26-28, 2015. (Acceptance rate 19.8%=42/212).

(2014). [FSE '14] Semantics-Based Obfuscation-Resilient Binary Code Similarity Comparison with Applications to Software Plagiarism Detection. In Proceedings of the 22nd ACM SIGSOFT International Symposium on the Foundations of Software Engineering, Hong Kong, China, November 16-22, 2014. (Acceptance rate 21.8%=61/280).

(2012). [ICISC '12] iBinHunt: Binary Hunting with Inter-Procedural Control Flow. In Proceedings of the 15th Annual International Conference on Information Security and Cryptology, Seoul, Korea, November 28-30, 2012. (Acceptance rate 25.4%=32/126).

(2011). [ESORICS '11] Linear Obfuscation to Combat Symbolic Execution. In Proceedings of the 16th European Symposium on Research in Computer Security, Leuven, Belgium, September 12-14, 2011. (Acceptance rate 23.2%=36/155).

(2011). [NSS '11] Towards Ground Truthing Observations in Gray-Box Anomaly Intrusion Detection. In Proceedings of the 5th International Conference on Network and System Security, Milan, Italy, September 6-8, 2011. (Acceptance rate 22.0%=28/127).

(2009). [ICICS '09] Denial-of-Service Attacks on Host-Based Generic Unpackers. In Proceedings of the 11th International Conference on Information and Communications Security, Beijing, China, December 14-17, 2009. (Acceptance rate 19.1%=31/162).