Publications List


2019

Conference Papers

  • Jianqiang Wang, Siqi Ma, Yuanyuan Zhang, Juanru Li, Zheyu Ma, Long Mai, Tiancheng Chen, Dawu Gu. NLP-EYE: Detecting Memory Corruptions via Semantic-Aware Memory Operation Function Identification. The 22nd International Symposium on Research in Attacks, Intrusions and Defenses(RAID 2019). Beijing, China, September 23-25, 2019. USENIX Association.
  • Li Bodong, Zhang Yuanyuan, Li Juanru, Runhan Feng, Gu Dawu. AppCommune: Automated Third-party Libraries De-duplicating and Updating for Android Apps. The 26th IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER 2019). Hangzhou, China. February 24-27, 2019.

Journal Paper

  • Hu Yikun, Wang Hui, Zhang Yuanyuan, Li Bodong, Gu Dawu. A Semantics-Based Hybrid Approach on Binary Code Similarity Comparison. To appear in IEEE Transactions on Software Engineering.

2018

Conference Papers

  • Wen Haohuang, Li Juanru, Zhang Yuanyuan, Gu Dawu. An Empirical Study of SDK Credential Misuse in iOS Apps. The 25th Asia-Pacific Software Engineering Conference (APSEC 2018). Nara, Japan, December 4-7, 2018.
  • Juanru Li, Zhiqiang Lin, Juan Caballero, Yuanyuan Zhang, Dawu Gu. K-Hunt: Pinpointing Insecure Cryptographic Keys from Execution Traces. The 25th ACM Conference on Computer and Communications Security(CCS 2018). Toronto, Canada. October 15-19, 2018.
  • Shu Junliang, Li Juanru, Zhang Yuanyuan, Gu Dawu. Burn After Reading: Expunging Execution Footprints of Android Apps. The 12th International Conference on Network and System Security (NSS 2018). Hong Kong, China, August 27-29, 2018
  • Yikun Hu, Yuanyuan Zhang, Juanru Li, Hui Wang, Bodong Li, Dawu Gu. BinMatch: A Semantics-based Hybrid Approach on Binary Code Clone Analysis. The 34th International Conference on Software Maintenance and Evolution (ICSME 2018), Madrid, Spain. September 23-29, 2018.
  • Li Changyu, Cai Quanpu, Li Juanru, Hui Liu, Zhang Yuanyuan, Gu Dawu, Yu Yu. Passwords in the Air: Harvesting Wi-Fi Credentials from SmartCfg Provisioning. The 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2018). Stockholm, Sweden. June 18-20, 2018.

Journal Paper

  • Bodong Li, Yuanyuan Zhang, Juanru Li, Wenbo Yang, Dawu Gu. AppSpear: Automating the hidden-code extraction and reassembling of packed android malware. Journal of Systems and Software 140: 3-16 (2018)

2017

Conference Papers

  • Qi Zhang, Juanru Li, Yuanyuan Zhang, Hui Wang, Dawu Gu, Oh-Pwn_VPN! Security Analysis of OpenVPN-based Android Apps, in the 16th International Conference on Cryptology And Network Security (CANS 2017). Hong Kong. November 29 - December 2, 2017.
  • Xuewen Zhang, Yuanyuan Zhang, Juanru Li, Yikun Hu, Huayi Li, Dawu Gu. Embroidery: Patching Vulnerable Binary Code of Fragmentized Android Devices. in the 33rd IEEE International Conference on Software Maintenance and Evolution (ICSME 2017). Shanghai, China. Sep.28-Oct.3, 2017.
  • Yikun Hu, Yuanyuan Zhang, Juanru Li and Dawu Gu. Binary Code Clone Detection across Architecturesand Compiling Configurations. to be appeared at the 25th International Conference on Program Comprehension (ICPC 2017). Buenos Aires, Argentina. May 22-23, 2017.
  • Wenbo Yang, Yuanyuan Zhang, Juanru Li, Hui Liu, Qing Wang, Yueheng Zhang and Dawu Gu. Show Me the Money! Finding Flawed Implementations of Third-party In-app Payment in Android Apps. in Proceeding of the 24th Network and Distributed System Security Symposium (NDSS 2017). San Diego, CA, USA. February 26 - March 1, 2017.

Journal Paper

  • Junliang Shu, Yuanyuan Zhang, Juanru Li, Bodong Li, Dawu Gu: Why Data Deletion Fails? A Study on Deletion Flaws and Data Remanence in Android Systems. ACM Trans. Embedded Comput. Syst. 16(2): 61:1-61:22 (2017)

2016

Conference Papers

  • Hui Wang, Yuanyuan Zhang, Juanru Li and Dawu Gu. The Achilles' Heel of OAuth: A Multi-Platform Study of OAuth-based Authentication. in Proceeding of the 32th Annual Computer Security Applications Conference (ACSAC 2016). Los Angeles, California, USA. December 5–9, 2016.
  • Yesheng Zhi, Yuanyuan Zhang, Juanru Li, Dawu Gu. Security Testing of Software on Embedded Devices Using x86 Platform. in 12th EAI International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2016), Beijing, China, 12-13 November, 2016.
  • Yueheng Zhang, Junliang Shu, Yuanyuan Zhang, Juanru Li, Qing Wang, Dawu Gu. An Empirical Study of Insecure Communication in Android Apps. in 12th China International Conference on Information Security and Cryptology (INSCRYPT 2016), Beijing, China, 4-6 November, 2016.
  • Muqing Liu, Yuanyuan Zhang, Juanru Li, Junliang Shu, Dawu Gu. Security Analysis of Vendor Customized Code in Firmware of Embedded Device. in 12th EAI International Conference on Security and Privacy in Communication Networks (SecureComm 2016), Guangzhou, China, 10-12 October, 2016.
  • Liu Hui, Zhang Yuanyuan, Li Juanru, Wang Hui, Gu Dawu. Open Sesame! Web Authentication Cracking via Mobile app Analysis. in 18th Asia Pacific Web Conference (APWEB 2016). Suzhou, China. Sept 23-25, 2016.
  • Xie Tianyi, Zhang Yuanyuan, Li Juanru, Liu Hui, Gu Dawu. New Exploit Methods against Ptmalloc of Glibc. in 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2016). Tianjin, China. 23-26 August, 2016.
  • Yikun Hu, Yuanyuan Zhang, Juanru Li, Dawu Gu. Cross-Architecture Binary Semantics Understanding via Similar Code Comparison. in 23rd IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2016). Osaka, Japan. March 14-18, 2016.

2015

Conference Papers

  • Bodong Li, Yuanyuan Zhang, Chen Lyu, JuanruLi, Dawu Gu. SSG: Sensor Security Guard for Android Smartphones. in Proceeding of the 11th EAI International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2015). Wuhan, Hubei, China. NOVEMBER 10–11, 2015.
  • Hui Wang, Yuanyuan Zhang, Juanru Li, Hui Liu, Wenbo Yang, Bodong Li, Dawu Gu. Vulnerability Assessment of OAuth Implementations in Android Applications. in Proceeding of the 31th Annual Computer Security Applications Conference (ACSAC 2015) Los Angeles, California, USA. December 7–11, 2015.
  • Wen Xu, Juanru Li, Junliang Shu, Wenbo Yang, Tianyi Xie, Yuanyuan Zhang, Dawu Gu. From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel. in Proceeding of the 22nd ACM Conference on Computer and Communications Security (CCS 2015). The Denver Marriot City Center, Denver, Colorado, US. October 12-16, 2015.
  • Wenbo Yang, Yuanyuan Zhang, Juanru Li, Bodong Li, Junliang Shu, Wenju Hu, Dawu Gu. AppSpear: Bytecode Decrypting and DEX Reassembling for Packed Android Malware. in Proceeding of the 18th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2015). Kyoto, Japan. November 2–4, 2015.

Journal Paper

  • Shi-Feng Sun, Dawu Gu, Chen Lyu, Yuanyuan Zhang and Yanli Ren, Towards Efficient, Secure and Fine-Grained Access Control System in MSNs with Flexible Revocations, International Journal of Distributed Sensor Networks (IJDSN), vol. 2015, Article ID 857405, 15 pages, 2015. doi:10.1155/2015/857405.

2014

Conference Papers

  • Hui Liu, Yuanyuan Zhang, Hui Wang, Wenbo Yang, Juanru Li and Dawu Gu.TagDroid: Hybrid SSL Certificate Verification in Android. in Proceeding of the 16th International Conference on Information and Communications Security (ICICS2014). Hong Kong,China. December 16-17, 2014.
  • Juanru Li, Yuanyuan Zhang, Wenbo Yang, Junliang Shu and Dawu Gu. DIAS: Automated Online Analysis for Android Applications. in Proceeding of the 14th IEEE International Conference on Computer and Information Technology (IEEE CIT'14). Xi'an, China. Sept 11-13, 2014.
  • Yong Li, Yuanyuan Zhang, Juanru Li and Dawu Gu. iCryptoTracer: Dynamic Analysis on Misuse of Cryptographic Functions in iOS Applications. in Proceeding of the 8th International Conference on Network and System Security (NSS 2014). Xi'an, China. Oct 15-17, 2014.
  • Junliang Shu, Juanru Li, Yuanyuan Zhang and Dawu Gu. Android App Protection via Interpretation Obfuscation. in Proceeding of the 12th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2014), Dalian, China, August 24-27, 2014.
  • Wenbo Yang, Juanru Li, Yuanyuan Zhang, Yong Li, Junliang Shu and Dawu Gu. APKLancet: Tumor Payload Diagnosis and Purification for Android Applications. in Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS'14). Kyoto, Japan. June 2014

2013 and earlier

Conference Papers

  • Ruoxu Zhao, Dawu Gu, Juanru Li and Yuanyuan Zhang, Automatic Detection and Analysis of Encrypted Messages in Malware. i the 9th China International Conference on Information Security and Cryptology, (INSCRYPT 2013), Guangzhou, Vol. 8567 of Lecture Notes in Computer Science, China, November 27-30, 2013. Springer, Heidelberg.
  • Yuanyuan Zhang and Marine Minier, Selective Forwarding Attacks Against Data and ACK Flows in Network Coding and Countermeasures, Journal of Computer Networks and Communications, Taylor & Francis, vol.2012, Article ID 184783, 2012. doi:10.1155/2012/184783.
  • Yuanyuan Zhang, and M. Minier, How Network Coding System Constrains Packet Pollution Attacks in Wireless Sensor Networks, in the 6th International Conference on Network and System Security (NSS2012), Wuyishan, Fujian, China, Nov.21-23 2012.
  • Yuanyuan Zhang, W. Znaidi, C. Lauradoux, and M. Minier, Flooding attacks against network coding and countermeasures, in the 5th International Conference on Network and System Security (NSS2011), Milan, Italy, Sep.6-8 2011.
  • Yuanyuan Zhang and Junzhong Gu, Using counter cache coherence to improve memory encryptions performance in multiprocessor systems, in the 8th FTRA International Conference on Secure and Trust Computing, Data Management and Applications (STA2011), Loutraki, Greece, June.2011.
  • Yuanyuan Zhang, Dawu Gu and Bart Preneel, Reliable key establishment scheme exploiting unidirectional links in wireless sensor networks, in the 2008 IEEE/IFIP International Conference On Embedded and Ubiquitous Computing (EUC2008), Shanghai, China, Dec.2008.
  • Yuanyuan Zhang, Dawu Gu, PWKEP: a pair-wise key establishment protocol for sensor networks providing provable security, the 4th IEEE International Conference on Wireless Communications, Networking and Mobile Computing (WiCOM2008), Dalian, China, Oct. 2008.
  • Mengqi Zeng, Fangyong Hou, Dawu Gu, Yuanyuan Zhang and NingNan Song. Efficient Authenticated Encryption for Hybrid Hard Drives Based on GCM, in the International Conference on High Performance Computing and Communications (HPCC 2008), IEEE Computer Society, 964-970. Dalian, China, Sep.2008.

Journal Papers

  • Yuanyuan Zhang and Marine Minier, How Network Coding System Constrains Packet Pollution Attacks in Wireless Sensor Networks, International Journal of Grid and Utility Computing 09/2013; 4(2/3):197-203.
  • Chen Lyu, Dawu Gu, Yuanyuan Zhang, Tingting Lin, Xiaomei Zhang, Towards Efficient and Secure Geographic Routing Protocol for Hostile Wireless Sensor Networks, International Journal of Distributed Sensor Networks (IJDSN), Taylor & Francis.Volume 2013 (2013), Article ID 491973.
  • Yuanyuan Zhang, Dawu Gu, Fangyong Hou, Mengqi Zeng and Tao Cheng, Architecture Support for Memory Confidentiality and Integrity in Embedded Systems, International Journal of Distributed Sensor Networks (IJDSN), Taylor & Francis, vol.5, Jan. 2009.
  • Yuanyuan Zhang, Dawu Gu and Juanru Li, Exploiting unidirectional links for key establishment protocols in heterogeneous sensor networks, Computer Communications (COMCOMM), Elsevier Publication, vol.31, pp. 2959-2971, Aug. 2008.