News

IoT malware analysis/detection paper is accepted to ASIACCS’22!

Posted on February 10, 2022 by guofei

Our IoT malware analysis and detection paper is accepted to ASIACCS’22. Congratulations, Hongda!

Software-defined vehicle security papers accepted to USENIX Security’22!

Posted on July 16, 2021 by guofei

Our collaborative papers on software-defined vehicle security research are accepted to USENIX Security’22! Congratulations Lei, Le & Xiapu!

Yangyong has successfully defended his PhD thesis!

Posted on June 15, 2021 by guofei

Yangyong has successfully defended his PhD thesis titled “Understanding and Securing Voice
Assistant Applications”! Big congratulations!

Two papers accepted to RAID’21

Posted on June 10, 2021 by guofei

Our research papers on Service Worker security and voice service security are accepted to RAID’21. Congratulations Patrick & Yangyong!

Happer paper accepted to S&P’21

Posted on February 25, 2021 by guofei

Happer is a new tool for unpacking Android apps via a hardware-assisted approach. Congratulations, Lei & Xiapu!

Hidden Property Abusing (HPA) paper accepted to USENIX Security’21!

Posted on January 9, 2021 by guofei

We discovered a new type of security issue in Node.js ecosystem (named HPA, Hidden Property Abusing) and developed a new detection and verification tool, Lynx (released here). Congratulations, Feng & Jianwei!

New web vulnerability (SW-XSS) and detection tool released

Posted on December 1, 2020 by guofei

Our work on discovering a new type of Web vulnerability, namely Service Worker based Cross-Site Scripting (SW-XSS), will appear in ACSAC’20. The artifacts (including VM and new detection tool source code) are also released (check here). Congratulations, Patrick!

SVHunter (from our S&P’20 paper) code released!

Posted on March 1, 2020 by guofei

SVHunter is a novel tool to pinpoints a wide range of sensitive methods in SDN controllers and create data dependencies to attack these methods. The source code is available here.

See our S&P’20 paper for more details: Feng Xiao, Jinquan Zhang, Jianwei Huang, Guofei Gu, Dinghao Wu, Peng Liu. “Unexpected Data Dependency Creation and Chaining: A New Attack to SDN.” In Proc. of the 41st IEEE Symposium on Security and Privacy (S&P’20), San Francisco, CA, May 2020. [pdf] [bib]

Jonathan has successfully defended his MS thesis!

Posted on February 26, 2020 by guofei

Mr. Jonathan Grimes has successfully defended his MS thesis titled “JANUS: Alternating Strength to Detect
MAC Spoof”! He is going to join Sandia National Laboratories soon. Congratulations, Jonathan!

3 papers to appear in NDSS’20

Posted on January 8, 2020 by guofei

Our papers on programmable data plane security (Poseidon), new Buffered Packets Hijacking attack in SDN, and blockchain security (SODA) are to appear in NDSS’20. Congratulations, Menghao, Jiahao &Qi, Ting & Xiapu!