Our collaborative papers on software-defined vehicle security research are accepted to USENIX Security’22! Congratulations Lei, Le & Xiapu!
News
Yangyong has successfully defended his PhD thesis!
Yangyong has successfully defended his PhD thesis titled “Understanding and Securing Voice
Assistant Applications”! Big congratulations!
Two papers accepted to RAID’21
Our research papers on Service Worker security and voice service security are accepted to RAID’21. Congratulations Patrick & Yangyong!
Happer paper accepted to S&P’21
Happer is a new tool for unpacking Android apps via a hardware-assisted approach. Congratulations, Lei & Xiapu!
Hidden Property Abusing (HPA) paper accepted to USENIX Security’21!
We discovered a new type of security issue in Node.js ecosystem (named HPA, Hidden Property Abusing) and developed a new detection and verification tool, Lynx (released here). Congratulations, Feng & Jianwei!
New web vulnerability (SW-XSS) and detection tool released
Our work on discovering a new type of Web vulnerability, namely Service Worker based Cross-Site Scripting (SW-XSS), will appear in ACSAC’20. The artifacts (including VM and new detection tool source code) are also released (check here). Congratulations, Patrick!
SVHunter (from our S&P’20 paper) code released!
SVHunter is a novel tool to pinpoints a wide range of sensitive methods in SDN controllers and create data dependencies to attack these methods. The source code is available here.
See our S&P’20 paper for more details: Feng Xiao, Jinquan Zhang, Jianwei Huang, Guofei Gu, Dinghao Wu, Peng Liu. “Unexpected Data Dependency Creation and Chaining: A New Attack to SDN.” In Proc. of the 41st IEEE Symposium on Security and Privacy (S&P’20), San Francisco, CA, May 2020. [pdf] [bib]
Jonathan has successfully defended his MS thesis!
Mr. Jonathan Grimes has successfully defended his MS thesis titled “JANUS: Alternating Strength to Detect
MAC Spoof”! He is going to join Sandia National Laboratories soon. Congratulations, Jonathan!
3 papers to appear in NDSS’20
Our papers on programmable data plane security (Poseidon), new Buffered Packets Hijacking attack in SDN, and blockchain security (SODA) are to appear in NDSS’20. Congratulations, Menghao, Jiahao &Qi, Ting & Xiapu!
Dr. Gu named an IEEE Fellow (class of 2020)
Dr. Gu is honored to be named an IEEE Fellow (class of 2020), “for contributions to malware detection and security of next generation networks”.