My Google Scholar Profile
2024
- Xuanbo Huang, Kaiping Xue, Lutong Chen, Mingrui Ai, Huancheng, Bo Luo, Guofei Gu, Qibin Sun. “You Can Obfuscate, but You Cannot Hide: CrossPoint Attacks against Network Topology Obfuscation. ” In Proc. of the 33rd USENIX Security Symposium (Security’24), Philadelphia, USA, August 2024
- Suraj Shamsundar Jain, Huancheng Zhou and Guofei Gu. “WIRE: Web3 Integrated Reputation Engine.” In Proc. of the 44th International Conference on Distributed Computing Systems (ICDCS’24), Jersey City, New Jersey, USA, July 2024. (Release info)
- Huancheng Zhou and Guofei Gu. “Cerberus: Enabling Efficient and Effective In-Network Monitoring on Programmable Switches.” In Proc. of the 45th IEEE Symposium on Security and Privacy (S&P’24), May 2024. (Release info)
- Yuxuan Zhou*, Jiaqi Chen*, Yibo Wang, Yuzhe Tang and Guofei Gu. “Towards Understanding Crypto-Asset Risks on Ethereum Caused by Key Leakage on the Internet.” (short paper). In Proc. of the 2024 ACM Web Conference (WWW’24), May 2024. (* co-first authors)
- [Journal] Jinwoo Kim, Minjae Seo, Seungsoo Lee, Jaehyun Nam, Vinod Yegneswaran, Phillip Porras, Guofei Gu, Seungwon Shin. “Enhancing security in SDN: Systematizing attacks and defenses from a penetration perspective. ” In Computer Networks, vol. 241, 2024.
2023
- [Journal] Sungmin Hong, Lei Xu, Jianwei Huang, Hongda Li, Hongxin Hu, Guofei Gu. “SysFlow: Towards a Programmable Zero Trust Framework for System Security.” In IEEE Transactions on Information Forensics and Security (TIFS), 2023. [pdf] [bib] (Release info)
- Lei Xu, Yangyong Zhang, Phakpoom Chinprutthiwong, and Guofei Gu. “Automatic Synthesis of Network Security Services: A First Step.” In Proc. of the 32nd International Conference on Computer Communication and Networks (ICCCN’23), Hawaii, USA, July 2023. (Invited paper) [pdf] [bib]
- Yangyong Zhang, Raj Vardhan, Phakpoom Chinprutthiwong, Guofei Gu. “Do Users Really Know Alexa? Understanding Alexa Skill Security Indicators.” In Proc. of the 18th ACM ASIA Conference on Computer and Communications Security (ASIACCS’23), Melbourne, Australia, July 2023. [pdf] [bib]
- Raj Vardhan, Alok Chandrawal, Phakpoom Chinprutthiwong, Yangyong Zhang, Guofei Gu. “#DM-Me: Susceptibility to Direct Messaging-Based Scams.” In Proc. of the 18th ACM ASIA Conference on Computer and Communications Security (ASIACCS’23), Melbourne, Australia, July 2023. [pdf] [bib]
- Huancheng Zhou, Sungmin Hong, Yangyang Liu, Xiapu Luo, Weichao Li, Guofei Gu. “Mew: Enabling Large-Scale and Dynamic Link-Flooding Defenses on Programmable Switches.” In Proc. of the 44th IEEE Symposium on Security and Privacy (S&P’23), May 2023. [pdf] [bib] (Release info)
2022
- Phakpoom Chinprutthiwong, Jianwei Huang, Guofei Gu. “SWAPP: A New Programmable Playground for Web Application Security.” In Proc. of the 31st USENIX Security Symposium (Security’22), Boston, USA, August 2022. [pdf] [bib] (Release info)
- Hongda Li, Qiqing Huang, Fei Ding, Hongxin Hu, Long Cheng, Guofei Gu, Ziming Zhao. ” Understanding and Detecting Remote Infection on Linux-based IoT Devices.” In Proceedings of 2022 ACM ASIA Conference on Computer and Communications Security (ASIACCS’22), Japan, June 2022. (Acceptance rate 18.4% =54/294) [pdf] [bib] (Best Paper Award!)
- Payton Walker, Nathan McClaran, Zihao Zheng, Nitesh Saxena, Guofei Gu. “BiasHacker: Voice Command Disruption by Exploiting Speaker Biases in Automatic Speech Recognition. ” (short paper) In Proc. of 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec’22), May 2022. [pdf] [bib]
- Lei Xue, Yangyang Liu, Tianqi LI, Kaifa Zhao, Jianfeng Li, Le Yu, Xiapu Luo, Yajin Zhou, Guofei Gu. “SAID: State-aware Defense Against Injection Attacks on In-vehicle Network. ” In Proc. of the 31st USENIX Security Symposium (Security’22), Boston, USA, August 2022. [pdf] [bib]
- Le Yu, Y. Liu, P. Jing, X. Luo, L. Xue, K. Zhao, Y. Zhou, T. Wang, G. Gu, S. Nie, and S. Wu. “Towards Automatically Reverse Engineering Vehicle Diagnostic Protocols.” In Proc. of the 31st USENIX Security Symposium (Security’22), Boston, USA, August 2022. [pdf] [bib]
- [Journal] Menghao Zhang, Guanyu Li, Xiao Kong, Chang Liu, Mingwei Xu, Guofei Gu, Jianping Wu, “NetHCF: Filtering Spoofed IP Traffic With Programmable Switches.” In IEEE Transactions on Dependable and Secure Computing (TDSC), 2022. [pdf] [bib]
- [Journal] Renjie Xie, Jiahao Cao, Qi Li, Kun Sun, Guofei Gu, Mingwei Xu, Yuan Yang. “Disrupting the SDN Control Channel via Shared Links: Attacks and Countermeasures.” In IEEE/ACM Transactions on Networking (ToN), 2022. [pdf] [bib]
- [Journal] Ala Altaweel, Radu Stoleru, Guofei Gu, Arnab Kumar Maity, Suman Bhunia. “On Detecting Route Hijacking Attack in Opportunistic Mobile Networks. ” In IEEE Transactions on Dependable and Secure Computing (TDSC), 2022. [pdf] [bib]
2021
- Phakpoom Chinprutthiwong, Raj Vardhan, Guangliang Yang, Yangyong Zhang, Guofei Gu. “The Service Worker Hiding in Your Browser: The Next Web Attack Target? ” In Proc. of the 24th International Symposium on Research in Attacks, Intrusions and Defenses (RAID’21)), Spain, October 2021. (Acceptance rate 23.9%=33/138) [pdf] [bib]
- Yangyong Zhang, Maliheh Shirvanian, Sunpreet Arora, Jianwei Huang, Guofei Gu. “Practical Speech Re-use Prevention in Voice-driven Services.” In Proc. of the 24th International Symposium on Research in Attacks, Intrusions and Defenses (RAID’21)), Spain, October 2021. (Acceptance rate 23.9%=33/138) [pdf] [bib]
- Feng Xiao, Jianwei Huang, Yichang Xiong, Guangliang Yang, Hong Hu, Guofei Gu, Wenke Lee. “Abusing Hidden Properties to Attack the Node.js Ecosystem. ” In Proc. of the 30th USENIX Security Symposium (Security’21), Vancouver, Canada, August 11-13, 2021. [pdf] [bib] (Release info)
- Lei Xue, Hao Zhou, Xiapu Luo, Yajin Zhou, Yang Shi, Guofei Gu, Fengwei Zhang, Man Ho Au. “Happer: Unpacking Android Apps via a Hardware-Assisted Approach. ” In Proc. of the 42nd IEEE Symposium on Security and Privacy (S&P’21), May 2021. [pdf] [bib]
- [Journal] Li, Guanyu; Zhang, Menghao; Wang, Shicheng; Liu, Chang; Xu, Mingwei; Chen, Ang; Hu, Hongxin; Gu, Guofei; Li, Qi; Wu, Jianping. “Enabling Performant, Flexible and Cost-Efficient DDoS Defense With Programmable Switches.” To appear In IEEE/ACM Transactions on Networking (ToN), 2021. [pdf] [bib]
- [Journal] Menghao Zhang, Guanyu Li, Lei Xu, Jiasong Bai, Mingwei Xu, Guofei Gu, Jianping Wu. “Control Plane Reflection Attacks and Defenses in Software-Defined Networks.” To appear In IEEE/ACM Transactions on Networking (ToN), 2021. [pdf] [bib]
- Raj Vardhan, Ninghao Liu, Phakpoom Chinprutthiwong, Weijie Fu, Zhenyu Hu, Xia Ben Hu, Guofei Gu. “ExAD: An Ensemble Approach for Explanation-based Adversarial Detection.” arXiv:2103.11526v1 [cs.LG]
2020
- Feng Xiao, Jianwei Huang, Yichang Xiong, Guangliang, Hong Hu, Guofei Gu, Wenke Lee. “Discovering Hidden Properties to Attack Node.js Ecosystem. ” BlackHat USA, 2020.
- Phakpoom Chinprutthiwong, Raj Vardhan, GuangLiang Yang, Guofei Gu. “Security Study of Service Worker Cross-Site Scripting. ” In Proc. of 2020 Annual Computer Security Applications Conference (ACSAC’20), USA, December 2020. (Acceptance rate 23%=70/302) [pdf] [bib] (Release info)
- Feng Xiao, Jinquan Zhang, Jianwei Huang, Guofei Gu, Dinghao Wu, Peng Liu. “Unexpected Data Dependency Creation and Chaining: A New Attack to SDN.” In Proc. of the 41st IEEE Symposium on Security and Privacy (S&P’20), San Francisco, CA, May 2020. [pdf] [bib] (Release info)
- Menghao Zhang, Guanyu Li, Shicheng Wang, Chang Liu, Ang Chen, Hongxin Hu, Guofei Gu, Qi Li, Mingwei Xu, and Jianping Wu. “Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches.” In Proc. of the Network and Distributed System Security Symposium (NDSS’20), San Diego, California, Feb. 2020. [pdf] [bib]
- Jiahao Cao, Renjie Xie, Kun Sun, Qi Li, Guofei Gu, Mingwei Xu. “When Match Fields Do Not Need to Match: Buffered Packets Hijacking in SDN.” In Proc. of the Network and Distributed System Security Symposium (NDSS’20), San Diego, California, Feb. 2020. [pdf] [bib]
- Ting Chen, Rong Cao, Ting Li, Xiapu Luo, Guofei Gu, Yufei Zhang, Zhou Liao, Hang Zhu, Gang Chen, Zheyuan He, Yuxing Tang, Xiaodong Lin, Xiaosong Zhang. “SODA: A Generic Online Detection Framework for Smart Contracts.” In Proc. of the Network and Distributed System Security Symposium (NDSS’20), San Diego, California, Feb. 2020. [pdf] [bib] (Release info)
- Jianwei Huang, Vinod Yegneswaran, Phillip Porras, Guofei Gu. “On the Privacy and Integrity Risks of Contact-Tracing Applications.” arXiv:2012.03283 [cs.CR]
2019
- Guanyu Li, Menghao Zhang, Chang Liu, Xiao Kong, Ang Chen, Guofei Gu, Haixin Duan, Mingwei Xu. “NetHCF: Enabling Line-rate and Adaptive Spoofed IP Traffic Filtering.” In Proc. of the 27th IEEE International Conference on Network Protocols (ICNP’19), Chicago, Illinois, USA, October 7-10, 2019 (Acceptance rate 19.5%=41/210) [pdf] [bib]
- Guangliang Yang, Jeff Huang, Guofei Gu. “Iframes/Popups Are Dangerous in Mobile WebView: Studying and Mitigating Differential Context Vulnerabilities.” In Proc. of the 28th USENIX Security Symposium (Security’19), Santa Clara, CA, August 2019. [pdf] [bib]
- Jiahao Cao, Qi Li, Renjie Xie, Kun Sun, Guofei Gu, Mingwei Xu, and Yuan Yang. “The CrossPath Attack: Disrupting the SDN Control Channel via Shared Links”. In Proc. of the 28th USENIX Security Symposium (Security’19), Santa Clara, CA, August 2019. [pdf] [bib]
- Ala Altaweel, Radu Stoleru, Guofei Gu, Arnab Maity. “CollusiveHijack: A New Route Hijacking Attack and Countermeasures in Opportunistic Networks.” In Proc. Of IEEE Conference on Communications and Network Security (CNS’19), Washington, D.C., June 2019. (Acceptance rate 28%=32/115) [pdf] [bib]
- Yangyong Zhang, Lei Xu, Abner Mendoza, Guangliang Yang, Phakpoom Chinprutthiwong, Guofei Gu. “Life after Speech Recognition: Fuzzing Semantic Misinterpretation for Voice Assistant Applications.” In Proc. of the Network and Distributed System Security Symposium (NDSS’19), San Diego, California, Feb. 2019. (Acceptance rate: 17%=89/521 ) [pdf] [bib] (Project website with code release)
2018
- Haopei Wang, Guangliang Yang, Phakpoom Chinprutthiwong, Lei Xu, Yangyong Zhang, Guofei Gu. “Towards Fine-grained Network Security Forensics and Diagnosis in the SDN Era.” In Proc. of the 25th ACM Conference on Computer and Communications Security (CCS’18), Toronto, Canada, October 2018. (Acceptance rate: 16.6%=134/809) [pdf] [bib] (Release info)
- Hongda Li, Hongxin Hu, Guofei Gu, Gail-Joon Ahn, Fuqiang Zhang. “vNIDS: Towards Elastic Security with Safe and Efficient Virtualization of Network Intrusion Detection Systems.” In Proc. of the 25th ACM Conference on Computer and Communications Security (CCS’18), Toronto, Canada, October 2018. (Acceptance rate: 16.6%=134/809) [pdf] [bib]
- Menghao Zhang, Guanyu Li, Lei Xu, Jun Bi, Guofei Gu, Jiasong Bai. “Control Plane Reflection Attacks in SDNs: New Attacks and Countermeasures.” In Proc. of the 21st International Symposium on Research in Attacks, Intrusions and Defenses (RAID’18), Heraklion, Greece, September 2018. (Acceptance rate: 22.8%=33/145) [pdf] [bib] (Release info)
- Jialong Zhang, Jiyong Jang, Guofei Gu, Marc Ph. Stoecklin, Xin Hu. “Error-Sensor: Mining Information from HTTP Error Traffic for Malware Intelligence. ” In Proc. of the 21st International Symposium on Research in Attacks, Intrusions and Defenses (RAID’18), Heraklion, Greece, September 2018. (Acceptance rate: 22.8%=33/145) [pdf] [bib]
- Seungwon Shin, Zhaoyan Xu, Yeonkeun Kim and Guofei Gu. “CloudRand: Building Heterogeneous and Moving-target Network Interfaces. ” In Proc. of the 27th International Conference on Computer Communication and Networks (ICCCN’18), Hangzhou, China, August 2018. (Invited paper) [pdf] [bib]
- Richard Skowyra, Lei Xu, Guofei Gu, Thomas Hobson, Veer Dedhia, James Landry, Hamed Okhravi. “Effective Topology Tampering Attacks and Defenses in Software-Defined Networks. ” In Proc. of the 48th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’18), Luxembourg, June 2018. (Acceptance rate: 28%=62/221) [pdf] [bib] (Release info)
- Abner Mendoza, Guofei Gu. “Mobile Application Web API Reconnaissance: Web-to-Mobile Inconsistencies & Vulnerabilities. ” In Proc. of the 39th IEEE Symposium on Security and Privacy (S&P’18), San Francisco, CA, May 2018. (Acceptance rate: 11.5%=63/549) [pdf] [bib]
- Guangliang Yang, Jeff Huang, Guofei Gu, Abner Mendoza. “Study and Mitigation of Origin Stripping Vulnerabilities in Hybrid-postMessage Enabled Mobile Applications.” In Proc. of the 39th IEEE Symposium on Security and Privacy (S&P’18), San Francisco, CA, May 2018. (Acceptance rate: 11.5%=63/549) [pdf] [bib] (Project website with source code release)
- Abner Mendoza, Phakpoom Chinprutthiwong and Guofei Gu. “Uncovering HTTP Header Inconsistencies and the Impact on Desktop/Mobile Websites.” In Proc. of the Web Conference (WWW’18), Lyon, France, April 2018. (Acceptance rate 14.8%=171/1155)[pdf] [bib]
- Guangliang Yang, Jeff Huang, Guofei Gu. “Automated Generation of Event-Oriented Exploits in Android Hybrid Apps.” In Proc. of the Network and Distributed System Security Symposium (NDSS’18), San Diego, California, Feb. 2018.(Acceptance rate: 21.5% = 71/331) [pdf] [bib]
- [Journal] Lei Xue, Xiaobo Ma, Xiapu Luo, Edmond W.W. Chan, Tony T.N. Miu, Guofei Gu. “LinkScope: Towards Detecting Target Link Flooding Attacks.” In IEEE Transactions on Information Forensics and Security (TIFS), 2018. [pdf] [bib]
- [Journal] Jing Zheng, Qi Li, Guofei Gu, Jiahao Cao, David K.Y. Yau, and Jianping Wu. “Realtime DDoS Defense Using COTS SDN Switches via Adaptive Correlation Analysis. ” In IEEE Transactions on Information Forensics and Security (TIFS), 2018. [pdf] [bib]
- [Journal] Weili Han, Zhigong Li, Minyue Ni, Guofei Gu, Wenyuan Xu. “Shadow Attacks based on Password Reuses: A Quantitative Empirical View.” In IEEE Transactions on Dependable and Secure Computing (TDSC), 2018.[pdf] [ bib]
2017
- Guofei Gu, Hongxin Hu, Eric Keller, Zhiqiang Lin, Donald Porter. “Building a Security OS with Software Defined Infrastructure.” In Proc. of the Eighth ACM SIGOPS Asia-Pacific Workshop on Systems (APSys’17), India, September 2017. [pdf] [bib] (S2OS Project Website)
- Guangliang Yang, Abner Mendoza, Jialong Zhang, Guofei Gu. “Precisely and Scalably Vetting JavaScript Bridge In Android Hybrid Apps.” In Proc. of the 20th International Symposium on Research on Attacks, Intrusions and Defenses (RAID’17), Atlanta, GA, September 2017. (Acceptance rate 20%=21/105) [pdf] [bib]
- Lei Xu, Jeff Huang, Sungmin Hong, Jialong Zhang, Guofei Gu. “Attacking the Brain: Races in the SDN Control Plane.” In Proc. of the 26th USENIX Security Symposium (Security’17), Vancouver, BC, Canada, August 2017. (Acceptance rate 16%=85/522) [pdf] [bib]
- Lei Xue, Yajin Zhou, Ting Chen, Xiapu Luo, Guofei Gu. “Malton: Towards On-Device Non-Invasive Mobile Malware Analysis for ART.” In Proc. of the 26th USENIX Security Symposium (Security’17), Vancouver, BC, Canada, August 2017. (Acceptance rate 16%=85/522) [pdf] [bib]
- Ala Altaweel, Radu Stoleru, Guofei Gu. “EvilDirect: A New Wi-Fi Direct Hijacking Attack and Countermeasures.” In Proc. of the 26th International Conference on Computer Communication and Networks (ICCCN’17), Vancouver, Canada, August 2017. (Acceptance rate 25%) [pdf] [bib]
- Chao Yang, Jialong Zhang and Guofei Gu. “Understanding the Market-level and Network-level Behaviors of the Android Malware Ecosystem.” In Proc. of the 37th International Conference on Distributed Computing Systems (ICDCS’17), Atlanta, GA, June 2017. (short paper) [pdf] [bib]
- Haopei Wang, Abhinav Srivastava, Lei Xu, Sungmin Hong, Guofei Gu. “Bring Your Own Controller: Enabling Tenant-defined SDN Apps in IaaS Clouds.” In Proc. of 2017 IEEE International Conference on Computer Communications (INFOCOM’17), Atlanta, GA, May 2017. (Acceptance rate 20.9%=292/1395) [pdf] [bib]
- [Journal] Changhoon Yoon, Seungsoo Lee, Heedo Kang, Taejune Park, Seungwon Shin, Vinod Yegneswaran, Phillip Porras, Guofei Gu. “Flow Wars: Systemizing the Attack Surface and Defenses in Software-Defined Networks.” To appear in IEEE/ACM Transactions on Networking (ToN), 2017. [pdf][ bib]
- [Journal] Yuhong Nan, Zhemin Yang, Min Yang, Shunfan Zhou, Yuan Zhang, Guofei Gu, Xiaofeng Wang, Limin Sun. “Identify User-Input Privacy in Mobile Applications at Large Scale.” In IEEE Transactions on Information Forensics and Security (TIFS), 2017. [pdf][ bib]
2016
- Seungwon Shin, Lei Xu, Sungmin Hong, Guofei Gu. “Enhancing Network Security through Software Defined Networking (SDN).” In Proc. of The 25th International Conference on Computer Communication and Networks (ICCCN’16), Hawaii, USA, August 2016. (Invited paper) [pdf] [bib]
- Jialong Zhang, Xin Hu, Jiyong Jang, Ting Wang, Guofei Gu, Marc Stoecklin. “Hunting for Invisibility: Characterizing and Detecting Malicious Web Infrastructures through Server Visibility Analysis.” In Proc. of 2016 IEEE International Conference on Computer Communications (INFOCOM’16), San Francisco, California, April 2016. (Acceptance rate 18.25%=300/1644) [pdf] [bib]
- Sungmin Hong, Robert Baykov, Lei Xu, Srinath Nadimpalli, Guofei Gu. “Towards SDN-Defined Programmable BYOD (Bring Your Own Device) Security.” In Proc. of the Network and Distributed System Security Symposium (NDSS’16), San Diego, California, Feb. 2016. (Acceptance rate 15.4%=60/389) [pdf] [bib] (Finalist for CSAW Best Applied Security Paper Award 2016)
- [Journal] Amin Hassanzadeh, Zhaoyan Xu, Radu Stoleru, Guofei Gu, Michalis Polychronakis. “PRIDE: A Practical Intrusion Detection System for Resource Constrained Wireless Mesh Networks.” In Elsevier Computers & Security, 2016. [pdf] [bib]
- [Journal] Yuan Zhang, Min Yang, Guofei Gu and Hao Chen. “Rethinking Permission Enforcement Mechanism on Mobile Systems.” In IEEE Transactions on Information Forensics and Security (TIFS), 2016.[pdf] [ bib]
2015
- Chao Yang, Guangliang Yang, Ashish Gehani, Vinod Yegneswaran, Dawood Tariq and Guofei Gu. “Using Provenance Patterns to Vet Sensitive Behaviors in Android Apps.” In Proc. of 11th International Conference on Security and Privacy in Communication Networks (SecureComm’15), Dallas, US, October 2015 (Acceptance rate 27.8%=30/108) [pdf] [bib]
- Yuan Zhang, Min Yang, Guofei Gu and Hao Chen. “FineDroid: Enforcing Permissions with System-wide Application Execution Context.” In Proc. of 11th International Conference on Security and Privacy in Communication Networks (SecureComm’15), Dallas, US, October 2015 (Acceptance rate 27.8%=30/108) [pdf] [bib]
- Yuhong Nan, Min Yang, Zhemin Yang, Shunfan Zhou, Guofei Gu, Xiaofeng Wang. “UIPicker: User-Input Privacy Identification in Mobile Applications.” In Proc. of the 24th USENIX Security Symposium (Security’15), Washington DC, August 2015. (Acceptance rate 15.7%=67/426) [pdf] [bib]
- Jialong Zhang, Sabyasachi Saha, Guofei Gu, Sung-Ju Lee, and Marco Mellia. “Systematic Mining of Associated Server Herds for Malware Campaign Discovery.” In Proc. of the 35th International Conference on Distributed Computing Systems (ICDCS’15), Columbus, OH, June 2015. (Acceptance rate 12.9%=70/543) [pdf] [bib] (Best Paper Award)
- Haopei Wang, Lei Xu, Guofei Gu. “FloodGuard: A DoS Attack Prevention Extension in Software-Defined Networks.” In Proc. of the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’15), Rio de Janeiro, Brazil, June 2015. (Acceptance rate 21.8%=50/229) [pdf] [bib]
- Abner Mendoza, Kapil Singh, Guofei Gu. “What is Wrecking Your Data Plan? A Measurement Study of Mobile Web Overhead.” In Proc. of 2015 Annual IEEE Conference on Computer Communications (INFOCOM’15), Hong Kong, April 2015. (Acceptance rate 19%=316/1640) [pdf] [bib]
- Sungmin Hong*, Lei Xu*, Haopei Wang, Guofei Gu. “Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures.” In Proc. of 22nd Annual Network & Distributed System Security Symposium (NDSS’15), San Diego, CA, USA. February 2015. (*co-first author) Acceptance rate 16.9%=51/302 [pdf] [bib] (Source code now available!)
- [Journal] Seungwon Shin, Haopei Wang, Guofei Gu. “A First Step Towards Network Security Virtualization: From Concept To Prototype.” In IEEE Transactions on Information Forensics and Security (TIFS), vol. 10, no. 10, 2015. [pdf] [bib]
- [Journal] Chenxiong Qian, Xiapu Luo,Le Yu, Guofei Gu. “VulHunter: Towards Discovering Vulnerabilities in Android Applications.” In IEEE Micro, Vol. 35, No. 1, 2015. [pdf] [bib]
- [Journal] Shui Yu, Guofei Gu, Ahmed Barnawi, Song Guo, and Ivan Stojmenovic, “Malware Propagation in Large-Scale Networks,” In IEEE Transactions on Knowledge and Data Engineering (TKDE), vol.27, no. 1, pp. 170-179, 2015 [pdf] [bib]
2014
- Chao Yang, Jialong Zhang, Guofei Gu. “A Taste of Tweets: Reverse Engineering Twitter Spammers.” In Proc. of 2014 Annual Computer Security Applications Conference (ACSAC’14), New Orleans, Louisiana, USA, December 2014. (Acceptance rate 19.9%=47/236) [pdf] [bib]
- Zhaoyan Xu, Antonio Nappa, Robert Baykov, Guangliang Yang, Juan Caballero, and Guofei Gu. “AutoProbe: Towards Automatic Active Malicious Server Probing Using Dynamic Binary Analysis.” In Proc. of the 21st ACM Conference on Computer and Communications Security (CCS’14), Scottsdale, AZ, November 2014 (Acceptance rate 19.5%=114/585) [pdf] [bib] (Finalist for CSAW Best Applied Security Paper Award 2014)
- Chao Yang, Zhaoyan Xu, Guofei Gu, Vinod Yegneswaran and Phillip Porras. “DroidMiner: Automated Mining and Characterization of Fine-grained Malicious Behaviors in Android Applications.” To appear in Proceedings of the 19th European Symposium on Research in Computer Security (ESORICS’14), Wroclaw, Poland, September 2014. (Acceptance rate %) [pdf] [bib]
- Yong Wang, Zhaoyan Xu, Jialong Zhang, Lei Xu, Haopei Wang and Guofei Gu. “SRID: State Relation based Intrusion Detection for False Data Injection Attacks in SCADA.” To appear in Proceedings of the 19th European Symposium on Research in Computer Security (ESORICS’14), Wroclaw, Poland, September 2014. (Acceptance rate %) [pdf] [bib]
- Zhaoyan Xu, Jialong Zhang, Guofei Gu, Zhiqiang Lin. “GoldenEye: Efficiently and Effectively Unveiling Malware’s Targeted Environment.” To appear in Proceedings of the 17th International Symposium on Research in Attacks, Intrusions and Defenses (RAID’14), Gothenburg, Sweden. September 2014. (Acceptance rate 19.5%=22/113) [pdf] [bib]
- Jialong Zhang, Jayant Notani, Guofei Gu. “Characterizing Google Hacking: A First Large-Scale Quantitative Study.” In Proceedings of 10th International Conference on Security and Privacy in Communication Networks (SecureComm’14), Beijing, China, September 2014. [pdf] [bib]
- Yinzhi Cao, Chao Yang, Vaibhav Rastogi, Yan Chen and Guofei Gu. “Abusing Browser Address Bar for Fun and Profit – An Empirical Investigation of Add-on Cross Site Scripting Attacks.”In Proceedings of 10th International Conference on Security and Privacy in Communication Networks (SecureComm’14), Beijing, China, September 2014. [pdf] [bib]
- Antonio Nappa, Zhaoyan Xu, M. Zubair Rafique, Juan Caballero and Guofei Gu. “CyberProbe: Towards Internet-Scale Active Detection of Malicious Servers.” In Proceedings of the 21st Annual Network & Distributed System Security Symposium (NDSS’14), San Diego, CA, USA, February 2014. (Acceptance rate 18.6%=55/295) [pdf] [bib]
- [Journal] Yuan Zhang, Min Yang, Zhemin Yang, Guofei Gu, Peng Ning, and Binyu Zang. “Permission Use Analysis for Vetting Undesirable Behaviors in Android Apps.” In IEEE Transactions on Information Forensics and Security (TIFS), vol. 9, no. 11, 2014. [pdf] [bib]
2013
- Seungwon Shin, Vinod Yegneswaran, Phil Porras, and Guofei Gu. “AVANT-GUARD: Scalable and Vigilant Switch Flow Management in Software-Defined Networks.” In Proc. of the 20th ACM Conference on Computer and Communications Security (CCS’13), Berlin, Germany, November 2013. (Acceptance rate: 19.8%=105/530) [pdf] [bib]
- Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning and X. Sean Wang. “AppIntent: Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection.” In Proc. of the 20th ACM Conference on Computer and Communications Security (CCS’13), Berlin, Germany, November 2013. (Acceptance rate: 19.8%=105/530) [pdf] [bib]
- Yuan Zhang, Min Yang, Bingquan Xu, Zhemin Yang, Guofei Gu, Peng Ning, X. Sean Wang and Binyu Zang. “Vetting Undesirable Behaviors in Android Apps with Permission Use Analysis.” In Proc. of the 20th ACM Conference on Computer and Communications Security (CCS’13), Berlin, Germany, November 2013. (Acceptance rate: 19.8%=105/530) [pdf] [bib]
- Amin Hassanzadeh, Zhaoyan Xu, Radu Stoleru, Guofei Gu and Michalis Polychronakis. “PRIDE: Practical Intrusion Detection in Resource Constrained Wireless Mesh Networks. ” In Proc. of 2013 International Conference on Information and Communications Security (ICICS’13), Beijing, China, November 2013. (Acceptance rate: 25.7%=29/113) [pdf] [bib]
- Shardul Vikram, Chao Yang, Guofei Gu. “NOMAD: Towards Non-Intrusive Moving-Target Defense against Web Bots.” To appear in Proc. of IEEE Conference on Communications and Network Security (CNS’13), Washington, D.C., October 2013. (Acceptance rate: 28%=40/141) [pdf] [bib]
- Seungwon Shin and Guofei Gu. “Attacking Software-Defined Networks: A First Feasibility Study” (poster paper). In Proc. of ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (HotSDN’13), Hong Kong, August 2013. [pdf] [6-page version] [bib]
- Seungwon Shin, Phillip Porras, Vinod Yegneswaran, Guofei Gu. “A Framework For Integrating Security Services into Software-Defined Networks.” In 2013 Open Networking Summit (ONS’13, Research Track poster paper), Santa Clara, CA, April 2013. [pdf] [bib]
- Zhaoyan Xu, Jialong Zhang, Guofei Gu, Zhiqiang Lin. “AUTOVAC: Towards Automatically Extracting System Resource Constraints and Generating Vaccines for Malware Immunization.” In Proc. of the 33rd International Conference on Distributed Computing Systems (ICDCS’13), Philadelphia, July 2013. (Acceptance rate: 13%=61/464) [pdf] [bib]
- Sooel Son, Seungwon Shin, Vinod Yegneswaran, Phillip Porras, Guofei Gu. “Model Checking Invariant Security Properties in OpenFlow.” In Proc. of 2013 IEEE International Conference on Communications (ICC’13), Budapest, Hungary, June 2013. [pdf] [bib]
- Seungwon Shin, Phil Porras, Vinod Yegneswaran, Martin Fong, Guofei Gu, and Mabry Tyson. “FRESCO: Modular Composable Security Services for Software-Defined Networks.” To appear in Proceedings of the 20th Annual Network & Distributed System Security Symposium (NDSS’13), San Diego, CA, USA. February 2013. (Acceptance rate 18.8%=47/250) [pdf] [bib] (Finalist for CSAW Best Applied Security Paper Award 2013) (Source code now available!)
- Jialong Zhang and Guofei Gu. “NeighborWatcher: A Content-Agnostic Comment Spam Inference System.” To appear in Proceedings of the 20th Annual Network & Distributed System Security Symposium (NDSS’13), San Diego, CA, USA. February 2013. (Acceptance rate 18.8%=47/250) [pdf] [bib]
- Amit Amaleswarm, A. L. Narasimha Reddy, Sandep Yadav, Guofei Gu and Chao Yang. “CATS: Characterizing Automation of Twitter Spammers. ” In Proc. of the 5th International Conference on COMmunication Systems and NETworkS (COMSNETS’13), Bangalore, India, Jan. 2013. (Acceptance rate 26.4%=38/144)[ pdf] [bib]
- [Journal] Seungwon Shin, Zhaoyan Xu, Guofei Gu. “EFFORT: A New Host-Network Cooperated Framework for Efficient and Effective Bot Malware Detection.” In Computer Networks (Elsevier), 2013. [draft-pdf] [bib]
- [Journal] Chao Yang, Robert Harkreader, Guofei Gu. “Empirical Evaluation and New Design for Fighting Evolving Twitter Spammers. ” In IEEE Transactions on Information Forensics and Security (TIFS), vol. 8, no. 8, 2013. [pdf] [bib]
2012
- Seungwon Shin, Guofei Gu. “CloudWatcher: Network Security Monitoring Using OpenFlow in Dynamic Cloud Networks (or: How to Provide Security Monitoring as a Service in Clouds?)” To appear in Proceedings of the 7th Workshop on Secure Network Protocols (NPSec’12), co-located with IEEE ICNP’12, Austin, TX, USA, October 2012 (invited paper) [pdf] [bib]
- Cong Zheng, Shixiong Zhu, Shuaifu Dai, Guofei Gu, Xiaorui Gong and Wei Zou. “SmartDroid: An Automatic System for Revealing UI-based Trigger Conditions in Android Applications.” To appear in Proceedings of the 2nd ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM’12), Raleigh, NC, USA, October 2012. (Acceptance rate 36.7%=11/30) [pdf] [bib]
- Zhaoyan Xu, Lingfeng Chen, Guofei Gu and Christopher Kruegel. “PeerPress: Utilizing Enemies’ P2P Strength against Them.” To appear in Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS’12), Raleigh, NC, USA, October 2012. (Acceptance rate 18.9%=80/423) [pdf] [bib]
- Jialong Zhang, Chao Yang, Zhaoyan Xu, Guofei Gu. “PoisonAmplifier: A Guided Approach of Discovering Compromised Websites through Reversing Search Poisoning Attacks.” To appear in Proceedings of the 15th International Symposium on Research in Attacks, Intrusions and Defenses (RAID’12), Amsterdam, The Netherlands. September 2012. (Acceptance rate 21%=18/84) [pdf] [bib]
- Phillip Porras, Seungwon Shin, Vinod Yegneswaran, Martin Fong, Mabry Tyson, and Guofei Gu. “A Security Enforcement Kernel for OpenFlow Networks.” To appear in Proc. of ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (HotSDN’12), Helsinki, Finland. August 2012. (Acceptance rate 30%=22/71) [pdf] [bib]
- Scott Hand, Zhiqiang Lin, Guofei Gu, and Bhavani Thuraisingham. “Bin-Carver: Automatic Recovery of Binary Executable Files.” To appear in Proceedings of the 12th Annual Digital Forensics Research Conference (DFRWS’12), Washington DC, August 2012. (Acceptance rate 29.8%=14/47) [pdf] [bib]
- Chao Yang, Robert Harkreader, Jialong Zhang, Suengwon Shin, and Guofei Gu. “Analyzing Spammers’ Social Networks For Fun and Profit — A Case Study of Cyber Criminal Ecosystem on Twitter.” To appear in Proceedings of the 21st International World Wide Web Conference (WWW’12), Lyon, France, April 2012. [pdf] [bib] (Dataset release!)
- Seungwon Shin, Zhaoyan Xu, Guofei Gu. “EFFORT: Efficient and Effective Bot Malware Detection.” To appear in Proceedings of the 31th Annual IEEE Conference on Computer Communications (INFOCOM’12) Mini-Conference, Orlando, Florida, March 2012. [pdf] [Tech Report (extended version)] [bib]
- [Journal] Chao Yang, Yimin Song, Guofei Gu. “Active User-side Evil Twin Access Point Detection Using Statistical Techniques.” In IEEE Transactions on Information Forensics and Security (TIFS), vol. 7, no. 5, pp. 1638-1651, 2012. [pdf] [bib]
- [Journal] Scott Hand, Zhiqiang Lin, Guofei Gu, Bhavani Thuraisingham. “Bin-Carver: Automatic recovery of binary executable files.” In Elsevier Digital Investigation, vol. 9, Supplement (Special issue for DFRWS’12), pp. 108-117, August 2012.
- [Journal] Weiqin Ma, Pu Duan, Sanmin Liu, Guofei Gu, Jyh-Charn Liu. “Shadow Attacks: Automatically Evading System-Call-Behavior based Malware Detection.” In Springer Journal in Computer Virology, vol. 8, no.1-2, pp. 1-13, 2012. [pdf] [bib]
- [Journal] Seungwon Shin, Guofei Gu, Narasimha Reddy, Christopher Lee. “A Large-Scale Empirical Study of Conficker.” In IEEE Transactions on Information Forensics and Security (TIFS), vol. 7, no. 2, pp. 676-690, April 2012. [pdf] [bib]
2011
- Shardul Vikram, Yinan Fan, Guofei Gu. “SEMAGE: A New Image-based Two-Factor CAPTCHA.” To appear in Proceedings of 2011 Annual Computer Security Applications Conference (ACSAC’11), Orlando, Florida, December 2011. (Acceptance rate 20%=39/195) [pdf] [bib]
- Chao Yang, Robert Harkreader, Guofei Gu. “Die Free or Live Hard? Empirical Evaluation and New Design for Fighting Evolving Twitter Spammers.” To appear in Proceedings of the 14th International Symposium on Recent Advances in Intrusion Detection (RAID 2011), Menlo Park, California, September 2011. (Acceptance rate 23%=20/87) [pdf] [Tech Report (extended version)] [bib] (Dataset release!)
- Seungwon Shin, Raymond Lin, Guofei Gu. “Cross-Analysis of Botnet Victims: New Insights and Implications.” To appear in Proceedings of the 14th International Symposium on Recent Advances in Intrusion Detection (RAID 2011), Menlo Park, California, September 2011. (Acceptance rate 23%=20/87) [pdf] [bib]
- Kevin Zhijie Chen, Guofei Gu, Jose Nazario, Xinhui Han and Jianwei Zhuge. “WebPatrol: Automated Collection and Replay of Web-based Malware Scenarios.” To appear in Proceedings of 2011 ACM Symposium on Information, Computer and Communications Security (ASIACCS’11), Hong Kong, March 2011. (Acceptance rate 16%=35/217) [pdf] [bib] [slides]
- Junjie Zhang, Xiapu Luo, Roberto Perdisci, Guofei Gu, Wenke Lee and Nick Feamster. “Boosting the Scalability of Botnet Detection Using Adaptive Traffic Sampling.” To appear in Proceedings of 2011 ACM Symposium on Information, Computer and Communications Security (ASIACCS’11), Hong Kong, March 2011. (Acceptance rate 16%=35/217) [pdf] [bib] [slides]
- [Journal] Tielei Wang, Tao Wei, Guofei Gu, Wei Zou. “Checksum-Aware Fuzzing Combined with Dynamic Taint Analysis and Symbolic Execution.” ACM Transactions on Information and System Security (TISSEC), vol. 14, no. 2, pp. 15:1-15:28, September 2011. [pdf] [bib]
2010
- Seungwon Shin and Guofei Gu. “Conficker and Beyond: A Large-Scale Empirical Study.” To appear in Proceedings of 2010 Annual Computer Security Applications Conference (ACSAC’10), Austin, Texasi, December 2010. (Acceptance rate 17%=39/227) [pdf] [bib] [slides]
- Yimin Song, Chao Yang, Guofei Gu. “Who Is Peeping at Your Passwords at Starbucks? — To Catch an Evil Twin Access Point.” In Proceedings of the 40th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’10), Chicago, IL, June 2010. (Acceptance rate ) [pdf] [Journal Version] [bib] [slides]
- Tielei Wang, Tao Wei, Guofei Gu, Wei Zou. “TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection.” In Proceedings of the 31st IEEE Symposium on Security & Privacy (S&P’10/Oakland’10), Oakland, CA, May 2010. (Acceptance rate 11.6%=31/267) [pdf[ [bib] [slides] (Best Student Paper Award)
2009
- Guofei Gu, Vinod Yegneswaran, Phillip Porras, Jennifer Stoll, and Wenke Lee. “Active Botnet Probing to Identify Obscure Command and Control Channels.” In Proceedings of 2009 Annual Computer Security Applications Conference (ACSAC’09), Honolulu, Hawaii, December 2009. (Acceptance rate 19.6%=44/224) [pdf] [bib] [slides]
2008
- Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee. “BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection.” In Proceedings of the 17th USENIX Security Symposium (Security’08), San Jose, CA, 2008. (Acceptance rate 15.9%=27/170) [pdf] [bib]
- Guofei Gu, Alvaro A. Cardenas, and Wenke Lee. “Principled Reasoning and Practical Applications of Alert Fusion in Intrusion Detection Systems.” In Proceedings of ACM Symposium on InformAction, Computer and Communications Security (ASIACCS’08), Tokyo, Japan, March 2008. (Acceptance rate 17.6%=32/182) [pdf] [bib] [slides]
- Guofei Gu, Junjie Zhang, and Wenke Lee. “BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic.” In Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS’08), San Diego, CA, February 2008. (Acceptance rate 17.8%=21/118) [pdf] [bib] [slides]
2007 AND BEFORE
- David Dagon, Guofei Gu, Chris Lee, and Wenke Lee. “A Taxonomy of Botnet Structures.” In Proceedings of the 23 Annual Computer Security Applications Conference (ACSAC’07), Miami Beach, FL, December 2007. (Acceptance rate 22%=42/191) [pdf] [bib] (Test of Time Paper Award in 2023!)
- Roberto Perdisci, Guofei Gu, and Wenke Lee. “Combining Multiple One-Class Classifiers for Hardening Payload-based Anomaly Detection Systems (extended abstract).” NIPS 2007 Workshop on Machine Learning in Adversarial Environments for Computer Security, Vancouver, B.C., Canada, December 2007.
- Guofei Gu, Zesheng Chen, Phillip Porras, and Wenke Lee. “Misleading and Defeating Importance-Scanning Malware Propagation.” In Proceedings of the 3rd International Conference on Security and Privacy in Communication Networks (SecureComm’07), Nice, France, September 2007. (Acceptance rate 26%=31/119) [pdf] [bib] [slides]
- Guofei Gu, Phillip Porras, Vinod Yegneswaran, Martin Fong, and Wenke Lee. “BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation.” In Proceedings of the 16th USENIX Security Symposium (Security’07), Boston, MA, August 2007. (Acceptance rate 12.3%=23/187) [pdf] [bib] [slides] [system] BotHunter free Internet release now available!
- Roberto Perdisci, Guofei Gu, and Wenke Lee. “Using an Ensemble of One-Class SVM Classifiers to Harden Payload-based Anomaly Detection Systems.” In Proceedings of the IEEE International Conference on Data Mining (ICDM’06) (regular paper), Hong Kong, December 2006. (Acceptance rate 9.4%=73(regular)/776) [pdf] [bib] [slides]
- Guofei Gu, Prahlad Fogla, David Dagon, Wenke Lee, and Boris Skoric. “Towards an Information-Theoretic Framework for Analyzing Intrusion Detection Systems.” In Proceedings of the 11th European Symposium on Research in Computer Security (ESORICS’06), Hamburg, Germany, September 2006. (Acceptance rate 20%=32/160) [pdf] [bib] [slides]
- Guofei Gu, Prahlad Fogla, Wenke Lee, and Douglas Blough. “DSO: Dependable Signing Overlay.” In Proceedings of International Conference on Applied Cryptography and Network Security (ACNS’06 ), Singapore, June 2006.(Acceptance rate 15%=33/218) [pdf] [bib] [slides]
- Guofei Gu, Prahlad Fogla, David Dagon, Wenke Lee, and Boris Skoric. “Measuring Intrusion Detection Capability: An Information-Theoretic Approach.” In Proceedings of ACM Symposium on InformAction, Computer and Communications Security (ASIACCS’06), Taipei, Taiwan, March 2006. (Acceptance rate 17.7%=33/186) [pdf] [bib] [slides]
- Weidong Shi, Joshua B. Fryman, Guofei Gu, Hsien-Hsin S. Lee, Youtao Zhang, and Jun Yang. “InfoShield: A Security Architecture for Protecting Information Usage in Memory.” In Proceedings of the 12th International Symposium on High-Performance Computer Architecture (HPCA’06), Austin, TX, February, 2006. (Acceptance rate 14%=25/175) [pdf] [bib] [slides]
- Weidong Shi, Hsien-Hsin Lee, Guofei Gu, Laura Falk, Trevor Mudge, and Mrinmoy Ghosh. “Intrusion Tolerant and Self-Recoverable Network Service System Using Security Enhanced Chip-Multiprocessor.” In Proceedings of the 2nd IEEE International Conference on Autonomic Computing (ICAC’05), Seattle, Washington, June 13-16, 2005. (Acceptance rate 16.7%=25/150) [pdf] [bib] [slides]
- Guofei Gu, Monirul Sharif, Xinzhou Qin, David Dagon, Wenke Lee, and George Riley. “Worm Detection, Early Warning and Response Based on Local Victim Information.” In Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC’04), Tucson, Arizona, December 6-10, 2004. (Acceptance rate 26%=35/134) [pdf] [bib] [slides]
- David Dagon, Xinzhou Qin, Guofei Gu,Wenke Lee, Julian Grizzard, John Levine, and Henry Owen. “HoneyStat: Local Worm Detection Using Honeypots.” In Proceedings of the 7th International Symposium on Recent Advances in Intrusion Detection (RAID’04) , French Riviera, France. September 15-17, 2004. (Acceptance rate 13.5%=16/118) [pdf] [bib]
- Guofei Gu, Bin Zhu, Shipeng Li, and Shiyong Zhang. “PLI: A New Framework to Protect Digital Content for P2P Networks.” In Proceedings of International Conference on Applied Cryptography and Network Security (ACNS’03 ), Springer – LNCS 2846, October 16-19, 2003 (Acceptance rate 16.8%=32/191) [pdf] [bib]
TECHNICAL REPORT
- Seungwon Shin, Zhaoyan Xu, Guofei Gu. “CloudRand: Building Heterogeneous and Moving-target Port Interfaces for Networked Systems.” Technical Report, Department of Computer Science & Engineering, Texas A&M University, 2011 [pdf]
- Guofei Gu, Prahlad Fogla, David Dagon, Wenke Lee, and Boris Skoric. “An Information-Theoretic Measure of Intrusion Detection Capability.” Technical Report GIT-CC-05-10, College of Computing, Georgia Tech, 2005. [pdf]
- Xinzhou Qin, David Dagon, Guofei Gu, Wenke Lee, Mike Warfield, and Pete Allor. “Worm Detection Using Local Networks.” Technical Report GIT-CC-04-04, College of Computing, Georgia Tech, Feb 2004. [pdf]