• loccs@sjtu.edu.cn

2017

  • Yikun Hu, Yuanyuan Zhang, Juanru Li and Dawu Gu. Binary Code Clone Detection across Architecturesand Compiling Configurations. to be appeared at the 25th International Conference on Program Comprehension (ICPC 2017). Buenos Aires, Argentina. May 22-23, 2017.
  • Wenbo Yang, Yuanyuan Zhang, Juanru Li, Hui Liu, Qing Wang, Yueheng Zhang and Dawu Gu. Show Me the Money! Finding Flawed Implementations of Third-party In-app Payment in Android Apps. in Proceeding of the 24th Network and Distributed System Security Symposium (NDSS 2017). San Diego, CA, USA. February 26 - March 1, 2017.
    • Acceptance rate 16% = 68/425 pdf

2016

  • Junliang Shu, Yuanyuan Zhang, Juanru Li, Bodong Li, and Dawu Gu. 2016. Why data deletion fails? A study on deletion flaws and data remanence in android systems. ACM Trans. Embed. Comput. Syst (TECS 2016). 2016.
  • Hui Wang, Yuanyuan Zhang, Juanru Li and Dawu Gu. The Achilles' Heel of OAuth: A Multi-Platform Study of OAuth-based Authentication. in Proceeding of the 32th Annual Computer Security Applications Conference (ACSAC 2016). Los Angeles, California, USA. December 5–9, 2016.
  • Yesheng Zhi, Yuanyuan Zhang, Juanru Li, Dawu Gu. Security Testing of Software on Embedded Devices Using x86 Platform. in 12th EAI International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2016), Beijing, China, 12-13 November, 2016.
  • Yueheng Zhang, Junliang Shu, Yuanyuan Zhang, Juanru Li, Qing Wang, Dawu Gu. An Empirical Study of Insecure Communication in Android Apps. in 12th China International Conference on Information Security and Cryptology (INSCRYPT 2016), Beijing, China, 4-6 November, 2016.
  • Muqing Liu, Yuanyuan Zhang, Juanru Li, Junliang Shu, Dawu Gu. Security Analysis of Vendor Customized Code in Firmware of Embedded Device. in 12th EAI International Conference on Security and Privacy in Communication Networks (SecureComm 2016), Guangzhou, China, 10-12 October, 2016.
  • Liu Hui, Zhang Yuanyuan, Li Juanru, Wang Hui, Gu Dawu. Open Sesame! Web Authentication Cracking via Mobile app Analysis. in 18th Asia Pacific Web Conference (APWEB 2016). Suzhou, China. Sept 23-25, 2016
  • Xie Tianyi, Zhangyuanyuan, Li Juanru, Liu Hui, Gu Dawu. New Exploit Methods against Ptmalloc of Glibc. in 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2016). Tianjin, China. 23-26 August, 2016
  • Yikun Hu, Yuanyuan Zhang, Juanru Li, Dawu Gu. Cross-Architecture Binary Semantics Understanding via Similar Code Comparison. in 23rd IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2016). Osaka, Japan. March 14-18, 2016

2015

  • Bodong Li, Yuanyuan Zhang, Chen Lyu, JuanruLi, Dawu Gu. SSG: Sensor Security Guard for Android Smartphones. in Proceeding of the 11th EAI International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2015). Wuhan, Hubei, China. NOVEMBER 10–11, 2015.

  • Hui Wang, Yuanyuan Zhang, Juanru Li, Hui Liu, Wenbo Yang, Bodong Li, Dawu Gu. Vulnerability Assessment of OAuth Implementations in Android Applications. in Proceeding of the 31th Annual Computer Security Applications Conference (ACSAC 2015). Los Angeles, California, USA. December 7–11, 2015.

  • Wen Xu, Juanru Li, Junliang Shu, Wenbo Yang, Tianyi Xie, Yuanyuan Zhang, Dawu Gu. From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel. in Proceeding of the 22nd ACM Conference on Computer and Communications Security (CCS 2015). The Denver Marriot City Center, Denver, Colorado, US. October 12-16, 2015.

  • Wenbo Yang, Yuanyuan Zhang, Juanru Li, Bodong Li, Junliang Shu, Wenju Hu, Dawu Gu. AppSpear: Bytecode Decrypting and DEX Reassembling for Packed Android Malware. in Proceeding of the 18th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2015). Kyoto, Japan. November 2–4, 2015.

  • Chen Lyu, Amit Pande, Xinlei Wang, Jindan Zhu, Dawu Gu, Prasant Mohapatra. CLIP: continuous location integrity and provenance for mobile phones. in Proceeding of the 12th IEEE International Conference on Mobile Ad hoc and Sensor Systems (MASS 2015). Dallas, USA, Oct 19-22, 2015.

2014

  • Hui Liu, Yuanyuan Zhang, Hui Wang, Wenbo Yang, Juanru Li and Dawu Gu.TagDroid: Hybrid SSL Certificate Verification in Android. in Proceeding of the 16th International Conference on Information and Communications Security (ICICS2014). Hong Kong,China. December 16-17, 2014
  • Juanru Li, Yuanyuan Zhang, Wenbo Yang, Junliang Shu and Dawu Gu. DIAS: Automated Online Analysis for Android Applications. in Proceeding of the 14th IEEE International Conference on Computer and Information Technology (IEEE CIT'14). Xi'an, China. Sept 11-13, 2014.
  • Yong Li, Yuanyuan Zhang, Juanru Li and Dawu Gu. iCryptoTracer: Dynamic Analysis on Misuse of Cryptographic Functions in iOS Applications. in Proceeding of the 8th International Conference on Network and System Security (NSS 2014). Xi'an, China. Oct 15-17, 2014.
  • Junliang Shu, Juanru Li, Yuanyuan Zhang and Dawu Gu. Android App Protection via Interpretation Obfuscation. in Proceeding of the 12th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2014), Dalian, China, August 24-27, 2014
  • Wenbo Yang, Juanru Li, Yuanyuan Zhang, Yong Li, Junliang Shu and Dawu Gu. ** APKLancet: Tumor Payload Diagnosis and Purification for Android Applications**. in Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS'14). Kyoto, Japan. June 2014
    • Acceptance rate: 43/260 = 16.5% (full paper acceptance rate).
    • asia092.pdf