Department of Information Engineering, CUHK
Senior Research Fellow, Nanyang Technological University
Email: dywu [at] ie.cuhk.edu.hk
; daoyuan.wu [at] ntu.edu.sg
Gmail: daoyuan0x
DBLP |
Google Scholar
I am working with Prof. Yang Liu at NTU for Web3 security and AI-enhanced security. I am also an Adjunct Assistant Professor at the Department of Information Engineering, The Chinese University of Hong Kong (CUHK). Before that, I spent six months at Huawei Hong Kong Research Centre as a Senior Researcher (proposed a new solution for static ransomware detection and explored the GPU acceleration of Fully Homomorphic Encryption) and three years at CUHK IE as a Research Assistant Professor (independent PI, with the duties of research supervision and teaching) from 2019 to 2022. Prior to CUHK, I earned my PhD degree in 2019 from Singapore Management University (SMU) in the School of Computing and Information Systems. My PhD study was generously supported by SMU's Secure Mobile Center (SMC) PhD Scholarship (the only awardee). Before pursuing my PhD in Singapore, I received M.Phil. from Department of Computing at The Hong Kong Polytechnic University in 2015 and B.E. from Department of Information Security at Nanjing University of Posts and Telecommunications in 2011.
My research focuses on three areas: (i) Mobile and Software Security at the bytecode/binary level, (ii) FinTech and Data-driven Security at the source code level, and (iii) LLM and AI-enhanced Security at the code text level. In particular, I was one of the pioneers in using non-intrusive app crowdsourcing (e.g., the MopEye app) for security and networking research. I am also an expert in developing practical Android static analysis, for which I am leading a long-term project on using search-based static analysis for Android security. I have published papers in top-tier venues across multiple disciplines, including Security (NDSS*2, RAID*2, TDSC), Systems (USENIX ATC, DSN), Networking (CoNEXT, INFOCOM, TMC), and Software Engineering (FSE, ISSTA, EMSE). My research often makes practical impact by reporting vulnerabilities, including over 60 CVEs for Android and iOS app vulnerabilities, over 10 system issues in Android (e.g., CVE-2014-7224) and one in iOS (CVE-2015-5921), and over 100 vulnerabilities in top blockchains, including Dogecoin (the new CVE-2021-37491) and BNB Chain (a bug bounty).
I am leading the Vulnerability and Privacy Research Lab and MagkNetwork (an Internet-based working group for Crypto).
Mobile and Software Security: (search-based) static analysis and (non-intrusive) dynamic analysis.
BackDroid [DSN'21],
Insecure Open Ports [NDSS'19],
VoIP Fuzzing [DIMVA'20],
Insecure PendingIntents [Blackhat Europe'21],
IABI Usability Insecurity [RAID'21],
Remote Webview Attacks [MoST'15],
Local Webview File:// Attack [ISC'14],
DSDK Inconsistency [EMSE'21, WASA'17],
SCLib [CODASPY'18],
LiCA [RAID'22],
App Repackaging [TDSC'21],
Native Stack [ICISC'15],
and
ECVDetector [arXiv'14].
One more work currently under review in NDSS.
FinTech and Data-driven Security: mining Blockchain, Contract, Android, and IoT code for security insights.
BlockScope [NDSS'23],
SoMo [ISSTA'23],
MineBlockVuln [FSE'22],
and MineAndroVuln [AsiaCCS'19].
LLM and AI-enhanced Security: leveraging AI and Large Language Models for pervasive cybersecurity.
ModelSlicing [arXiv'23; under review],
SideNet [TII'21],
and UpDroid [WiSec'18].
I am actively working on this area now.
I am also interested in network and Internet measurement, blockchain-based decentralized apps, and AI-based smart systems.
MopEye [ATC'17], MopEye Dataset [IWQoS'19], Speedtest Inaccuracy [INFOCOM'15, TMC'17], and AcuteMon [CoNEXT'16].
iExam [arXiv'22] and AGChain [arXiv'21].
P23 |
Beyond “Protected” and “Private”: An Empirical Security Analysis of Custom Function Modifiers in Smart Contracts ISSTA '23 |
P22 |
BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects NDSS '23 |
P21 |
An Empirical Study of Blockchain System Vulnerabilities: Modules, Types, and Patterns FSE '22 |
P20 |
LiCA: A Fine-grained and Path-sensitive Linux Capability Analysis Framework RAID '22 |
P19 |
On the Usability (In)Security of In-App Browsing Interfaces in Mobile Apps RAID '21 |
P18 |
When Program Analysis Meets Bytecode Search: Targeted and Efficient Inter-procedural Analysis of Modern Android Apps in BackDroid DSN '21 |
P17 |
Active Warden Attack: On the (In)Effectiveness of Android App Repackage-Proofing TDSC '21 |
P16 |
Deep-Learning-Based App Sensitive Behavior Surveillance for Android Powered Cyber-Physical Systems TII '21 |
P15 |
Scalable Online Vetting of Android Apps for Measuring Declared SDK Versions and Their Consistency with API Calls EMSE '21 |
P14 |
Understanding Android VoIP Security: A System-level Vulnerability Assessment DIMVA '20 |
P13 |
Towards Understanding Android System Vulnerabilities: Techniques and Insights AsiaCCS '19 |
P12 |
An Empirical Study of Mobile Network Behavior and Application Performance in the Wild IWQoS '19 |
P11 |
Understanding Open Ports in Android Applications: Discovery, Diagnosis, and Security Assessment NDSS '19 |
P10 |
Towards Dynamically Monitoring Android Applications on Non-rooted Devices in the Wild WiSec '18 |
P9 |
SCLib: A Practical and Lightweight Defense against Component Hijacking in Android Applications CODASPY '18 |
P8 |
MopEye: Opportunistic Monitoring of Per-app Mobile Network Performance USENIX ATC '17 |
P7 |
Toward Accurate Network Delay Measurement on Android Phones TMC '17 |
P6 |
Measuring the Declared SDK Versions and Their Consistency with API Calls in Android Apps WASA '17 |
P5 |
Demystifying and Puncturing the Inflated Delay in Smartphone-based WiFi Network Measurement CoNEXT '16 |
P4 |
Stack Layout Randomization with Minimal Rewriting of Android Binaries ICISC '15 |
P3 |
On the Accuracy of Smartphone-based Mobile Network Measurement INFOCOM '15 |
P2 |
Indirect File Leaks in Mobile Applications MoST '15 |
P1 |
Analyzing Android Browser Apps for file:// Vulnerabilities ISC '14 |
R5 |
On the Feasibility of Specialized Ability Extraction from Large Language Code Models arXiv '23 |
R4 |
iExam: A Novel Online Exam Monitoring and Analysis System Based on Face Detection and Recognition arXiv '22 |
R3 |
AGChain: A Blockchain-based Gateway for Permanent, Distributed, and Secure App Delegation from Existing Mobile App Markets arXiv '21 |
R2 |
MopEye: Monitoring Per-app Network Performance with Zero Measurement Traffic CoNEXT '15 Poster |
R1 |
A Sink-driven Approach to Detecting Exposed Component Vulnerabilities in Android Apps arXiv '14 |
T6 |
Re-route Your Intent for Privilege Escalation: A Universal Way to Exploit Android PendingIntents in High-profile and System Apps Blackhat Europe '21 |
T5 |
Leveraging Automatic Face Recognition for Online Exam Monitoring and Analysis CUHK Expo '21 |
T4 |
Boosting Android Security through App-, Network-, and System-level Vulnerability Analysis CUHK Seminar '19 |
T3 |
On-device Crowdsourcing and Bytecode Search for Advancing Android App Analysis HKBU Seminar '19 |
T2 |
Cross-Platform Analysis of Indirect File Leaks in Android and iOS Applications HitCon Pacific '17 |
T1 |
On the Feasibility of Automatically Generating Android Component Hijacking Exploits HitCon '14 |
2022 Fall - IEMS5710 Cryptography, Information Security and Privacy: homepage (only in CUHK) and mirror website (public).
2021 Fall - IERG4130 Introduction to Cyber Security: homepage (only in CUHK) and mirror website (public).
Received the Best Teaching Award of the MScIE Programme 2020-2021.
2021 Spring - IEMS5722 Mobile Network Programming and Distributed Server Architecture: homepage and mirror website.
2020 Fall - IEMS5710 Cryptography, Information Security and Privacy: homepage (only in CUHK) and mirror website (public).
2019 Fall - IEMS5710 Cryptography, Information Security and Privacy: homepage (only in CUHK) and mirror website (public).
Current Students:
PhD Students: Xiao Yi (at CUHK since 2019; code mining for security) and Zicheng Zhang (at SMU since 2020; Android security).
Research Assistants: Yuzhou Fang (since 2021; blockchain and smart contract).
Undergraduate Students: Yufan Chen (at Xidian since 2021; CodeQL).
Past Students:
Research Assistants: Mengjie Chen (20-21; AGChain and smart contract), Xu Yang (21-22; iExam and DeFi), Eric Cheng (2020: improving BackDroid; 2022: MagicWallet), and Qingdan Zheng (2021; improving MopEye).
MSc Students at CUHK (21-22): ZHANG Lu (1st semester: blockchain performance).
MSc Students at CUHK (20-21): LI Siqin (on FinTech Privacy) and WU Yan (on Code Mining).
MSc Students at CUHK (19-20): CHEN Mengjie (AGChain), FANG Ming, LI Lixiang (IABIs), and XIONG Weiyan.
FYP Students at CUHK (20-21): YANG Xu (iExam), CHAU Pak Shing and ZHENG Zeqin (on Flutter-based app development).
Master Students: Lingzhi Qiu (at NUPT in 2014 for ICC'15), Lijia Yang (at NUPT 2020-21; HTTPS security) and Zulin Gu (at NUPT 2020-21; Web measurement).
Undergraduate Students: Shiwei Zhang (at SUSTech in 2018 for IWQoS'19) and Zixiong Zhang (at NUPT in 2014 for ICC'15).
CUHK: Kehuan Zhang, Jimmy Lee, Guoliang Xing, and Sherman Chow.
SMU: Debin Gao (my PhD advisor), Robert H. Deng (my PhD co-advisor), Lingxiao Jiang, David Lo, and Yingjiu Li.
PolyU: Rocky K. C. Chang (my MPhil advisor), Eric K. T. Cheng, and Xiapu Luo (the advisor with whom I did RA in 2011/12).
Others: Yang Liu (at NTU), Shuai Wang (at HKUST), Jianliang Xu (at HKBU), Haoyu Ma (at Zhejiang Lab), En He (at OPPO), Weichao Li (at Pengcheng Lab), Ricky K. P. Mok (at UCSD), Wei Zhang (at NUPT), and Yao Cheng (at Huawei).
I am maintaining a list of interesting computer security papers and a list of mobile app related software engineering papers.
Security Journals: TIFS (special issues), TDSC (special issues), Computers & Security (special issues), TISSEC and JCS.
Storytelling 101: Writing Tips for Academics (by Nick Feamster)
Computer Security Conference Ranking and Statistic (by Guofei Gu)
Top Crypto and Security Conferences Ranking (by Jianying Zhou)
Top Publication Venues in Computer Science (by Andrew Myers)
ArnetMiner CS Rank: conference rank and organization rank.
CCF Conference and Journal Rankings: Security, Networking, System, and Software Engineering.
Google Scholar Metrics in Computer Security, Computing Systems, Computer Networks, and Software Systems.
Industry Cybersecurity Conference Directory, SKKU seclab | Upcoming Events, and Cipher Call-for-papers.