I am currently a Research Assistant Professor in the Department of Information Engineering at The Chinese University of Hong Kong (CUHK), starting from August 2019. Prior to CUHK, I earned my PhD degree in 2019 from Singapore Management University (SMU) in the School of Computing and Information Systems. My PhD study was generously supported by SMU's Secure Mobile Center (SMC) PhD Scholarship (the only awardee). Before pursuing my PhD in Singapore, I received the M.Phil. from Department of Computing at The Hong Kong Polytechnic University in 2015 and B.E. from Department of Information Security at Nanjing University of Posts and Telecommunications in 2011.
I am broadly interested in systems and network security, with a focus on vulnerability and privacy research. My major research methodology includes system building, program analysis, code mining, and network measurement. In particular, I am one of the pioneers in using on-device app crowdsourcing (e.g., the MopEye app) for security and networking research. I am also an expert in developing practical Android static analysis, for which I am leading a long-term project on using search-based static analysis for Android security. Besides publishing papers in top-tier venues (NDSS, USENIX ATC, DSN, CoNEXT, and INFOCOM), I have reported many app vulnerabilities on both Android and iOS (over 60 CVEs), as well as ~10 system issues in Android (e.g., CVE-2014-7224) and one in iOS (CVE-2015-5921). In short, I love building practical systems with security impacts or benefits. If you love too, please join my team! :)
I am leading the Vulnerability and Privacy Research (VPR) Lab, which is affiliated with Prof. Kehuan Zhang's LASR.
I am looking for self-motivated and hard-working students who could do RAs with me this year and start PhD in 2022.
Priority will be given to the candidates on blockchain development, smart contract analysis, and transaction analysis.
Positions available: HKPF/Oversea PhD Students in CUHK; Research Engineers and Postdoctoral Fellows in SMU.
Mobile and IoT Security: static/dynamic program analysis, app crowdsourcing, and side channels.
BackDroid [DSN'21], Insecure Open Ports [NDSS'19], IABI Usability Insecurity [RAID'21], Remote Webview Attacks [MoST'15], Local Webview File:// Attack [ISC'14], DSDK Inconsistency [EMSE'21, WASA'17], SCLib [CODASPY'18], SideNet [TII'21], UpDroid [WiSec'18], Native Code Stack [ICISC'15], and ECVDetector [arXiv'14]. One more work is currently under review.
Blockchain and FinTech: decentralized systems, vulnerability analysis, and smart contract analysis.
AGChain [arXiv'21, under review]. One work is currently under review and another will be submitted by this year.
Mining for Code Security: code mining and learning for security analysis and vulnerability discovery.
Android Vuln. Reports [AsiaCCS'19]. One work is currently under review and another will be submitted soon.
Web Privacy Research: discovering, measuring, and preventing web privacy leakage in the Internet.
Two works will be submitted this year and another is expected to be submitted by next year.
Network Measurement: performance measurement, traffic inspection, and network component fuzzing.
MopEye [ATC'17], MopEye Dataset [IWQoS'19], VoIP Fuzzing [DIMVA'20], Speedtest Inaccuracy [INFOCOM'15, TMC'17], and AcuteMon [CoNEXT'16].
(NEW) AGChain: A Blockchain-based Gateway for Permanent, Distributed, and Secure App Delegation from Existing Mobile App Markets arXiv '21
(NEW) On the Usability (In)Security of In-App Browsing Interfaces in Mobile Apps RAID '21
(NEW) When Program Analysis Meets Bytecode Search: Targeted and Efficient Inter-procedural Analysis of Modern Android Apps in BackDroid DSN '21
(NEW) Scalable Online Vetting of Android Apps for Measuring Declared SDK Versions and Their Consistency with API Calls EMSE '21
(NEW) Understanding Android VoIP Security: A System-level Vulnerability Assessment DIMVA '20
Towards Understanding Android System Vulnerabilities: Techniques and Insights AsiaCCS '19
Understanding Open Ports in Android Applications: Discovery, Diagnosis, and Security Assessment NDSS '19
SCLib: A Practical and Lightweight Defense against Component Hijacking in Android Applications CODASPY '18
MopEye: Opportunistic Monitoring of Per-app Mobile Network Performance USENIX ATC '17
Measuring the Declared SDK Versions and Their Consistency with API Calls in Android Apps WASA '17
Indirect File Leaks in Mobile Applications MoST '15
Analyzing Android Browser Apps for file:// Vulnerabilities ISC '14
(NEW) Deep-Learning-Based App Sensitive Behavior Surveillance for Android Powered Cyber-Physical Systems TII '21
An Empirical Study of Mobile Network Behavior and Application Performance in the Wild IWQoS '19
Towards Dynamically Monitoring Android Applications on Non-rooted Devices in the Wild WiSec '18
Toward Accurate Network Delay Measurement on Android Phones TMC '17
Demystifying and Puncturing the Inflated Delay in Smartphone-based WiFi Network Measurement CoNEXT '16
Stack Layout Randomization with Minimal Rewriting of Android Binaries ICISC '15
On the Accuracy of Smartphone-based Mobile Network Measurement INFOCOM '15
MopEye: Monitoring Per-app Network Performance with Zero Measurement Traffic CoNEXT '15 Poster
A Sink-driven Approach to Detecting Exposed Component Vulnerabilities in Android Apps arXiv '14
Boosting Android Security through App-, Network-, and System-level Vulnerability Analysis CUHK Seminar '19
On-device Crowdsourcing and Bytecode Search for Advancing Android App Analysis HKBU Seminar '19
Cross-Platform Analysis of Indirect File Leaks in Android and iOS Applications HitCon Pacific '17
On the Feasibility of Automatically Generating Android Component Hijacking Exploits HitCon '14
Master Students: Lijia Yang (at NUPT since 2020; HTTPS security) and Zulin Gu (at NUPT since 2020; Web measurement).
Research Assistants: Mengjie Chen (20-21; smart contract security) and Eric Cheng (2020; improving BackDroid).
FYP Students at CUHK (20-21): YANG Xu (iExam), CHAU Pak Shing and ZHENG Zeqin (on Flutter-based app development).
Master Students: Lingzhi Qiu (at NUPT in 2014 for ICC'15).