Publications

Download BibTeX.

2024 May	Medusa: Unveil Memory Exhaustion DoS Vulnerabilities in Protocol Implementations. Zhengjie Du, Yuekang Li, Yaowen Zheng, Xiaohan Zhang, Cen Zhang, Yi Liu, Sheikh Mahbub Habib, Xinghua Li, Linzhang Wang, Yang Liu, and others. Proceedings of the ACM on Web Conference 2024. [paper]
2023 June	OCFI: Make Function Entry Identification Hard Again. Chengbin Pang, Tiantai Zhang, Xuelan Xu, Linzhang Wang, and Bing Mao. Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis. [paper]
2023 April	Warpattack: bypassing cfi through compiler-introduced double-fetches. Jianhao Xu, Luca Di Bartolomeo, Flavio Toffalini, Bing Mao, and Mathias Payer. 2023 IEEE Symposium on Security and Privacy (SP). [paper]
2023 February	Silent Bugs Matter: A Study of $\$Compiler-Introduced$\$ Security Bugs. Jianhao Xu, Kangjie Lu, Zhengjie Du, Zhu Ding, Linke Li, Qiushi Wu, Mathias Payer, and Bing Mao. 32nd USENIX Security Symposium (USENIX Security 23). [paper]
2022 December	Nimbus: Toward Speed Up Function Signature Recovery via Input Resizing and Multi-Task Learning. Yi Qian, Ligeng Chen, Yuyang Wang, and Bing Mao. 2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS). [paper]
2022 August	Ground Truth for Binary Disassembly is Not Easy. Chengbin Pang, Tiantai Zhang, Ruotong Yu, Bing Mao, and Jun Xu. 31st USENIX Security Symposium (USENIX Security 22). [paper]
2022 May	WindRanger: A Directed Greybox Fuzzer driven by Deviation Basic Block. Zhengjie Du, Yuekang Li, Yang Liu, and Bing Mao. 44th International Conference on Software Engineering(ICSE 2022). [paper]
2022 March	DIComP: Lightweight Data-Driven Inference of Binary Compiler Provenance with High Accuracy. Ligeng Chen, Zhongling He, Wu Hao, fengyuan Xu, Yi Qian, and Bing Mao. 29th IEEE International Conference onSoftware Analysis, Evolution and Reengineering(SANER 2022). [paper]
2021 September	RoBin: Facilitating the Reproduction of Configuration-Related Vulnerability. Ligeng Chen, Jian Guo, Zhongling He, Dongliang Mu, and Bing Mao. 20th IEEE International Conference on Trust, Security and Privacy in Computing and Communications(IEEE TrustCom 2021). [paper]
2021 May	SoK: All You Ever Wanted to Know About x86/x64 Binary Disassembly But Were Afraid to Ask. C Pang, R Yu, Y Chen, E Koskinen, G Portokalidis, B Mao, and J Xu. 42nd IEEE Symposium on Security and Privacy(S&P 2021). [paper] [code] [data]
2020 September	HART: Hardware-Assisted Kernel Module Tracing on Arm. Yunlan Du, Zhenyu Ning, Jun Xu, Zhilong Wang, Yueh-Hsun Lin, Fengwei Zhang, Xinyu Xing, and Bing Mao. European Symposium on Research in Computer Security(ESORICS 2020). [paper]
2020 July	CATI: Context-Assited Type Inference from Stripped Binaries. Ligeng Chen, Zhongling He, and Bing Mao. 50th IEEE/IFIP International Conference on Dependable Systems and Networks(DSN 2020). [paper]
2019 November	RENN: Efficient Reverse Execution with Neural-Network-assisted Alias Analysis. D Mu, W Guo, Y Chen, A Cuevas, C Song, X Xing, and M Bing. 34th International Conference on Automated Software Engineering (ASE 2019). [paper] [code]
2019 September	POMP++: Facilitating Postmortem Program Diagnosis with Value-set Analysis. Dongliang Mu, Yunlan Du, Jianhao Xu, Jun Xu, Xinyu Xing, Bing Mao, and Peng Liu. IEEE Transactions on Software Engineering(TSE). [paper]
2019 August	Ptrix: Efficient hardware-assisted fuzzing for cots binary. Yaohui Chen, Dongliang Mu, Jun Xu, Zhichuang Sun, Wenbo Shen, Xinyu Xing, Long Lu, and Bing Mao. Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security(ASIACCS 2019).
2018 December	Mapping to Bits: Efficiently Detecting Type Confusion Errors. Chengbin Pang, Yunlan Du, bing Mao, and Shanqing Guo. 34th Annual Computer Security Applications Conference(ACSAC 2018). [paper] [code]
2018 August	Understanding the reproducibility of crowd-reported security vulnerabilities. Dongliang Mu, Alejandro Cuevas, Limin Yang, Hang Hu, Xinyu Xing, Bing Mao, and Gang Wang. 27th USENIX Security Symposium 18(USENIX Security 2018). [paper] [data]
2018 April	To Detect Stack Buffer Overflow with Polymorphic Canaries. Zhilong Wang, Xuhua Ding, Chengbin Pang, Jian Guo, Jun Zhu, and Bing Mao. 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2018). [paper] [code]
2017 October	DiffGuard: Obscuring Sensitive Information in Canary Based Protections. Jun Zhu, Weiping Zhou, Zhilong Wang, Dongliang Mu, and Bing Mao. International Conference on Security and Privacy in Communication Systems.
2017 October	ROPOB: Obfuscating Binary Code via Return Oriented Programming. Dongliang Mu, Jia Guo, Wenbiao Ding, Zhilong Wang, Bing Mao, and Lei Shi. International Conference on Security and Privacy in Communication Systems.
2017 August	Postmortem program analysis with hardware-enhanced post-crash artifacts. Jun Xu, Dongliang Mu, Xinyu Xing, Peng Liu, Ping Chen, and Bing Mao. 26th USENIX Security Symposium (USENIX Security 17).
2017 June	What you see is not what you get! thwarting just-in-time rop with chameleon. Ping Chen, Jun Xu, Zhisheng Hu, Xinyu Xing, Minghui Zhu, Bing Mao, and Peng Liu. Dependable Systems and Networks (DSN), 2017 47th Annual IEEE/IFIP International Conference on.
2016 October	Data Flow Analysis on Android Platform with Fragment Lifecycle Modeling. Yongfeng Li, Jinbin Ouyang, Shanqing Guo, and Bing Mao. International Conference on Security and Privacy in Communication Systems.
2016 May	Impeding behavior-based malware analysis via replacement attacks to malware specifications. Jiang Ming, Zhi Xin, Pengwei Lan, Dinghao Wu, Peng Liu, and Bing Mao. Journal of Computer Virology and Hacking Techniques 13(3).
2015 October	Detection, classification and characterization of Android malware using API data dependency. Yongfeng Li, Tong Shen, Xin Sun, Xuerui Pan, and Bing Mao. International Conference on Security and Privacy in Communication Systems.
2015 September	A practical approach for adaptive data structure layout randomization. Ping Chen, Jun Xu, Zhiqiang Lin, Dongyan Xu, Bing Mao, and Peng Liu. European Symposium on Research in Computer Security.
2015 June	Textlogger: inferring longer inputs on touch screen using motion sensors. Dan Ping, Xin Sun, and Bing Mao. Proceedings of the 8th ACM Conference on Security \& Privacy in Wireless and Mobile Networks.
2015 June	Replacement attacks: automatically impeding behavior-based malware specifications. Jiang Ming, Zhi Xin, Pengwei Lan, Dinghao Wu, Peng Liu, and Bing Mao. International Conference on Applied Cryptography and Network Security.
2014 October	Automatic construction of printable return-oriented programming payload. Wenbiao Ding, Xiao Xing, Ping Chen, Zhi Xin, and Bing Mao. Malicious and Unwanted Software: The Americas (MALWARE), 2014 9th International Conference on.
2014 September	Detect Android malware variants using component based topology graph. Tong Shen, Yibing Zhongyang, Zhi Xin, Bing Mao, and Hao Huang. 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom).
2014 September	Defensor: Lightweight and efficient security-enhanced framework for Android. Xuerui Pan, Yibing Zhongyang, Zhi Xin, Bing Mao, and Hao Huang. Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 IEEE 13th International Conference on.
2014 June	Detecting code reuse in android applications using component-based control flow graph. Xin Sun, Yibing Zhongyang, Zhi Xin, Bing Mao, and Li Xie. IFIP International Information Security Conference.
2014 June	System call redirection: A practical approach to meeting real-world virtual machine introspection needs. Rui Wu, Ping Chen, Peng Liu, and Bing Mao. Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on.
2013 May	JITSafe: a framework against Just-in-time spraying attacks. Ping Chen, Rui Wu, and Bing Mao. IET Information Security 7(4).
2013 April	DroidAlarm: an all-sided static analysis tool for Android privilege-escalation malware. Yibing Zhongyang, Zhi Xin, Bing Mao, and Li Xie. Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security.
2012 December	Replacement attacks: automatically evading behavior-based software birthmark. Zhi Xin, Huiyu Chen, Xinche Wang, Peng Liu, Sencun Zhu, Bing Mao, and Li Xie. International Journal of Information Security 11(5).
2012 August	Rim: A method to defend from jit spraying attack. Rui Wu, Ping Chen, Bing Mao, and Li Xie. Availability, Reliability and Security (ARES), 2012 Seventh International Conference on.
2012 June	Randhyp: preventing attacks via xen hypercall interface. Feifei Wang, Ping Chen, Bing Mao, and Li Xie. IFIP International Information Security Conference.
2012 May	Clouder: a framework for automatic software vulnerability location and patching in the cloud. Ping Chen, Dongyan Xu, and Bing Mao. Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security.
2011 October	Replacement attacks on behavior based software birthmark. Zhi Xin, Huiyu Chen, Xinche Wang, Peng Liu, Sencun Zhu, Bing Mao, and Li Xie. International Conference on Information Security.
2011 June	JITDefender: A defense against JIT spraying attacks. Ping Chen, Yi Fang, Bing Mao, and Li Xie. IFIP International Information Security Conference.
2011 March	Automatic construction of jump-oriented programming shellcode (on the x86). Ping Chen, Xiao Xing, Bing Mao, Li Xie, Xiaobin Shen, and Xinchun Yin. Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security.
2010 December	Efficient detection of the return-oriented programming malicious code. Ping Chen, Xiao Xing, Hao Han, Bing Mao, and Li Xie. International Conference on Information Systems Security.
2010 December	Return-oriented rootkit without returns (on the x86). Ping Chen, Xiao Xing, Bing Mao, and Li Xie. International Conference on Information and Communications Security.
2009 December	IntFinder: Automatically detecting integer bugs in x86 binary program. Ping Chen, Hao Han, Yi Wang, Xiaobin Shen, Xinchun Yin, Bing Mao, and Li Xie. International Conference on Information and Communications Security.
2009 June	TMAC: Taint-Based Memory Protection via Access Control. Lei Wang, Chen Fang, Bing Mao, and Li Xie. 2009 Second International Conference on Dependability.
2009 March	Brick: A binary tool for run-time detecting and locating integer-based vulnerability. Ping Chen, Yi Wang, Zhi Xin, Bing Mao, and Li Xie. Availability, Reliability and Security, 2009. ARES'09. International Conference on.
2009 March	Traffic controller: A practical approach to block network covert timing channel. Yi Wang, Ping Chen, Yi Ge, Bing Mao, and Li Xie. Availability, Reliability and Security, 2009. ARES'09. International Conference on.
2007 June	Using BufferGuard to Defend Against Buffer Overflow Attacks. Wang Yi, Mao Bing, and Xie Li. IEEE/IFIP International Conference on Dependable Systems and Networks(DSN 07).
2007 March	AutoPaG: towards automated software patch generation with source code root cause identification and repair. Zhiqiang Lin, Xuxian Jiang, Dongyan Xu, Bing Mao, and Li Xie. Proceedings of the 2nd ACM symposium on Information, computer and communications security.
2006 December	Efficient and practical control flow monitoring for program security. Nai Xia, Bing Mao, Qingkai Zeng, and Li Xie. Annual Asian Computing Science Conference.
2006 September	Transparent run-time prevention of format-string attacks via dynamic taint and flexible validation. Zhiqiang Lin, Nai Xia, Guole Li, Bing Mao, and Li Xie. International Conference on Information Security.
2006 June	LibsafeXP: a practical and transparent tool for run-time buffer overflow preventions. Zhiqiang Lin, Bing Mao, and Li Xie. Information Assurance Workshop, 2006 IEEE.
2006 April	A practical framework for dynamically immunizing software security vulnerabilities. Zhiqiang Lin, Bing Mao, and Li Xie. Availability, Reliability and Security, 2006. ARES 2006. The First International Conference on.
2005 December	A policy flexible architecture for secure operating system. Zhiqiang Lin, Chao Wang, Bing Mao, and Li Xie. ACM SIGOPS Operating Systems Review 39(3).
2004 November	The design and implementation of a runtime system for graph-oriented parallel and distributed programming. Jiannong Cao, Ying Liu, Li Xie, Bing Mao, and Kang Zhang. Journal of Systems and Software 72(3).
2000 December	Portable runtime support for graph-oriented parallel and distributed programming. Jiannong Cao, Y Liu, Li Xie, B Mao, and K Zhang. Parallel Architectures, Algorithms and Networks, 2000. I-SPAN 2000. Proceedings. International Symposium on.
1997 November	An object-based model for p prototyping user interfaces of cooperative systems. Mao Bing and Xie Li. ACM SIGSOFT Software Engineering Notes 22(2).