Publications

Filter by type:
. Hardware-Supported ORAM in Effect: Practical Oblivious Search and Update on Very Large Dataset. PoPETs, 2019.

PDF

. QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing. USENIX Security, 2018.

PDF Code Slides Video

. Hardware-Supported ORAM in Effect: Practical Oblivious Search and Update on Very Large Dataset. Cryptology ePrint Archive, Report 2018247, March 2018, 2018.

Project

. SGX-Bomb: Locking Down the Processor via Rowhammer Attack. SysTEX, 2017.

PDF Code Slides

. Hacking in Darkness: Return-oriented Programming against Secure Enclaves. USENIX Security, 2017.

PDF Code Slides Video

. Building Trust in the User I/O in Computer Systems. Georgia Institute of Technology, August 2017, 2017.

PDF Slides

. Toward Engineering a Secure Android Ecosystem: A Survey of Existing Techniques. ACM Computing Surveys (CSUR) 49(2), August 2016, 2016.

PDF

. APISAN: Sanitizing API Usages through Semantic Cross-checking. USENIX Security, 2016.

PDF Slides Video

. UCognito: Private Browsing without Tears. ACM CCS, 2015.

PDF Code Project Slides

. Breaking and Fixing VoLTE: Exploiting Hidden Data Channels and Mis-implementations. ACM CCS, 2015.

PDF Slides

. Preventing Use-after-free with Dangling Pointers Nullification. ISOC NDSS, 2015.

PDF Slides

. A11y Attacks: Exploiting Accessibility in Operating Systems. ACM CCS, 2014.

PDF Slides

. On the Feasibility of Large-Scale Infections of iOS Devices. USENIX Security, 2014.

PDF Video

. Mimesis Aegis: A Mimicry Privacy Shield. USENIX Security, 2014.

PDF Video

. Exploiting Unpatched iOS Vulnerabilities for Fun and Profit. BlackHat USA, 2014.

Slides Video

. Abusing Performance Optimization Weaknesses to Bypass ASLR. BlackHat USA, 2014.

Slides

. Gyrus: A Framework for User-Intent Monitoring of Text-based Networked Applications. ISOC NDSS, 2014.

PDF Slides

. Mactans: Injecting Malware Into iOS Devices via Malicious Chargers. BlackHat USA, 2013.

PDF Slides Video