My Google Scholar

Journal

  1. Stopping Memory Disclosures via Diversification and Replicated Execution [ Paper ]
    Kangjie Lu, Meng Xu, Chengyu Song, Taesoo Kim, and Wenke Lee. IEEE Transactions on Dependable and Secure Computing (TDSC), 2018.
  2. Toward Engineering a Secure Android Ecosystem: A Survey of Existing Techniques [ Paper ]
    Meng Xu, Chengyu Song, Yang ji, Ming-Wei Shih, Kangjie Lu, Cong Zheng, Ruian Duan, Yeongjin Jang, Byoungyoung Lee, Chenxiong Qian, Sangho Lee, and Taesoo Kim. ACM Computing Surveys (CSUR) 49(2), August 2016.

Conference and Workshop

  1. KLOTSKI: Efficient Obfuscated Execution against Controlled-Channel Attacks (to appear)
    Pan Zhang, Chengyu Song, Heng Yin, Deqing Zou, Elaine Shi, and Hai Jin
    In Proceedings of the 25th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS'20), Lausanne, Switzerland, March 2020.
  2. SPECCFI: CFI Informed Branch Prediction (to appear) [ Paper | Preprint ]
    Esmaeil M. Koruyeh, Shirin H. Shirazi, Khaled N. Khaswaneh, Chengyu Song, and Nael Abu-Ghazaleh
    In Proceedings of the 41st IEEE Symposium on Security and Privacy (Oakland'20),
    San Francisco, CA, May 2020.
  3. RENN: Efficient Reverse Execution with Neural-Network-assisted Alias Analysis [ Paper | Code ]
    Dongliang Mu, Wenbo Guo, Alejandro Cuevas, Yueqi Chen, Jinxuan Gai, Xinyu Xing, Bing Mao, and Chengyu Song
    In Proceedings of the 34th IEEE/ACM International Conference on Automated Software Engineering (ASE'19),
    San Diego, CA, November 2019.
  4. Principled Unearthing of TCP Side Channel Vulnerabilities [ Paper ]
    Yue Cao, Zhongjie Wang, Zhiyun Qian, Chengyu Song, Srikanth V. Krishnamurthy, and Paul Yu
    In Proceedings of the 26th ACM Conference on Computer and Communications Security (CCS'19),
    London, UK, November 2019.
  5. Be Sensitive and Collaborative: Analyzing Impact of Coverage Metrics in Greybox Fuzzing [ Paper | Code ]
    Jinghan Wang, Yue Duan, Wei Song, Heng Yin, and Chengyu Song
    In Proceedings of the 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID'19),
    Beijing, China, September 2019. ( Best Paper )
  6. Firm-AFL: High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation [ Paper ]
    Yaowen Zheng, Ali Davanian, Heng Yin, Chengyu Song, Hongsong Zhu, and Limin Sun
    In Proceedings of the 28th USENIX Security Symposium (Security'19),
    Santa Clara, CA, August 2019.
  7. SafeSpec: Banishing the Spectre of a Meltdown with Leakage-Free Speculation [ Paper | Preprint ]
    Khaled N. Khasawneh, Esmaeil M. Koruyeh, Chengyu Song, Dmitry Evtyushkin, Dmitry Ponomarev, and Nael Abu-Ghazaleh
    In Proceedings of the 2019 Design Automation Conference (DAC'19),
    Las Vegas, NV, June 2019.
  8. Figment: Fine-grained Permission Management for Mobile Apps [ Paper ]
    Ioannis Gasparis, Zhiyun Qian, Chengyu Song, Srikanth V. Krishnamurthy, Rajiv Gupta, and Paul Yu
    In Proceedings of IEEE International Conference on Computer Communications (INFOCOM'19),
    Paris, France, April 2019.
  9. Stealthy Adversarial Perturbations Against Real-Time Video Classification Systems [ Paper ]
    Shasha Li, Ajaya Neupane, Sujoy Paul, Chengyu Song, Srikanth V. Krishnamurthy, Amit K. Roy Chowdhury, and Ananthram Swami
    In Proceedings of the 2019 Network and Distributed System Security Symposium (NDSS'19),
    San Diego, CA, February 2019.
  10. IoTSan: Fortifying the Safety of IoT Systems [ Paper | Code ]
    Dang Tu Nguyen, Chengyu Song, Zhiyun Qian, Srikanth V. Krishnamurthy, Edward J. M. Colbert, and Patrick McDaniel
    In Proceedings of the 14th International Conference on emerging Networking EXperiments and Technologies (CoNext'18), Heraklion/Crete, Greece, December 2018.
  11. IAC: On the Feasibility of Utilizing Neural Signals for Access Control [ Paper ]
    Md Lutfor Rahman, Ajaya Neupane, and Chengyu Song
    In Proceedings of the 2018 Annual Computer Security Applications Conference (ACSAC'18),
    San Juan, Puerto Rico, December 2018.
  12. Learning Tensor-based Representations from Brain-Computer Interface Data for Cybersecurity [ Paper ]
    Md Lutfor Rahman*, Sharmistha Bardhan*, Ajaya Neupane, Evangelos E. Papalexakis, and Chengyu Song
    In Proceedings of the European Conference on Machine Learning and Principles and Practice of Knowledge Discovery in Databases (ECML-PKDD'18), Dublin, Ireland, September 2018.
  13. Spectre Returns! Speculation Attacks using the Return Stack Buffer [ Paper ]
    Esmaiel M. Koruyeh, Khaled N. Khasawneh, Chengyu Song, and Nael Abu-Ghazaleh
    In Proceedings of the 12th USENIX Workshop on Offensive Technologies (WOOT'18),
    Baltimore, MD, August 2018. ( Best Paper )
  14. Droid M+: Developer Support for Imbibing Android’s New Permission Model [ Paper ]
    Ioannis Gasparis, Azeem Aqil, Zhiyun Qian, Chengyu Song, Srikanth V. Krishnamurthy, Rajiv Gupta, and Edward Colbert
    In Proceedings of the 13th ACM ASIA Conference on Information, Computer and Communications Security (AsiaCCS'18),
    Incheon, Korea, June 2018.
  15. Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing [ Paper | Code ]
    Wookhyun Han, Byunggill Joe, Byoungyoung Lee, Chengyu Song, and Insik Shin
    In Proceedings of the 2018 Network and Distributed System Security Symposium (NDSS'18),
    San Diego, CA, February 2018.
  16. Your State is Not Mine: A Closer Look at Evading Stateful Internet Censorship [ Paper | Code ]
    Zhongjie Wang, Yue Cao, Zhiyun Qian, Chengyu Song, Srikanth V. Krishnamurthy
    In ACM Internet Measurement Conference (IMC'17),
    London, UK, November 2017.
  17. Detecting Android Root Exploits by Learning from Root Providers [ Paper ]
    Ioannis Gasparis, Zhiyun Qian, Chengyu Song, and Srikanth V. Krishnamurthy
    In Proceedings of the 26th USENIX Security Symposium (Security'17),
    Vancouver, Canada, August 2017.
  18. Efficient Protection of Path-Sensitive Control Security [ Paper ]
    Ren Ding, Chenxiong Qian, Chengyu Song, Bill Harris, Taesoo Kim, and Wenke Lee
    In Proceedings of the 26th USENIX Security Symposium (Security'17),
    Vancouver, Canada, August 2017.
  19. UniSan: Proactive Kernel Memory Initialization to Eliminate Data Leakages [ Paper | Code ]
    Kangjie Lu, Chengyu Song, Taesoo Kim, and Wenke Lee
    In Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS'16),
    Vienna, Austria, October 2016.
  20. HDFI: Hardware-Assisted Data-flow Isolation [ Paper | Code ]
    Chengyu Song, Hyungon Moon, Monjur Alam, Insu Yun, Byoungyoung Lee, Taesoo Kim, Wenke Lee, and Yunheung Paek
    In Proceedings of the 37th IEEE Symposium on Security and Privacy (Oakland'16),
    San Jose, CA, May 2016.
  21. Enforcing Kernel Security Invariants with Data Flow Integrity [ Paper | Kernel | Analyzer ]
    Chengyu Song, Byoungyoung Lee, Kangjie Lu, William R. Harris, Taesoo Kim, and Wenke Lee
    In Proceedings of the 2016 Network and Distributed System Security Symposium (NDSS'16),
    San Diego, CA, February 2016.
  22. VTrust: Regaining Trust on Virtual Calls [ Paper ]
    Chao Zhang, Scott A. Carr, Tongxin Li, Yu Ding, Chengyu Song, Mathias Payer, and Dawn Song
    In Proceedings of the 2016 Network and Distributed System Security Symposium (NDSS'16),
    San Diego, CA, February 2016.
  23. ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks [ Paper | Code ]
    Kangjie Lu, Chengyu Song, Byoungyoung Lee, Simon P. Chung, Taesoo Kim, and Wenke Lee
    In Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS'15),
    Denver, CO, October 2015.
  24. Cross-checking Semantic Correctness: The Case of Finding File System Bugs [ Paper | Code ]
    Changwoo Min, Sanidhya Kashyap, Byoungyoung Lee, Chengyu Song, and Taesoo Kim
    In Proceedings of the 25th ACM Symposium on Operating Systems Principles (SOSP'15),
    Monterey, CA, October 2015.
  25. Type Casting Verification: Stopping an Emerging Attack Vector [ Paper | Code ]
    Byoungyoung Lee, Chengyu Song, Taesoo Kim, and Wenke Lee
    In Proceedings of the 24th USENIX Security Symposium (Security'15),
    Washington, D.C., August 2015. ( 2015 Internet Defense Prize )
  26. JITScope: Protecting Web Users from Control-Flow Hijacking Attacks [ Paper ]
    Chao Zhang, Mehrdad Niknami, Kevin Zhijie Chen, Chengyu Song, Zhaofeng Chen, and Dawn Song
    In Proceedings of the 34th Annual IEEE International Conference on Computer Communications (INFOCOM'15),
    Hong Kong, China, April 2015.
  27. Exploiting and Protecting Dynamic Code Generation [ Paper | Code ]
    Chengyu Song, Chao Zhang, Tielei Wang, Wenke Lee, and David Melski
    In Proceedings of the 2015 Network and Distributed System Security Symposium (NDSS'15),
    San Diego, CA, February 2015.
  28. VTint: Protecting Virtual Function Tables' Integrity [ Paper ]
    Chao Zhang, Chengyu Song, Kevin Zhijie Chen, Zhaofeng Chen, and Dawn Song
    In Proceedings of the 2015 Network and Distributed System Security Symposium (NDSS'15),
    San Diego, CA, February 2015.
  29. Preventing Use-after-free with Dangling Pointers Nullification [ Paper ]
    Byoungyoung Lee, Chengyu Song, Yeongjin Jang, Tielei Wang, Taesoo Kim, Long Lu, and Wenke Lee
    In Proceedings of the 2015 Network and Distributed System Security Symposium (NDSS'15),
    San Diego, CA, February 2015. ( CSAW Best Applied Research Papers (3rd place) )
  30. A11y Attacks: Exploiting Accessibility in Operating Systems [ Paper ]
    Yeongjin Jang, Chengyu Song, Simon P. Chung, Tielei Wang, and Wenke Lee
    In Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS'14),
    Scottsdale, AZ, November 2014.
  31. Mimesis Aegis: A Mimicry Privacy Shield [ Paper ]
    Billy Lau, Pak Ho Chung, Chengyu Song, Yeongjin Jang, Wenke Lee, and Alexandra Boldyreva
    In Proceedings of the 23rd USENIX Security Symposium (Security'14),
    San Diego, CA, August 2014.
  32. Abusing Performance Optimization Weaknesses to Bypass ASLR [ Slides ]
    Byoungyoung Lee, Yeongjin Jang, Tielei Wang, Chengyu Song, Long Lu, Taesoo Kim, and Wenke Lee
    In BlackHat USA 2014,
    Las Vegas, NV, Auguest 2014.
  33. Diagnosis and Emergency Patch Generation for Integer Overflow Exploits [ Paper ]
    Tielei Wang, Chengyu Song, and Wenke Lee
    In Proceedings of the 11th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA'14),
    Egham, London, UK, July 2014.
  34. Mactans: Injecting Malware Into iOS Devices via Malicious Chargers [ Paper | Slides ]
    Billy Lau, Yeongjin Jang, Chengyu Song, Tielei Wang, Pak Ho Chung, and Paul Royal
    In BlackHat USA 2013,
    Las Vegas, NV, Auguest 2013.
  35. Flowers for Automated Malware Analysis [ Paper | Slides ]
    Chengyu Song and Paul Royal
    In BloackHat USA 2012,
    Las Vegas, NV, July 2012.
  36. Impeding Automated Malware Analysis with Environment-sensitive Malware [ Paper ]
    Chengyu Song, Paul Royal, and Wenke Lee
    In Proceedings of the 7th USENIX conference on Hot topics in Security (HotSec'12),
    Bellevue, WA, USA, August 2012.
  37. Preventing Drive-by Download via Inter-Module Communication Monitoring [ Paper ]
    Chengyu Song, Jianwei Zhuge, Xinhui Han, and Zhiyuan Ye
    In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (AsiaCCS'10),
    Beijing, China, April 2010.
  38. Studying Malicious Websites and the Undergrounding Economy on the Chinese Web [ Paper ]
    Jianwei Zhuge, Thorsen Holz, Chengyu Song, Jinpeng Guo, Xinhui Han, and Wei Zou
    In Proceedings of the 7th Workshop on the Economics of Information Security (WEIS'08),
    Hanover, NH, June, 2008.
  39. Collecting Autonomous Spreading Malware Using High-interaction Honeypot [ Paper ]
    Jianwei Zhuge, Thorsen Holz, Xinhui Han, Chengyu Song, and Wei Zou
    In Proceedings of the 9th International Conference on Information and Communications Security (ICICS'07),
    Zhengzhou, China, Dec 2007.
bar