13 Computing Drive
Computing 1, #03-27
Phone: (+65) 6516 1226
Email: Click to Reveal
Office: COM1 #03-16
I am an Associate Professor at
the School of Computing,
National University of
Singapore. I'm a member of
My main research interest is in system and software security,
web security, mobile security, and software testing. As a
co-author, I received the Best Paper Award in ICECCS 2014, the Best Paper Award in W2SP 2014, the ACM SIGSOFT Distinguished Paper Award
at ESEC/FSE in 2009, the Best Paper Award at USENIX Security
Symposium in 2007, and the Outstanding Paper Award at ACSAC in 2003. I
also won the Young Investigator Award of National
University of Singapore in 2008, and Annual Teaching Excellence Award of NUS for the academic years 2013-2014 and 2014-2015. I received my Ph.D. degree in
Computer Science from
Stony Brook University
in 2006, and B.S. degrees in Computer
Science and Economics from
Peking University in 1999.
Selected Publications Full List
- Data-Oriented Programming: On the Expressiveness of Non-Control Data Attacks.
Hong Hu, Shweta Shinde, Sendroiu Adrian, Zheng Leong Chua, Prateek Saxena, and Zhenkai Liang.
To Appear in the IEEE Symposium on Security and Privacy, May 2016.
- Tool, Technique, and Tao in Computer Security Education.
Zhenkai Liang and Jian Mao.
In IEEE Reliability Magazine, August/September/October, 2015.
- Automatic Generation of Data-Oriented Exploits.
Hong Hu, Zheng Leong Chua, Sendroiu Adrian, Prateek Saxena, and Zhenkai Liang.
In the 24th USENIX Security Symposium, Washington DC, August 2015.
- I Know Where You've Been: Geo-Inference Attacks via the Browser Cache.
(Best Paper Award, Workshop version in W2SP 2014)
Yaoqi Jia, Xinshu Dong, Zhenkai Liang, and Prateek Saxena.
In IEEE Internet Computing, Januany/February 2015.
- DroidVault: A Trusted Data Vault for Android Devices.
(Best Paper Award)
Xiaolei Li, Hong Hu, Guangdong Bai, Yaoqi Jia, Zhenkai Liang, and Prateek Saxena. In the 19th International Conference on Engineering of Complex Computer Systems (ICECCS), Tianjin, China, August 2014.
- Protecting Sensitive Web Content from Client-side Vulnerabilities with Cryptons. [PDF]
Xinshu Dong, Zhaofeng Chen, Hossein Siadati, Shruti Tople, Prateek Saxena, and Zhenkai Liang.
In the 14th ACM Conference on Computer and Communications Security (CCS), Berlin, Germany, November 2013.
- A Quantitative Evaluation of Privilege Separation in Web Browser Designs. [PDF]
Xinshu Dong, Hong Hu, Prateek Saxena, and Zhenkai Liang.
In the 18th European Symposium on Research in Computer Security (ESORICS), Egham, UK, September 2013.
Codejail: Application-transparent Isolation of Libraries with Tight Program
Yongzheng Wu, Sai Sathyanarayan, Roland Yap, and Zhenkai
In the 17th European Symposium on Research in Computer
Security (ESORICS), Pisa, Italy, September 2012.
Framework to Eliminate Backdoors from Response Computable
Shuaifu Dai, Tao Wei, Chao Zhang, Tielei Wang, Yu Ding,
Zhenkai Liang, and Wei Zou.
In the IEEE Symposium on
Security and Privacy, San Francisco, CA, May 2012.
- Identifying and Analyzing
Pointer Misuses for Sophisticated Memory-corruption Exploit Diagnosis. [PDF]
Mingwei Zhang, Aravind Prakash, Xiaolei Li, Zhenkai Liang,
and Heng Yin.
In the 19th Annual Network &
Distributed System Security Symposium (NDSS), San Diego, CA,
- AdSentry: Comprehensive and
Xinshu Dong, Minh Tran, Zhenkai Liang, and Xuxian Jiang.
In the 27th Annual Computer Security Applications Conference
(ACSAC), Orlando, FL, December 2011.
- Towards Fine-Grained Access
Kailas Patil, Xinshu Dong, Xiaolei Li, Zhenkai Liang, and
In the 31st IEEE International Conference on Distributed Computing
Systems (ICDCS), Minneapolis, MN, June 2011.
- DARWIN: An Approach for
Debugging Evolving Programs. [PDF]
In the ESEC and ACM SIGSOFT Symposium on the Foundations of
Engineering (ESEC-FSE), Amsterdam, the Netherlands, August 2009.
- BitBlaze: A New Approach to
Computer Security via Binary Analysis. [PDF] (*Invited keynote paper)
Dawn Song, David Brumley, Heng
Yin, Juan Caballero, Ivan Jager, Min Gyung
Kang, Zhenkai Liang, James Newsome, Pongsin Poosankam, and Prateek
In the 4th International
Information Systems Security (ICISS),
Hyderabad, India, December 2008.
- Towards Automatic Discovery of Deviations in Binary
Implementations with Applications to Error Detection and Fingerprint
David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, and Dawn
In the 16th USENIX Security Symposium, Boston, MA, August 2007.
(Acceptance rate: 12.3%)
- Fast and Automated Generation of Attack Signatures: A Basis
for Building Self-Protecting Servers. [PDF]
Zhenkai Liang and R. Sekar.
In the 12th ACM Conference on Computer and Communications
2005. (Acceptance rate: 15.2%)
- Isolated Program Execution: An Application Transparent
Approach for Executing Untrusted Programs. [PDF]
Zhenkai Liang, V.N. Venkatakrishnan, and R. Sekar.
In the 19th Annual Computer Security Applications Conference (ACSAC),
Las Vegas, NV, December 2003.