LIANG Zhenkai Assistant Professor Department of Computer Science School of Computing National University of Singapore Mailing address: 13 Computing Drive Computing 1, #03-68 Singapore, 117417 Phone: (+65) 6516 1226 Email: Click to Reveal Office: COM1 #03-16

Research Interests

Teaching

• AY 2008/2009 Semester 1: CS3235 Introduction to Computer Security
• AY 2008/2009 Semester 2: CS6230 Topics in Information Security
• AY 2009/2010 Semester 1: CS5231 Cryptographic Techniques & Data Security
• AY 2009/2010 Semester 2: CS3235 Introduction to Computer Security
  
• AY 2010/2011 Semester 1: CS5231 Systems Security
  
• AY 2010/2011 Semester 2: CS3235 Introduction to Computer Security
  
• AY 2011/2012 Semester 1: CS4238 Computer Security Practice
• AY 2011/2012 Semester 2: CS5231 Systems Security

Publications

Book Chapters

1. Automatically Identifying Trigger-based Behavior in Malware. [PDF]
   David Brumley, Cody Hartwig, Zhenkai Liang, James Newsome, Pongsin Poosankam, Dawn Song, and Heng Yin.
   In Botnet Analysis and Defense, vol. 36 of Advances in Information Security Series, Wenke Lee, Cliff Wang, and David Dagon (editors), pp. 65-88, Springer, 2008.

Journals

1. DARWIN: An Approach for Debugging Evolving Programs.
   Dawei Qi, Abhik Roychoudhury, Zhenkai Liang, and Kapil Vaswani.
   To appear in ACM Transactions on Software Engineering and Methodology (TOSEM), 2012.
2. Alcatraz: An Isolated Environment for Experimenting with Untrusted Software. [PDF]
   Zhenkai Liang, Weiqing Sun, R.Sekar, and V.N. Venkatakrishnan.
   In ACM Transactions on Information and System Security (TISSEC), Volume 12, Issue 3, January 2009. 

Conferences

1. A Framework to Eliminate Backdoors from Response Computable Authentication.
   Shuaifu Dai, Tao Wei, Chao Zhang, Tielei Wang, Yu Ding, Wei Zou, and Zhenkai Liang.
   To appear in the IEEE Symposium on Security and Privacy, San Francisco, CA, May 2012.
   
2. Identifying and Analyzing Pointer Misuses for Sophisticated Memory-corruption Exploit Diagnosis. [PDF]
   Mingwei Zhang, Aravind Prakash, Xiaolei Li, Zhenkai Liang, and Heng Yin.
   In the 19th Annual Network & Distributed System Security Symposium (NDSS), San Diego, CA, February 2012.
3. AdSentry: Comprehensive and Flexible Confinement of JavaScript-based Advertisements. [PDF]
   Xinshu Dong, Minh Tran, Zhenkai Liang, and Xuxian Jiang.
   In the 27th Annual Computer Security Applications Conference (ACSAC), Orlando, FL, December 2011.
4. Towards Fine-Grained Access Control in JavaScript Contexts. [PDF]
   Kailas Patil, Xinshu Dong, Xiaolei Li, Zhenkai Liang, and Xuxian Jiang.
   In the 31st IEEE International Conference on Distributed Computing Systems (ICDCS), Minneapolis, MN, June 2011.
5. Jump-Oriented Programming: A New Class of Code-Reuse Attack. [PDF]
   Tyler Bletsch, Xuxian Jiang, Vince Freeh, and Zhenkai Liang.
   In the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS), Hong Kong, China, March 2011.
6. Heap Taichi: Exploiting Memory Allocation Granularity In Heap-spraying Attacks. [PDF]
   Yu Ding, Tao Wei, Tielei Wang, Zhenkai Liang, and Wei Zou.
   In the 25th Annual Computer Security Applications Conference (ACSAC), Austin, TX, December 2010.
   
7. Golden Implementation Driven Software Debugging. [PDF]
   Ansuman Banerjee, Abhik Roychoudhury, Johannes A. Harlie, and Zhenkai Liang.
   In the ACM SIGSOFT 18th International Symposium on Foundations of Software Engineering (FSE), Sata Fe, NM, November 2010.
   
8. Test Generation to Expose Changes in Evolving Programs. [PDF]
   Dawei Qi, Abhik Roychoudhury, and Zhenkai Liang.
   In the 25th IEEE/ACM International Conference on Automated Software Engineering (ASE), September 2010.
   
9. Transparent Protection of Commodity OS Kernels using Hardware Virtualization. [PDF]
   Michael Grace, Zhi Wang, Deepa Srinivasan, Jinku Li, Xuxian Jiang, Zhenkai Liang, and Siarhei Liakh.
   In the 6th International ICST Conference on Security and Privacy in Communication Networks (SecureComm), Singapore, September 2010.
   
10. Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration. [PDF]
    Juan Caballero, Zhenkai Liang, Pongsin Poosankam, and Dawn Song.
    In the 12th International Symposium on Recent Advances in Intrusion Detection (RAID), Saint-Malo, France, September 2009.
    
11. DARWIN: An Approach for Debugging Evolving Programs. [PDF]
    (Distinguished paper award)
    Dawei Qi, Abhik Roychoudhury, Zhenkai Liang, Kapil Vaswani.
    In the ESEC and ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC-FSE), Amsterdam, the Netherlands, August 2009. (Acceptance rate: 14.7%)
12. BitBlaze: A New Approach to Computer Security via Binary Analysis. [PDF] (*Invited keynote paper)
    Dawn Song, David Brumley, Heng Yin, Juan Caballero, Ivan Jager, Min Gyung Kang, Zhenkai Liang, James Newsome, Pongsin Poosankam, and Prateek Saxena.
    In the 4th International Conference on Information Systems Security (ICISS), Hyderabad, India, December 2008.
    
13. Expanding Malware Defense by Securing Software Installations. [PDF]
    Weiqing Sun, R. Sekar, Zhenkai Liang, and V.N. Venkatakrishnan.
    In the Detection of Intrusions, Malware and Vulnerability Analysis (DIMVA), Paris, France, July 2008.
14. AGIS: Automatic Generation of Infection Signatures. [PDF]
    Zhuowei. Li, Xiaofeng. Wang, Zhenkai Liang and Mike. K. Reiter.
    In the 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Anchorage, AK, June 2008. 
15. HookFinder: Identifying and Understanding Malware Hooking Behaviors. [PDF]
    Heng Yin, Zhenkai Liang, and Dawn Song.
    In the 15th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2008. (Acceptance rate: 17.8%)
16. Polyglot: Automatic Extraction of Protocol Message Format using Dynamic Binary Analysis. [PDF]
    Juan Caballero, Heng Yin, Zhenkai Liang, and Dawn Dong.
    In the 14th ACM Conference on Computer and Communications Security (CCS), Alexandria, VA, October 2007. (Acceptance rate: 18%)
17. Towards Automatic Discovery of Deviations in Binary Implementations with Applications to Error Detection and Fingerprint Generation. [PDF]
    (Best paper award)
    David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, and Dawn Song.
    In the 16th USENIX Security Symposium, Boston, MA, August 2007. (Acceptance rate: 12.3%)
18. Automatic Generation of Buffer Overflow Attack Signatures: An Approach Based on Program Behavior Models. [PDF]
    Zhenkai Liang and R. Sekar.
    In the 21st Annual Computer Security Applications Conference (ACSAC), Tucson, AZ, December 2005. (Acceptance rate: 19.6%)
19. Fast and Automated Generation of Attack Signatures: A Basis for Building Self-Protecting Servers. [PDF]
    Zhenkai Liang and R. Sekar.
    In the 12th ACM Conference on Computer and Communications Security (CCS), Alexandria, VA, November 2005. (Acceptance rate: 15.2%)
20. Automatic Synthesis of Filters to Discard Buffer Overflow Attacks: A Step Towards Realizing Self-Healing Systems. [PDF]
    Zhenkai Liang, R. Sekar, and Daniel C. DuVarney.
    In the USENIX Annual Technical Conference (short paper), Anaheim, CA, April 2005.
21. One-way Isolation: An Effective Approach for Realizing Safe Execution Environments. [PDF]
    Weiqing Sun, Zhenkai Liang, R.Sekar, and V.N. Venkatakrishnan.
    In the 12th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2005. (Acceptance rate: 13%)
22. Isolated Program Execution: An Application Transparent Approach for Executing Untrusted Programs. [PDF]
    (Outstanding paper award)
    Zhenkai Liang, V.N. Venkatakrishnan, and R. Sekar.
    In the 19th Annual Computer Security Applications Conference (ACSAC), Las Vegas, NV, December 2003.
23. An approach for Secure Software Installation. [PDF]
    V.N. Venkatakrishnan, R. Sekar, S. Tsipa, T. Kamat, and Z. Liang.
    In the 16th Large Installation System Administration Conference (LISA), Philadelphia, PA, November 2002.

Contact Information