Publications

 

2017

[ICFEM]
A Verification Framework for Stateful Security Protocols ( PDF )

Li Li, Naipeng Dong, Jun Pang, Jun Sun, Guangdong Bai, Yang Liu, and Jin Song Dong
19th International Conference on Formal Engineering Methods (ICFEM 2017) 

 

[CCS]
Directed Greybox Fuzzing

Marcel Böhme, Van Thuan Pham, Manh Dung Nguyen, Abhik Roychoudhury
24th  ACM Conference on Computer and Communications Security (CCS) 2017


[EmSe] Correlation of Test-suite Metrics with Patch Quality in Program Repair ( PDF )

Jooyong Yi, Shin Hwei Tan, Sergey Mechtaev, Marcel Boehme, Abhik Roychoudhury
Empirical Software Engineering Journal, To appear subject to minor revisions

 

[USENIX]
Neural Nets Can Learn Function Type Signatures From Binaries ( PDF )

Zheng Leong Chua, Shiqi Shen, Prateek Saxena, Zhenkai Liang
USENIX Security 2017


[FASE]
Bucketing Failing Tests via Symbolic Analysis ( PDF )

Van Thuan Pham, Sakaar Khurana, Subhajit Roy , Abhik Roychoudhury
20th International Conference on Fundamental Approaches to Software Engineering (FASE) 2017


[NDSS]
Panoply: Low-TCB Linux Applications With SGX Enclaves ( PDF )

Shweta Shinde, Dat Le Tien, Shruti Tople, Prateek Saxena
Network and Distributed System Security Symposium (NDSS 2017)


[NDSS]
Stack Bounds Protection with Low Fat Pointers ( PDF )

Gregory J. Duck, Roland H. C. Yap, Lorenzo Cavallaro
Network and Distributed System Security Symposium (NDSS 2017)

 

2016


[ICECCS]
Automatic Construction of Callback Model for Android Application ( PDF )

Chenkai Guo, Quanqi Ye, Naipeng Dong, Guangdong Bai, Jin Song Dong, and Jing Xu
In proceedings of the 21st International Conference on Engineering of Complex Computer Systems (ICECCS), page 231-234, 2016 (to appear online).

[CCS]
A Secure Sharding Protocol For Open Blockchains ( PDF )

Loi Luu, Viswesh Narayanan, Chaodong Zheng, Kunal Baweja, Seth Gilbert, Prateek Saxena
ACM Conference on Computer and Communications Security (CCS 2016).

[CCS]
The “Web/Local” Boundary Is Fuzzy – A Security Study of Chrome’s Process-based Sandboxing ( PDF )

Yaoqi Jia, Zheng Leong Chua, Hong Hu, Shuo Chen, Prateek Saxena, Zhenkai Liang
ACM Conference on Computer and Communications Security (CCS 2016)

[CCS]
Coverage-based Greybox Fuzzing as Markov Chain ( PDF )

Marcel Böhme, Van Thuan Pham, Abhik Roychoudhury
23rd ACM Conference on Computer and Communications Security (CCS) 2016

[ASE]
Model-based Whitebox Fuzzing for Program Binaries ( PDF )

Van Thuan Pham, Marcel Böhme, Abhik Roychoudhury
IEEE/ACM International Conference on Automated Software Engineering (ASE) 2016

[FSE]
Anti-patterns in Search-based Program Repair (PDF)

Shin Hwei Tan, Hiroaki Yoshida, Mukul Prasad, Abhik Roychoudhury
ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE) 2016

[CC]
Heap Bounds Protection with Low Fat Pointers ( PDF )

Gregory Duck, Roland Yap
Compiler Construction (CC) 2016.

[Oakland]
Data-Oriented Programming: On The Effectiveness of Non-Control Data Attacks ( PDF )

Hong Hu, Shweta Shinde, Sendroiu Adrian, Zheng Leong Chua, Prateek Saxena, Zhenkai Liang
To Appear at IEEE Symposium on Security and Privacy (Oakland) 2016

[AsiaCCS]
Preventing Page Faults from Telling your Secrets ( PDF )

Shweta Shinde, Zheng Leong Chua, Viswesh Narayanan, Prateek Saxena
To Appear at ACM Asia Conference on Computer and Communications Security (ASIACCS) 2016

[CACM]
Formula-based Program Debugging

Abhik Roychoudhury, Satish Chandra
To Appear at Communications of ACM (CACM)

[ICSE]
Angelix: Scalable Multiline Program Patch Synthesis via Symbolic Analysis
( PDF )
Sergey Mechtaev, Jooyong Yi, Abhik Roychoudhury
ACM/IEEE International Conference on Software Engineering (ICSE) 2016.

[ICSE]
Automated Partitioning of Android Applications for Trusted Execution ( PDF )

Konstantin Rubinov, Lucia Rosculete, Tulika Mitra, Abhik Roychoudhury
ACM/IEEE International Conference on Software Engineering (ICSE) 2016.

 

2015

[ICECCS]
Formal Analysis of A Single Sign-on Protocol Implementation for Android ( PDF )

Quanqi Ye, Guangdong Bai, Kailong Wang and Jin Song Dong
20th International Conference on Engineering of Complex Computer Systems

[CCS]
The SICILIAN Defense: Signature-based Whitelisting of Web JavaScript (PDF)

Pratik Soni, Enrico Budianto, and Prateek Saxena.
22nd ACM Conference on Computer and Communications Security (CCS) 2015

[ICSE]
Hercules: Reproducing Crashes in Real-World Application Binaries ( PDF )

Van Thuan Pham, Wei Boon Ng, Konstantin Rubinov, Abhik Roychoudhury
ACM/IEEE International Conference on Software Engineering (ICSE) 2015.

[ICSE]
DirectFix: Looking for Simple Program Repairs ( PDF )

Jooyong Yi, Sergey Mechtaev, Abhik Roychoudhury
ACM/IEEE International Conference on Software Engineering (ICSE) 2015.

[ICSE]
Relifix: Automated Repair of Software Regressions ( PDF )

Shin Hwei Tan, Abhik Roychoudhury
ACM/IEEE International Conference on Software Engineering (ICSE) 2015.

[IFIPTM]
Simple and Practical Integrity Models for Binaries and Files ( PDF )

Yongzheng Wu and Roland H.C. Yap
9th IFIP WG 11.11 International Conference on Trust Management, 2015.

[USENIX Security]
Automatic Generation of Data-Oriented Exploits ( PDF )

Hong Hu, Zheng Leong Chua, Sendroiu Adrian, Prateek Saxena, and Zhenkai Liang
24th USENIX Security Symposium (USENIX Security) 2015

[ESORICS]
Identifying Arbitrary Memory Access Vulnerabilities in Privilege-Separated Software ( PDF )

Hong Hu, Zheng Leong Chua, Zhenkai Liang, and Prateek Saxena
20th European Symposium on Research in Computer Security (ESORICS) 2015

[ESEC/FSE]
Auto-Patching DOM-based XSS At Scale ( PDF )

Inian Parameshwaran, Enrico Budianto, Shweta Shinde, Hung Dang, Atul Sadhu and Prateek Saxena
10th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE) 2015

[ESEC/FSE]
DexterJS: Robust Testing Platform for DOM-based XSS Vulnerabilities ( PDF )

Inian Parameshwaran, Enrico Budianto, Shweta Shinde, Hung Dang, Atul Sadhu and Prateek Saxena
10th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE) 2015

[Oakland]
Poster: PODARCH : Protecting Legacy Applications with a Purely Hardware TCB ( PDF )

Shweta Shinde, Shruti Tople, Deepak Kathayat and Prateek Saxena
36th IEEE Symposium on Security and Privacy (Oakland) 2015

[Oakland]
Poster: WESHARE : A Coercion-Resistant and Scalable Storage Cloud ( PDF )

Hoon Wei Lim, Loi Luu, Shruti Tople, Prateek Saxena
36th IEEE Symposium on Security and Privacy (Oakland) 2015