[News] (02/23/2016) Our WPAD name collision attack paper got into S&P'16! This is a newly-exposed MitM attack vector in the new gTLD era, which can be exploited to launch MitM attack from anywhere on the Internet with only a domain name registration!
[News] (11/29/2015) Our paper on new Android UI deception attacks and defenses got into FC'16!
[News] (10/27/2015) Our Kratos paper on discovering inconsistent security policy enforcement in Android got into NDSS'16!
[News] (07/22/2015) Our PacketGuardian paper got into CCS'15'! Visit our website to see full details of packet injection vulnerabilities we found, covering TCP, RTP, and more!
----Packet injection vulnerability detection is one case of identifying attacker-controlled implicit information leaks, a new class of highly-exploitable implicit information leaks coined by this paper.
[News] (06/01/2015) Our VoLTE performance measurement & problem diagnosis paper got into Mobicom'15!
[News] (01/07/2015) New 90 sec lightning video for UI state inference attack at 2015 NSF Secure and Trustworthy Cyberspace PIs' Meeting (SaTCPI'15)!
[News] (09/07/2014) My UI state inference attack videos attracted more than 60,000 views on YouTube!
[News] (07/28/2014) Check out this 60 sec video to know about our UI state inference attack work in Usenix Security'14!
[News] (07/23/2014) Our QoE Doctor paper got into IMC'14!
[News] (06/06/2014) Our fine-grained & global-scale RRC state analysis paper got into Mobicom'14!
[News] (05/13/2014) I just passed the PhD qualification exam and now becomes a PhD candidate!
[News] (05/07/2014) Our UI state inference attack paper got into Usenix Security'14!