[News] (11/07/2017) First time attending the Transportation Research Board annual meeting in D.C.! Got in touch with the Connected Vehicle Pilot Program team in Tampa, FL, and will collaborate with them to address the security vulnerabilities discovered in our NDSS'18 paper.
[News] (11/03/2017) I gave a short talk on our recent work of emerging smart transportation system security in ACM FEAST workshop. The slides can be accessed here.
[News] (10/26/2017) Our paper on the first security analysis of the emerging Connected Vehicle (CV) based traffic signal control got into NDSS'18! We find that due to several newly-discovered vulnerabilties, even one single attack vehicle can greatly manipulate the intelligent traffic control algorithm, causing severe traffic jams.
[News] (10/12/2017) Our paper on analyzing the vulnerability of traffic signal operations under falsified data attacks got into TRB'18!
[News] (09/11/2017) Our position paper on developing systematic and automated protocol customization got into FEAST'17!
[News] (08/02/2017) Our paper on the first systematic study of client-side name collision vulnerability got into CCS'17! We find that the name collision problem broadly breaks common security assumptions in internal network services today, causing widespread vulnerability exposure.
[News] (06/28/2017) Our Euro S&P'17 are receiving widespread news coverage! Please checkout My TV interview at FOX news, and other coverage in Wired, TechRepublic, Bleeping Computer, and more!
[News] (03/14/2017) Our position paper on securing future appified autonoumous vehicle (AV) systems got into IEEE IV'17!
[News] (03/08/2017) I am awarded the prestigious Rackham Predoctoral Fellowship to support my security research in smart systems and IoT! Check out the news coverage here. Thanks, Rackham!
[News] (10/22/2016) Our paper on securing access control in emerging smart home IoT systems got into NDSS'17!
[News] (10/17/2016) Our paper on Android open port usage security got into Euro S&P'17!
[News] (07/29/2016) Our paper on analyzing on-device bufferbloat problem got into IMC'16!
[News] (02/23/2016) Our WPAD name collision attack paper got into S&P'16! This is a newly-exposed MitM attack vector in the new gTLD era, which can be exploited to launch MitM attack from anywhere on the Internet with only a domain name registration!
[News] (11/29/2015) Our paper on new Android UI deception attacks and defenses got into FC'16!
[News] (10/27/2015) Our Kratos paper on discovering inconsistent security policy enforcement in Android got into NDSS'16!
[News] (07/22/2015) Our PacketGuardian paper got into CCS'15'! Visit our website to see full details of packet injection vulnerabilities we found, covering TCP, RTP, and more!
----Packet injection vulnerability detection is one case of identifying attacker-controlled implicit information leaks, a new class of highly-exploitable implicit information leaks coined by this paper.
[News] (06/01/2015) Our VoLTE performance measurement & problem diagnosis paper got into Mobicom'15!
[News] (01/07/2015) New 90 sec lightning video for UI state inference attack at 2015 NSF Secure and Trustworthy Cyberspace PIs' Meeting (SaTCPI'15)!
[News] (09/07/2014) My UI state inference attack videos attracted more than 60,000 views on YouTube!
[News] (07/28/2014) Check out this 60 sec video to know about our UI state inference attack work in Usenix Security'14!
[News] (07/23/2014) Our QoE Doctor paper got into IMC'14!
[News] (06/06/2014) Our fine-grained & global-scale RRC state analysis paper got into Mobicom'14!
[News] (05/13/2014) I just passed the PhD qualification exam and now becomes a PhD candidate!
[News] (05/07/2014) Our UI state inference attack paper got into Usenix Security'14!