@inproceedings {277216, author = {Lei Xue and Yangyang Liu and Tianqi Li and Kaifa Zhao and Jianfeng Li and Le Yu and Xiapu Luo and Yajin Zhou and Guofei Gu}, title = {{SAID}: State-aware Defense Against Injection Attacks on In-vehicle Network}, booktitle = {31st USENIX Security Symposium (USENIX Security 22)}, year = {2022}, isbn = {978-1-939133-31-1}, address = {Boston, MA}, pages = {1921--1938}, url = {https://www.usenix.org/conference/usenixsecurity22/presentation/xue-lei}, publisher = {USENIX Association}, month = aug } @inproceedings {281424, author = {Phakpoom Chinprutthiwong and Jianwei Huang and Guofei Gu}, title = {{SWAPP}: A New Programmable Playground for Web Application Security}, booktitle = {31st USENIX Security Symposium (USENIX Security 22)}, year = {2022}, isbn = {978-1-939133-31-1}, address = {Boston, MA}, pages = {2029--2046}, url = {https://www.usenix.org/conference/usenixsecurity22/presentation/chinprutthiwong}, publisher = {USENIX Association}, month = aug } @inproceedings {277266, author = {Le Yu and Yangyang Liu and Pengfei Jing and Xiapu Luo and Lei Xue and Kaifa Zhao and Yajin Zhou and Ting Wang and Guofei Gu and Sen Nie and Shi Wu}, title = {Towards Automatically Reverse Engineering Vehicle Diagnostic Protocols}, booktitle = {31st USENIX Security Symposium (USENIX Security 22)}, year = {2022}, isbn = {978-1-939133-31-1}, address = {Boston, MA}, pages = {1939--1956}, url = {https://www.usenix.org/conference/usenixsecurity22/presentation/yu-le}, publisher = {USENIX Association}, month = aug } @inproceedings {272100, author = {Feng Xiao and Jianwei Huang and Yichang Xiong and Guangliang Yang and Hong Hu and Guofei Gu and Wenke Lee}, title = {Abusing Hidden Properties to Attack the Node.js Ecosystem}, booktitle = {30th USENIX Security Symposium (USENIX Security 21)}, year = {2021}, isbn = {978-1-939133-24-3}, pages = {2951--2968}, url = {https://www.usenix.org/conference/usenixsecurity21/presentation/xiao}, publisher = {USENIX Association}, month = aug } @inproceedings {235465, author = {Jiahao Cao and Qi Li and Renjie Xie and Kun Sun and Guofei Gu and Mingwei Xu and Yuan Yang}, title = {The {CrossPath} Attack: Disrupting the {SDN} Control Channel via Shared Links}, booktitle = {28th USENIX Security Symposium (USENIX Security 19)}, year = {2019}, isbn = {978-1-939133-06-9}, address = {Santa Clara, CA}, pages = {19--36}, url = {https://www.usenix.org/conference/usenixsecurity19/presentation/cao}, publisher = {USENIX Association}, month = aug } @inproceedings {236356, author = {Guangliang Yang and Jeff Huang and Guofei Gu}, title = {{Iframes/Popups} Are Dangerous in Mobile {WebView}: Studying and Mitigating Differential Context Vulnerabilities}, booktitle = {28th USENIX Security Symposium (USENIX Security 19)}, year = {2019}, isbn = {978-1-939133-06-9}, address = {Santa Clara, CA}, pages = {977--994}, url = {https://www.usenix.org/conference/usenixsecurity19/presentation/yang-guangliang}, publisher = {USENIX Association}, month = aug } @inproceedings {203884, author = {Lei Xu and Jeff Huang and Sungmin Hong and Jialong Zhang and Guofei Gu}, title = {Attacking the Brain: Races in the {SDN} Control Plane}, booktitle = {26th USENIX Security Symposium (USENIX Security 17)}, year = {2017}, isbn = {978-1-931971-40-9}, address = {Vancouver, BC}, pages = {451--468}, url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/xu-lei}, publisher = {USENIX Association}, month = aug } @inproceedings {203886, author = {Lei Xue and Yajin Zhou and Ting Chen and Xiapu Luo and Guofei Gu}, title = {Malton: Towards {On-Device} {Non-Invasive} Mobile Malware Analysis for {ART}}, booktitle = {26th USENIX Security Symposium (USENIX Security 17)}, year = {2017}, isbn = {978-1-931971-40-9}, address = {Vancouver, BC}, pages = {289--306}, url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/xue}, publisher = {USENIX Association}, month = aug } @inproceedings {190949, author = {Yuhong Nan and Min Yang and Zhemin Yang and Shunfan Zhou and Guofei Gu and XiaoFeng Wang}, title = {{UIPicker}: {User-Input} Privacy Identification in Mobile Applications}, booktitle = {24th USENIX Security Symposium (USENIX Security 15)}, year = {2015}, isbn = {978-1-939133-11-3}, address = {Washington, D.C.}, pages = {993--1008}, url = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/nan}, publisher = {USENIX Association}, month = aug } @inproceedings {268085, author = {Guofei Gu and Roberto Perdisci and Junjie Zhang and Wenke Lee}, title = {{BotMiner}: Clustering Analysis of Network Traffic for Protocol- and {Structure-Independent} Botnet Detection}, booktitle = {17th USENIX Security Symposium (USENIX Security 08)}, year = {2008}, address = {San Jose, CA}, url = {https://www.usenix.org/conference/17th-usenix-security-symposium/botminer-clustering-analysis-network-traffic-protocol-and}, publisher = {USENIX Association}, month = jul } @inproceedings {203508, author = {Guofei Gu and Phillip Porras and Vinod Yegneswaran and Martin Fong}, title = {{BotHunter}: Detecting Malware Infection Through {IDS-Driven} Dialog Correlation}, booktitle = {16th USENIX Security Symposium (USENIX Security 07)}, year = {2007}, address = {Boston, MA }, url = {https://www.usenix.org/conference/16th-usenix-security-symposium/bothunter-detecting-malware-infection-through-ids-driven}, publisher = {USENIX Association}, month = aug }