Ph.D. in Computer Science, Purdue University, 2018

My research interests include software systems security (i.e., securing software to prevent cyber attacks), cyber forensics (i.e., recovering cyber forensic evidence from data/programs), and software engineering (software testing and reverse engineering).


  • NSF CAREER Award 2022
  • Best Paper Award (WISA'22) 2022
  • ACM SIGPLAN Distinguished Paper Award 2019
  • NSF CRII Award 2019
  • Maurice H. Halstead Memorial Award 2017
  • ACM SIGSOFT Distinguished Paper Award 2013
  • Best Paper Award (Automated Software Engineering) 2013
  • Microsoft Most Valuable Professional 2008-2012

Research Interests

  • Software Systems Security
  • Cyber Forensics
  • Software Engineering
  • CPS/IoT (Cyber Physical Systems/Internet of Things) Security

Selected Publications

  • SynthDB: Synthesizing Database via Program Analysis for Security Testing of Web Applications In Proc. of the 30th Network and Distributed System Security Symposium (NDSS'23)
  • PyFET: Forensically Equivalent Transformation for Python Binary Decompilation In Proc. of the 44th IEEE Symposium on Security and Privacy (S&P'23)
  • SwarmFlawFinder: Discovering and Exploiting Logic Flaws of Swarm Algorithms In Proc. of the 43rd IEEE Symposium on Security and Privacy (S&P'22)
  • MalMax: Multi-Aspect Execution for Automated Dynamic Web Server Malware Analysis ABS In Proc. of the 26th ACM Conference on Computer and Communications Security (CCS'19),
  • PMP: Cost-effective Forced Execution with Probabilistic Memory Pre-planning In Proc. of the 41st IEEE Symposium on Security and Privacy (S&P'20)
  • BDA: Practical Dependence Analysis for Binary Executables by Unbiased Whole-program Path Sampling and Per-path Abstract Interpretation In Proc. of the 2019 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA'19), Distinguished Paper Award
  • Probabilistic Disassembly In Proc. of the 41st International Conference on Software Engineering (ICSE'19)
  • MCI: Modeling-based Causality Inference in Audit Logging for Attack Investigation ABS In Proc. of the 25th Network and Distributed System Security Symposium (NDSS'18)
  • A2C: Self Destructing Exploit Executions via Input Perturbation ABS In Proc. of the 24th Network and Distributed System Security Symposium (NDSS'17)
  • LDX: Causality Inference by Lightweight Dual Execution ABS In Proc. of the 21st International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS'16)
  • PIEtrace: Platform Independent Executable Trace ABS In Proc. of the 28th IEEE/ACM International Conference on Automated Software Engineering (ASE'13), Distinguished Paper Award

Courses Taught

  • Cyber Forensics Spring 2020, 2021, 2022
  • Software Security via Program Analysis Fall 2018, Fall 2019, Spring 2023

Featured Grants & Projects