Bio

Ph.D. in Computer Science, Purdue University, 2018

My research interests include software systems security (i.e., securing software to prevent cyber attacks), cyber forensics (i.e., recovering cyber forensic evidence from data/programs), and software engineering (software testing and reverse engineering).

Awards

  • NSF CAREER Award 2022
  • Best Paper Award (WISA'22) 2022
  • ACM SIGPLAN Distinguished Paper Award 2019
  • NSF CRII Award 2019
  • Maurice H. Halstead Memorial Award 2017
  • ACM SIGSOFT Distinguished Paper Award 2013
  • Best Paper Award (Automated Software Engineering) 2013
  • Microsoft Most Valuable Professional 2008-2012

Research Interests

  • Software Systems Security
  • Cyber Forensics
  • Software Engineering
  • CPS/IoT (Cyber Physical Systems/Internet of Things) Security

Selected Publications

  • SynthDB: Synthesizing Database via Program Analysis for Security Testing of Web Applications In Proc. of the 30th Network and Distributed System Security Symposium (NDSS'23)
  • PyFET: Forensically Equivalent Transformation for Python Binary Decompilation In Proc. of the 44th IEEE Symposium on Security and Privacy (S&P'23)
  • SwarmFlawFinder: Discovering and Exploiting Logic Flaws of Swarm Algorithms In Proc. of the 43rd IEEE Symposium on Security and Privacy (S&P'22)
  • MalMax: Multi-Aspect Execution for Automated Dynamic Web Server Malware Analysis ABS In Proc. of the 26th ACM Conference on Computer and Communications Security (CCS'19),
  • PMP: Cost-effective Forced Execution with Probabilistic Memory Pre-planning In Proc. of the 41st IEEE Symposium on Security and Privacy (S&P'20)
  • BDA: Practical Dependence Analysis for Binary Executables by Unbiased Whole-program Path Sampling and Per-path Abstract Interpretation In Proc. of the 2019 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA'19), Distinguished Paper Award
  • Probabilistic Disassembly In Proc. of the 41st International Conference on Software Engineering (ICSE'19)
  • MCI: Modeling-based Causality Inference in Audit Logging for Attack Investigation ABS In Proc. of the 25th Network and Distributed System Security Symposium (NDSS'18)
  • A2C: Self Destructing Exploit Executions via Input Perturbation ABS In Proc. of the 24th Network and Distributed System Security Symposium (NDSS'17)
  • LDX: Causality Inference by Lightweight Dual Execution ABS In Proc. of the 21st International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS'16)
  • PIEtrace: Platform Independent Executable Trace ABS In Proc. of the 28th IEEE/ACM International Conference on Automated Software Engineering (ASE'13), Distinguished Paper Award
Google Scholar

Courses Taught

  • Cyber Forensics Spring 2020, 2021, 2022
  • Software Security via Program Analysis Fall 2018, Fall 2019, Spring 2023

Featured Grants & Projects