Publications

S&P '20 APMP: Cost-effective Forced Execution with Probabilistic Memory Pre-planning.
W. You, Z. Zhang, Y. Kwon, Y. Aafer, F. Peng, Y. Shi, C. M. Harmon, and X. Zhang
In Proceedings of the IEEE Symposium on Security and Privacy (S&P), 2020.
[ Paper ]

CCS '19 ABS: Scanning Neural Networks for Back-doors by Artificial Brain Stimulation.
Y. Liu, W. Lee, G. Tao, S. Ma, Y. Aafer and X. Zhang.
In Proceedings of the Conference on Computer and Communications Security (CCS), 2019.
[ Paper ]

CCS '18 Precise Android API Protection Mapping Derivation and Reasoning.
Y. Aafer, G. Tao, J. Huang, X. Zhang and N. Li.
In Proceedings of the Conference on Computer and Communications Security (CCS), 2018.
[ Paper ]

CCS'18 Detecting Attacks Against Robotic Vehicles: A Control Invariant Approach.
H. Choi, W. Lee, Y. Aafer, F. Fei, Z. Tu, X. Zhang, D. Xu, X. Deng.
In Proceedings of the Conference on Computer and Communications Security (CCS), 2018.
[ Paper ]

ASE '18 Dual-force: understanding webview malware via cross-language forced execution
Z. Tang, J. Zhai, M. Pan, Y. Aafer, S. Ma, and X. Zhang.
In Proceedings of the IEEE/ACM International Conference on Automated Software Engineering (ASE), 2018.
[ Paper ]

NDSS'18 AceDroid: Normalizing Diverse Android Access Control Checks for Inconsistency Detection
Y. Aafer, J. Huang, Y. Sun, X. Zhang, N. Li and C. Tian.
In Proceedings of the 25th Network and Distributed System Security Symposium.
[ Paper ]

NDSS'18 Trojaning Attack on Neural Networks.
Y. Liu, S. Ma, Y. Aafer, W. Lee, J. Zhai, W. Wang, and X. Zhang.
In Proceedings of the 25th Network and Distributed System Security Symposium.
[ Paper ]

ASE'17 UI Driven Android Application Reduction.
J. Huang, Y. Aafer, D. Perry, X. Zhang and C. Tian.
In Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering.
[ Paper ]

ASE'17 PAD: Programming Third-party Web Advertisement Censorship.
W. Wang, Y. Kwon, Y. Zheng, Y. Aafer, I. Kim, W. Lee, Y. Liu, W. Meng, X. Zhang, and P. Eugster.
In Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering.
[ Paper ]

FSE'17 LAMP: Data Provenance for Graph Based Machine Learning Algorithms through Derivative Computation.
S. Ma, Y. Aafer, Z. Xu, W. Lee, J. Zhai, Y. Liu, and X. Zhang.
In Proceedings of the ACM SIGSOFT Symposium on the Foundations of Software Engineering (FSE), 2017
[ Paper ]

ESORICS' 16 Hey, You, Get Off My Image. Detecting Data Residue in Android Images.
X. Zhang, Y. Aafer, K. Ying, and W. Du.
In Proceedings of the European Symposium on Research in Computer Security (ESORICS), 2016.
[ Paper ]

SEC' 16 Harvesting Inconsistent Security Configurations in Custom Android ROMs.
Y. Aafer, X. Zhang, and W. Du.
In Proceedings of the USENIX Security Symposium (USENIX Security), 2016.
[ Paper ]

NDSS' 16 Life after App Uninstallation: Are the Data Still Alive? Data Residue Attacks on Android.
X. Zhang, K. Ying, Y. Aafer, Z. Qiu, and W. Du.
In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2016.
[ Paper ]

CCS' 15 Hare Hunting in the Wild Android: A Study on the Threat of Hanging Attribute References.
Y. Aafer, N. Zhang, Z. Zhang, X. Zhang, K. Chen, X. Wang, X. Zhou, W. Du, and M. Grace.
In Proceedings of the Conference on Computer and Communications Security (CCS), 2015.
[ Paper ]

MoST' 14 A Systematic Security Evaluation of Android’s Multi-User Framework.
P. Ratazzi, Y. Aafer, A. Ahlawat, H. Hao, Y. Wang, and W. Du.
In Proceedings of the Mobile Security Technologies (MoST) workshop, 2014.
[ Paper ]

SecureComm' 13 DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android
Y. Aafer, W. Du, and H. Yin
In Proceedings of the International Conference on Security and Privacy in Communication Networks (SecureComm), 2013.
[ Paper ]

Professional Services

I am currently serving on the following committees:

ESORICS 2020: Program Committee Member.
EuroSys 2020: Program Committee Member.
ACSAC 2019: Program Committee Member.