Teaching
Fall 2023: CS 858: Topics on Mobile and IoT Security.
Fall 2023: CS 458/658: Computer Security and Privacy.
Publications
Sec '23
Auditing Framework APIs via Inferred App-side Security Specifications.
P. Vyas, A. Waheed, Y. Aafer, and N. Asokan
In Proceedings of the 32nd USENIX Security Symposium, 2023.
[ Paper ]
S&P '23
D-ARM: Disassembling ARM Binaries by Lightweight Superset Instruction Interpretation and Graph Modeling.
Y. Ye, Z. Zhang, Q. Shi, Y. Aafer, and X. Zhang
In Proceedings of the IEEE Symposium on Security and Privacy (S&P), 2023.
[ Paper ]
CCS '22
Poirot: Probabilistically Recommending Protections for the Android Framework.
Z. El-Rewini, Z. Zhang and Y. Aafer
To appear in the 29th Conference on Computer and Communications Security (CCS), 2022.
[ Paper ]
Sec '22
ProFactory: Improving IoT Security via Formalized Protocol Customization.
F. Wang, J. Wu, Y. Nan, Y. Aafer, X. Zhang, D. Xu, and M. Payer
In Proceedings of the 31st USENIX Security Symposium, 2022.
[ Paper ]
CCS '21
Dissecting Residual APIs in Custom Android ROMs.
Z. El-Rewini and Y. Aafer
In Proceedings of the 28th Conference on Computer and Communications Security (CCS), 2021.
[ Paper ]
Sec '21
Android SmartTVs Vulnerability Discovery via Log-Guided Fuzzing.
Y. Aafer, W. You, Y. Sun, Y. Shi, X. Zhang, and H. Yin
In Proceedings of the 30th USENIX Security Symposium, 2021.
[ Paper ]
S&P '21
StochFuzz: Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting.
Z. Zhang, W. You, G. Tao, Y. Aafer, X. Liu and X. Zhang
In Proceedings of the IEEE Symposium on Security and Privacy (S&P), 2021.
[ Paper ]
S&P '21
OSPREY: Recovery of Variable and Data Structure via Probabilistic Analysis for Stripped Binary.
Z. Zhang, Y. Ye, W. You, G. Tao, W. Lee, Y. Kwon, Y. Aafer, and X. Zhang
In Proceedings of the IEEE Symposium on Security and Privacy (S&P), 2021.
[ Paper ]
CCS '20
Cyber-Physical Inconsistency Vulnerability Identification for Safety Checks in Robotic Vehicles.
H. Choi, S. Kate, Y. Aafer, X. Zhang, and D. Xu
In Proceedings of the Conference on Computer and Communications Security (CCS), 2020.
[ Paper ]
S&P '20
PMP: Cost-effective Forced Execution with Probabilistic Memory Pre-planning.
W. You, Z. Zhang, Y. Kwon, Y. Aafer, F. Peng, Y. Shi, C. M. Harmon, and X. Zhang
In Proceedings of the IEEE Symposium on Security and Privacy (S&P), 2020.
[ Paper ]
CCS '19
ABS: Scanning Neural Networks for Back-doors by Artificial Brain Stimulation.
Y. Liu, W. Lee, G. Tao, S. Ma, Y. Aafer and X. Zhang.
In Proceedings of the Conference on Computer and Communications Security (CCS), 2019.
[ Paper ]
CCS '18
Precise Android API Protection Mapping Derivation and Reasoning.
Y. Aafer, G. Tao, J. Huang, X. Zhang and N. Li.
In Proceedings of the Conference on Computer and Communications Security (CCS), 2018.
[ Paper ]
CCS'18
Detecting Attacks Against Robotic Vehicles: A Control Invariant Approach.
H. Choi, W. Lee, Y. Aafer, F. Fei, Z. Tu, X. Zhang, D. Xu, X. Deng.
In Proceedings of the Conference on Computer and Communications Security (CCS), 2018.
[ Paper ]
ASE '18
Dual-force: understanding webview malware via cross-language forced execution
Z. Tang, J. Zhai, M. Pan, Y. Aafer, S. Ma, and X. Zhang.
In Proceedings of the IEEE/ACM International Conference on Automated Software Engineering (ASE), 2018.
[ Paper ]
NDSS'18
AceDroid: Normalizing Diverse Android Access Control Checks for Inconsistency Detection
Y. Aafer, J. Huang, Y. Sun, X. Zhang, N. Li and C. Tian.
In Proceedings of the 25th Network and Distributed System Security Symposium.
[ Paper ]
NDSS'18
Trojaning Attack on Neural Networks.
Y. Liu, S. Ma, Y. Aafer, W. Lee, J. Zhai, W. Wang, and X. Zhang.
In Proceedings of the 25th Network and Distributed System Security Symposium.
[ Paper ]
Professional Services
PC Co-Chair: RAID'23
Publicity Chair: RAID'22
Program Committee Member:
- USENIX SECURITY (2024, 2023, 2022, 2021)
- CCS (2024, 2023, 2022, 2021)
- EuroSys (2022, 2020)
- AsiaCCS (2022, 2021)
- TheWebConf 2022
- ACSAC (2021, 2020, 2019)
- ESORICS 2020