AoT-Attack on Things: A security analysis of IoT firmware updates
Muhammad Ibrahim, Andrea Continella, Antonio Bianchi.
To Appear in Proceedings of The 8th IEEE European Symposium on Security and Privacy (EuroS&P 2023)
[PDF]
ZBCAN: A Zero‑Byte CAN Defense System
Khaled Serag, Rohit Bhatia, Akram Faqih, Muslum Ozgur Ozmen, Vireshwar Kumar, Z. Berkay Celik, Dongyan Xu.
To Appear in Proceedings of the 32nd USENIX Security Symposium, 2023
[PDF]
PatchVerif: Discovering Faulty Patches in Robotic Vehicles
Hyungsub Kim, Muslum Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, Dongyan Xu.
To Appear in Proceeding of the USENIX Security Symposium (Usenix SEC), 2023
DnD: Decompiling Deep Neural Network Compiled Binary
Ruoyu Wu, Taegyu Kim, Dave (Jing) Tian, Antonio Bianchi, Dongyan Xu
Black Hat Europe 2022
Demo: Policy-based Discovery and Patching of Logic Bugs in Robotic Vehicles
Hyungsub Kim, Muslum Ozgur Ozmen, Antonio Bianchi, Z. Berkay Celik, Dongyan Xu.
To appear in Proceedings of the 2022 Automotive and Autonomous Vehicle Security Workshop (AutoSec 2022)
DriveTruth: Automated Autonomous Driving Dataset Generation for Security Applications
Raymond Muller, Yanmao Man, Z. Berkay Celik, Ming Li, Ryan Gerdes
To appear in Proceedings of the 2022 Automotive and Autonomous Vehicle Security Workshop (AutoSec 2022)
Physical Hijacking Attacks against Object Trackers
Raymond Muller, Yanmao Man, Z. Berkay Celik, Ming Li, Ryan Gerdes
To appear in Proceedings of the 2022 ACM Conference on Computer and Communications Security (CCS 2022)
ShadowAuth: Backward-Compatible Automatic CAN Authentication for Legacy ECUs
Sungwoo Kim, Gisu Yeo, Taegyu Kim, Junghwan “John” Rhee, Yuseok Jeon, Antonio Bianchi, Dongyan Xu, and Dave (Jing) Tian.
In Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security (ASIA CCS ’22), 2022
[PDF]
TruEMU: An Extensible, Open-Source, Whole-System iOS Emulator
Trung Nguyen, Kyungtae Kim, Antonio Bianchi, Dave (Jing) Tian.
Black Hat 2022
[Slides], [Video]
DnD: A Cross-Architecture Deep Neural Network Decompiler
Ruoyu Wu, Taegyu Kim, Dave (Jing) Tian, Antonio Bianchi, Dongyan Xu
Proceeding of the USENIX Security Symposium (Usenix SEC), 2022
SARA: Secure Android Remote Authorization
Abdullah Imran, Habiba Farrukh, Muhammad Ibrahim, Z. Berkay Celik, Antonio Bianchi.
To appear in Proceeding of the USENIX Security Symposium (Usenix SEC), 2022
PGPATCH: Policy-Guided Logic Bug Patching for Robotic Vehicles
Hyungsub Kim, Muslum Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, Dongyan Xu.
To appear in Proceeding of the IEEE Symposium on Security and Privacy (S&P), 2022.
FUZZUSB: Hybrid Stateful Fuzzing of the Linux USB Gadget Stack
Kyungtae Kim, Ertza Warraich, Taegyu Kim, Byoungyoung Lee, Kevin Butler, Antonio Bianchi, Dave (Jing) Tian.
To appear in Proceeding of the IEEE Symposium on Security and Privacy (S&P), 2022.
Formal Model-Driven Discovery of Bluetooth Protocol Design Vulnerabilities
Jianliang Wu, Ruoyu Wu, Dongyan Xu, Dave (Jing) Tian, Antonio Bianchi.
To appear in Proceeding of the IEEE Symposium on Security and Privacy (S&P), 2022.
[PDF]
SafetyNot: on the usage of the SafetyNet attestation API in Android
Muhammad Ibrahim, Abdullah Imran, Antonio Bianchi.
In Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services, 2021.
[PDF]
Towards Improving Container Security by Preventing Runtime Escapes
Michael Reeves, Dave (Jing) Tian, Antonio Bianchi, Z. Berkay Celik.
In Proceeding of the IEEE Secure Development Conference (SecDev), 2021.
[PDF]
APPJITSU: Investigating the Resiliency of Android Applications
Onur Zungur, Antonio Bianchi, Gianluca Stringhini, Manuel Egele.
In Proceedings of the European IEEE Symposium on Security and Privacy (Euro S&P), 2021.
[PDF]
LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks
Jianliang Wu, Ruoyu Wu, Daniele Antonioli, Mathias Payer, Nils Ole Tippenhauer, Dongyan Xu, Dave (Jing) Tian, and Antonio Bianchi.
In Proceedings of the USENIX Security Symposium (Security), 2021.
[PDF]
PASAN: Detecting Peripheral Access Concurrency Bugs within Bare-metal Embedded Applications
Taegyu Kim, Vireshwar Kumar, Junghwan Rhee, Jizhou Chen, Kyungtae Kim, Chunghwan Kim, Dongyan Xu, and Dave (Jing) Tian.
In Proceedings of the USENIX Security Symposium (Security), 2021.
[PDF]
M2MON: Building an MMIO-based Security Reference Monitor for Unmanned Vehicles
Arslan Khan, Hyubgsub Kim, Byoungyoung Lee, Dongyan Xu, Antonio Bianchi, and Dave (Jing) Tian.
In Proceedings of the USENIX Security Symposium (Security), 2021.
[PDF]
Exposing New Vulnerabilities of Error Handling Mechanism in CAN
Khaled Serag, Rohit Bhatia, Vireshwar Kumar, Z. Berkay Celik, and Dongyan Xu.
In Proceedings of the USENIX Security Symposium (Security), 2021.
[PDF]
ATLAS: A Sequence-based Learning Approach for Attack Investigation
Abdulellah Alsaheel and Yuhong Nan, Shiqing Ma, Le Yu, Gregory Walkup, Z. Berkay Celik, Xiangyu Zhang, and Dongyan Xu.
In Proceedings of the USENIX Security Symposium (Security), 2021.
[PDF]
SHARD: Fine-Grained Kernel Specialization with Context-Aware Hardening
Muhammad Abubakar, Adil Ahmad, Pedro Fonseca, and Dongyan Xu.
In Proceedings of the USENIX Security Symposium (Security), 2021.
[PDF]
PGFUZZ: Policy-Guided Fuzzing for Robotic Vehicles
Hyungsub Kim, Muslum Ozgur Ozmen, Antonio Bianchi, Z. Berkay Celik, Dongyan Xu.
In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2021.
[PDF]
On the Insecurity of SMS One-Time Password Messages against Local Attackers in Modern Mobile Devices
Zeyu Lei, Yuhong Nan, Yanick Fratantonio, Antonio Bianchi.
In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2021.
[PDF]
Evading Voltage-Based Intrusion Detection on Automotive CAN
Rohit Bhatia, Khaled Serag, Vireshwar Kumar, Z. Berkay Celik, Mathias Payer, and Dongyan Xu
In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2021.
[PDF]
S3: Side-channel Attack on Stylus Pencils Through Sensors
Habiba Farrukh, Tinghan Yang, Hanwen Xu, Yuxuan Yin, He Wang, Z. Berkay Celik.
In Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies (ACM UbiComp), 2021.
[PDF]
BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy
Jianliang Wu, Yuhong Nan, Vireshwar Kumar, Dave (Jing) Tian, Antonio Bianchi, Mathias Payer, Dongyan Xu.
In Proceedings of the USENIX Workshop on Offensive Technologies (WOOT), 2020.
Best Paper Award — CSAW’20 Applied Research Competition Finalist
[PDF]
BlueShield: Detecting Spoofing Attacks in Bluetooth Low Energy (BLE) Networks
Jianliang Wu, Yuhong Nan, Vireshwar Kumar, Mathias Payer, and Dongyan Xu.
In Proceedings of 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2020.
[PDF]
Exploring Syscall-Based Semantics Reconstruction of Android Applications
Dario Nisi, Antonio Bianchi, Yanick Fratantonio
In Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID)
[PDF]