Publications
BADControl: Backdoor Attacks Against Control Systems
Luis Burbano, Hampei Sasahara, Ruoyu Song, Z. Berkay Celik, Alvaro Cardenas
To appear in Proceedings of the USENIX Security Symposium (Usenix SEC), 2026
Investigating the Impact of Dark Patterns on LLM-Based Web Agents
Devin Ersoy, Brandon Lee, Ananth Shreekumar, Arjun Arunasalam, Muhammad Ibrahim, Antonio Bianchi, Z. Berkay Celik.
To appear in Proceedings of the 47th IEEE Symposium on Security and Privacy (S&P), 2026
International Students and Scams: At Risk Abroad
Katherine Zhang, Arjun Arunasalam, Pubali Datta, Z. Berkay Celik.
To appear in Proceedings of the 47th IEEE Symposium on Security and Privacy (S&P), 2026
deepSURF: Detecting Memory Safety Vulnerabilities in Rust Through Fuzzing LLM-Augmented Harnesses
Georgios C. Androutsopoulos, Antonio Bianchi.
To appear in Proceedings of the 47th IEEE Symposium on Security and Privacy (S&P), 2026
Cosseter: GitHub Actions Permission Reduction Using Demand-Driven Static Analysis
Greg Tystahl, Jonah Ghebremichael, Siddharth Muralee, Sourag Cherupattamoolayil, Antonio Bianchi, Aravind Machiry, Alexandros Kapravelos, William Enck.
To appear in Proceedings of the 47th IEEE Symposium on Security and Privacy (S&P), 2026
DNN Latency Sequencing: Extracting DNN Architectures from Intel SGX Enclaves with Single-Stepping Attacks
Minkyung Park, Zelun Kong, Dave (Jing) Tian, Z. Berkay Celik, Chung Hwan Kim.
To appear in Proceedings of the Network and Distributed System Security Symposium (NDSS), 2026
Side-channel Inference of User Activities in AR/VR Using GPU Profiling
Seonghun Son, Chandrika Mukherjee, Reham Mohamed Aburas, Berk Gulmezoglu, Z. Berkay Celik.
To appear in Proceedings of the Network and Distributed System Security Symposium (NDSS), 2026
Hardening Deep Neural Network Binaries against Reverse Engineering Attack
Zheng Zhong, Ruoyu Wu, Junpeng Wan, Muqi Zou, Yung-Hsiang Lu, Dave (Jing) Tian.
In Proceedings of the ACM Conference on Computer and Communications Security (CCS), 2025
Exploiting Intent-Flow State Vulnerabilities in Intent-Based Networking
Angela Yan, Jiwon Kim, Benjamin E Ujcich, Dave (Jing) Tian.
In Proceedings of the IEEE Secure Development Conference (SecDev), 2025
Shadowed Realities: An Investigation of UI Attacks in WebXR
Chandrika Mukherjee, Reham Mohamed, Arjun Arunasalam, Habiba Farrukh, Z. Berkay Celik.
In Proceedings of the USENIX Security Symposium (Usenix SEC), 2025
HubBub: Contention-Based Side-Channel Attacks on USB Hubs
Junpeng Wan, Yanxiang Bi, Han Gao, Dave (Jing) Tian.
In Proceedings of the USENIX Security Symposium (Usenix SEC), 2025
Automated Discovery of Semantic Attacks in Multi-Robot Navigation Systems
Doguhan Yeke, Kartik A. Pant, Muslum Ozgur Ozmen, Hyungsub Kim, James M. Goppert, Inseok Hwang, Antonio Bianchi, Z. Berkay Celik.
In Proceedings of the USENIX Security Symposium (Usenix SEC), 2025
NeuroScope: Reverse Engineering Deep Neural Network on Edge Devices using Dynamic Analysis
Ruoyu Wu, Muqi Zou, Arslan Khan, Taegyu Kim, Dongyan Xu, Dave (Jing) Tian, Antonio Bianchi
In Proceedings of the USENIX Security Symposium (Usenix SEC), 2025
LEMIX: Enabling Testing of Embedded Applications as Linux Applications
Sai Ritvik Tanksalkar, Siddharth Muralee, Srihari Danduri, Paschal Amusuo, Antonio Bianchi, James C. Davis, Aravind Kumar Machiry
In Proceedings of the USENIX Security Symposium (Usenix SEC), 2025
From Threat to Trust: Exploiting Attention Mechanisms for Attacks and Defenses in Cooperative Perception
Chenyi Wang, Raymond Muller, Ruoyu Song, Jean-Philippe Monteuuis, Jonathan Petit, Yanmao Man, Ryan Gerdes, Z. Berkay Celik, Ming Li.
In Proceedings of the USENIX Security Symposium (Usenix SEC), 2025
Understanding Users’ Security and Privacy Concerns and Attitudes Towards Conversational AI Platforms
Mutahar Ali, Arjun Arunasalam, Habiba Farrukh.
In Proceedings of the 46th IEEE Symposium on Security and Privacy (S&P), 2025
CHIMERA: Fuzzing P4 Network Infrastructure for Multi-Plane Bug Detection and Vulnerability Discovery
Jiwon Kim, Dave (Jing) Tian, Benjamin E. Ujcich.
In Proceedings of the 46th IEEE Symposium on Security and Privacy (S&P), 2025
Investigating Physical Latency Attacks against Camera-based Perception
Raymond Muller, Ruoyu Song, Chenyi Wang, Yuxia Zhan, Jean-Philippe Monteuuis, Yanmao Man, Ming Li, Ryan Gerdes, Jonathan Petit, Z. Berkay Celik.
In Proceedings of the 46th IEEE Symposium on Security and Privacy (S&P), 2025
VeriBin: Adaptive Verification of Patches at the Binary Level
Hongwei Wu, Jianliang Wu, Ruoyu Wu, Ayushi Sharma, Aravind Machiry, Antonio Bianchi.
In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2025
ScopeVerif: Analyzing the Security of Android’s Scoped Storage via Differential Analysis
Zeyu Lei, Güliz Seray Tuncay, Beatrice Carissa Williem, Z. Berkay Celik, Antonio Bianchi.
In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2025
Exploiting Temporal Vulnerabilities for Unauthorized Access in Intent-based Networking
Ben Weintraub, Jiwon Kim, Ran Tao, Cristina Nita-Rotaru, Hamed Okhravi, Dave (Jing) Tian, Benjamin E Ujcich.
In Proceedings of the ACM Conference on Computer and Communications Security (CCS), 2024
ERACAN: Defending Against a Game-Changing CAN Threat Model
Zhaozhou Tang, Khaled Serag, Saman Zonouz, Z. Berkay Celik, Dongyan Xu, Raheem Beyah.
In Proceedings of the ACM Conference on Computer and Communications Security (CCS), 2024
SAIN: Improving ICS Attack Detection Sensitivity via State-Aware Invariants
Syed Ghazanfar Abbas, Muslum Ozgur Ozmen, Abdulellah Alsaheel, Arslan Khan, Z. Berkay Celik, Dongyan Xu.
In Proceedings of the USENIX Security Symposium (Usenix SEC), 2024
[PDF]
A Systematic Study of Physical Sensor Attack Hardness
Hyungsub Kim, Rwitam Bandyopadhyay, Muslum Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, Yongdae Kim, Dongyan Xu.
In Proceedings of the 45th IEEE Symposium on Security and Privacy (S&P), 2024
[PDF]
SoK: The Long Journey of Exploiting and Defending the Legacy of King Harald Bluetooth
Jianliang Wu, Ruoyu Wu, Dongyan Xu, Dave Tian, Antonio Bianchi.
In Proceedings of the 45th IEEE Symposium on Security and Privacy (S&P), 2024
Finding Traceability Attacks in the Bluetooth Low Energy Specification and Its Implementations
Jianliang Wu, Patrick Traynor, Dongyan Xu, Dave Jing Tian, Antonio Bianchi.
In Proceedings of the USENIX Security Symposium (Usenix SEC), 2024
ATTention Please! An Investigation of the App Tracking Transparency Permission
Reham Mohamed, Arjun Arunasalam, Habiba Farrukh, Jason Tong, Antonio Bianchi, Z Berkay Celik.
In Proceedings of the USENIX Security Symposium (Usenix SEC), 2024
Wear’s my Data? Understanding the Cross-Device Runtime Permission Model in Wearables
Doguhan Yeke, Muhammad Ibrahim, Güliz Seray Tuncay, Habiba Farrukh, Abdullah Imran, Antonio Bianchi, Z Berkay Celik.
In Proceedings of the 45th IEEE Symposium on Security and Privacy (S&P), 2024
Crystallizer: A Hybrid Path Analysis Framework to Aid in Uncovering Deserialization Vulnerabilities
Prashast Srivastava, Flavio Toffalini, Kostyantyn Vorobyov, François Gauthier, Antonio Bianchi, Mathias Payer.
In Proceedings of the ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (FSE), 2023
[PDF]
Making Sense of Constellations: Methodologies for Understanding Starlink’s Scheduling Algorithms
Hammas Bin Tanveer, Mike Puchol, Rachee Singh, Antonio Bianchi, Rishab Nithyanand.
In Companion of the International Conference on emerging Networking EXperiments and Technologies (CoNEXT), 2023
[PDF]
Demo: Discovering Faulty Patches in Robotic Vehicle Control Software
Hyungsub Kim, Muslum Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, Dongyan Xu.
In Proceedings of the Inaugural ISOC Symposium on Vehicle Security and Privacy (VehicleSec), 2023
[PDF]
Short: Rethinking Secure Pairing in Drone Swarms
Muslum Ozgur Ozmen, Habiba Farrukh, Hyungsub Kim, Antonio Bianchi, Z. Berkay Celik.
In Proceedings of the Inaugural ISOC Symposium on Vehicle Security and Privacy (VehicleSec), 2023
[PDF]
AoT-Attack on Things: A security analysis of IoT firmware updates
Muhammad Ibrahim, Andrea Continella, Antonio Bianchi.
In Proceedings of The 8th IEEE European Symposium on Security and Privacy (EuroS&P 2023)
[PDF]
Fuzzing SGX enclaves via host program mutations
Arslan Khan, Muqi Zou, Kyungtae Kim, Dongyan Xu, Antonio Bianchi, Dave Jing Tian.
In Proceedings of The 8th IEEE European Symposium on Security and Privacy (EuroS&P 2023)
[PDF]
Building GPU TEEs using CPU Secure Enclaves with GEVisor
Xiaolong Wu, Dave Jing Tian, Chung Hwan Kim.
In Proceedings of The 14th Symposium on CLoud Computing (SoCC 2023)
[PDF]
ZBCAN: A Zero‑Byte CAN Defense System
Khaled Serag, Rohit Bhatia, Akram Faqih, Muslum Ozgur Ozmen, Vireshwar Kumar, Z. Berkay Celik, Dongyan Xu.
In Proceedings of the USENIX Security Symposium (Usenix SEC), 2023
[PDF]
LocIn: Inferring Semantic Location from Spatial Maps in Mixed Reality
Habiba Farrukh, Reham Mohamed, Aniket Nare, Antonio Bianchi, Z. Berkay Celik.
In Proceedings of the USENIX Security Symposium (Usenix SEC), 2023
[PDF]
Discovering Adversarial Driving Maneuvers against Autonomous Vehicles
Ruoyu Song, Muslum Ozgur Ozmen, Hyungsub Kim, Raymond Muller, Z. Berkay Celik, Antonio Bianchi.
In Proceeding of the USENIX Security Symposium (Usenix SEC), 2023
[PDF]
ARGUS: A Framework for Staged Static Taint Analysis of GitHub Workflows and Actions
Siddharth Muralee, Igibek Koishybayev, Aleksandr Nahapetyan, Greg Tystahl, Brad Reaves, Antonio Bianchi, William Enck, Alexandros Kapravelos, Aravind Machiry.
In Proceedings of the USENIX Security Symposium (Usenix SEC), 2023
[PDF]
PatchVerif: Discovering Faulty Patches in Robotic Vehicles
Hyungsub Kim, Muslum Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, Dongyan Xu.
In Proceeding of the USENIX Security Symposium (Usenix SEC), 2023
[PDF]
Fuzz The Power: Dual-role State Guided Black-box Fuzzing for USB Power Delivery
Kyungtae Kim, Sungwoo Kim, Kevin RB Butler, Antonio Bianchi, Rick Kennell, Dave Jing Tian.
In Proceeding of the USENIX Security Symposium (Usenix SEC), 2023
[PDF]
That Person Moves Like A Car: Misclassification Attack Detection for Autonomous Systems Using Spatiotemporal Consistency
Yanmao Man, Raymond Muller, Ming Li, Z. Berkay Celik, Ryan Gerdes.
In Proceeding of the USENIX Security Symposium (Usenix SEC), 2023
GLeeFuzz: Fuzzing WebGL Through Error Message Guided Mutation
Hui Peng, Zhihao Yao, Ardalan Amiri Sani, Dave (Jing) Tian, Mathias Payer.
In Proceeding of the USENIX Security Symposium (Usenix SEC), 2023
Intender: Fuzzing Intent-Based Networking with Intent-State Transition Guidance
Jiwon Kim, Benjamin E. Ujcich, Dave (Jing) Tian.
In Proceeding of the USENIX Security Symposium (Usenix SEC), 2023
EC: Embedded Systems Compartmentalization via Intra-Kernel Isolation
Arslan Khan, Dongyan Xu, Dave (Jing) Tian.
In Proceedings of the 44th IEEE Symposium on Security and Privacy (S&P), 2023
[PDF]
Low-Cost Privilege Separation with Compile Time Compartmentalization for Embedded Systems
Arslan Khan, Dongyan Xu, Dave (Jing) Tian.
In Proceedings of the 44th IEEE Symposium on Security and Privacy (S&P), 2023
[PDF]
Evasion Attacks and Defenses on Smart Home Physical Event Verification
Muslum Ozgur Ozmen, Ruoyu Song, Habiba Farrukh, Z. Berkay Celik
In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2023
COLUMBUS: Android App Testing Through Systematic Callback Exploration
Priyanka Bose, Dipanjan Das, Saastha Vasan, Sebastiano Mariani, Ilya Grishchenko, Andrea Continella, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the International Conference on Software Engineering (ICSE), 2023
[PDF]
DnD: Decompiling Deep Neural Network Compiled Binary
Ruoyu Wu, Taegyu Kim, Dave (Jing) Tian, Antonio Bianchi, Dongyan Xu
Black Hat Europe 2022
Demo: Policy-based Discovery and Patching of Logic Bugs in Robotic Vehicles
Hyungsub Kim, Muslum Ozgur Ozmen, Antonio Bianchi, Z. Berkay Celik, Dongyan Xu.
In Proceedings of the Automotive and Autonomous Vehicle Security Workshop (AutoSec 2022)
[PDF]
DriveTruth: Automated Autonomous Driving Dataset Generation for Security Applications
Raymond Muller, Yanmao Man, Z. Berkay Celik, Ming Li, Ryan Gerdes
In Proceedings of the Automotive and Autonomous Vehicle Security Workshop (AutoSec 2022)
Physical Hijacking Attacks against Object Trackers
Raymond Muller, Yanmao Man, Z. Berkay Celik, Ming Li, Ryan Gerdes
In Proceedings of the ACM Conference on Computer and Communications Security (CCS 2022)
ShadowAuth: Backward-Compatible Automatic CAN Authentication for Legacy ECUs
Sungwoo Kim, Gisu Yeo, Taegyu Kim, Junghwan “John” Rhee, Yuseok Jeon, Antonio Bianchi, Dongyan Xu, and Dave (Jing) Tian.
In Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIA CCS ’22), 2022
[PDF]
TruEMU: An Extensible, Open-Source, Whole-System iOS Emulator
Trung Nguyen, Kyungtae Kim, Antonio Bianchi, Dave (Jing) Tian.
Black Hat 2022
[Slides], [Video]
DnD: A Cross-Architecture Deep Neural Network Decompiler
Ruoyu Wu, Taegyu Kim, Dave (Jing) Tian, Antonio Bianchi, Dongyan Xu
In Proceeding of the USENIX Security Symposium (Usenix SEC), 2022
[PDF]
SARA: Secure Android Remote Authorization
Abdullah Imran, Habiba Farrukh, Muhammad Ibrahim, Z. Berkay Celik, Antonio Bianchi.
In Proceeding of the USENIX Security Symposium (Usenix SEC), 2022
[PDF]
One Fuzz Doesn’t Fit All: Optimizing Directed Fuzzing via Target-tailored Program State Restriction
Prashast Srivastava, Stefan Nagy, Matthew Hicks, Antonio Bianchi, Mathias Payer.
In Proceedings of the Annual Computer Security Applications Conference (ACSAC), 2022
[PDF]
PGPATCH: Policy-Guided Logic Bug Patching for Robotic Vehicles
Hyungsub Kim, Muslum Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, Dongyan Xu.
In Proceeding of the IEEE Symposium on Security and Privacy (S&P), 2022.
[PDF]
FUZZUSB: Hybrid Stateful Fuzzing of the Linux USB Gadget Stack
Kyungtae Kim, Ertza Warraich, Taegyu Kim, Byoungyoung Lee, Kevin Butler, Antonio Bianchi, Dave (Jing) Tian.
In Proceeding of the IEEE Symposium on Security and Privacy (S&P), 2022.
[PDF]
Formal Model-Driven Discovery of Bluetooth Protocol Design Vulnerabilities
Jianliang Wu, Ruoyu Wu, Dongyan Xu, Dave (Jing) Tian, Antonio Bianchi.
In Proceeding of the IEEE Symposium on Security and Privacy (S&P), 2022.
[PDF]
—
Privacy-Preserving Localization using Enclaves
Arslan Khan, Joseph I. Choi, Dave Jing Tian, Tyler Ward, Kevin R. B. Butler, Patrick Traynor, John M. Shea, and Tan F. Wong.
In IEEE 12th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), 2021
[PDF]
SafetyNot: on the usage of the SafetyNet attestation API in Android
Muhammad Ibrahim, Abdullah Imran, Antonio Bianchi.
In Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services, 2021.
[PDF]
Towards Improving Container Security by Preventing Runtime Escapes
Michael Reeves, Dave (Jing) Tian, Antonio Bianchi, Z. Berkay Celik.
In Proceeding of the IEEE Secure Development Conference (SecDev), 2021.
[PDF]
APPJITSU: Investigating the Resiliency of Android Applications
Onur Zungur, Antonio Bianchi, Gianluca Stringhini, Manuel Egele.
In Proceedings of the European IEEE Symposium on Security and Privacy (Euro S&P), 2021.
[PDF]
LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks
Jianliang Wu, Ruoyu Wu, Daniele Antonioli, Mathias Payer, Nils Ole Tippenhauer, Dongyan Xu, Dave (Jing) Tian, and Antonio Bianchi.
In Proceedings of the USENIX Security Symposium (Security), 2021.
[PDF]
PASAN: Detecting Peripheral Access Concurrency Bugs within Bare-metal Embedded Applications
Taegyu Kim, Vireshwar Kumar, Junghwan Rhee, Jizhou Chen, Kyungtae Kim, Chunghwan Kim, Dongyan Xu, and Dave (Jing) Tian.
In Proceedings of the USENIX Security Symposium (Security), 2021.
[PDF]
M2MON: Building an MMIO-based Security Reference Monitor for Unmanned Vehicles
Arslan Khan, Hyubgsub Kim, Byoungyoung Lee, Dongyan Xu, Antonio Bianchi, and Dave (Jing) Tian.
In Proceedings of the USENIX Security Symposium (Security), 2021.
[PDF]
Exposing New Vulnerabilities of Error Handling Mechanism in CAN
Khaled Serag, Rohit Bhatia, Vireshwar Kumar, Z. Berkay Celik, and Dongyan Xu.
In Proceedings of the USENIX Security Symposium (Security), 2021.
[PDF]
ATLAS: A Sequence-based Learning Approach for Attack Investigation
Abdulellah Alsaheel and Yuhong Nan, Shiqing Ma, Le Yu, Gregory Walkup, Z. Berkay Celik, Xiangyu Zhang, and Dongyan Xu.
In Proceedings of the USENIX Security Symposium (Security), 2021.
[PDF]
SHARD: Fine-Grained Kernel Specialization with Context-Aware Hardening
Muhammad Abubakar, Adil Ahmad, Pedro Fonseca, and Dongyan Xu.
In Proceedings of the USENIX Security Symposium (Security), 2021.
[PDF]
NetPlier: Probabilistic Network Protocol Reverse Engineering from Message Traces
Yapeng Ye, Zhuo Zhang, Fei Wang, X. Zhang, Dongyan Xu
In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2021
PGFUZZ: Policy-Guided Fuzzing for Robotic Vehicles
Hyungsub Kim, Muslum Ozgur Ozmen, Antonio Bianchi, Z. Berkay Celik, Dongyan Xu.
In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2021.
[PDF]
On the Insecurity of SMS One-Time Password Messages against Local Attackers in Modern Mobile Devices
Zeyu Lei, Yuhong Nan, Yanick Fratantonio, Antonio Bianchi.
In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2021.
[PDF]
Evading Voltage-Based Intrusion Detection on Automotive CAN
Rohit Bhatia, Khaled Serag, Vireshwar Kumar, Z. Berkay Celik, Mathias Payer, and Dongyan Xu
In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2021.
[PDF]
S3: Side-channel Attack on Stylus Pencils Through Sensors
Habiba Farrukh, Tinghan Yang, Hanwen Xu, Yuxuan Yin, He Wang, Z. Berkay Celik.
In Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies (ACM UbiComp), 2021.
From Control Model to Program: Investigating Robotic Aerial Vehicle Accidents with MAYDAY
Taegyu Kim, C. Kim, Altay Ozen, Fan Fei, Zhan Tu, X. Zhang, Xinyan Deng, D. Tian, Dongyan Xu
In Proceedings of the USENIX Security Symposium (Usenix SEC), 2020
BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy
Jianliang Wu, Yuhong Nan, Vireshwar Kumar, Dave (Jing) Tian, Antonio Bianchi, Mathias Payer, Dongyan Xu.
In Proceedings of the USENIX Workshop on Offensive Technologies (WOOT), 2020.
Best Paper Award — CSAW’20 Applied Research Competition Finalist
[PDF]
BlueShield: Detecting Spoofing Attacks in Bluetooth Low Energy (BLE) Networks
Jianliang Wu, Yuhong Nan, Vireshwar Kumar, Mathias Payer, and Dongyan Xu.
In Proceedings of 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2020.
[PDF]
Exploring Syscall-Based Semantics Reconstruction of Android Applications
Dario Nisi, Antonio Bianchi, Yanick Fratantonio
In Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID)
[PDF]