| USENIX Security 2024 |
|
Lin, Z., Yu, Z., Guo, Z., Campanoni, S., Dinda, P., Xing, X.,"CAMP: Compiler and Allocator-based Heap Memory Protection", Proceedings of the 33rd USENIX Security Symposium (USENIX Security), Philadelphia, August 2024. |
| NeurIPS 2023 |
|
Cheng, Z., Wu, X., Yu, J., Sun, W., Guo, W., Xing, X., "StateMask: Explaining Deep Reinforcement Learning through State Mask", Proceedings of the 37th Annual Conference on Neural Information Processing Systems (NeurIPS), New Orleans, December 2023. |
| Blackhat USA 2023 |
|
Lin, Z., Xing, X., Chen, Z., Li, K., "Bad io_uring: A New Era of Rooting for Android", Blackhat USA, Las Vegas, August 2023. |
| CCS 2023 |
|
Zeng, K., Lin, Z., Lu, K., Xing, X., Wang, R., Doupe, A., Shoshitaishvili, Y., Bao, T., "RetSpill: Igniting User-Controlled Data to Burn Away Linux Kernel Protections", Proceedings of the 30th ACM Conference on Computer and Communications Security (CCS), Copenhagen, November 2023. |
| S&P 2023 |
|
Wu, X., Guo, W., Yan, J., Coskun, B., Xing, X., "From Grim Reality to Practical Solution: Malware
Classification in Real-World Noise", Proceedings of the 44th IEEE Symposium on Security and Privacy (IEEE S&P), San Francisco, May 2023. |
| USENIX Security 2023 |
|
Guo, W., Wu, X., Wang, L., Song, D., Xing, X.,,"PATROL: Provable Defense against Adversarial Policy in Two-player Games", Proceedings of the 32nd USENIX Security Symposium (USENIX Security), Anaheim, August 2023. |
| USENIX Security 2023 |
|
Wu,Y., Lin, Z., Chen, Y., Le, D., Mu, D., Xing, X.,,"Mitigating Security Risks in Linux with KLAUS : A Method for Evaluating Patch Correctness", Proceedings of the 32nd USENIX Security Symposium (USENIX Security), Anaheim, August 2023. |
| USENIX Security 2023 |
|
Yu, J., Guo, W., Qin, Q., Wang, G., Wang, T., Xing, X.,,"AIRS: Explanation for Deep Reinforcement Learning based Security Applications", Proceedings of the 32nd USENIX Security Symposium (USENIX Security), Anaheim, August 2023. |
| Blackhat USA 2022 |
|
Lin, Z., Wu, Y., Xing, X., "Cautious: A new exploitation method! No pipe but as nasty as Dirty Pipe", Blackhat USA, Las Vegas, August 2022. |
| CCS 2022 |
|
Lin, Z., Wu, Y., Xing, X., "DirtyCred: Escalating Privilege in Linux Kernel", Proceedings of the 29th ACM Conference on Computer and Communications Security (CCS), Los Angeles, November 2022. |
| USENIX Security 2022 |
|
Zeng, K., Chen, Y., Cho, H., Xing, X., Doupe, A., Bao, T., Shoshitaishvili, Y.,"Playing for K(H)eaps: Understanding and Improving Linux Kernel Exploit Reliability", Proceedings of the 31st USENIX Security Symposium (USENIX Security), Boston, August 2022. |
| S&P 2022 |
|
Lin, Z., Chen, Y., Mu, D., Yu, C., Wu, Y., Li, K., Xing, X., "GREBE: Unveiling Exploitation Potential for Linux Kernel
Bugs", Proceedings of the 43rd IEEE Symposium on
Security and Privacy (IEEE S&P), San Francisco, May 2022. |
| NDSS 2022 |
|
Mu, D., Wu, Y., Chen, Y., Lin, Z., Yu, C., Wang, G., Xing, X., "An In-depth Analysis of Duplicated Linux Kernel Bug Reports", Proceedings of the Network and Distributed System Security Symposium (NDSS), US, February 2022. |
| FSE 2022 |
|
Qin, Q., JiYang, J., Song, F., Chen, T., Xing, X., "DeJITLeak: Eliminating JIT-Induced Timing Side-Channel Leaks", Proceedings of ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE), Singapore, November 2022. |
| Blackhat Europe 2021 |
|
Lin, Z., Chen, Y., Xing, X., Li, K., "Your Trash Kernel Bug, My Precious 0-day", Blackhat Europe, Virtual Event, November 2021. |
| Blackhat Asia 2021 |
|
Chen, Y., Lin, Z, Xing, X., "A General Approach to Bypassing Many Kernel Protections and its Mitigation", Blackhat Asia, Virtual Event, May 2021. |
| Blackhat USA 2021 |
|
Luo, T., Ying, K, Xing, X., Liu, L., "Demystify AI Security Products With a Universal Pluggable XAI Translator", Blackhat USA, Virtual Event, August 2021. |
| NeurIPS 2021 |
|
Guo, W., Wu, X., Khan, U., Xing, X., "EDGE: Explaining Deep Reinforcement Learning Policies", Proceedings of the 35th Annual Conference on Neural Information Processing Systems (NeurIPS), Virtual Event, July 2021. |
| ICML 2021 |
|
Guo, W., Wu, X., Huang, S., Xing, X., "Adversarial Policy Learning in Two-party Competitive Games", Proceedings of the 38th International Conference on Machine Learning (ICML), Virtual Event, December 2021. |
| ICML 2021 |
|
Lu, Y., Guo, W.,, Xing, X., Noble, W., "DANCE: Enhancing saliency maps using decoys", Proceedings of the 38th International Conference on Machine Learning (ICML), Virtual Event, July 2021. |
| ICML 2021 |
|
Xie, X., Guo, W., Ma, L., Le, W., Wang, J., Zhou, L., Liu, Y., Xing, X., "Automatic RNN Repair via Model-based Analysis", Proceedings of the 38th International Conference on Machine Learning (ICML), Virtual Event, July 2021. |
| IJCAI 2021 |
|
Wang, L., Javed, Z., Wu, X., Guo, W., Xing, X., Song, D., "BACKDOORL: Backdoor Attack against Competitive Reinforcement Learning", Proceedings of the 30th International Joint Conference on Artificial Intelligence (IJCAI), Virtual Event, August 2021. |
| CCS 2021 |
|
Dai, J., Zhang, Y., Xu, H., Lyu, H., Wu, Z., Xing, X., Yang, M., "Facilitating Vulnerability Assessment through PoC Migration", Proceedings of the 28th ACM Conference on Computer and Communications Security (CCS), Virtual Event, November 2021. |
| USENIX Security 2021 |
|
Yang, L., Guo, W., Hao, Q., Ciptadi, A., Ahmadzadeh, A., Xing, X., Wang, G., "CADE: Detecting and Explaining Concept Drift Samples for Security Applications", Proceedings of the 30th USENIX Security Symposium (USENIX Security), Vancouver, Canada, August 2021. |
| USENIX Security 2021 |
|
Wu, X.(*), Guo, W.(*), Wei, H.(*), Xing, X. "Adversarial Policy Training against Deep Reinforcement Learning", Proceedings of the 30th USENIX Security Symposium (USENIX Security), Vancouver, Canada, August 2021. (*==equal contribution) |
| NDSS 2021 |
|
Liang, J.(*), Guo, W.(*), Luo, T., Honavar, V., Wang, G., Xing, X., "FARE: Enabling Fine-grained Attack Categorization under Low-quality Labeled Data", Proceedings of the Network and Distributed System Security Symposium (NDSS), US, February 2021. (*==equal contribution) |
| CCS 2020 |
|
Chen, Y., Lin, Z., Xing, X., "A Systematic Study of Elastic Objects in Kernel Exploitation", in Proceedings of the 27th ACM Conference on Computer and Communications Security (CCS), Orlando, US, November 2020. (Source code: ELOISE "Coming soon" ) |
| CCS 2020 |
|
Z. Jiang, Y. Zhang, J. Xu, Q. Wen, Z. Wang, X. Zhang, X. Xing, M. Yang, Z. Yang "PDiff: Semantic-based Patch Presence Testing for Downstream Kernels", Proceedings of the 27th ACM Conference on Computer and Communications Security (CCS), Orlando, US, November 2020. |
| USENIX Security 2020 |
|
Dai, J., Jiang, Z., Zhang, Y., Zhou, Y., Chen, J, Zhang, X., Tan, X., Yang, M., Xing, X. "BScout: Direct Whole Patch Presence Test for Java Executables", Proceedings of the 29th USENIX Security Symposium (USENIX Security), Boston, US, August 2020. |
| Blackhat USA 2020 |
|
Guo, W., Wu, X., Xing, X. "Ruling StarCraft Game Spitefully -- Exploiting the Blind Spot of AI-Powered Game Bots", Blackhat Europe, Las Vegas, US, August 2020. |
| Blackhat USA 2020 |
|
Ying, K., Luo, T., Xing, X., Su, J., "Superman Powered by Kryptonite: Turn the Adversarial Attack into Your Defense Weapon", Blackhat Europe, Las Vegas, US, August 2020. |
| Blackhat Asia 2020 |
|
Ying, K., Luo, T., Xing, X., Su, J., "NextGen AI Trojan Detection", Blackhat Asia, Singapore, September 2020. (Arsenal) |
| ICDM 2020 |
|
Guo, W., Wang, L., Xu, Y., Xing, X., Du, M., Song, D. "TABOR: A Highly Accurate Approach to Inspecting and Restoring Trojan Backdoors in AI Systems", in Proceedings of the IEEE International Conference on Data Mining (ICDM), Sorrento, Italy, November 2020. (Oral Presentation, top ~9% among 930 submissions) |
| Blackhat Europe 2019 |
|
Chen, Y., Xing, X., Su, J., "Hands Off and Putting SLAB/SLUB Feng Shui in a Blackbox", Blackhat Europe, London, UK, December 2019. |
| CCS 2019 |
|
Chen, Y., Xing, X., "SLAKE: Facilitating Slab Manipulation for Exploiting Vulnerabilities in the Linux Kernel", in Proceedings of the 26th ACM Conference on Computer and Communications Security (CCS), London, UK, November 2019. (Source code: SLAKE) |
| CCS 2019 |
|
Liu, F., Wen, Y., Zhang, D., Jiang, X., Xing, X., Meng, D., "Log2vec: A Heterogeneous Graph Embedding Based Approach for Detecting Cyber Threats within Enterprise", in Proceedings of the 26th ACM Conference on Computer and Communications Security (CCS), London, UK, November 2019. |
| ASE 2019 |
|
Mu, D., Guo, W., Chen, Y., Cuevas, A., Song, C., Xing, X., Bing, M, "RENN: Efficient Reverse Execution with Neural-Network-assisted Alias Analysis", Proceedings of the 34th IEEE/ACM International Conference on Automated Software Engineering (ASE), San Diego, US, Nov. 2019. |
| IMC 2019 |
|
Alrizah, M., Zhu, S., Xing, X., Wang, G., "Errors, Misunderstandings, and Vulnerabilities: Analyzing the Crowdsourcing Process of Ad-blocking Systems", Proceedings of the ACM Internet Measurement Conference (IMC), Amsterdam, Netherlands, Oct. 2019. |
| USENIX Security 2019 |
|
Wu, W., Chen, Y., Xing, X., Zou, W., "KEPLER: Facilitating Control-flow Hijacking Primitive
Evaluation for Linux Kernel Vulnerabilities", Proceedings of the 28th USENIX Security Symposium (USENIX Security), Santa Clara, US, August 2019. (Source code: KEPLER ) |
| USENIX Security 2019 |
|
Guo, W., Mu, D., Xing, X., Du, M., Song, D., "DEEPVSA: Facilitating Value-set Analysis with Deep Learning for Postmortem Program Analysis", Proceedings of the 28th USENIX Security Symposium (USENIX Security), Santa Clara, US, August 2019. (Source code: DEEPVSA ) |
| USENIX Security 2019 |
|
Zhang, M., Meng, W., Lee, S., Lee, B., Xing, X., "All Your
Clicks Belong to Me: Investigating Click Interception on the Web", Proceedings of the 28th USENIX Security Symposium (USENIX Security), Santa Clara, US, August 2019. |
| USENIX Security 2019 |
|
Dong, Y., Guo, W., Chen, Y., Xing, X., Zhang, Y., Wang, G., "Towards the Detection of Inconsistencies in Public Security Vulnerability Reports", Proceedings of the 28th USENIX Security Symposium (USENIX Security), Santa Clara, US, August 2019. |
| CCS 2018 |
|
Guo, W., Mu, D., Xu, J., Su, P., Wang, G., Xing, X., "LEMNA: Explaining Deep Learning based Security Applications", Proceedings of the 25th ACM Conference on Computer and Communications Security (CCS), Canada, October 2018. (Outstanding paper award) (Source code: LEMNA ) |
| NeurIPS 2018 |
|
Guo, W., Huang, S., Tao, Y., Xing, X., Lin, L., "Explaining Deep Learning Models -- A Bayesian Non-parametric Approach", Proceedings of the 32nd Annual Conference on Neural Information Processing Systems (NeurIPS), Canada, December 2018. |
| USENIX Security 2018 |
|
Wu, W., Chen, Y., Xu, J., Xing, X., Gong, X., Zou, W., "FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities", Proceedings of the 27th USENIX Security Symposium (USENIX Security), Baltimore, US, August 2018. (Source code: FUZE) |
| USENIX Security 2018 |
|
Mu, D., Cuevas, A., Yang, L., Hu, H., Xing, X., Mao, B., Wang, G., "Understanding the Reproducibility of Crowd-reported Security Vulnerabilities", Proceedings of the 27th USENIX Security Symposium (USENIX Security), Baltimore, US, August 2018. (Data set: VM download) |
| ICDM 2018 |
|
Guo, W., Wang, Q., Zhang, K., Lin, L., Giles, L., Liu, X., Huang, S., Xing, X., "Defending against Adversarial Samples without Security through Obscurity", in Proceedings of the IEEE International Conference on Data Mining (ICDM), Singapore, November 2018. (Oral Presentation, top ~8% among 948 submissions) |
| Blackhat USA 2018 |
|
Wu, W., Xing, X., Su, J., "From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation for Arbitrary Types of Kernel Vulnerabilities", Blackhat USA, Las Vegas, US, August 2018. (Press release: Dark Reading, Security Boulevard, TOM) |
| TDSC 2018 |
|
Guan, L., Cao, C., Liu, P., Xing, X., Ge, X., Zhang, S., Yu, M., Jaeger, T., "Building a Trustworthy Execution Environment to Defeat Exploits from both Cyber Space and Physical Space for ARM ", IEEE Transactions on Dependable and Secure Computing (TDSC), 2018. |
| NECO 2018 |
|
Wang, Q., Zhang, K., Xing, X., Liu, X., Giles, L., "An Empirical Evaluation of Rule Extraction from Recurrent Neural Networks ", in Neural Computation, 2018. |
| SALAD 2018 |
|
Song, L., Xing, X., "Fine-Grained Library Customization", SALAD workshop@ECOOP, Netherland, July 2018. |
| CCS 2017 |
|
Huang, J., Xu, J., Xing, X., Liu, P., Qureshi, M., "FlashGuard: Leveraging Intrinsic Flash Properties to Defend Against Encryption Ransomware", in Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS), Dallas, USA, October 2017. |
| USENIX Security 2017 |
|
Xu, J., Mu, D., Xing, X., Liu, P., Chen, P., Mao, B., "POMP: Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts", in Proceedings of the 26th USENIX Security Symposium (USENIX Security), Vancouver, Canada, August 2017. (Source code: POMP) |
| KDD 2017 |
|
Wang, Q., Guo, W., Zhang, K., II Ororbia, A., Xing, X., Lee, G., Liu, X., "Adversary Resistant Deep Neural Networks with an Application to Malware Detection", in Proceedings of the ACM SIGKDD Conference on Knowledge Discovery and Data Mining (KDD), Halifax, Canada, August 2017. |
| MobiSys 2017 |
|
Guan, L., Liu, P., Xing, X., Ge, X., Zhang, S., Yu, M., Jaeger, . T., "TrustShadow: Secure execution of unmodified applications with ARM TrustZone ", in Proceedings of the 15th ACM International Conference on Mobile Systems, Applications, and Services (MobiSys), Niagara Falls, US, June 2017. |
| MobiSys 2017 |
|
Luo, L., Zeng Q., Cao, C., Chen, K., Liu, J., Liu, L., Gao, N., Yang M., Xing, X., Liu, P., " System Service Call-oriented Symbolic Execution of Android Framework with Applications to Vulnerability Discovery and Exploit Generation ", in Proceedings of the 15th ACM International Conference on Mobile Systems, Applications, and Services (MobiSys), Niagara Falls, US, June 2017. |
| ACSAC 2017 |
|
Guan, L., Jia, S., Chen, B., Zhang, Z., Luo, B., Lin, J., Liu, L., Xing, X., and Xia, L., "Supporting Transparent Snapshot for Bare-metal Malware Analysis on Mobile Devices ", in Proceedings of the 33rd Annual Conference on Computer Security Applications (ACSAC), US, December 2017. (Best paper award) |
| DSN 2017 |
|
Chen, P., Xu, J., Hu, Z., Xing, X., Zhu, M., Mao, B., Liu, P., "What You See is Not What You Get! Thwarting Just-in-Time ROP with Chameleon ", in Proceedings of the 47th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Denver, US, June 2017. |
| CCS 2016 |
|
Xu, J., Mu, D., Chen, P., Xing, X., Liu, P., "CREDAL: Towards Locating a Memory Corruption Vulnerability with Your Core Dump", in Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS), Vienna, Austria, October 2016. |
| FSE 2016 |
|
Wang, W., Zheng, Y., Xing, X. , Kwon, Y., Zhang, X., Eugster, P., "WebRanz: Web Page Randomization For Better Advertisement Delivery and Web-Bot Prevention ", in Proceedings of the 24th ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE), Seattle, USA, November 2016. |
| WWW 2016 |
|
Meng, W., Lee, B., Xing, X. , Lee, W., "TrackMeOrNot: Enabling Flexible Control on Web Tracking", in Proceedings of the 25th International World Wide Web Conference (WWW), Montreal, Canada, May 2016. (Top 10 Finalists, CSAW 16) |
| Sensys 2016 |
|
Guan, L., Xu, J., Wang, S., Xing, X., Lin, L., Huang, H., Liu, P., Lee, W., "From Physical to Cyber: Escalating Protection for Personalized Auto Insurance ", in Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems (Sensys), Palo Alto, USA, December 2016. |
| CCS 2015 |
|
Xu, M., Jang, Y., Xing, X. , Kim, T., Lee, W., "UCognito: Private Browsing without Tears", in Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS), Denver, US, October 2015. |
| WWW 2015 |
|
Xing, X. , Meng, W., Lee, B., Weinsberg, U., Perdisci, R., Sheth, A., Lee, W., "Unraveling the Relationship Between Ad-Injecting Browser Extensions and Malvertising", in Proceedings of the 24th International World Wide Web Conference (WWW), Florence, Italy, May 2015. |
| CCS 2014 |
|
Meng, W., Xing, X. , Sheth, A., Weinsberg, U., Lee, W., "Your Online Interests - Pwned! A Pollution Attack Against Targeted Advertising", in Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS), Scottsdale, Arizona, November 2014. |
| PAM 2014 |
|
Xing, X., Meng, W., Doozan, D., Feamster, N., Lee, W., Snoeren, A.,"Exposing Inconsistent Web Search Results with Bobble", in Proceedings of the 2014 Passive and Active Measurement (PAM) Conference, Los Angeles, CA, March 2014. (Press release: Metro News, Saturday Paper) |
| TKDE 2014 |
|
Hanqiang Cheng, Xinyu Xing, Xue Liu, Qin Lv, "ISC: An Iterative Social based Classifier for Adult Account Detection on Twitter" IEEE Transactions on Knowledge and Data Engineering, 2014. |
| USENIX Security 2013 |
|
Xing, X., Meng, W., Doozan, D., Snoeren, A., Feamster, N., Lee, W., "Take This Personally: Pollution Attacks on Personalized Services", in Proceedings of the 22nd USENIX Security Symposium (USENIX Security'13), Washington, DC, US, 2013. |
| Blackhat Europe 2013 |
|
Xing, X., "Bobble", (Blackhat Europe'13), Amsterdam, Netherlands, 2013. (Arsenal) |
| TOIT 2013 |
|
Yu-Li Liang, Xinyu Xing, Hanqiang Cheng, Jianxun Dang, Sui Huang, Richard Han, Xue Liu, Qin Lv, Shivakant Mishra, "SafeVchat: A System for Obscene Content Detection in Online Video Chat Services" ACM Transactions on Internet Technology (TOIT), Volume 12, Issue 4, Jul. 2013. |
| Mobisys 2012 |
|
Tian, L., Ahn, J., Cheng, H., Xing, X., Liang, Y., Mishra, S., Chu, D., Liu, X., "MVChat: Flasher Detection for Mobile Video Chat" in Proceedings of the 10th International Conference on Mobile Systems, Applications and Services (Mobisys'12), Lake District, UK, 2012. (demo) |
| KDD 2012 |
|
Xing, X., Liang, Y., Huang, S., Cheng, H., Han, R., Lv, Q., Liu, X., Mishra, S., Zhu, Y., "Scalable Misbehavior Detection in Online Video Chat Services", in Proceedings of the 18th ACM SIGKDD Conference on Knowledge Discovery and Data Mining (KDD'12), Beijing, China, 2012. |
| WSDM 2012 |
|
Cheng, H., Liang, Y., Xing, X., Han, R., Liu, X., Lv, Q., Mishra, S., "Efficient Misbehaving User Detection in Online Video Chat Services", in Proceedings of the 5th ACM International Conference on Web Search and Date Mining (WSDM'12), Seattle, US, 2012. (~20% acceptance rate) |
| WWW 2011 |
|
Xing, X., Liang, Y., Cheng, H., Dang, J., Han, R., Liu, X., Lv, Q., Mishra, S., "SafeVchat: Detecting Obscene Content and Misbehaving Users in Online Video Chat Services", in Proceedings of the 20th International World Wide Web Conference (WWW'11), Hyderabad, IND, 2011. (<13% acceptance rate) (Press release: MIT Technology Review, NewScientist, CBC News, etc.) |
| INFOCOM 2011 |
|
Xing, X., Dang, J., Mishra, S., Liu, X., "A Highly Scalable Bandwidth Estimation of Commercial Hotspot Access Points", in Proceedings of the 30th IEEE International Conference on Computer Communications (INFOCOM'11), Shanghai, CHN, 2011. (<16% acceptance rate) |
| CU-Tech-Rep 2010 |
|
Xing, X., Dang, J., Han, R., Liu, X., Mishra, S., "Intrusions into Privacy in Video Chat Environments: Attacks and Countermeasures", University of Colorado at Boulder, Technical Report CU-CS-1068-10. (Press release: The New York Times, Slashdot, Yahoo News, PC World, etc.) |
| HOTMOBILE 2010 |
|
Beach, A., Gartrell, M., Xing, X., Han, R., Lv, Q., Mishra, S., Saeda, K., "Fusing Mobile, Sensor and Social Data to Fully Enable Context-Aware Computing", in Proceedings of the 11th ACM Workshop on Mobile Computing Systems and Applications (HOTMOBILE'10), Annapolis, US, 2010. |
| INFOCOM 2010 |
|
Xing, X., Mishra, S., Liu, X., "ARBOR: Hang Together rather than Hang Separately in 802.11 WiFi Networks", in Proceedings of the 29th IEEE International Conference on Computer Communications (INFOCOM'10), San Diego, US, 2010. (<18% acceptance rate) |
| SIGGROUP 2010 |
|
Xing, X., Gartrell, M., Beach, A., Han, R., Lv, Q., Mishra, S., Saeda, K., "Enhancing Group Recommendation by Incorporating Social Relationship Interactions", in Proceedings of the 2010 International ACM SIGGROUP conference on Supporting Group Work (SIGGROUP'10), Sanibel Island, US, 2010. |
|
