Year

Venue

Title

2025

conf/sp

"It's almost like Frankenstein": Investigating the Complexities of Scientific Collaboration and Privilege Management within Research Computing Infrastructures.

Souradip Nath Ananta Soneji Jaejong Baek Tiffany Bao Adam Doupé Carlos E. Rubio-Medrano Gail-Joon Ahn

2025

conf/ndss

SCAMMAGNIFIER: Piercing the Veil of Fraudulent Shopping Website Campaigns.

Marzieh Bitaab Alireza Karimi Zhuoer Lyu Adam Oest Dhruv Kuchhal Muhammad Saad Gail-Joon Ahn Ruoyu Wang Tiffany Bao Yan Shoshitaishvili Adam Doupé

2025

conf/uss

System Register Hijacking: Compromising Kernel Integrity By Turning System Registers Against the System.

Jennifer Miller Manas Ghandat Kyle Zeng Hongkai Chen Abdelouahab Benchikh Tiffany Bao Ruoyu Wang Adam Doupé Yan Shoshitaishvili

2024

conf/ccs

Fuzz to the Future: Uncovering Occluded Future Vulnerabilities via Robust Fuzzing.

Arvind S. Raj Wil Gibbs Fangzhou Dong Jayakrishna Menon Vadayath Michael Tompkins Steven Wirsz Yibo Liu Zhenghao Hu Chang Zhu Gokulkrishna Praveen Menon Brendan Dolan-Gavitt Adam Doupé Ruoyu Wang Yan Shoshitaishvili Tiffany Bao

2024

conf/uss

Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation.

Ziyi Guo Dang K. Le Zhenpeng Lin Kyle Zeng Ruoyu Wang Tiffany Bao Yan Shoshitaishvili Adam Doupé Xinyu Xing

2024

conf/uss

TYGR: Type Inference on Stripped Binaries using Graph Neural Networks.

Chang Zhu Ziyang Li Anton Xue Ati Priya Bajaj Wil Gibbs Yibo Liu Rajeev Alur Tiffany Bao Hanjun Dai Adam Doupé Mayur Naik Yan Shoshitaishvili Ruoyu Wang Aravind Machiry

2024

conf/uss

Ahoy SAILR! There is No Need to DREAM of C: A Compiler-Aware Structuring Algorithm for Binary Decompilation.

Zion Leonahenahe Basque Ati Priya Bajaj Wil Gibbs Jude O'Kain Derron Miao Tiffany Bao Adam Doupé Yan Shoshitaishvili Ruoyu Wang

2024

conf/sp

"Watching over the shoulder of a professional": Why Hackers Make Mistakes and How They Fix Them.

Irina Ford Ananta Soneji Faris Bugra Kokulu Jayakrishna Vadayath Zion Leonahenahe Basque Gaurav Vipat Adam Doupé Ruoyu Wang Gail-Joon Ahn Tiffany Bao Yan Shoshitaishvili

2024

conf/sp

AirTaint: Making Dynamic Taint Analysis Faster and Easier.

Qian Sang Yanhao Wang Yuwei Liu Xiangkun Jia Tiffany Bao Purui Su

2024

conf/asiaccs

Deep Dive into Client-Side Anti-Phishing: A Longitudinal Study Bridging Academia and Industry.

Rana Pourmohamad Steven Wirsz Adam Oest Tiffany Bao Yan Shoshitaishvili Ruoyu Wang Adam Doupé Rida A. Bazzi

2023

conf/ccs

RetSpill: Igniting User-Controlled Data to Burn Away Linux Kernel Protections.

Kyle Zeng Zhenpeng Lin Kangjie Lu Xinyu Xing Ruoyu Wang Adam Doupé Yan Shoshitaishvili Tiffany Bao

2023

conf/uss

Greenhouse: Single-Service Rehosting of Linux-Based Firmware Binaries in User-Space Emulation.

Hui Jun Tay Kyle Zeng Jayakrishna Menon Vadayath Arvind S. Raj Audrey Dutcher Tejesh Reddy Wil Gibbs Zion Leonahenahe Basque Fangzhou Dong Zack Smith Adam Doupé Tiffany Bao Yan Shoshitaishvili Ruoyu Wang

2023

conf/sp

Toss a Fault to Your Witcher: Applying Grey-box Coverage-Guided Mutational Fuzzing to Detect SQL and Command Injection Vulnerabilities.

Erik Trickel Fabio Pagani Chang Zhu Lukas Dresel Giovanni Vigna Christopher Kruegel Ruoyu Wang Tiffany Bao Yan Shoshitaishvili Adam Doupé

2023

conf/sp

Beyond Phish: Toward Detecting Fraudulent e-Commerce Websites at Scale.

Marzieh Bitaab Haehyun Cho Adam Oest Zhuoer Lyu Wei Wang Jorij Abraham Ruoyu Wang Tiffany Bao Yan Shoshitaishvili Adam Doupé

2022

conf/ccs

I'm SPARTACUS, No, I'm SPARTACUS: Proactively Protecting Users from Phishing by Intentionally Triggering Cloaking Behavior.

Penghui Zhang Zhibo Sun Sukwha Kyung Hans Walter Behrens Zion Leonahenahe Basque Haehyun Cho Adam Oest Ruoyu Wang Tiffany Bao Yan Shoshitaishvili Gail-Joon Ahn Adam Doupé

2022

conf/uss

Playing for K(H)eaps: Understanding and Improving Linux Kernel Exploit Reliability.

Kyle Zeng Yueqi Chen Haehyun Cho Xinyu Xing Adam Doupé Yan Shoshitaishvili Tiffany Bao

2022

conf/uss

Arbiter: Bridging the Static and Dynamic Divide in Vulnerability Discovery on Binary Programs.

Jayakrishna Vadayath Moritz Eckert Kyle Zeng Nicolaas Weideman Gokulkrishna Praveen Menon Yanick Fratantonio Davide Balzarotti Adam Doupé Tiffany Bao Ruoyu Wang Christophe Hauser Yan Shoshitaishvili

2022

conf/uss

Expected Exploitability: Predicting the Development of Functional Vulnerability Exploits.

Octavian Suciu Connor Nelson Zhuoer Lyu Tiffany Bao Tudor Dumitras

2022

conf/sp

"Flawed, but like democracy we don't have a better system": The Experts' Insights on the Peer Review Process of Evaluating Security Papers.

Ananta Soneji Faris Bugra Kokulu Carlos E. Rubio-Medrano Tiffany Bao Ruoyu Wang Yan Shoshitaishvili Adam Doupé

2022

conf/ccsw-ws

Mitigating Threats Emerging from the Interaction between SDN Apps and SDN (Configuration) Datastore.

Sana Habib Tiffany Bao Yan Shoshitaishvili Adam Doupé

2021

conf/uss

Having Your Cake and Eating It: An Analysis of Concession-Abuse-as-a-Service.

Zhibo Sun Adam Oest Penghui Zhang Carlos E. Rubio-Medrano Tiffany Bao Ruoyu Wang Ziming Zhao Yan Shoshitaishvili Adam Doupé Gail-Joon Ahn

2021

conf/fc

Everything You Ever Wanted to Know About Bitcoin Mixers (But Were Afraid to Ask).

Jaswant Pakki Yan Shoshitaishvili Ruoyu Wang Tiffany Bao Adam Doupé

2021

conf/sp

CrawlPhish: Large-scale Analysis of Client-side Cloaking Techniques in Phishing.

Penghui Zhang Adam Oest Haehyun Cho Zhibo Sun RC Johnson Brad Wardman Shaown Sarker Alexandros Kapravelos Tiffany Bao Ruoyu Wang Yan Shoshitaishvili Adam Doupé Gail-Joon Ahn

2021

conf/ndss

Favocado: Fuzzing the Binding Code of JavaScript Engines Using Semantically Correct Test Cases.