Publications

2020

[TSE]
Scrutinizing Implementations of Smart Home Integrations (PDF)

Kulani Mahadewa, Kailong Wang, Guangdong Bai, Ling Shi, Yan Liu, Jin Song Dong and Zhenkai Liang
IEEE Transaction on Software Engineering (TSE), To appear in 2020.

[TSE]
oo7: Low-overhead Defense against Spectre Attacks via Binary Analysis (PDF, Tool)

Guanhua Wang, Sudipta Chattopadhyay, Ivan Gotovchits, Tulika Mitra, Abhik Roychoudhury
IEEE Transactions on Software Engineering, To appear (2020). Earlier version as arXiv report 1807.05843, Appeared July 2018, Sample News

[Usenix]
BesFS: A POSIX Filesystem for Enclaves with A Mechanized Safety Proof (PDF)

Shweta Shinde, Shengyi Wang, Pinghai Yuan, Aquinas Hobor, Abhik Roychoudhury, Prateek Saxena
29th Usenix Security Symposium 2020

2019

[TOSEM]
KLEESPECTRE : Detecting Information Leakage through Speculative Cache Attacks via Symbolic Execution (PDF)

G Wang, S Chattopadhyay, AK Biswas, T Mitra, A Roychoudhury
ACM Transactions on Software Engineering and Methodology

[ISC]
LightSense: A Novel Side Channel for Zero-permission Mobile User Tracking. ISC 2019: 299-318 (PDF)

Quanqi Ye, Yan Zhang, Guangdong Bai, Naipeng Dong, Zhenkai Liang, Jin Song Dong, Haoyu Wang
22nd Information Security Conference 2019

[TSE]
Smart Greybox Fuzzing (PDF , Sample News 1 , Sample News 2 )

Van-Thuan Pham, Marcel Böhme, Andrew E. Santosa, Alexandru Razvan Caciulescu, Abhik Roychoudhury
IEEE Transactions on Software Engineering, To appear.

[IEEE ICDCS]
Practical Verifiable In-network Filtering for DDoS defense (PDF)

Deli Gong, Muoi Tran, Shweta Shinde, Hao Jin, Vyas Sekar, Prateek Saxena, Min Suk Kang
In Proceedings of IEEE International Conference on Distributed Computing Systems (IEEE ICDCS), July 2019

[CACM]
Automated Program Repair (PDF)

Claire Le Goues, Michael Pradel, Abhik Roychoudhury
Communications of the ACM (CACM), To appear.

[NDSS]
One Engine To Serve ’em All: Inferring Taint Rules Without Architectural Semantics (PDF)

Zheng Leong Chua, Yanhao Wang, Teodora Baluta, Prateek Saxena, Zhenkai Liang, Purui Su
Network and Distributed System Security Symposium (NDSS) 2019

[NDSS]
Neuro-Symbolic Execution: Augmenting Symbolic Execution with Neural Constraints (PDF)

Shen Shiqi, Shweta Shinde, Soundarya Ramesh, Abhik Roychoudhury, Prateek Saxena
Network and Distributed System Security Symposium (NDSS) 2019

2018

[arXiv]
oo7: Low-overhead Defense against Spectre Attacks via Binary Analysis (PDF)

Guanhua Wang, Sudipta Chattopadhyay, Ivan Gotovchits, Tulika Mitra, Abhik Roychoudhury
arXiv report 1807.05843, Appeared 17 July 2018

[arXiv]
BesFS: Mechanized Proof of an Iago-Safe Filesystem for Enclaves (PDF)

Shweta Shinde, Shengyi Wang, Pinghai Yuan, Aquinas Hobor, Abhik Roychoudhury and Prateek Saxena
arXiv report 1807.00477, Appeared 2 July 2018

[FSE][ESEC-FSE]
Symbolic Execution with Existential Second-order Constraints (PDF)

Sergey Mechtaev, Alberto Griggio, Alessandro Cimatti, Abhik Roychoudhury
ACM Symposium on Foundations of Software Engineering (FSE) 2018

[EMSOFT][TCAD]
Symbolic Verification of Cache Side Channel Freedom (PDF)

Sudipta Chattopadhyay, Abhik Roychoudhury
ACM International Conference on Embedded Software (EMSOFT) 2018
EMSOFT Proceedings to be published as special issue of IEEE Transactions on Computer Aided Design (TCAD)

[PLDI]
EffectiveSan: Type and Memory Error Detection using Dynamically Typed C/C++ (PDF)

Gregory J. Duck, Roland H. C. Yap
ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2018)

[ACNS]
VERICOUNT: Verifiable Resource Accounting Using Hardware and Software Isolation (PDF)

Shruti Tople, Soyeon Park, Georgia Tech, Min Suk Kang, Prateek Saxena
16th International Conference on Applied Cryptography and Network Security (ACNS 2018)

[TOSEM]
STADS: Software Testing as Species Discovery (PDF)

Marcel Böhme
ACM Transactions on Software Engineering and Methodology

[ICSE]
Semantic Program Repair using a Reference Implementation (PDF)

Sergey Mechtaev, Manh-Dung Nguyen, Yannic Noller, Lars Grunske, Abhik Roychoudhury
ACM/IEEE International Conference on Software Engineering (ICSE) 2018

[arXiv]
Scilla: a Smart Contract Intermediate-Level LAnguage (PDF)

Ilya Sergey, Amrit Kumar, Aquinas Hobor
arXiv report 1801.00687, Appeared 2 January 2018

2017

[TSE]
Coverage-based Greybox Fuzzing as Markov Chain (PDF)

Marcel Böhme, Van Thuan Pham, Abhik Roychoudhury
IEEE Transactions on Software Engineering, To appear.

[ICFEM]
A Verification Framework for Stateful Security Protocols ( PDF )

Li Li, Naipeng Dong, Jun Pang, Jun Sun, Guangdong Bai, Yang Liu, and Jin Song Dong
19th International Conference on Formal Engineering Methods (ICFEM 2017) 

[CCS]
Directed Greybox Fuzzing ( PDF )

Marcel Böhme, Van Thuan Pham, Manh Dung Nguyen, Abhik Roychoudhury
24th  ACM Conference on Computer and Communications Security (CCS) 2017

[EmSe] Correlation of Test-suite Metrics with Patch Quality in Program Repair ( PDF )

Jooyong Yi, Shin Hwei Tan, Sergey Mechtaev, Marcel Boehme, Abhik Roychoudhury
Empirical Software Engineering Journal, To appear.

[USENIX]
Neural Nets Can Learn Function Type Signatures From Binaries ( PDF )

Zheng Leong Chua, Shiqi Shen, Prateek Saxena, Zhenkai Liang
USENIX Security 2017

[FASE]
Bucketing Failing Tests via Symbolic Analysis ( PDF )

Van Thuan Pham, Sakaar Khurana, Subhajit Roy , Abhik Roychoudhury
20th International Conference on Fundamental Approaches to Software Engineering (FASE) 2017

[NDSS]
Panoply: Low-TCB Linux Applications With SGX Enclaves ( PDF )

Shweta Shinde, Dat Le Tien, Shruti Tople, Prateek Saxena
Network and Distributed System Security Symposium (NDSS 2017)

[NDSS]
Stack Bounds Protection with Low Fat Pointers ( PDF )

Gregory J. Duck, Roland H. C. Yap, Lorenzo Cavallaro
Network and Distributed System Security Symposium (NDSS 2017)

 

2016


[ICECCS]
Automatic Construction of Callback Model for Android Application ( PDF )

Chenkai Guo, Quanqi Ye, Naipeng Dong, Guangdong Bai, Jin Song Dong, and Jing Xu
In proceedings of the 21st International Conference on Engineering of Complex Computer Systems (ICECCS), page 231-234, 2016 (to appear online)

[CCS]
A Secure Sharding Protocol For Open Blockchains ( PDF )

Loi Luu, Viswesh Narayanan, Chaodong Zheng, Kunal Baweja, Seth Gilbert, Prateek Saxena
ACM Conference on Computer and Communications Security (CCS 2016)

[CCS]
The “Web/Local” Boundary Is Fuzzy – A Security Study of Chrome’s Process-based Sandboxing ( PDF )

Yaoqi Jia, Zheng Leong Chua, Hong Hu, Shuo Chen, Prateek Saxena, Zhenkai Liang
ACM Conference on Computer and Communications Security (CCS 2016)

[CCS]
Coverage-based Greybox Fuzzing as Markov Chain ( PDF )

Marcel Böhme, Van Thuan Pham, Abhik Roychoudhury
23rd ACM Conference on Computer and Communications Security (CCS) 2016

[ASE]
Model-based Whitebox Fuzzing for Program Binaries ( PDF )

Van Thuan Pham, Marcel Böhme, Abhik Roychoudhury
IEEE/ACM International Conference on Automated Software Engineering (ASE) 2016


[FSE]
Anti-patterns in Search-based Program Repair (PDF)

Shin Hwei Tan, Hiroaki Yoshida, Mukul Prasad, Abhik Roychoudhury
ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE) 2016

[CC]
Heap Bounds Protection with Low Fat Pointers ( PDF )

Gregory Duck, Roland Yap
Compiler Construction (CC) 2016.

[Oakland]
Data-Oriented Programming: On The Effectiveness of Non-Control Data Attacks ( PDF )

Hong Hu, Shweta Shinde, Sendroiu Adrian, Zheng Leong Chua, Prateek Saxena, Zhenkai Liang
To Appear at IEEE Symposium on Security and Privacy (Oakland) 2016

[AsiaCCS]
Preventing Page Faults from Telling your Secrets ( PDF )

Shweta Shinde, Zheng Leong Chua, Viswesh Narayanan, Prateek Saxena
To Appear at ACM Asia Conference on Computer and Communications Security (ASIACCS) 2016

[CACM]
Formula-based Program Debugging
( PDF )
Abhik Roychoudhury, Satish Chandra
To Appear at Communications of ACM (CACM)

[ICSE]
Angelix: Scalable Multiline Program Patch Synthesis via Symbolic Analysis
( PDF )
Sergey Mechtaev, Jooyong Yi, Abhik Roychoudhury
ACM/IEEE International Conference on Software Engineering (ICSE) 2016.

[ICSE]
Automated Partitioning of Android Applications for Trusted Execution ( PDF )

Konstantin Rubinov, Lucia Rosculete, Tulika Mitra, Abhik Roychoudhury
ACM/IEEE International Conference on Software Engineering (ICSE) 2016.

 

2015

[ICECCS]
Formal Analysis of A Single Sign-on Protocol Implementation for Android ( PDF )

Quanqi Ye, Guangdong Bai, Kailong Wang and Jin Song Dong
20th International Conference on Engineering of Complex Computer Systems

[CCS]
The SICILIAN Defense: Signature-based Whitelisting of Web JavaScript (PDF)

Pratik Soni, Enrico Budianto, and Prateek Saxena.
22nd ACM Conference on Computer and Communications Security (CCS) 2015

[ICSE]
Hercules: Reproducing Crashes in Real-World Application Binaries ( PDF )

Van Thuan Pham, Wei Boon Ng, Konstantin Rubinov, Abhik Roychoudhury
ACM/IEEE International Conference on Software Engineering (ICSE) 2015.

[ICSE]
DirectFix: Looking for Simple Program Repairs ( PDF )

Jooyong Yi, Sergey Mechtaev, Abhik Roychoudhury
ACM/IEEE International Conference on Software Engineering (ICSE) 2015.

[ICSE]
Relifix: Automated Repair of Software Regressions ( PDF )

Shin Hwei Tan, Abhik Roychoudhury
ACM/IEEE International Conference on Software Engineering (ICSE) 2015.

[IFIPTM]
Simple and Practical Integrity Models for Binaries and Files ( PDF )

Yongzheng Wu and Roland H.C. Yap
9th IFIP WG 11.11 International Conference on Trust Management, 2015.

[USENIX Security]
Automatic Generation of Data-Oriented Exploits ( PDF )

Hong Hu, Zheng Leong Chua, Sendroiu Adrian, Prateek Saxena, and Zhenkai Liang
24th USENIX Security Symposium (USENIX Security) 2015

[ESORICS]
Identifying Arbitrary Memory Access Vulnerabilities in Privilege-Separated Software ( PDF )

Hong Hu, Zheng Leong Chua, Zhenkai Liang, and Prateek Saxena
20th European Symposium on Research in Computer Security (ESORICS) 2015

[ESEC/FSE]
Auto-Patching DOM-based XSS At Scale ( PDF )

Inian Parameshwaran, Enrico Budianto, Shweta Shinde, Hung Dang, Atul Sadhu and Prateek Saxena
10th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE) 2015

[ESEC/FSE]
DexterJS: Robust Testing Platform for DOM-based XSS Vulnerabilities ( PDF )

Inian Parameshwaran, Enrico Budianto, Shweta Shinde, Hung Dang, Atul Sadhu and Prateek Saxena
10th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE) 2015

[Oakland]
Poster: PODARCH : Protecting Legacy Applications with a Purely Hardware TCB ( PDF )

Shweta Shinde, Shruti Tople, Deepak Kathayat and Prateek Saxena
36th IEEE Symposium on Security and Privacy (Oakland) 2015

[Oakland]
Poster: WESHARE : A Coercion-Resistant and Scalable Storage Cloud ( PDF )

Hoon Wei Lim, Loi Luu, Shruti Tople, Prateek Saxena
36th IEEE Symposium on Security and Privacy (Oakland) 2015