Binbin Zhao

Binbin Zhao

Ph.D. Candidate

Georgia Institute of Technology

About Me

Hi there. I am a fourth-year Ph.D. candidate working with Prof. Raheem Beyah and Prof. Shouling Ji in the School of Electrical and Computer Engineering at Georgia Institute of Technology. Prior to joining GaTech, I obtained my Bachelor’s degree in Computer Science from Zhejiang University in 2018.

Recent News

  • [05/09/2023] Our paper was accepted by IEEE Transactions on Dependable and Secure Computing (TDSC)!

  • [03/23/2023] Our paper was accepted by USENIX Security 2023!

  • [11/15/2022] Binbin has passed the proposal oral exam!

  • [11/10/2022] Our paper was accepted by USENIX Security 2023!

  • [04/11/2022] Two papers were accepted by ISSTA 2022!

  • [10/20/2021] Our paper was accepted by NDSS 2022!

  • [05/25/2021] Our paper was accepted by USENIX Security 2021!

  • [12/16/2020] Binbin has passed the coursework qualifier!

  • [11/04/2020] Our paper was accepted by IEEE Transactions on Dependable and Secure Computing (TDSC)!

Interests
  • IoT
  • Fuzzing
  • Blockchain
Education
  • Ph.D. in Electrical and Computer Engineering, Expected 2023

    Georgia Institute of Technology

  • M.S. in Electrical and Computer Engineering, 2022

    Georgia Institute of Technology

  • B.Eng. in Computer Science, 2018

    Zhejiang University

Publications

(2022). One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware. IEEE Transactions on Dependable and Secure Computing, CCF-A.

PDF Dataset Slides

(2022). State-of-the-Art Survey of Open-source Software Supply Chain Security. Journal of Software, CCF-T1.

PDF

(2022). UVSCAN: Detecting Third-Party Component Usage Violations in IoT Firmware. 32nd USENIX Security Symposium (USENIX 2023), CCF-A.

(2022). MINER: A Hybrid Data-Driven Approach for REST API Fuzzing. 32nd USENIX Security Symposium (USENIX 2023), CCF-A.

PDF Code

(2022). A Large-Scale Empirical Analysis of the Vulnerabilities Introduced by Third-Party Components in IoT Firmware. ISSTA 2022, CCF-A.

PDF Dataset Slides

(2022). SLIME: Program-sensitive Energy Allocation for Fuzzing. ISSTA 2022, CCF-A.

PDF Code

(2021). EMS: History-Driven Mutation for Coverage-based Fuzzing. NDSS 2022, CCF-A.

PDF Cite Code

(2021). MPInspector: A Systematic and Automatic Approach for Evaluating the Security of IoT Messaging Protocols. 30th USENIX Security Symposium (USENIX 2021), CCF-A.

PDF Cite Code

(2020). A Large-scale Empirical Study on the Vulnerability of Deployed IoT Devices. IEEE Transactions on Dependable and Secure Computing (TDSC), CCF-A.

PDF Cite

(2019). Towards Understanding the Security of Modern Image Captchas and Underground Captcha-solving Services. Big Data Mining and Analytics, CCF-T2.

PDF Cite

(2018). Towards Evaluating the Security of Real-world Deployed Image CAPTCHAs. Proceedings of the 11th ACM Workshop on Artificial Intelligence and Security (AISec 2018), co-located with CCS.

PDF Cite

Experience

 
 
 
 
 
Research Assistant
CAP Lab, Georgia Institute of Technology
Aug 2019 – Present Atlanta
 
 
 
 
 
Research Fellow
NESA Lab, Zhejiang University
Jul 2018 – Jul 2019 Hangzhou, China
 
 
 
 
 
SDE Intern
Tencent
Apr 2018 – Jun 2018 Shenzhen, China
 
 
 
 
 
Teaching Assistant
Zhejiang University
Sep 2017 – Feb 2018 Hangzhou, China
 
 
 
 
 
Research Assistant
NESA Lab, Zhejiang University
Jul 2017 – Apr 2018 Hangzhou, China

Contact