Binbin Zhao

Binbin Zhao

Ph.D. Candidate

Georgia Institute of Technology

About Me

Hi there. I am a fourth-year Ph.D. candidate working with Prof. Raheem Beyah and Prof. Shouling Ji in the School of Electrical and Computer Engineering at Georgia Institute of Technology. Prior to joining GaTech, I obtained my Bachelor’s degree in Computer Science from Zhejiang University in 2018.

Recent News

  • [05/09/2023] Our paper was accepted by IEEE Transactions on Dependable and Secure Computing (TDSC)!

  • [03/23/2023] Our paper was accepted by USENIX Security 2023!

  • [11/15/2022] Binbin has passed the proposal oral exam!

  • [11/10/2022] Our paper was accepted by USENIX Security 2023!

  • [04/11/2022] Two papers were accepted by ISSTA 2022!

  • [10/20/2021] Our paper was accepted by NDSS 2022!

  • [05/25/2021] Our paper was accepted by USENIX Security 2021!

  • [12/16/2020] Binbin has passed the coursework qualifier!

  • [11/04/2020] Our paper was accepted by IEEE Transactions on Dependable and Secure Computing (TDSC)!

Interests
  • IoT
  • Fuzzing
  • Blockchain
Education

  • Ph.D. in Electrical and Computer Engineering, Expected 2023

    Georgia Institute of Technology

  • M.S. in Electrical and Computer Engineering, 2022

    Georgia Institute of Technology

  • B.Eng. in Computer Science, 2018

    Zhejiang University

Publications

Binbin Zhao, Shouling Ji, Jiacheng Xu, Yuan Tian, Qiuyang Wei, Qinying Wang, Chenyang Lyu, Xuhong Zhang, Changting Lin, Jingzheng Wu, Reheem Beyah (2022). One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware. IEEE Transactions on Dependable and Secure Computing, CCF-A.

PDF Dataset Slides

Shouling Ji, Qinying Wang, Anying Chen, Binbin Zhao, Tong Ye, Xuhong Zhang, Jingzheng Wu, Yun Li, Jianwei Yin, Yanjun Wu (2022). State-of-the-Art Survey of Open-source Software Supply Chain Security. Journal of Software, CCF-T1.

PDF

Binbin Zhao, Shouling Ji, Xuhong Zhang, Yuan Tian, Qinying Wang, Yuwen Pu, Chenyang Lyu, Reheem Beyah (2022). UVSCAN: Detecting Third-Party Component Usage Violations in IoT Firmware. 32nd USENIX Security Symposium (USENIX 2023), CCF-A.

Chenyang Lyu, Jiacheng Xu, Shouling Ji, Xuhong Zhang, Qinying Wang, Binbin Zhao, Gaoning Pan, Wei Cao, Peng Chen, Reheem Beyah (2022). MINER: A Hybrid Data-Driven Approach for REST API Fuzzing. 32nd USENIX Security Symposium (USENIX 2023), CCF-A.

PDF Code

Binbin Zhao, Shouling Ji, Jiacheng Xu, Yuan Tian, Qiuyang Wei, Qinying Wang, Chenyang Lyu, Xuhong Zhang, Changting Lin, Jingzheng Wu, Reheem Beyah (2022). A Large-Scale Empirical Analysis of the Vulnerabilities Introduced by Third-Party Components in IoT Firmware. ISSTA 2022, CCF-A.

PDF Dataset Slides

Chenyang Lyu, Hong Liang, Shouling Ji, Xuhong Zhang, Binbin Zhao, Meng Han, Yun Li, Zhe Wang, Wenhai Wang, Reheem Beyah (2022). SLIME: Program-sensitive Energy Allocation for Fuzzing. ISSTA 2022, CCF-A.

PDF Code

Chenyang Lyu, Shouling Ji, Xuhong Zhang, Hong Liang, Binbin Zhao, Kangjie Lu, Reheem Beyah (2021). EMS: History-Driven Mutation for Coverage-based Fuzzing. NDSS 2022, CCF-A.

PDF Cite Code

Qinying Wang, Shouling Ji, Yuan Tian, Xuhong Zhang, Binbin Zhao, Yuhong Kan, Zhaowei Lin, Changting Lin, Shuiguang Deng, Alex X. Liu, Reheem Beyah (2021). MPInspector: A Systematic and Automatic Approach for Evaluating the Security of IoT Messaging Protocols. 30th USENIX Security Symposium (USENIX 2021), CCF-A.

PDF Cite Code

Binbin Zhao, Shouling Ji, Wei-Han Lee, Changting Lin, Haiqing Weng, Jingzheng Wu, Pan Zhou, Liming Fang, Reheem Beyah (2020). A Large-scale Empirical Study on the Vulnerability of Deployed IoT Devices. IEEE Transactions on Dependable and Secure Computing (TDSC), CCF-A.

PDF Cite

Haiqin Weng, Binbin Zhao, Shouling Ji, Jianhai Chen, Ting Wang, Qinming He, Raheem Beyah (2019). Towards Understanding the Security of Modern Image Captchas and Underground Captcha-solving Services. Big Data Mining and Analytics, CCF-T2.

PDF Cite

Binbin Zhao, Haiqin Weng, Shouling Ji, Jianhai Chen, Ting Wang, Qinming He, Reheem Beyah (2018). Towards Evaluating the Security of Real-world Deployed Image CAPTCHAs. Proceedings of the 11th ACM Workshop on Artificial Intelligence and Security (AISec 2018), co-located with CCS.

PDF Cite

Experience

 
 
 
 
 
Research Assistant
CAP Lab, Georgia Institute of Technology
Aug 2019 – Present Atlanta
 
 
 
 
 
Research Fellow
NESA Lab, Zhejiang University
Jul 2018 – Jul 2019 Hangzhou, China
 
 
 
 
 
SDE Intern
Tencent
Apr 2018 – Jun 2018 Shenzhen, China
 
 
 
 
 
Teaching Assistant
Zhejiang University
Sep 2017 – Feb 2018 Hangzhou, China
 
 
 
 
 
Research Assistant
NESA Lab, Zhejiang University
Jul 2017 – Apr 2018 Hangzhou, China

Contact