Publications

Binbin Zhao, Shouling Ji, Jiacheng Xu, Yuan Tian, Qiuyang Wei, Qinying Wang, Chenyang Lyu, Xuhong Zhang, Changting Lin, Jingzheng Wu, Reheem Beyah (2022). One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware. IEEE Transactions on Dependable and Secure Computing, CCF-A.

PDF Dataset Slides

Shouling Ji, Qinying Wang, Anying Chen, Binbin Zhao, Tong Ye, Xuhong Zhang, Jingzheng Wu, Yun Li, Jianwei Yin, Yanjun Wu (2022). State-of-the-Art Survey of Open-source Software Supply Chain Security. Journal of Software, CCF-T1.

PDF

Binbin Zhao, Shouling Ji, Xuhong Zhang, Yuan Tian, Qinying Wang, Yuwen Pu, Chenyang Lyu, Reheem Beyah (2022). UVSCAN: Detecting Third-Party Component Usage Violations in IoT Firmware. 32nd USENIX Security Symposium (USENIX 2023), CCF-A.

Chenyang Lyu, Jiacheng Xu, Shouling Ji, Xuhong Zhang, Qinying Wang, Binbin Zhao, Gaoning Pan, Wei Cao, Peng Chen, Reheem Beyah (2022). MINER: A Hybrid Data-Driven Approach for REST API Fuzzing. 32nd USENIX Security Symposium (USENIX 2023), CCF-A.

PDF Code

Binbin Zhao, Shouling Ji, Jiacheng Xu, Yuan Tian, Qiuyang Wei, Qinying Wang, Chenyang Lyu, Xuhong Zhang, Changting Lin, Jingzheng Wu, Reheem Beyah (2022). A Large-Scale Empirical Analysis of the Vulnerabilities Introduced by Third-Party Components in IoT Firmware. ISSTA 2022, CCF-A.

PDF Dataset Slides

Chenyang Lyu, Hong Liang, Shouling Ji, Xuhong Zhang, Binbin Zhao, Meng Han, Yun Li, Zhe Wang, Wenhai Wang, Reheem Beyah (2022). SLIME: Program-sensitive Energy Allocation for Fuzzing. ISSTA 2022, CCF-A.

PDF Code

Chenyang Lyu, Shouling Ji, Xuhong Zhang, Hong Liang, Binbin Zhao, Kangjie Lu, Reheem Beyah (2021). EMS: History-Driven Mutation for Coverage-based Fuzzing. NDSS 2022, CCF-A.

PDF Cite Code

Qinying Wang, Shouling Ji, Yuan Tian, Xuhong Zhang, Binbin Zhao, Yuhong Kan, Zhaowei Lin, Changting Lin, Shuiguang Deng, Alex X. Liu, Reheem Beyah (2021). MPInspector: A Systematic and Automatic Approach for Evaluating the Security of IoT Messaging Protocols. 30th USENIX Security Symposium (USENIX 2021), CCF-A.

PDF Cite Code

Binbin Zhao, Shouling Ji, Wei-Han Lee, Changting Lin, Haiqing Weng, Jingzheng Wu, Pan Zhou, Liming Fang, Reheem Beyah (2020). A Large-scale Empirical Study on the Vulnerability of Deployed IoT Devices. IEEE Transactions on Dependable and Secure Computing (TDSC), CCF-A.

PDF Cite

Haiqin Weng, Binbin Zhao, Shouling Ji, Jianhai Chen, Ting Wang, Qinming He, Raheem Beyah (2019). Towards Understanding the Security of Modern Image Captchas and Underground Captcha-solving Services. Big Data Mining and Analytics, CCF-T2.

PDF Cite

Binbin Zhao, Haiqin Weng, Shouling Ji, Jianhai Chen, Ting Wang, Qinming He, Reheem Beyah (2018). Towards Evaluating the Security of Real-world Deployed Image CAPTCHAs. Proceedings of the 11th ACM Workshop on Artificial Intelligence and Security (AISec 2018), co-located with CCS.

PDF Cite