About
- I am a Professor of Computer Science and Engineering (CSE) at The Ohio State University (OSU), the director of Computer Security Laboratory (SecLab). I am also a faculty member at Institute for Cybersecurity and Digital Trust (ICDT), Center for Automotive Research (CAR), Translational Data Analytics Institute (TDAI), and NSF AI Institute for Future Edge Networks and Distributed Intelligence (AI-Edge).
- I am the founding faculty advisor of Women in Cyber Security (WiCys) chapter at OSU, and I am also one of the faculty advisors of OSU Cybersecurity Club (OSUCyber)
- I received my PhD in Computer Science from Purdue University.
- I am broadly interested in most of the cybersecurity problems (e.g., vulnerability identification, authentication, authorization, introspection, deception, applied cryptography, and side channel analysis), with a key focus on advancing or using program analysis to solve the security problems.
- More specifically, I have been working on developing new or using existing program analysis and reverse engineering techniques for vulnerability discovery with native binary code in the past decade, and recently also on byte code, script code, or even source code, covering the entire software stack from firmware to applications, from web and mobile to IoT. In addition to finding the vulnerabilities, I also work on hardening the software against various attacks, particularly on improving or using binary code rewriting, virtual machine introspection, and trusted execution environment (TEE) towards this goal. Sometimes, I also use program analysis as a tool for measurement studies in order to gain insights and understanding on the security problems of interest.
- My research has been supported in part by federal agencies such as AFOSR, ARO, DARPA, NHTSA, NSA, NSF, and ONR, and industry such as Amazon, Cisco, Raytheon, and VMware.
- I am a recipient of NSF CAREER Award and AFOSR YIP Award. I also received the Harrison Faculty Award for Excellence in Engineering Education from College of Engineering, and also the Outstanding Faculty Teaching Award from Departement of Computer Science and Engineering at OSU.
- The best way to reach me is through my email:
- My office: DL 798
- Phone: (614) 292-0055
- Fax: (614) 292-2911
- PGP key: zlin.pub
- Mail Address:
Zhiqiang Lin 798 Dreese Laboratories 2015 Neil Avenue Columbus, OH 43210-1277
Research
- Current Interests:
- Mobile Security (mobile app analysis, automotive security, contact tracing, 5G, Bluetooth/IoT security)
- Google/Apple Exposure Notification+ [PETS'22]
- Allowlist-based Side Channel Attacks [CCS'22]
- PaymentScope [USENIX-SEC'22]
- MiniCrawler [SIGMETRICS'21]
- InputScope [S&P'20]
- CAN-Hunter [NDSS'20]
- DongleScope [USENIX-SEC'20]
- SAVIOR [USENIX-SEC'20]
- FirmScope [USENIX-SEC'20]
- Bluetooth Downgrading Attacks [USENIX-SEC'20]
- TxSpector [USENIX-SEC'20]
- BleScope [CCS'19]
- SkyWalker [USENIX-SEC'19]
- Leaks in Ride-hailing Services [NDSS'19]
- LeakScope [S&P'19]
- IoTFuzzer [NDSS'18]
- AuthScope [CCS'17]
- SmartGen [WWW'17]
- AutoForge [NDSS'16]
- SMV-Hunter [NDSS'14]
- Software Security (binary or firmware code analysis, vulnerability discovery, and software hardening)
- PaymentScope [USENIX-SEC'22]
- SelectiveTaint [USENIX-SEC'21]
- FirmXRay [CCS'20]
- FirmScope [USENIX-SEC'20]
- CONFIRM: CFI Benchmarks [USENIX-SEC'19]
- Probabilistic Disassembly [ICSE'19]
- Superset Disassembly [NDSS'18]
- K-Hunt [CCS'18]
- Guarder [USENIX-SEC'18]
- FreeGuard [CCS'17],
- X-Force [USENIX-SEC'14]
- Trace-oriented Programming [CCS'13]
- STIR [CCS'12]
- REWARDS [NDSS'10]
- IntScope [NDSS'09]
- AutoFormat [NDSS'08]
- Systems Security (OS kernel and hypervisor security, trusted computing)
- vSGX [S&P'22]
- SGX State Continuity Vulnerability Detection [USENIX-SEC'21]
- CrossLine Attack [CCS'21][Best Paper Award Runner-up]
- Rust-SGX [CCS'19]
- AMD-SEV-IO-Security [USENIX-SEC'19]
- SGX-Pectre [EUROSP'19]
- SGX-BigMatrix [CCS'17]
- SGX-Elide [CGO'18]
- SGX-LAPD [RAID'17]
- Hybrid-Bridge [NDSS'14]
- HyperShell [USENIX-ATC'14]
- Crypto-key Protection [USENIX-SEC'14]
- VM Space Travler [S&P'12]
- SigGraph [NDSS'11]
- Mobile Security (mobile app analysis, automotive security, contact tracing, 5G, Bluetooth/IoT security)
- Groups:
- Selected and Recent Publications [Complete list]
- [PETS'22] "Replay (Far) Away: Exploiting and Fixing Google/Apple Exposure Notification Contact Tracing"
- [CCS'22] "When Good Becomes Evil: Tracking Bluetooth Low Energy Devices via Allowlist-based Side Channel and Its Countermeasure"
- [USENIX-SEC'22] "Playing Without Paying: Detecting Vulnerable Payment Verification in Native Binaries of Mobile Games''
- [S&P'22] "vSGX: Virtualizing SGX Enclaves on AMD SEV''
- [NDSS'22] Multi-Certificate Attacks Against Proof-of-Elapsed-Time And Their Countermeasures
- [CCS'21] "CROSSLINE: Breaking "Security-by-Crash" based Memory Isolation in AMD SEV''
- [USENIX-SEC'21] "SelectiveTaint: Efficient Data Flow Tracking With Static Binary Rewriting''
- [USENIX-SEC'21] "Towards Formal Verification of State Continuity for Enclave Programs''
- [CCS'20] FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities from Bare-Metal Firmware
- [S&P'20] Automatic Uncovering of Hidden Behaviors From Input Validation in Mobile Apps
- [USENIX-SEC'20] Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack Surface (in Automotive IoT)
- [USENIX-SEC'20] "FirmScope: Automatic Uncovering of Privilege-Escalation Vulnerabilities in Pre-Installed Apps in Android Firmware"
- [USENIX-SEC'20] SAVIOR: Securing Autonomous Vehicles with Robust Physical Invariants
- [USENIX-SEC'20] Breaking Secure Pairing of Bluetooth Low Energy Using Downgrade Attacks
- [USENIX-SEC'20] TXSPECTOR: Uncovering Attacks in Ethereum from Transactions
- [NDSS'20] Automated Cross-Platform Reverse Engineering of CAN Bus Commands From Mobile Apps
- [CCS'19] "Automatic Fingerprinting of Vulnerable BLE IoT Devices with Static UUIDs From Mobile Apps''
- [USENIX-SEC'19] "The Betrayal At Cloud City: An Empirical Analysis Of Cloud-Based Mobile Backends"
- [S&P'19] "Why Does Your Data Leak? Uncovering the Data Leakage in Cloud From Mobile Apps"
- [NDSS'18] "Superset Disassembly: Statically Rewriting x86 Binaries Without Heuristics"
- [CCS'17] "AuthScope: Towards Automatic Discovery of Vulnerable Authorizations in Online Services''
- [NDSS'16] "Automatic Forgery of Cryptographically Consistent Messages to Identify Security Vulnerabilities in Mobile Services" (or How to brute-force user's password when given a mobile app)
- [NDSS'14] "SMV-Hunter: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps"
- [CCS'12] "Binary Stirring: Self-randomizing Instruction Addresses of Legacy x86 Binary Code"
- [S&P'12] "Space Traveling across VM: Automatically Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection"
Teaching
- CSE 5194: Software Security Spring 2022
- CSE 6493: Advanced Studies in Computer Security Spring 2022
- CSE 5194: Software Security Spring 2021
- CSE 6493: Advanced Studies in Computer Security Spring 2021
- CSE 5473: Network Security Fall 2020
- CSE 6493: Advanced Studies in Computer Security Fall 2020
- CSE 4471: Information Security Fall 2019
- CSE 5473: Network Security Fall 2018
- CSE 5479: Software Security Fall 2018
- Recent Talks
- 12/10/2021, Towards Distributed and Virtualized Trusted Execution Environments [PDF], Keynote at 4th EAI International Conference on Security and Privacy in New Computing Environments (SPNCE'21)
- 12/06/2021, Understanding the Security and Privacy of Bluetooth Low Energy [PPTX], virtual talk at exploreCSR@OSU, Labs Latex source
- 10/13/2021, Why Cybersecurity is Hard [PPTX][Youtube][Bilibili], Community Forum Session at OSU Cybersecurity Days, and also in OSU's Women in Cyber Security Club.
- 08/19/2021, Software Security: Past, Present, and Future [PDF], Keynote at the 3rd International Workshop on Cyber Security and Data Privacy (CSDP'21).
- More ...
Service
- Editorial Service:
- Associate Editor: ACM/IEEE Transactions on Networking (ToN), 21~
- Associate Editor: ACM Transactions on Privacy and Security (TOPS), 20~
- Associate Editor: IEEE Transactions on Mobile Computing (TMC), 20~
- Associate Editor: IEEE Transactions on Dependable and Secure Computing (TDSC), 16~
- Conference Organization:
- Program co-chair: International Conf. on Security and Privacy in Comm. Networks (SECURECOMM), 22
- Program co-chair: ACM ASIA Conference on Computer and Communications Security (ASIACCS), 21
- Program co-chair: Information Security Conference (ISC), 19
- Program co-chair: Workshop on Forming an Ecosystem Around Software Transformation (FEAST), 19
- Area chair: ACM Conference on Computer and Communications Security (CCS), 19
- Steering committee: International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 17~
- Steering committee: Information Security Conference, 19~
- Local arrangement chair: ACM Conference on Computer and Communications Security (CCS), 17
- Technical Program Committee (TPC) Member:
- ACM Conference on Computer and Communications Security (CCS), 14, 15, 16, 18, 19, 20, 22
- IEEE Symposium on Security and Privacy, 21, 22
- USENIX Security Symposium, 17, 21, 22
- Network and Distributed System Security Symposium (NDSS), 15, 19, 20
- World Wide Web (WWW) Conference, 18
- IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 20, 21, 22
- ACM ASIA Conference on Computer and Communications Security (ASIACCS), 13, 14, 15, 16, 18
- Annual Computer Security Applications Conference (ACSAC), 14, 16, 17, 18, 19, 20, 21, 22
- International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 16
- European Symposium on Research in Computer Security (ESORICS), 21, 22
- Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 16, 17, 18, 19, 22
- International Conference on Applied Cryptography and Network Security (ACNS), 20 21
- International Conf. on Security and Privacy in Comm. Networks (SECURECOMM), 15, 16, 17, 18, 19, 20
- Annual Digital Forensics Research Conference (DFRWS), 13, 14, 15, 16, 17, 18, 19, 20
- International Conference on Privacy, Security and Trust (PST), 13, 14, 15, 18, 19
- ACM Cloud Computing Security Workshop (CCSW), 19, 21
- Workshop on Automotive and Autonomous Vehicle Security (AutoSec), 21, 22
- Program Analysis and Verification on Trusted Platforms (PAVeTrust) 21
- Information Security Conference (ISC), 17, 19
- Workshop on System Software for Trusted Execution (SysTex), 16, 17
- Workshop on Forming an Ecosystem Around Software Transformation (FEAST), 17, 18, 19
- IEEE International Conference on Distributed Computing Systems (ICDCS), 14
- IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid), 13, 14
- IEEE International Conference on Big Data (BigData), 13, 14, 16
- International Congress on Big Data (BigData), 14, 17
- International Symposium on Foundations and Applications of Big Data Analytics (FAB), 15, 16
- International Symposium on Big Data Management and Analytics (BIDMA), 16
- IEEE International Conference on Cyber Security and Cloud Computing (CSCloud), 15
- International Workshop on Cloud Compliance (IWCC), 15
- The European Workshop on Systems Security (EuroSec), 14
- IEEE International Performance Computing and Communications Conference (IPCCC), 11, 12, 13, 14, 15
- Workshop on Hardware and Architectural Support for Security and Privacy (HASP), 12, 13, 14, 15, 16
- International Symposium on Secure Virtual Infrastructures, 13, 14
- Panelist:
- NSF proposal review panels, 12, 16, 17, 18, 19, 20, 21, 22
- Artifact Evaluation Committee Member: