$Id: index.t2t, v3.0, last updated Sat Nov 10 09:47:04 2018 Exp$

---

About

• I am an Associate Professor of Computer Science and Engineering at The Ohio State University
• I used to work at the Computer Science Department of The University of Texas at Dallas, as an assistant professor (2011-2016), an associate professor (2016-2017), and now an adjunct professor.
• I earned my PhD of computer science from Purdue University.
• I am a recipient of the NSF CAREER Award and the AFOSR YIP Award. In addition to AFOSR and NSF, my research has also been supported in part by DARPA, NSA, ONR, Raytheon, and VMware
• The best way to reach me is through my email:
• My office: DL 787
• Phone: (614) 292-0055
• Fax: (614) 292-2911
• PGP key: zlin.pub
• Mail Address:

      Zhiqiang Lin
      787 Dreese Laboratories
      2015 Neil Avenue
      Columbus, OH 43210-1277
  

---

Research

• Current Interests:
  • Mobile, IoT, and Cloud Security
    • Leaks in Ride-hailing Services [NDSS'19]
    • LeakScope [S&P'19]
    • Sensor-Spoofing [USENIX-SEC'18]
    • IoTFuzzer [NDSS'18]
    • AuthScope [CCS'17]
    • AutoForge [NDSS'16]
    • I-Box [USENIX-SEC'15]
    • SMV-Hunter [NDSS'14]
  • Software Security
    • Superset Disassembly [NDSS'18]
    • K-Hunt [CCS'18]
    • Guarder [USENIX-SEC'18]
    • FreeGuard [CCS'17],
    • X-Force [USENIX-SEC'14]
    • STIR [CCS'12]
    • REWARDS [NDSS'10]
  • Systems Security
    • SGX-BigMatrix [CCS'17], SGX-Elide [CGO'18]
    • Hybrid-Bridge [NDSS'14], HyperShell [USENIX-ATC'14]
    • Crypto-key Protection [USENIX-SEC'14]
    • VM Space Travler [S&P'12]
    • SigGraph [NDSS'11]

• Groups: The SecLab at OSU
  • With Dr. Yinqian Zhang, we have founded the Computer Security Laboratory (SecLab), and now we are both co-directing the lab. We are broadly interested in most of the systems security problems including but not limited to virtualization security, binary analysis, web and cloud security, mobile security, and IoT security.
  • We are (always) looking for self-motivated students with solid systems (e.g., OS, virtualization, compiler, machine code) and networking as well as security background. Interested students who wish to purse a PhD under our direction please drop us an email.
  • We also have openings for Post Doctoral Researchers, please contact us for further details.

• Selected and Recent Publications [Complete list]
  • [NDSS'19] "The Unexpected Danger of UX Features: A Case of Sensitive Data Leakage of Drivers in Ride-Hailing Services."
  • [S&P'19] "Why Does Your Data Leak? Uncovering the Data Leakage in Cloud From Mobile Apps"
  • [CCS'18] "K-Hunt: Pinpointing Insecure Cryptographic Keys from Execution Traces"
  • [USENIX-SEC'18] "Injected and Delivered: Fabricating Implicit Control over Actuation Systems by Spoofing Inertial Sensors"
  • [USENIX-SEC'18] "Guarder: A Tunable Secure Allocator"
  • [NDSS'18] "Superset Disassembly: Statically Rewriting x86 Binaries Without Heuristics"
  • [NDSS'18] "IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing"
  • [CCS'17] "AuthScope: Towards Automatic Discovery of Vulnerable Authorizations in Online Services''
  • [CCS'17] "SGX-BigMatrix: A Practical Encrypted Data Analytic Framework With Trusted Processors''
  • [CCS'17] "FreeGuard: A Faster Secure Heap Allocator''
  • [NDSS'16] "Automatic Forgery of Cryptographically Consistent Messages to Identify Security Vulnerabilities in Mobile Services" (or How to brute-force user's password when given a mobile app)
  • [USENIX-SEC'15] "You Shouldn't Collect My Secrets: Thwarting Sensitive Keystroke Leakage in Mobile IME Apps"
  • [USENIX-SEC'14] "Preventing Cryptographic Key Leakage in Cloud Virtual Machines"
  • [USENIX-SEC'14] "X-Force: Force-Executing Binary Programs for Security Applications"
  • [NDSS'14] "Hybrid-Bridge: Efficiently Bridging the Semantic-Gap in Virtual Machine Introspection via Decoupled Execution and Training Memoization"
  • [NDSS'14] "SMV-Hunter: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps"
  • [CCS'13] "Obfuscation-resilient Binary Code Reuse through Trace-oriented Programming"
  • [CCS'12] "Binary Stirring: Self-randomizing Instruction Addresses of Legacy x86 Binary Code"
  • [S&P'12] "Space Traveling across VM: Automatically Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection"

---

Teaching

• CSE 5473 Network Security
• CSE 5479 Software Security

---

Service

• Editorial Service:
  • Associate Editor: IEEE Transactions on Dependable and Secure Computing (TDSC), 16~
• Conference Organization:
  • Steering committee: International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 17~
  • Local Arrangement Chair: ACM Conference on Computer and Communications Security (CCS), 17
• TPC Member:
  • Network and Distributed System Security Symposium (NDSS), 15, 19
  • ACM Conference on Computer and Communications Security (CCS), 14, 15, 16, 18
  • USENIX Security Symposium, 17
  • World Wide Web (WWW) Conference, 18
  • Annual Computer Security Applications Conference (ACSAC), 14, 16, 17, 18
  • International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 16
  • ACM Symposium on Information, Computer and Communications Security (AsiaCCS), 13, 14, 15, 16, 18
  • Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 16, 17, 18, 19
  • Annual Digital Forensics Research Conference (DFRWS), 13, 14, 15, 16, 17, 18
  • International Conference on Security and Privacy in Communication Networks (SECURECOMM), 15, 16, 17, 18
  • International Conference on Privacy, Security and Trust (PST), 13, 14, 15, 18
  • Information Security Conference (ISC), 17
  • Workshop on System Software for Trusted Execution (SysTex), 16, 17
  • Workshop on Forming an Ecosystem Around Software Transformation (FEAST), 17, 18
  • IEEE International Conference on Distributed Computing Systems (ICDCS), 14
  • IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid), 13, 14
  • IEEE International Conference on Big Data (BigData), 13, 14, 16
  • The International Congress on Big Data (BigData), 14, 17
  • International Symposium on Foundations and Applications of Big Data Analytics (FAB), 15, 16
  • International Symposium on Big Data Management and Analytics (BIDMA), 16
  • The IEEE International Conference on Cyber Security and Cloud Computing (CSCloud), 15
  • International Workshop on Cloud Compliance (IWCC), 15
  • The European Workshop on Systems Security (EuroSec), 14
  • IEEE International Performance Computing and Communications Conference (IPCCC), 11, 12, 13, 14, 15
  • Workshop on Hardware and Architectural Support for Security and Privacy (HASP), 12, 13, 14, 15, 16
  • The International Symposium on Secure Virtual Infrastructures, 13, 14

---

Misc

• My calendar

---

HOME SOURCE