$Id: index.t2t, v3.0, last updated Sat Jun 1 10:56:12 2019 Exp$

---

About

• I am an Associate Professor of Computer Science and Engineering at The Ohio State University.
• I used to work at the Computer Science Department of The University of Texas at Dallas, as an assistant professor (2011-2016), an associate professor (2016-2017), and now an adjunct professor.
• I earned my PhD of computer science from Purdue University.
• I am a recipient of the NSF CAREER Award and the AFOSR YIP Award. In addition to AFOSR and NSF, my research has also been supported in part by DARPA, NSA, ONR, Raytheon, and VMware.
• The best way to reach me is through my email:
• My office: DL 787
• Phone: (614) 292-0055
• Fax: (614) 292-2911
• PGP key: zlin.pub
• Mail Address:

      Zhiqiang Lin
      787 Dreese Laboratories
      2015 Neil Avenue
      Columbus, OH 43210-1277
  

---

Research

• Current Interests:
  • Mobile, IoT, and Cloud Security (firmware analysis, vulnerability discovery, and sensor security).
    • SkyWalker [USENIX-SEC'19]
    • Leaks in Ride-hailing Services [NDSS'19]
    • LeakScope [S&P'19]
    • Sensor-Spoofing [USENIX-SEC'18]
    • IoTFuzzer [NDSS'18]
    • AuthScope [CCS'17]
    • SmartGen [WWW'17]
    • AutoForge [NDSS'16]
    • I-Box [USENIX-SEC'15]
    • SMV-Hunter [NDSS'14]
  • Software Security (binary code analysis, vulnerability discovery, and software hardening).
    • CONFIRM: CFI Benchmarks [USENIX-SEC'19]
    • Probabilistic Disassembly [ICSE'19]
    • Superset Disassembly [NDSS'18]
    • K-Hunt [CCS'18]
    • Guarder [USENIX-SEC'18]
    • FreeGuard [CCS'17],
    • X-Force [USENIX-SEC'14]
    • Trace-oriented Programming [CCS'13]
    • STIR [CCS'12]
    • REWARDS [NDSS'10]
    • IntScope [NDSS'09]
    • AutoFormat [NDSS'08]
  • Systems Security (OS kernel and hypervisor security, and trusted computing)
    • AMD-SEV-IO-Security [USENIX-SEC'19]
    • SGX-Pectre [EUROSP'19]
    • SGX-BigMatrix [CCS'17]
    • SGX-Elide [CGO'18]
    • SGX-LAPD [RAID'17]
    • Hybrid-Bridge [NDSS'14]
    • HyperShell [USENIX-ATC'14]
    • Crypto-key Protection [USENIX-SEC'14]
    • VM Space Travler [S&P'12]
    • SigGraph [NDSS'11]

• Groups:
  • The Computer Security Laboratory (SecLab) at The Ohio State University.
  • The talented students I have the fortune to have advised and worked with.

• Selected and Recent Publications [Complete list]
  • [USENIX-SEC'19] "The Betrayal At Cloud City: An Empirical Analysis Of Cloud-Based Mobile Backends"
  • [USENIX-SEC'19] "CONFIRM: Evaluating Compatibility and Relevance of Control-flow Integrity Protections for Modern Software"
  • [USENIX-SEC'19] "Exploiting Unprotected I/O Operations in AMD’s Secure Encrypted Virtualization"
  • [S&P'19] "Why Does Your Data Leak? Uncovering the Data Leakage in Cloud From Mobile Apps"
  • [NDSS'19] "Geo-locating Drivers: A Study of Sensitive Data Leakagein Ride-Hailing Services"
  • [CCS'18] "K-Hunt: Pinpointing Insecure Cryptographic Keys from Execution Traces"
  • [NDSS'18] "Superset Disassembly: Statically Rewriting x86 Binaries Without Heuristics"
  • [NDSS'18] "IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing"
  • [CCS'17] "AuthScope: Towards Automatic Discovery of Vulnerable Authorizations in Online Services''
  • [NDSS'16] "Automatic Forgery of Cryptographically Consistent Messages to Identify Security Vulnerabilities in Mobile Services" (or How to brute-force user's password when given a mobile app)
  • [USENIX-SEC'14] "X-Force: Force-Executing Binary Programs for Security Applications"
  • [NDSS'14] "Hybrid-Bridge: Efficiently Bridging the Semantic-Gap in Virtual Machine Introspection via Decoupled Execution and Training Memoization"
  • [NDSS'14] "SMV-Hunter: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps"
  • [CCS'13] "Obfuscation-resilient Binary Code Reuse through Trace-oriented Programming"
  • [CCS'12] "Binary Stirring: Self-randomizing Instruction Addresses of Legacy x86 Binary Code"
  • [S&P'12] "Space Traveling across VM: Automatically Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection"

---

Teaching

• CSE 2431/5431: System II: Introduction to Operating Systems Fall 2019
• CSE 5473: Network Security Fall 2018
• CSE 5479: Software Security Fall 2018
• CS 6332: Systems Security and Binary Code Analysis Fall 2017
• CS 7301: Advanced Topics in Systems Security Spring 2017
• CS 6332: Systems Security and Binary Code Analysis Fall 2016
• CS 4393: Computer and Network Security Spring 2016
• CS 6332: Systems Security and Binary Code Analysis Fall 2015
• CS 4393: Computer and Network Security Spring 2015
• CS 6301: Offense-based Cyber Security Fall 2014
• CS 4v95: Offense-based Cyber Security Fall 2014
• CS 4393: Computer and Network Security Spring 2014
• CS 6301: Systems Security and Binary Code Analysis Fall 2013
• CS 7301: Advanced Operating Systems Security Fall 2013
• CS 4393: Computer and Network Security Spring 2013
• CS 6324: Information Security Fall 2012
• CS 6301: Systems Security and Binary Code Analysis Spring 2012
• CS 6V81: Advanced Digital Forensics and Data Reverse Engineering Fall 2011

---

Service

• Editorial Service:
  • Associate Editor: IEEE Transactions on Dependable and Secure Computing (TDSC), 16~
• Panelist:
  • NSF proposal review panels, 12, 16, 17, 18, 19
• Conference Organization:
  • Program co-chair: Information Security Conference, 19
  • Program co-chair: Workshop on Forming an Ecosystem Around Software Transformation, 19
  • Area chair: ACM Conference on Computer and Communications Security (CCS), 19
  • Steering committee: International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 17~
  • Local Arrangement Chair: ACM Conference on Computer and Communications Security (CCS), 17
• TPC Member:
  • Network and Distributed System Security Symposium (NDSS), 15, 19, 20
  • ACM Conference on Computer and Communications Security (CCS), 14, 15, 16, 18, 19
  • USENIX Security Symposium, 17
  • World Wide Web (WWW) Conference, 18
  • Annual Computer Security Applications Conference (ACSAC), 14, 16, 17, 18, 19
  • International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 16
  • ACM Symposium on Information, Computer and Communications Security (AsiaCCS), 13, 14, 15, 16, 18
  • Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 16, 17, 18, 19
  • Annual Digital Forensics Research Conference (DFRWS), 13, 14, 15, 16, 17, 18, 19
  • International Conf. on Security and Privacy in Communication Networks (SECURECOMM), 15, 16, 17, 18, 19
  • International Conference on Privacy, Security and Trust (PST), 13, 14, 15, 18, 19
  • Information Security Conference (ISC), 17, 19
  • Workshop on System Software for Trusted Execution (SysTex), 16, 17
  • Workshop on Forming an Ecosystem Around Software Transformation (FEAST), 17, 18, 19
  • IEEE International Conference on Distributed Computing Systems (ICDCS), 14
  • IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid), 13, 14
  • IEEE International Conference on Big Data (BigData), 13, 14, 16
  • The International Congress on Big Data (BigData), 14, 17
  • International Symposium on Foundations and Applications of Big Data Analytics (FAB), 15, 16
  • International Symposium on Big Data Management and Analytics (BIDMA), 16
  • The IEEE International Conference on Cyber Security and Cloud Computing (CSCloud), 15
  • International Workshop on Cloud Compliance (IWCC), 15
  • The European Workshop on Systems Security (EuroSec), 14
  • IEEE International Performance Computing and Communications Conference (IPCCC), 11, 12, 13, 14, 15
  • Workshop on Hardware and Architectural Support for Security and Privacy (HASP), 12, 13, 14, 15, 16
  • The International Symposium on Secure Virtual Infrastructures, 13, 14

---

Misc

• My calendar

---

HOME SOURCE