About
- I am a Distinguished Professor of Engineering in the Department of Computer Science and Engineering (CSE), and the director of Institute for Cybersecurity and Digital Trust (ICDT) at The Ohio State University (OSU).
- I am also the founding director of Computer Security Laboratory (SecLab), a faculty member in Center for Automotive Research (CAR), Translational Data Analytics Institute (TDAI), and NSF AI Institute for Future Edge Networks and Distributed Intelligence (AI-Edge).
- In addition, I am the founding faculty advisor of Women in Cyber Security (WiCys) chapter at OSU, and I am also one of the faculty advisors of OSU Cybersecurity Club (OSUCyber).
- I am broadly interested in most of the cybersecurity problems (e.g., vulnerability discovery, authentication, authorization, introspection, deception, applied cryptography, and side channel analysis), with a key focus on advancing or using program analysis to solve the security problems.
- More specifically, I have been working on developing novel or using existing program analysis and reverse engineering techniques for vulnerability discovery with native binary code in the past decade, and recently also on byte code (Java), script code (JavaScript), or even source code (C/C++), covering the entire software stack from firmware to applications, from web, mobile, IoT (particularly Bluetooth), to blockchain. In addition to finding vulnerabilities, I also work on hardening the software against various attacks, particularly on improving or using binary code rewriting, virtual machine introspection, and trusted execution environment (TEE) towards this goal.
- Sometimes, I also use program (binary or source code) analysis as a tool for measurement studies in order to gain insights and understanding on the security problems of interest.
- My research has been supported in part by federal agencies such as AFOSR, ARO, DARPA, NHTSA, NSA, NSF, and ONR, and industry such as Amazon, Cisco, Raytheon, and VMware.
- I am an ACM Distinguished Member, a recipient of NSF CAREER Award and AFOSR YIP Award. I also received the Harrison Faculty Award for Excellence in Engineering Education from College of Engineering, and the Outstanding Faculty Teaching Award from Department of Computer Science and Engineering at OSU.
- My short bio can be found here
- The best way to reach me is through my email:
- My office: DL 798
- Phone: (614) 292-0055
- Fax: (614) 292-2911
- PGP key: zlin.pub
- Mail Address:
Zhiqiang Lin 798 Dreese Laboratories 2015 Neil Avenue Columbus, OH 43210-1277
Research
- Current Interests:
- Mobile Security (mobile app analysis, automotive security, contact tracing, 5G, Bluetooth/IoT security)
- Mobile Super/Mini App Security
- APIDiff [USENIX-SEC'23]
- APIScope [CCS'23]
- Detecting AppSecret Leaks in Miniapps [CCS'23]
- TaintMini [ICSE'23]
- Cross Miniapp Request Forgeory (CMRF) [CCS'22]
- MiniCrawler [SIGMETRICS'21]
- Bluetooth Security and Privacy
- BleGuuide [AsiaCCS'23]
- Formal verification of BLE Passkey Entry pairing [NDSS'23]
- Allowlist-based Side Channel Attacks [CCS'22][Best Paper Award Honorable Mention]
- Google/Apple Exposure Notification+ [PETS'22]
- Bluetooth Downgrading Attacks [USENIX-SEC'20]
- FirmXRay [CCS'20]
- BleScope [CCS'19]
- Automotive Security
- QtRE [USENIX-SEC'23]
- CAN-Hunter [NDSS'20]
- DongleScope [USENIX-SEC'20]
- SAVIOR [USENIX-SEC'20]
- 3DScan [USENIX-SEC'23]
- RILDefender [NDSS'23]
- LocationScope [SIGMETRICS'23]
- IoTSpotter [CCS'22]
- ManiScope [CCS'22]
- InputScope [S&P'20]
- FirmScope [USENIX-SEC'20]
- SkyWalker [USENIX-SEC'19]
- Leaks in Ride-hailing Services [NDSS'19]
- LeakScope [S&P'19]
- IoTFuzzer [NDSS'18]
- AuthScope [CCS'17]
- SmartGen [WWW'17]
- AutoForge [NDSS'16]
- SMV-Hunter [NDSS'14]
- Mobile Super/Mini App Security
- Software Security (binary or firmware code analysis, vulnerability discovery, and software hardening)
- STING [USENIX-SEC'23]
- QtRE [USENIX-SEC'23]
- Smart Contract Vulnerability Analysis [ICSE'23]
- SymLM [CCS'22]
- PaymentScope [USENIX-SEC'22]
- SelectiveTaint [USENIX-SEC'21]
- FirmScope [USENIX-SEC'20]
- TxSpector [USENIX-SEC'20]
- CONFIRM: CFI Benchmarks [USENIX-SEC'19]
- Probabilistic Disassembly [ICSE'19]
- Superset Disassembly [NDSS'18]
- K-Hunt [CCS'18]
- Guarder [USENIX-SEC'18]
- FreeGuard [CCS'17],
- X-Force [USENIX-SEC'14]
- Trace-oriented Programming [CCS'13]
- STIR [CCS'12]
- REWARDS [NDSS'10]
- IntScope [NDSS'09]
- AutoFormat [NDSS'08]
- Systems Security (OS kernel and hypervisor security, trusted computing)
- Reusable Enclave [USENIX-SEC'23]
- SGX-Racer [USENIX-SEC'23]
- vSGX [S&P'22]
- SGX State Continuity Vulnerability Detection [USENIX-SEC'21]
- CrossLine Attack [CCS'21][Best Paper Award Runner-up]
- Rust-SGX [CCS'19]
- AMD-SEV-IO-Security [USENIX-SEC'19]
- SGX-Pectre [EUROSP'19]
- SGX-BigMatrix [CCS'17]
- SGX-Elide [CGO'18]
- SGX-LAPD [RAID'17]
- Hybrid-Bridge [NDSS'14]
- HyperShell [USENIX-ATC'14]
- Crypto-key Protection [USENIX-SEC'14]
- VM Space Travler [S&P'12]
- SigGraph [NDSS'11]
- Mobile Security (mobile app analysis, automotive security, contact tracing, 5G, Bluetooth/IoT security)
- Groups:
- Recent Publications [Complete list]
- [CCS'23] "Uncovering and Exploiting Hidden APIs in Mobile Super Apps"
- [CCS'23] " Don’t Leak Your Keys: Understanding, Measuring, and Exploiting the AppSecret Leaks in Mini-Programs"
- [USENIX-SEC'23] "Egg Hunt in Tesla Infotainment: A First Look at Reverse Engineering of Qt Binaries''
- [USENIX-SEC'23] "Controlled Data Races in Enclaves: Attacks and Detection''
- [USENIX-SEC'23] "One Size Does Not Fit All: Uncovering and Exploiting Cross Platform Discrepant APIs in WeChat''
- [USENIX-SEC'23] "Reusable Enclaves for Confidential Serverless Computing''
- [USENIX-SEC'23] "Your Exploit is Mine: Instantly Synthesizing Counterattack Smart Contract''
- [USENIX-SEC'23] "A Peek into the Metaverse: Detecting 3D Model Clones in Mobile Games''
- [NDSS'23] Thwarting Smartphone SMS Attacks at the Radio Interface Layer
- [SIGMETRICS'23] "Detecting and Measuring Aggressive Location Harvesting in Mobile Apps via Data-flow Path Embedding"
- [ICSE'23] TaintMini: Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis
- [ICSE'23] Demystifying Exploitable Bugs in Smart Contracts
- [NDSS'23] Extrapolating Formal Analysis to Uncover Attacks in Bluetooth Passkey Entry Pairing
- [CCS'22] "When Good Becomes Evil: Tracking Bluetooth Low Energy Devices via Allowlist-based Side Channel and Its Countermeasure"
- [CCS'22] "Cross Miniapp Request Forgery: Root Causes, Attacks, and Vulnerability Detection"
- [CCS'22] "Detecting and Measuring of Misconfigured Manifest in Android Apps"
- [CCS'22] "SymLM: Predicating Function Name in Stripped Binaries through Context-Sensitive Execution-Aware Code Embeddings"
- [CCS'22] "Understanding IoT Security from a Market-Scale Perspective"
- [USENIX-SEC'22] "Playing Without Paying: Detecting Vulnerable Payment Verification in Native Binaries of Mobile Games''
- [PETS'22] "Replay (Far) Away: Exploiting and Fixing Google/Apple Exposure Notification Contact Tracing"
- [S&P'22] "vSGX: Virtualizing SGX Enclaves on AMD SEV''
- [NDSS'22] Multi-Certificate Attacks Against Proof-of-Elapsed-Time And Their Countermeasures
Teaching
- CSE 5474: Software Security Spring 2023
- CSE 5474: Software Security Spring 2022
- CSE 5194: Software Security Spring 2021
- CSE 5473: Network Security Fall 2020
- CSE 4471: Information Security Fall 2019
- CSE 5473: Network Security Fall 2018
- CSE 5479: Software Security Fall 2018
- Recent Talks
- 04/18/2023, Unlocking the Potential of Domain Aware Binary Analysis in the Era of IoT [PDF], invited talk at the Cybersecurity Club meetings at OSU
- 04/13/2023, Rethinking the Security and Privacy of Bluetooth Low Energy [PDF], invited talk at Washington University at St. Louis
- 04/07/2023, Unlocking the Potential of Domain Aware Binary Analysis in the Era of IoT, Distinguished Talk at Cybersecurity Symposium at Arizona State University
- 03/03/2023, Unlocking the Potential of Domain Aware Binary Analysis in the Era of IoT, Keynote at Workshop on Binary Analysis Research (BAR)
- More ...
Service
- Editorial Service:
- Associate Editor: ACM/IEEE Transactions on Networking (ToN), 21~
- Associate Editor: ACM Transactions on Privacy and Security (TOPS), 20~
- Associate Editor: IEEE Transactions on Mobile Computing (TMC), 20~22
- Associate Editor: IEEE Transactions on Dependable and Secure Computing (TDSC), 16~22
- Conference Organization:
- Program co-chair: International Conf. on Security and Privacy in Comm. Networks (SECURECOMM), 22
- Program co-chair: ACM ASIA Conference on Computer and Communications Security (ASIACCS), 21
- Program co-chair: Information Security Conference (ISC), 19
- Program co-chair: Workshop on Forming an Ecosystem Around Software Transformation (FEAST), 19
- Area chair: ACM Conference on Computer and Communications Security (CCS), 19
- Steering committee: International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 17~
- Steering committee: Information Security Conference, 19~
- Local arrangement chair: ACM Conference on Computer and Communications Security (CCS), 17
- Technical Program Committee (TPC) Member:
- ACM Conference on Computer and Communications Security (CCS), 14, 15, 16, 18, 19, 20, 22, 23
- IEEE Symposium on Security and Privacy, 21, 22, 24
- USENIX Security Symposium, 17, 21, 22, 24
- ISOC Network and Distributed System Security Symposium (NDSS), 15, 19, 20
- World Wide Web (WWW) Conference, 18
- IEEE International Conference on Mobility: Operations, Services, and Technologies (MOST), 23
- ISOC Symposium on Vehicle Security & Privacy (VehicleSec), 23
- IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 20, 21, 22
- ACM ASIA Conference on Computer and Communications Security (ASIACCS), 13, 14, 15, 16, 18
- Annual Computer Security Applications Conference (ACSAC), 14, 16, 17, 18, 19, 20, 21, 22
- International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 16
- European Symposium on Research in Computer Security (ESORICS), 21, 22
- Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 16, 17, 18, 19, 22
- International Conference on Applied Cryptography and Network Security (ACNS), 20 21
- International Conf. on Security and Privacy in Comm. Networks (SECURECOMM), 15, 16, 17, 18, 19, 20
- Annual Digital Forensics Research Conference (DFRWS), 13, 14, 15, 16, 17, 18, 19, 20
- International Conference on Privacy, Security and Trust (PST), 13, 14, 15, 18, 19
- ACM Cloud Computing Security Workshop (CCSW), 19, 21
- Workshop on Automotive and Autonomous Vehicle Security (AutoSec), 21, 22
- Program Analysis and Verification on Trusted Platforms (PAVeTrust) 21, 22
- Information Security Conference (ISC), 17, 19
- Workshop on System Software for Trusted Execution (SysTex), 16, 17
- Workshop on Forming an Ecosystem Around Software Transformation (FEAST), 17, 18, 19
- IEEE International Conference on Distributed Computing Systems (ICDCS), 14
- IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid), 13, 14
- IEEE International Conference on Big Data (BigData), 13, 14, 16
- International Congress on Big Data (BigData), 14, 17
- International Symposium on Foundations and Applications of Big Data Analytics (FAB), 15, 16
- International Symposium on Big Data Management and Analytics (BIDMA), 16
- IEEE International Conference on Cyber Security and Cloud Computing (CSCloud), 15
- International Workshop on Cloud Compliance (IWCC), 15
- The European Workshop on Systems Security (EuroSec), 14
- IEEE International Performance Computing and Communications Conference (IPCCC), 11, 12, 13, 14, 15
- Workshop on Hardware and Architectural Support for Security and Privacy (HASP), 12, 13, 14, 15, 16
- International Symposium on Secure Virtual Infrastructures, 13, 14
- Panelist:
- NSF proposal review panels, 12, 16, 17, 18, 19, 20, 21, 22
- Artifact Evaluation Committee Member: