ORCID as entered in ROS
![orcid_icon](/themes/resgate8/images/icons/ORCIDiD_icon24x24.png)
Select Publications
2022, 'Deep Learning for Coverage-Guided Fuzzing: How Far are We?', IEEE Transactions on Dependable and Secure Computing, http://dx.doi.org/10.1109/TDSC.2022.3200525
,2024, 'Medusa: Unveil Memory Exhaustion DoS Vulnerabilities in Protocol Implementations', in WWW 2024 - Proceedings of the ACM Web Conference, pp. 1668 - 1679, http://dx.doi.org/10.1145/3589334.3645476
,2024, 'MeTMaP: Metamorphic Testing for Detecting False Vector Matching Problems in LLM Augmented Generation', in Proceedings of the 2024 IEEE/ACM First International Conference on AI Foundation Models and Software Engineering, ACM, presented at FORGE '24: 2024 IEEE/ACM First International Conference on AI Foundation Models and Software Engineering, http://dx.doi.org/10.1145/3650105.3652297
,2023, 'Monitoring Automotive Software Security Health through Trustworthiness Score', in Proceedings: CSCS 2023 - 7th ACM Computer Science in Cars Symposium, http://dx.doi.org/10.1145/3631204.3631859
,2023, 'ACETest: Automated Constraint Extraction for Testing Deep Learning Operators', in ISSTA 2023 - Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 690 - 702, http://dx.doi.org/10.1145/3597926.3598088
,2023, 'ASTER: Automatic Speech Recognition System Accessibility Testing for Stutterers', in Proceedings - 2023 38th IEEE/ACM International Conference on Automated Software Engineering, ASE 2023, pp. 510 - 521, http://dx.doi.org/10.1109/ASE56229.2023.00107
,2023, 'HasteFuzz: Full-Speed Fuzzing', in Proceedings - 2023 IEEE/ACM International Workshop on Search-Based and Fuzz Testing, SBFT 2023, pp. 73 - 75, http://dx.doi.org/10.1109/SBFT59156.2023.00022
,2023, 'NAUTILUS: Automated RESTful API Vulnerability Detection', in 32nd USENIX Security Symposium, USENIX Security 2023, pp. 5593 - 5610
,2023, 'PumpChannel: An Efficient and Secure Communication Channel for Trusted Execution Environment on ARM-FPGA Embedded SoC', in Proceedings -Design, Automation and Test in Europe, DATE, http://dx.doi.org/10.23919/DATE56975.2023.10137170
,2023, 'RSFuzzer: Discovering Deep SMI Handler Vulnerabilities in UEFI Firmware with Hybrid Fuzzing', in Proceedings - IEEE Symposium on Security and Privacy, pp. 2155 - 2169, http://dx.doi.org/10.1109/SP46215.2023.10179421
,2022, 'More Secure Collaborative APIs resistant to Flush-Based Cache Attacks on Cortex-A9 Based Automotive System', in Proceedings - CSCS 2022: 6th ACM Computer Science in Cars Symposium, http://dx.doi.org/10.1145/3568160.3570227
,2022, 'Morest: Industry Practice of Automatic RESTful API Testing', in ACM International Conference Proceeding Series, http://dx.doi.org/10.1145/3551349.3559498
,2022, 'Efficient greybox fuzzing of applications in Linux-based IoT devices via enhanced user-mode emulation', in ISSTA 2022 - Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 417 - 428, http://dx.doi.org/10.1145/3533767.3534414
,2022, 'Morest: Model-based RESTful API Testing with Execution Feedback', in Proceedings - International Conference on Software Engineering, pp. 1406 - 1417, http://dx.doi.org/10.1145/3510003.3510133
,2022, 'RegexScalpel: Regular Expression Denial of Service (ReDoS) Defense by Localize-and-Fix', in Proceedings of the 31st USENIX Security Symposium, Security 2022, pp. 4183 - 4200
,2022, 'Windranger: A Directed Greybox Fuzzer driven by Deviation Basic Blocks', in Proceedings - International Conference on Software Engineering, pp. 2440 - 2451, http://dx.doi.org/10.1145/3510003.3510197
,2021, 'SoFi: Reflection-Augmented Fuzzing for JavaScript Engines', in Proceedings of the ACM Conference on Computer and Communications Security, pp. 2229 - 2242, http://dx.doi.org/10.1145/3460120.3484823
,2021, 'A First Look at the Effect of Deep Learning in Coverage-guided Fuzzing', in Proceedings - 2021 36th IEEE/ACM International Conference on Automated Software Engineering, ASE 2021, pp. 1186 - 1189, http://dx.doi.org/10.1109/ASE51524.2021.9678794
,2021, 'APICRAFT: Fuzz driver generation for closed-source SDK libraries', in Proceedings of the 30th USENIX Security Symposium, pp. 2811 - 2828
,2021, 'BIFF: Practical Binary Fuzzing Framework for Programs of IoT and Mobile Devices', in Proceedings - 2021 36th IEEE/ACM International Conference on Automated Software Engineering, ASE 2021, pp. 1161 - 1165, http://dx.doi.org/10.1109/ASE51524.2021.9678910
,2021, 'Vall-nut: Principled Anti-Grey box - Fuzzing', in Proceedings - International Symposium on Software Reliability Engineering, ISSRE, pp. 288 - 299, http://dx.doi.org/10.1109/ISSRE52982.2021.00039
,2020, 'Ori: A greybox fuzzer for SOME/IP protocols in automotive ethernet', in Proceedings - Asia-Pacific Software Engineering Conference, APSEC, pp. 495 - 499, http://dx.doi.org/10.1109/APSEC51365.2020.00063
,2020, 'Memlock: Memory usage guided fuzzing', in Proceedings - International Conference on Software Engineering, pp. 765 - 777, http://dx.doi.org/10.1145/3377811.3380396
,2020, 'Typestate-guided fuzzer for discovering use-after-free vulnerabilities', in Proceedings - International Conference on Software Engineering, pp. 999 - 1010, http://dx.doi.org/10.1145/3377811.3380386
,2020, 'MUZZ: Thread-aware grey-box fuzzing for effective bug hunting in multithreaded programs', in Proceedings of the 29th USENIX Security Symposium, pp. 2325 - 2342
,2019, 'Cerebro: Context-aware adaptive fuzzing for effective vulnerability detection', in ESEC/FSE 2019 - Proceedings of the 2019 27th ACM Joint Meeting European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 533 - 544, http://dx.doi.org/10.1145/3338906.3338975
,2019, 'Locating vulnerabilities in binaries via memory layout recovering', in ESEC/FSE 2019 - Proceedings of the 2019 27th ACM Joint Meeting European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 718 - 728, http://dx.doi.org/10.1145/3338906.3338966
,2019, 'LEOPARD: Identifying Vulnerable Code for Vulnerability Assessment Through Program Metrics', in Proceedings - International Conference on Software Engineering, pp. 60 - 71, http://dx.doi.org/10.1109/ICSE.2019.00024
,2019, 'Diffchaser: Detecting disagreements for deep neural networks', in IJCAI International Joint Conference on Artificial Intelligence, pp. 5772 - 5778, http://dx.doi.org/10.24963/ijcai.2019/800
,2018, 'FOT: A versatile, configurable, extensible fuzzing framework', in ESEC/FSE 2018 - Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 867 - 870, http://dx.doi.org/10.1145/3236024.3264593
,2018, 'Hawkeye: Towards a desired directed grey-box fuzzer', in Proceedings of the ACM Conference on Computer and Communications Security, pp. 2095 - 2108, http://dx.doi.org/10.1145/3243734.3243849
,2018, 'Principled greybox fuzzing', in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), pp. 455 - 458, http://dx.doi.org/10.1007/978-3-030-02450-5_34
,2017, 'Steelix: Program-state based binary fuzzing', in Proceedings of the ACM SIGSOFT Symposium on the Foundations of Software Engineering, pp. 627 - 637, http://dx.doi.org/10.1145/3106237.3106295
,