复旦大学-系统软件与安全实验室

论文发表：2022

[S&P 2022] Exploit the Last Straw That Breaks Android Systems

Authors:
Lei Zhang, Keke Lian, Haoyu Xiao, Zhibo Zhang, Peng Liu, Yuan Zhang, Min Yang, Haixin Duan

Publication:
In Proceedings of the IEEE Symposium on Security and Privacy (S&P), 2022,Oakland, USA

[Security 2022] Ferry: State-Aware Symbolic Execution for Exploring State-Dependent Program Paths

Authors:
Shunfan Zhou, Zhemin Yang, Dan Qiao, Peng Liu, Min Yang, Zhe Wang, Chenggang Wu

Publication:
This paper is included in the Proceedings of the 31st USENIX Security Symposium, August 10–12, 2022.

[WWW 2022] Understanding the Practice of Security Patch Management across Multiple Branches in OSS Projects

Authors:
Xin Tan, Yuan Zhang, Jiajun Cao, Kun Sun, Mi Zhang and Min Yang

Publication:
This paper is included in the Proceedings of the 31st ACM Web Conference (WWW), April 25–29, 2022.

[Security 2022] Backporting Security Patches of Web Applications: A Prototype Design and Implementation on Injection Vulnerability Patches

Authors:
Youkun Shi, Yuan Zhang, Tianhan Luo, Xiangyu Mao, Yinzhi Cao, Ziwen Wang, Yudi Zhao, Zongan Huang, Min Yang

Publication:
This paper is included in the Proceedings of the 31st USENIX Security Symposium (USENIX Security), August 10-12, 2022.

[CCS 2022] Collect Responsibly But Deliver Arbitrarily? A Study on Cross-User Privacy Leakage in Mobile Apps

Authors:
Shuai Li, Zhemin Yang, Nan Hua, Peng Liu, Xiaohan Zhang, Guangliang Yang, Min Yang

Publication:
This paper is included in the Proceedings of the 29th ACM Conference on Computer and Communications Security(CCS), 2022

[Security 2022] Hidden Trigger Backdoor Attack on NLP Models via Linguistic Style Manipulation

Authors:
Xudong Pan，Mi Zhang，Beina Sheng，Jiaming Zhu，Min Yang

Publication:
This paper is included in the Proceedings of the 31st USENIX Security Symposium (USENIX Security), August 10-12, 2022.

[KDD 2022] MetaV: A Meta-Verifier Approach to Task-Agnostic Model Fingerprinting

Authors:
Xudong Pan, Yifan Yan, Mi Zhang, Min Yang

Publication:
The paper is included in Proceedings of the 28th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining(KDD), August 14-18, 2022.

[ASE 2022] Precise (Un)Affected Version Analysis for Web Vulnerabilities

Authors:
Youkun Shi, Yuan Zhang, Tianhan Luo, Xiangyu Mao, Min Yang

Publication:
The paper is included in Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering (ASE), Ann Arbor, Michigan, United States, October 10-14, 2022 (coming soon).

[Security 2022 Distinguished Paper Award] Identity Confusion in WebView-based Mobile App-in-app Ecosystems

Authors:
Lei Zhang, Zhibo Zhang, Ancong Liu, Yinzhi Cao, Xiaohan Zhang, Yanjun Chen, Yuan Zhang, Guangliang Yang, Min Yang

Publication:
This paper is included in the Proceedings of the 31st USENIX Security Symposium, Boston, MA, USA, August 10–12, 2022.

[NeurIPS 2022] House of Cans: Covert Transmission of Internal Datasets via Capacity-Aware Neuron Steganography

Authors:
Xudong Pan, Shengyao Zhang, Mi Zhang, Yifan Yan, Min Yang

Publication:
This paper is included in the Proceedings of the 36th Annual Conference on Neural Information Processing Systems (NeurIPS 2022)

系统软件与安全实验室