0

Bridging the Gap between Real-World and Formal Binary Lifting through Filtered-Simulation (to appear)

Automated Attack Synthesis for Constant Product Market Makers (to appear)

FirmState: Bringing Cellular Protocol States to Shannon Baseband Emulation (to appear)

RGFuzz: Rule-Guided Fuzzer for WebAssembly Runtimes (to appear)

From the Vulnerability to the Victory: A Chrome Renderer 1-Day Exploit’s Journey to v8CTF Glory

In today’s digital era, where the internet has become as essential as the air we breathe, the browsers serve as our windows to the vast expanse of the digital world. On top of web surfing, browsers extend their capabilities from being integrated into …

One shot, Triple kill: Pwning all three Google kernelCTF instances with a single 1-day Linux vulnerability

Desktops, servers, cloud computing services, mobile devices, and IoT devices. Linux is the most popular open-source kernel and is used in various IT platforms. Because of the ubiquitous presence of Linux and the characteristic of the kernel which …

BaseComp: A Comparative Analysis for Integrity Protection in Cellular Baseband Software

QueryX: Symbolic Query on Decompiled Code for Finding Bugs in COTS Binaries

Fuzzing@Home: Distributed Fuzzing on Untrusted Heterogeneous Clients

DoLTEst: In-depth Downlink Negative Testing Framework for LTE Devices