Publications

  • [ESEC/FSE 2023] Input-driven Dynamic Program Debloating for Code-reuse Attack Mitigation.
    Xiaoke Wang, Tao Hui, Lei Zhao, Yueqiang Cheng.
    In the ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2023).
  • 网络协议软件漏洞挖掘技术综述
    喻波,苏金树,杨强,黄见欣,盛周石,刘润昊,卢建君,梁晨,陈晨,赵磊
    软件学报, 2023: 1-27
  • 二进制比对技术:场景、方法与挑战.
    胡梦莹,王笑克,赵磊
    信息安全学报,2023
  • 基于交易序列分层变异的EVM模糊测试
    周潮晖,赵易如,刘佩,王笑克,童铃皓,赵磊
    计算机系统应用, 2023: 1-8
  • [ICSE'2023] APICAD: Augmenting API Misuse Detection through Specifications from Code and Documents
    Xiaoke Wang, Lei Zhao.
    In the 45th International Conference on Software Engineering (ICSE 2023).
  • Ex2: Monte Carlo Tree Search-based Test Inputs Prioritization for Fuzzing Deep Neural Networks
    Aoshuang Ye, Lina Wang, Lei Zhao, Jianpeng Ke.
    Journal of Intelligent Systems, 2022, 28:1765-1788.
  • [ACSAC'2022] Alphuzz: Monte Carlo Search on Seed-Mutation Tree for Coverage-Guided Fuzzing.[open source]
    Yiru Zhao (Wuhan university), Xiaoke Wang (Wuhan university), Lei Zhao (Wuhan university), Yueqiang Cheng (NIO Security Research), Heng Yin (UC Riverside).
    In the 2022 Annual Computer Security Applications Conference.(ACSAC 2022)
  • [Inscrypt'22] Efficient DNN Backdoor Detection Guided by Static Weight Analysis.
    Qi Wang, Wenxin Li, Kang Yang, Lei Zhao and Lina Wang.
    In the 18th International Conference on Information Security and Cryptology.(Inscrypt 2022)
  • 基于关键点的混合式漏洞挖掘测试用例同步方法
    赵磊,辉涛,蒋可洋,曹彭程
    工程科学与技术, Vol. 54 No. 3, 2022.05
  • [IJCNN'22] DANCe: Dynamic Adaptive Neuron Coverage for Fuzzing Deep Neural Networks.
    Aoshuang Ye, Lina Wang*, Lei Zhao*, Jianpeng Ke.
    In 2022 International Joint Conference on Neural Networks (IJCNN). IEEE.
  • [TDSC'22] Capturing Invalid Input Manipulations for Memory Corruption Diagnosis.[open source]
    Lei Zhao, Keyang Jiang, Yuncong Zhu, Jiang Ming, and Lina Wang.
    IEEE Transactions on Dependable and Secure Computing. Online
  • RapidFuzz: Accelerating fuzzing via Generative Adversarial Networks.
    Aoshuang Ye, Lina Wang*, Lei Zhao*, Jianpeng Ke, Wenqi Wang, Qinliang Liu.
    Neurocomputing, 2021.
  • Identifying Semantics of ROP exploits for Transplantation and Generation (in Chinese).
    ROP漏洞利用脚本的语义还原和自动化移植方法

    Ruiheng Shi, Yuncong Zhu, and Lei Zhao
    Journal of Computer Science (计算机科学). to appear
  • [ISC'21] TridentShell: A Covert and Scalable Backdoor Injection.
    Xiaobo Yu, Weizhi Meng, Lei Zhao, and Yining Liu.
    in the 24th International Conference on Information Security, ISC 2021
  • [ICICS'21] Exposing DeepFakes via Localizing the Manipulated Artifacts.
    Wenxin Li, Qi Wang, Run Wang, Lei Zhao* and Lina Wang.
    in the 2021 International Conference on Information and Communications Security
  • [Security'21] VScape: Assessing and Escaping Virtual Call Protections.
    Kaixiang Chen, Chao Zhang, Tingting Yin, Xingman Chen, Lei Zhao
    In the 30th USENIX Security Symposium, 2021
  • Probabilistic Path Prioritization for Hybrid Fuzzing.[open source]
    Lei Zhao, Pengcheng Cao, Yue Duan, Heng Yin, Jifeng Xuan.
    IEEE Transactions on Dependable and Secure Computing. Online
  • [CCS'20] PatchScope: Memory Object Centric Patch Diffing.
    Lei Zhao, Yuncong Zhu, Jiang Ming, Yichen Zhang, Haotian Zhang, Heng Yin.
    Proceedings of the 27th ACM Conference on Computer and Communications Security, Virtual Event, November 9-13, 2020. (Acceptance ratio 16.9%=121/715)
  • 基于时空特征一致性的Deepfake视频检测模型.
    赵磊,葛万峰,毛钰竹,韩萌,李文欣,李学.
    工程科学与技术, Vol. 52 No. 4, 2020.07
  • 模糊测试中基于神经网络的敏感区域预测算法研究.
    张羿辰,赵磊*,金银山.
    信息安全学报,Vol.5 No.1, 2020.01
  • [ICICS'19] Capturing the Persistence of Facial Expression Features for Deep Fake Video Detection.
    Yiru Zhao, Wanfeng Ge, Wenxin Li, Run Wang, Lei Zhao* and Jiang Ming.
    in the 2019 International Conference on Information and Communications Security
  • [GlobeCom 19] Defending against ROP exploits with nearly zero overhead.
    Peng Qin, Cheng Tan, Lei Zhao* and Yueqiang Cheng
    The 2019 IEEE Global Communications Conference (GLOBECOM)
  • [NDSS'19] Send Hardest Problems My Way: Probabilistic Path Prioritization for Hybrid Fuzzing
    Lei Zhao, Yue Duan, Heng Yin, and Jifeng Xuan.
    in the Network and Distributed System Security Symposium, February 2019. (Acceptance rate: 17.4%)
  • SmartPI: Understanding Permission Implications of Android Apps from User Reviews.
    Run Wang, Zhibo Wang, Benxiao Tang, Lei Zhao, Lina Wang.
    IEEE Transactions on Mobile Computing(TMC), 19(12), 2020: 2933-2945, [CCF-A, SCI]
  • General Defense Method Defeating Motion Sensor Side Channel Based on Laplace Mechanism (in Chinese)
    基于Laplace机制的普适运动传感器侧信道防御方案

    TANG Benxiao, WANG Lina, WANG Run, ZHAO Lei, CHEN Qingsong.
    Journal of Software(软件学报), 30(8), 2019: 2392-2414. [EI]
  • Software Homology Detection with Dynamic Birthmarks Based on Memory Object Access Sequences (in Chinese)
    基于内存对象访问序列动态胎记的程序同源性判别方法

    CHEN Tong, ZHAO Lei*, WANG Lina, WANG Run.
    Journal of Wuhan University (Natural Science Edition) (武汉大学学报·理学版), 02, 2019: 185-194.
  • A Defensive Method Against Physical Secsor-Based Side-Channel Attack Based on Differential Privacy (in Chinese).
    Benxiao Tang, Lina Wang, Run Wang, Lei Zhao, Danlei Wang.
    Journal of Computer Research and Development. 55(7): 1371-1392, 2018.
  • Niffler: A Context-Aware and User-Independent Side-Channel Attack System for Password Inference.
    Benxiao Tang, Zhibo Wang, Run Wang, Lei Zhao, Lina Wang.
    Wireless Communications and Mobile Computing, 2018.5, 2018
  • SPRD: Fast Applicaiton Repackaging Detection Approach in Android based on Application's UI and Program Dependency Grapy.
    Run Wang, Lina Wang, Benxiao Tang, Lei Zhao.
    Journal of Communications, 39(3):159-271, 2018. (in Chinese)
  • Attack Provenance Tracing in the Cyberspace: Solutions, Challenges and Future Directions.
    Cheng Tan, Qian Wang, Lina Wang, Lei Zhao*.
    IEEE Network Magazine, 2018
  • CAPT: Context-Aware provenance tracing for attack investigation.
    Cheng Tan, Lei Zhao*, Weijie Liu, Lai Xu, Lina Wang.
    China Communications (2018)
  • [JSS] deExploit: Identifying misuses of input data to diagnose memory-corruption exploits at the binary level.
    Run Wang, Pei Liu, Lei Zhao*
    Journal of Systems and Software, vol. 124 (2017)
  • [ICAPDS'17] Baseline Is Fragile: On the Effectiveness of Stack Pivot Defense.
    Fei Yan, Fan Huang, Lei Zhao.
    IEEE International Conference on Parallel & Distributed Systems. IEEE, 2017.
  • Fault localization guided execution comparison for failure comprehension.
    Mengleng Liu, Pei Liu, Xiaoshuang Yang, Lei Zhao*.
    2016 IEEE International Conference on Software Quality, Reliability and Security Companion. Pages 163-166, Aug 2016.
  • [COMPSAC'15] Reversing and identifying overwritten data structures for memory-corruption exploit diagnosis.
    Lei Zhao, Xiangyu Ren, Lina Wang, Yueqiang Cheng.
    In Proceedings of the 39th Annual International Computers, Software & Applications Conference, Taichung, Taiwan - July 1-5, 2015
  • [COMPSAC'15] Regression Identification of Coincidental Correctness via Weighted Clustering.
    Xiaoshuang Yang, Mengleng Liu, Ming Cao, Lei Zhao*, Lina Wang.
    In Proceedings of the 39th Annual International Computers, Software & Applications Conference, Taichung, Taiwan - July 1-5, 2015
  • [IJSEKE] A Fault Localization Framework to Alleviating the Impact of Execution Similarity.
    Lei Zhao, Zhenyu Zhang, Lina Wang, Xiaodan Yin.
    International Journal of Software Engineering and Knowledge Engineering, 2013, 35(7): 963-998
  • Collaborative Reversing of Input Formats and Program Data Structures for Security Applications.
    Lei Zhao, Xiangyu Ren, Hao Zhang, Lina Wang.
    China Communications, 2014, 11(9): 135-147.
  • vPatcher: VMI-Based Transparent Data Patching to Secure Software in the Cloud.
    Hao Zhang, Lei Zhao*, Lai Xu, Lina Wang.
    In Proceedings of the 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2014), Chang Sha, China, 2014.
  • CACDP :A cryptographic access control strategy for dynamic policy(in Chinese).
    Hao Zhang, Lei Zhao*, Bo Feng, Lina Wang.
    Journal of Computer Research and Development,2014(7):1424-1435.
  • cMonitor: VMI-Based Fine-Grained Monitoring Mechanism in Cloud(in Chinese).
    Hao Zhang, Lei Zhao*, Lai Xu, Lina Wang.
    Wuhan University Journal of Natural Sciences, 2014, 19(5): 393-397.
  • Mining Associations for Fault Localization(in Chinese).
    基于关联分析的软件错误定位方法.

    Lei Zhao, Lina Wang,Dongming Gao, Zhenyu Zhang, Zuoting Xiong.
    Journal of Computer (计算机学报), 2012(12):2528-2540.
  • Learning Fine-Grained Structured Input for Memory Corruption Detection.
    Lei Zhao, Debin Gao, Lina Wang.
    In Proceedings of the 15th Information Security Conference (ISC 2012). LNCS 7483, pp. 151–167, 2012
  • PAFL: Fault Localization via Noise Reduction on Coverage Vector.
    Lei Zhao, Zhenyu Zhang, Lina Wang, Xiaodan Yin.
    In Proceedings of the 23rd International Conference on Software Engineering and Knowledge Engineering (SEKE 2011), pp: 203-206
  • Statistical Fault Localization via Semi-Dynamic Program Slicing.
    Rongwei Yu, Lei Zhao, Lina Wang, Xiaodan Yin.
    In Proceedings of 2011 International Joint Conference of IEEE TrustCom-11/IEEE ICESS-11/FCST-11, pp: 695-670