Data-Oriented Programming: On the Expressiveness of Non-Control Data Attacks H Hu, S Shinde, S Adrian, ZL Chua, P Saxena, Z Liang The 37th IEEE Symposium on Security and Privacy (IEEE S&P 2016), 969-986, 2016 | 550 | 2016 |
Automatic Generation of Data-Oriented Exploits H Hu, ZL Chua, S Adrian, P Saxena, Z Liang The 24th USENIX Security Symposium (USENIX Security 2015), 177-192, 2015 | 258 | 2015 |
Enforcing Unique Code Target Property for Control-Flow Integrity H Hu, C Qian, C Yagemann, SPH Chung, WR Harris, T Kim, W Lee The 25th ACM Conference on Computer and Communications Security (CCS 2018 …, 2018 | 151 | 2018 |
Where Does It Go? Refining Indirect-Call Targets with Multi-Layer Type Analysis K Lu, H Hu The 26th ACM Conference on Computer and Communications Security (CCS 2019 …, 2019 | 141 | 2019 |
Razor: A Framework for Post-Deployment Software Debloating C Qian, H Hu, M Alharthi, PH Chung, T Kim, W Lee The 28th USENIX Security Symposium (USENIX Security 2019), 1733-1750, 2019 | 134 | 2019 |
Squirrel: Testing Database Management Systems with Language Validity and Coverage Feedback R Zhong, Y Chen, H Hu, H Zhang, W Lee, D Wu The 27th ACM Conference on Computer and Communications Security (CCS 2020 …, 2020 | 104 | 2020 |
Apollo: Automatic Detection and Diagnosis of Performance Regressions in Database Systems J Jung, H Hu, J Arulraj, T Kim, W Kang Proceedings of the VLDB Endowment 13 (1), 57-70, 2019 | 85 | 2019 |
Winnie: Fuzzing Windows Applications with Harness Synthesis and Fast Cloning J Jung, S Tong, H Hu, J Lim, Y Jin, T Kim The 28th Annual Network and Distributed System Security Symposium (NDSS 2021), 2021 | 68 | 2021 |
Sharing More and Checking Less: Leaveraging Common Input Keywords to Detect Bugs in Embedded Systems L Chen, Y Wang, Q Cai, Y Zhan, H Hu, J Linghu, Q Hou, C Zhang, H Duan, ... The 30th USENIX Security Symposium (USENIX 2021), 303-319, 2021 | 67 | 2021 |
DroidVault: A Trusted Data Vault for Android Devices X Li, H Hu, G Bai, Y Jia, Z Liang, P Saxena The 19th International Conference on Engineering of Complex Computer Systems …, 2014 | 66 | 2014 |
One Engine to Fuzz 'em All: Generic Language Processor Testing with Semantic Validation Y Chen, R Zhong, H Hu, H Zhang, Y Yang, D Wu, W Lee The 42nd IEEE Symposium on Security and Privacy (IEEE S&P 2021), 642-658, 2021 | 65 | 2021 |
Fuzzification: Anti-Fuzzing Techniques J Jung, H Hu, D Solodukhin, D Pagan, KH Lee, T Kim The 28th USENIX Security Symposium (USENIX Security 2019), 1913-1930, 2019 | 61 | 2019 |
Preventing Use-After-Free Attacks with Fast Forward Allocation B Wickman, H Hu, I Yun, D Jang, JW Lim, S Kashyap, T Kim The 30th USENIX Security Symposium (USENIX Security 2021), 2453-2470, 2021 | 43 | 2021 |
Abusing Hidden Properties to Attack the Node.js Ecosystem F Xiao, J Huang, Y Xiong, G Yang, H Hu, G Gu, W Lee The 30th USENIX Security Symposium (USENIX Security 21), 2951-2968, 2021 | 38 | 2021 |
The "Web/Local" Boundary Is Fuzzy: A Security Study of Chrome's Process-based Sandboxing Y Jia, ZL Chua, H Hu, S Chen, P Saxena, Z Liang The 23rd ACM Conference on Computer and Communications Security (CCS 2016 …, 2016 | 37 | 2016 |
Detecting Logical Bugs of DBMS with Coverage-based Guidance Y Liang, S Liu, H Hu The 31st USENIX Security Symposium (USENIX Security 2022), 4309-4326, 2022 | 32 | 2022 |
A Quantitative Evaluation of Privilege Separation in Web Browser Designs X Dong, H Hu, P Saxena, Z Liang The 18th European Symposium on Research in Computer Security (ESORICS 2013 …, 2013 | 19 | 2013 |
Identifying Arbitrary Memory Access Vulnerabilities in Privilege-Separated Software H Hu, ZL Chua, Z Liang, P Saxena The 20th European Symposium on Research in Computer Security (ESORICS 2015 …, 2015 | 17 | 2015 |
Who Goes First? Detecting Go Concurrency Bugs via Message Reordering Z Liu, S Xia, Y Liang, L Song, H Hu The 27th International Conference on Architectural Support for Programming …, 2022 | 13 | 2022 |
Practical analysis framework for software-based attestation scheme L Li, H Hu, J Sun, Y Liu, JS Dong Formal Methods and Software Engineering: 16th International Conference on …, 2014 | 11 | 2014 |