What's New in SUCCESS Lab

What's new

Are you coming for the list of computer security conference ranking and statistic? Check it out.
I recently co-chaired the 2018 NSF Workshop on Programmable System Security in a Software Defined World. Check out the detail here! A final report is now released (free download from here or here).
[July 2021] Software-defined vehicle security papers accepted to USENIX Security'22! Congratulations Lei, Le & Xiapu!
[June 2021] Yangyong has successfully defended his PhD thesis titled "Understanding and Securing Voice
Assistant Applications"! Big congratulations!
[June 2021] Two papers (one on web security and one on voice service security) are accepted to RAID'21. Congratulations Patrick & Yangyong!
[Feb. 2021] Happer is accepted to S&P'21. Congratulations, Lei & Xiapu!
[Jan. 2021] Hidden Property Abusing (HPA) paper is accepted to USENIX Security'21! We discovered a new type of security issue in Node.js ecosystem and developed a new detection and verification tool (released here). Congratulations, Feng & Jianwei!
[Dec. 2020] New web vulnerability (SW-XSS) and detection tool released! Check here.
[Mar. 2020] SVHunter (from our S&P’20 paper) code released!
[Feb. 2020] Mr. Jonathan Grimes has successfully defended his MS thesis titled “JANUS: Alternating Strength to Detect MAC Spoof”! He is going to join Sandia National Laboratories soon. Congratulations, Jonathan!
[Jan. 2020] Our papers on programmable data plane security (Poseidon), new Buffered Packets Hijacking attack in SDN, and blockchain security (SODA) are to appear in NDSS’20. Congratulations, Menghao, Jiahao &Qi, Ting & Xiapu!
[Mar. 2020] SVHunter (from our S&P’20 paper) code released![Feb. 2020] Mr. Jonathan Grimes has successfully defended his MS thesis titled “JANUS: Alternating Strength to Detect MAC Spoof”! He is going to join Sandia National Laboratories soon. Congratulations, Jonathan!
[Jan. 2020] Our paper on blockchain security (SODA) is accepted to NDSS'20. Congratulations, Ting & Xiapu!
[Jan. 2020] Our paper on programmable data plane security (Poseidon) is accepted to NDSS'20. Congratulations, Menghao!
[Dec. 2019] I'm honored to be named an IEEE Fellow (class of 2020), "for contributions to malware detection and security of next generation networks".
[Nov. 2019] Our paper on new Buffered Packets Hijacking attack in SDN is accepted to NDSS'20. Congratulations, Jiahao & Qi!
[Oct. 2019] I'm honored to be named an ACM Distinguished Member for outstanding scientific contributions to computing.
[Oct. 2019] I'm honored to be named a 2019 Presidential Impact Fellow at Texas A&M University.
[Aug. 2019] Our paper on new D2C2 attacks to SDN is accepted to IEEE S&P'20. Congratulations, Feng & Jianwei!
[July 2019] Our paper on programmable data plane security (NetHCF) is accepted to ICNP'19. Congratulations, Guanyu & Menghao!
[May 2019] Lei and Guangliang have successfully defended their PhD thesis! Congratulations, Drs. Xu and Yang!
[May 2019] Our paper on mobile security (DCV) is accepted to USENIX Security'19. Congratulations, Guangliang!
[Jan. 2019] Our paper on SDN security (CrossPath Attack) is accepted to USENIX Security'19. Congratulations, Jiahao & Qi!
[Nov. 2018] Our IoT security paper LipFuzzer is accepted to NDSS'19. Congratulations, Yangyong! (Project website with code release)
[July 2018] Two papers on SPS (Software-defined Programmable Security, such as SDN/NFV) are accepted to CCS'18. ForenGuard presents the first forensics and diagnosis tool for SDN (will be released open source soon). vNIDS presents a new architecture to enable safe and efficient virtualization of network IDS. Congratulations, Haopei and Hongda!
[May 2018] Our two papers (Error-Sensor and new control plane reflection attacks in SDN) are accepted to RAID'18. Congratulations, Jialong and Menghao!
[May 2018] I am honored to receive 2017-2018 Dean of Engineering Excellence Award and Research Impact Award from the college of engineering.
[May 2018] Haopei has successfully defended his PhD thesis titled "Towards Robust, Accountable and Multitenancy-friendly Control Plane in Software-Defined Networks". Congratulations, Haopei!
[April 2018] Our paper CloudRand is invited to ICCCN'18. It aims to build heterogeneous and moving-target network interfaces.
[Mar. 2018] Our paper TopoGuard+ (collaboration with MIT Lincoln Lab) is accepted to DSN'18. Congratulations, Richard and Lei!
[Jan. 2018] Our two papers on mobile web app security are conditionally accepted to IEEE S&P'18. Congratulations, Guangliang and Abner!
[Jan. 2018] Our RADAR paper is accepted to TIFS. RADAR is a new realtime defense system that can defend against a wide range of DDoS attacks including stealthy Crossfire with COTS SDN switches.
[Dec. 2017] Our paper on security impact of desktop/mobile HTTP header inconsistencies is accepted to WWW'18. Congratulations, Abner/Patrick!
[Oct. 2017] Our paper on Android security (EOEDroid) is accepted to NDSS'18. Congratulations, Guangliang!
[Aug. 2017] Our S2OS position paper will appear in APSys'17. S2OS is a new large multi-institute project funded by NSF/VMware, in which we aim to build a new Security OS with Software Defined Intrastructure. Please check S2OS project website for more details.
[Aug. 2017] Our systemization of knowledge paper on SDN attack surface and defense is accepted to IEEE/ACM Transactions on Networking (ToN). Congratulations, Changhoon!
[June 2017] If you are interested in giving a tutorial in ACM CCS'17, please submit your proposal to ccs17tutorials@gmail.com by July 3, 2017!
[May 2017] Our paepr on Android security (BridgeScope) is accepted to RAID'17. Congratulations, Guangliang!
[May 2017] Please consider submitting your work on SDN/NFV to a speical issue in IEEE Transactions on Dependable and Secure Computing (TDSC) on Security in Emerging Networking Technologies! (Deadline is September 31, 2017)
[May 2017] Please consider submitting your work on SDN/NFV to a special issue in Elsevier Computer Network Journal on Security and Performance of SDN and Functions Virtualization! (Deadline is extended to July 31, 2017)
[May 2017] Our papers on SDN security (control plane race attack/detection) and Android security (new malware analysis tool for ART) are accepted to USENIX Security'17. Congratulations, Lei/Jeff and Lei/Xiapu!
[Mar. 2017] Our new lab website is now launched: http://success.cse.tamu.edu/!
[Feb. 2017] Our work on market- and network-level behavior understanding of the Android malware ecosystem is accepted to ICDCS'17 (as a short paper).
[Feb. 2017] Our FRESCO is upgraded to the Floodlight plaform. The FRESCO source code and module/app store are now released! Please check our project website here for details.
[Jan. 2017] I received a 2016-2017 Faculty Fellow Award (Charles H. Barclay, Jr. '45 Fellow) from the College of Engineering.
[Nov. 2016] Our BYOC-Visor (Bring Young Own Controller) paper is accepted to INFOCOM'17. Congratulations, Haopei!
[Oct. 2016] Our PBS paper was selected into the finalist (top 10) of 2016 CSAW Best Applied Security Paper Award. Congratulations, Kevin!
[June 2016] Please consider submitting your work on SDN to CoolSDN'16 (co-located with ICNP'16)!
[May 2016] A systemization of knowledge paper on SDN security from our group ("Enhancing Network Security through SDN") is invited to appear in ICCCN'16. Check it out if you are interested (or just started) in this area.
[Dec. 2015] Please consider submitting your paper to ACM workshop on SDN-NFV Security 2016!
[Nov. 2015] Our VisHunter paper is accepted to INFOCOM'16. Congratulations, Jialong!
[Oct 2015] Our paper on SDN-defined Programmable BYOD Security is accepted to NDSS'16. Congratulations, Kevin!
[Oct 2015] Our AutoProbe paper was selected into the finalist (top 10) of 2015 CSAW Best Applied Security Paper Award. Congratulations, Zhaoyan!
[July 2015] Our SMASH paper received Best Paper Award at ICDCS'15! Congraluations to Jialong!
[June 2015] Please consider submitting your work on SDN to CoolSDN'15 (co-located with ICNP'15)! Deadline is July 24!
[June 2015] Our paper on Network Security Virtualization is accepted to TIFS. This is a journal extension from our CloudWatcher (NPSec'12) paper.
[May 2015] Our paper UIPicker is accepted to USENIX Security'15. Congratulations, Yuhong!
[Feb. 2015] Our paper FloodGuard (protecting SDN networks against generic flooding attacks) is accepted to DSN'15. Congratulations, Haopei!
[Feb. 2015] We are releasing our prototype system TopoGuard, a new security extension to SDN controllers (Floodlight as in our prototype implementation), which provides automatic and real-time detection of Network Topology Poisoning Attacks mentioned in our NDSS'15 paper.
[Nov. 2014] Our study on mobile web overhead is accepted to INFOCOM'15. Congratulations, Abner!
[Oct. 2014] Our paper on new SDN poisoning attack and defense is accepted to NDSS'15. Congratulations, Kevin and Lei!
[Aug. 2014] Our paper on reverse engineering twitter spammers is accepted to ACSAC'14. Congratulations, Chao!
[July 2014] Our paper AutoProbe is accepted to CCS'14. Congratulations, Zhaoyan!
[June 2014] Please consider submit your work on SDN research to the CoolSDN workshop (co-located with ICNP'14)!
[June 2014] Our papers DroidMiner (on smartphone security) and SRID (on smart grid security) are accepted to ESORICS'14. Congratulations, Chao & Yong!
[May 2014] Our paper GoldenEye (on malware analysis) is accepted to RAID'14. Congratulations, Zhaoyan!
[Apr. 2014] Congratulations to Robert Baykov for his winning of the Undergraduate Research Excellence Award in the CSE Department!
[Feb. 2014] We are thankful to Google for a Google Faculty Research Award to support our SDN security research.
[Feb. 2014] Congratulations to Zhaoyan for his successful Ph.D. thesis defense! Zhaoyan will join Palo Alto Networks after graduation.
[Dec. 2013] I was selected as a TEES Select Young Faculty Fellow from the College of Engineering, TAMU.
[Nov. 2013] Congratulations to Chao for his successful Ph.D. thesis defense! Chao will join a secret startup company after graduation.
[Nov. 2013] Our CyberProbe paper is accepted to NDSS'14. Congratulations, Antonio & Zhaoyan!
[Nov. 2013] Our improved and extended version of FortNOX (in HotSDN'12) for Floodlight OpenFlow Controller is now released (with the new name SE-Floodlight)! Together with SE-Floodlight, we also have two add-on security tools: SDN Security Actuator and OF-BotHunter. They are cool and try them out! This is joint effort with SRI International. Please check out more information here!
[Oct. 2013] Our FRESCO paper has been selected as one of the top ten finalists for NYU-Poly Best Applied Security Paper Award in 2013. Congratulations, Seungwon!
[Aug. 2013] Please consider submitting your work on SDN research to a special issue "Software-Defined Networking" of CIC-IEEE China Communications Journal (SCIE indexed), on which I am a guest editor. The deadline of submission is Oct. 7, 2013.
[July 2013] Papers accepted to CCS'13: AVANT-GUARD (on SDN security), AppIntent (on Android security), VetDroid (on Android security).
[June 2013] NOMAD paper accepted to IEEE CNS'13.
[June 2013] Journal papers accepted: EFFORT (extension from INFOCOM'12) to appear in Computer Networks; Fighting Twitter spammers (extension from RAID'11) to appear in TIFS.
[May 2013] Congratulations to Seungwon for his successful Ph.D. defense!
[Apr. 2013] We have a short paper ("Attacking Software-Defined Networks: A First Feasibility Study") accepted to HotSDN'13.
[Apr. 2013] Seungwon attended Open Networking Summit (ONS'13) and presented our accepted poster paper "A Framework For Security Service Integration to Software-Defined Networks" (collaborated with SRI)!
[Mar. 2013] Congratulations to Zhaoyan for his winning of the 2nd place in the CSE Department's Industrial Affiliates Poster Competition!
[Feb. 2013] Our paper "AUTOVAC: Automatically Extracting System Resource Constraints and Generating Vaccines for Malware Immunization" is accepted to ICDCS'13. Congratulations, Zhaoyan!
[Jan. 2013] Another paper from our SDN/OpenFlow security research is accepted to ICC'13. In this paper, we present a new model checking system, FLOVER, which can formally verify whether the aggregate of ﬂow policies instantiated within an OpenFlow network will violate the network’s security policy or not.
[Jan. 2013] I received AFOSR Young Investigator Award for my research on proactive cyber defense.
[Jan. 2013] We are releasing some of our research data and programs here. For example, now you can obtain some datasets from our Twitter spammers and malicious social network research. And our FRESCO/FortNOX release is forthcoming!
[Dec. 2012] I was invited to give a talk "Security as an App and Security as a Service: New Killer Apps for Software Defined Networking?" at the DIMACS Workshop on Software Defined Networking.
[Oct. 2012] Interested in SDN/OpenFlow security? Please check out our dedicated website on this topic (collaborated with SRI International): http://www.OpenFlowSec.org
[Oct. 2012] We have two papers accepted to NDSS'13, one on SDN/OpenFlow security and one on web security. Congratulations, Seungwon and Jialong!
[Oct. 2012] I gave a keynote speech ("Machine Learning Meets Social Networking Security: Detecting and Analyzing Malicious Social Networks for Fun and Profit") at AISec'12.
[Sep. 2012] Our position paper on Security Monitoring as a Service for Clouds is invited to present in NPSec'12, a workshop co-located with ICNP'12 at Austin.
[Aug. 2012] Our paper on Android security is accepted to CCS workshop SPSM'12. Also, we have two posters accepted in CCS'12. See you in Raleigh!
[July 2012] Our paper on a novel technique for proactive malware detection is accepted to CCS'12. Congratulations, Zhaoyan!
[June 2012] Our extended evil twin detection paper (from DSN'10) is accepted to IEEE Transactions on Information Forensics and Security.
[June 2012] Our paper "PoisonAmplifier: A Guided Approach of Discovering Compromised Websites through Reversing Search Poisoning Attacks" is accepted to RAID'12.
[May 2012] Our paper "A Security Enforcement Kernel for OpenFlow Networks" is accepted to HotSDN'12.
[Apr. 2012] Our paper "Bin-Carver: Automatic Recovery of Binary Executable Files" is accepted to DFRWS'12. A new forensics tool "Bin-Carver" is developed to automatically recover deleted or otherwise unreachable executable ﬁles.
[Jan. 2012] Our paper "Analyzing Spammers' Social Networks For Fun and Profit -- A Case Study of Cyber Criminal Ecosystem on Twitter" is accepted to WWW'12. We have some interesting findings such as that criminal accounts tend to be socially connected, forming a small-world network. We also revealed several interesting types of criminal support accounts and designed a new criminal account inference algorithm by exploiting their social relationships and semantic coordinations. Congratulations, Chao!
[Nov. 2011] Our paper "EFFORT: Efficient and Effective Bot Malware Detection" has been accepted to INFOCOM'12 mini-conference. In this paper, we propose EFFORT, a new host-network cooperated detection framework attempting to combine the best from network-level approaches (efficiency) and host-level approaches (effectiveness) while overcoming their shortcomings. Specifically, we propose a multi-module approach to correlate information from different host- and network-level aspects and design a multi-layered architecture to efﬁciently coordinate modules to perform heavy monitoring only when necessary.
[Nov. 2011] Our paper "Shadow Attacks: Automatically Evading System-Call-Behavior based Malware Detection" will appear in Journal in Computer Virology. In this paper, we present a new class of attacks, namely "shadow attacks", to evade current behavior-based malware detectors by partitioning one piece of malware into multiple "shadow processes". We have developed a compiler-level prototype tool, AutoShadow, to automatically generate shadow-process version of malware given the source code of original malware.
[Oct. 2011] Our extended Conficker analysis paper from ACSAC'10 is accepted to IEEE Transactions on Information Forensics and Security.
[Sept. 2011] Please consider submitting your paper to a special issue of Computer Networks (Elsevier Journal) on "Botnet Activity: Analysis, Detection and Shutdown"! The deadline is Dec. 1, 2011 extended to Dec. 19, 2011.
[Aug. 2011] Our paper "SEMAGE: A New Image-based Two-Factor CAPTCHA" is accepted to ACSAC'11, in which we propose a new explicit-semantic-relationship-based CAPTCHA system to defeat web bots. We have conducted a large-scale user study involving 174 users to gauge and compare accuracy and usability with existing state-of-the-art CAPTCHA systems like reCAPTCHA (text-based) and Asirra (image-based). Nice job, Shardul & Yinan!
New release of BotHunter! Now support Linux/Mac/Windows XP! A live-CD distribution also available!
......