Publications

2015

SecPod: a Framework for Virtualization-based Security Systems [Paper]
Xiaoguang Wang, Yue Chen, Zhi Wang, Yong Qi, Yajin Zhou
Proceedings of the 2015 USENIX Annual Technical Conference (USENIX ATC 2015), Santa Clara, CA, July 2015

Harvesting Developer Credentials in Android Apps [Paper]
Yajin Zhou, Lei Wu, Zhi Wang, Xuxian Jiang
Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2015), New York City, June 2015

Hybrid User-level Sandboxing of Third-party Android Apps [Paper]
Yajin Zhou, Kunal Patel, Lei Wu, Zhi Wang, Xuxian Jiang
Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2015), Singapore, April 2015

2014

ARMlock: Hardware-based Fault Isolation for ARM [Paper | Slides]
Yajin Zhou, Xiaoguang Wang, Yue Chen, Zhi Wang
Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS 2014), Scottsdale, Arizona, November 2014

Owner-centric Protection of Unstructured Data on Smartphones [Paper]
Yajin Zhou, Kapil Singh, Xuxian Jiang
Proceedings of the 7th International Conference on Trust and Trustworthy Computing (TRUST 2014), Crete, Greece, June 2014

AirBag: Boosting Smartphone Resistance to Malware Infection [Paper]
Chiachih Wu, Yajin Zhou, Kunal Patel, Zhenkai Liang, Xuxian Jiang
Proceedings of the 21st Network and Distributed System Security Symposium (NDSS 2014), San Diego, CA, February 2014

DIVILAR: Diversifying Intermediate Language for Anti-Repackaging on Android Platform [Paper]
Wu Zhou, Zhi Wang, Yajin Zhou, Xuxian Jiang
Proceedings of the 4th ACM Conference on Data and Application Security and Privacy (CODASPY 2014), San Antonio, TX, February 2014

2013

The Impact of Vendor Customizations on Android Security [Paper]
Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu, Xuxian Jiang
Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS 2013), Berlin, Germany, October 2013

Fast, Scalable Detection of "Piggybacked" Mobile Applications -- (Best Paper Award) [Paper]
Wu Zhou, Yajin Zhou, Michael Grace, Xuxian Jiang, Shihong Zou
Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy (CODASPY 2013), San Antonio, TX, February 2013

Detecting Passive Content Leaks and Pollution in Android Applications [Paper | Slides]
Yajin Zhou, Xuxian Jiang
Proceedings of the 20th Network and Distributed System Security Symposium (NDSS 2013), San Diego, CA, February 2013

2012

RiskRanker: Scalable and Accurate Zero-day Android Malware Detection [Paper]
Michael Grace*, Yajin Zhou*, Qiang Zhang, Shihong Zou, Xuxian Jiang
Proceedings of the 10th International Conference on Mobile Systems, Applications and Services (MobiSys 2012), Lake District, UK, June 2012
(*The names of the first two authors are in alphabetical order)

Dissecting Android Malware: Characterization and Evolution (SoK) [Paper]
Yajin Zhou, Xuxian Jiang
Proceedings of the 33rd IEEE Symposium on Security and Privacy (Oakland 2012), San Francisco, CA, May 2012
(Our dataset is released at Android Malware Genome Project)

DroidMOSS: Detecting Repackaged Smartphone Applications in Third-Party Android Marketplaces -- (Best Paper Award) [Paper]
Wu Zhou, Yajin Zhou, Xuxian Jiang, Peng Ning
Proceedings of the 2nd ACM Conference on Data and Application Security and Privacy (CODASPY 2012), San Antonio, TX, February 2012

Hey, You, Get off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets [Paper]
Yajin Zhou, Zhi Wang, Wu Zhou and Xuxian Jiang
Proceedings of the 19th Network and Distributed System Security Symposium (NDSS 2012), San Diego, CA, February 2012

Systematic Detection of Capability Leaks in Stock Android Smartphones [Paper | Demo Video]
Michael Grace, Yajin Zhou, Zhi Wang and Xuxian Jiang
Proceedings of the 19th Network and Distributed System Security Symposium (NDSS 2012), San Diego, CA, February 2012

2011

Taming Information-Stealing Smartphone Applications (on Android) [Paper]
Yajin Zhou, Xinwen Zhang, Xuxian Jiang, Vince W. Freeh
Proceedings of the 4th International Conference on Trust and Trustworthy Computing (TRUST 2011), Pittsburgh, PA, June 2011


Education

  • 08/2010--05/2015: Ph.D., North Carolina State University
  • 09/2004--07/2007: Master, University of Science and Technology of China
  • 09/1999--07/2003: Bachelor, Suzhou University

Working Experience

  • 05/2012--08/2012, Research Intern, IBM T.J. Watson Research Center
  • 09/2009--07/2010, Software Engineer, MIPS Technologies
  • 07/2007--09/2009, Software Engineer, Realsil Microelectronics