Papaer with * means I am the corresponding author.
Complete Publication List
All publications organized by year
2026
- SIGMETRICS — Shedding Light on Shadows: Automatically Tracing Illicit Money Flows on EVM-Compatible
Blockchains
Yicheng Huo, Yufeng Hu, Yajin Zhou*, Ting Yu, Lei Wu, Cong Wang
[Paper]
2025
- TDSC — Minoris: Practical Out-of-Emulator Kernel Module Fuzzing
Yangxi Xiang, Feng Wang, Yuan Chen, Qiang Liu, Haoyu Wang, Jiashui Wang, Lei Wu, Chaoyuan Chen, Yajin Zhou*
[Paper]
- Computers & Security — Detecting DBMS Bugs with Context-Sensitive Instantiation and Multi-Plan
Execution
Jiaqi Li, Ke Wang, Yaoguang Chen, Yajin Zhou*, Lei Wu, Jiashui Wang
[Paper]
- ESORICS — NLSaber: Enhancing Netlink Family Fuzzing via Automated Syscall Description Generation
Lin Ma, Xingwei Lin, Ziming Zhang, Yajin Zhou*
[Paper]
- ASPLOS — DejaVuzz: Disclosing Transient Execution Bugs with Dynamic Swappable Memory and Differential Information Flow Tracking Assisted Processor Fuzzing
Jinyan Xu, Yangye Zhou, Xingzhi Zhang, Yinshuai Li, Qinhan Tan, Yinqian Zhang, Yajin Zhou, Rui Chang, Wenbo Shen
[Paper]
- USENIX Security — Harness: Transparent and Lightweight Protection of Vehicle Control on Untrusted
Android Automotive Operating System
Haochen Gong, Siyu Hong, Shenyi Yang, Rui Chang, Wenbo Shen, Ziqi Yuan, Chenyang Yu, Yajin
Zhou
[Paper]
- USENIX Security — Surviving in Dark Forest: Towards Evading the Attacks from Front‑Running Bots in
Application Layer
Zuchao Ma, Muhui Jiang, Feng Luo, Xiapu Luo, Yajin Zhou
[Paper]
- TOCS: RegVault II: Achieving Hardware-Assisted Selective Kernel Data Randomization for Multiple Architectures
Ruorong Guo, Yangye Zhou, Jinyan Xu, Wenbo Shen, Yajin Zhou, Rui Chang
[Paper]
- ICDCS — HarDTAPE: Hardware Dedicated Trusted transAction Pre-Executor
Sirui He, Zhibo Sun, Yuan Chen, Yajin Zhou, Cong Wang
[Paper]
- SIGMETRICS — Phishing Tactics Are Evolving: An Empirical Study of Phishing Contracts on Ethereum
Bowen He, Xiaohui Hu, Yufeng Hu, Ting Yu, Rui Chang, Lei Wu, Yajin
Zhou*
[Paper]
- SIGMETRICS — Towards Understanding and Analyzing Instant Cryptocurrency Exchanges
Yufeng Hu, Yingshi Sun, Lei Wu, Yajin Zhou, Rui Chang
[Paper]
- SIGMETRICS — Piecing Together the Jigsaw Puzzle of Transactions on Heterogeneous Blockchain Networks
Xiaohui Hu, Hang Feng, Pengcheng Xia, Gareth Tyson, Lei Wu, Yajin Zhou, Haoyu
Wang
[Paper]
- NDSS — Dissecting Payload‑based Transaction Phishing on Ethereum
Zhuo Chen, Yufeng Hu, Bowen He, Dong Luo, Lei Wu, Yajin Zhou*
[Paper]
- EuroSys — ParallelEVM: Operation‑Level Concurrent Transaction Execution for EVM‑Compatible
Blockchains
Haoran Lin, Hang Feng, Yajin Zhou*, Lei Wu
[Paper]
2024
- Middleware — LightZone: Lightweight Hardware-Assisted In-Process Isolation for ARM64
Ziqi Yuan, Siyu Hong, Ruorong Guo, Rui Chang, Mingyu Gao, Wenbo Shen, Yajin
Zhou
[Paper]
- ISSTA — Atlas: Automating Cross-Language Fuzzing on Android Closed-Source Libraries
Hao Xiong, Qinming Dai, Rui Chang, Mingran Qiu, Renxiang Wang, Wenbo Shen, Yajin
Zhou
[Paper]
- CCS — Toss a Fault to BpfChecker: Revealing Implementation Flaws for eBPF runtimes with Differential
Fuzzing
Chaoyuan Peng, Muhui Jiang, Lei Wu, Yajin Zhou*
[Paper]
- USENIX Security — DMAAUTH: A Lightweight Pointer Integrity‑based Secure Architecture to Defeat DMA
Attacks
Xingkai Wang, Wenbo Shen, Yujie Bu, Jinmeng Zhou, Yajin Zhou
[Paper]
- USENIX ATC — SlimArchive: A Lightweight Architecture for Ethereum Archive Nodes
Hang Feng, Yufeng Hu, Yinghan Kou, Runhuai Li, Jianfeng Zhu, Lei Wu, Yajin
Zhou*
[Paper]
2023
- IEEE TDSC — DeFiRanger: Detecting DeFi Price Manipulation Attacks
Siwei Wu, Zhou Yu, Dabao Wang, Yajin Zhou*, Lei Wu, Haoyu Wang, Xingliang
Yuan
[Paper]
- CCS — TxPhishScope: Towards Detecting and Understanding Transaction‑based Phishing on Ethereum
Bowen He, Yuan Chen, Zhuo Chen, Xiaohui Hu, Yufeng Hu, Lei Wu, Rui Chang, Haoyu Wang, Yajin
Zhou*
[Paper]
- CCS — Travelling the Hypervisor and SSD: A Tag-Based Approach Against Crypto Ransomware with
Fine-Grained Data Recovery
Boyang Ma, Yilin Yang, Jinku Li, Fengwei Zhang, Wenbo Shen, Yajin Zhou, Jianfeng
Ma
[Paper]
- IEEE TDSC — An Empirical Study on the Insecurity of End-of-Life (EoL) IoT Devices
Dingding Wang, Muhui Jiang, Rui Chang, Yajin Zhou*, Hexiang Wang, Baolei Hou, Lei
Wu, Xiapu Luo
[Paper]
- IEEE TSE — Demystifying Random Number in Ethereum Smart Contract: Taxonomy, Vulnerability
Identification, and Attack Detection
Peng Qian, Jianting He, Lingling Lu, Siwei Wu, Zhipeng Lu, Lei Wu, Yajin Zhou*, Qinming
He
[Paper]
- ISSTA — Detecting Underground Economy Apps Based on UTG Similarity
Zhuo Chen, Jie Liu, Yubo Hu, Lei Wu, Yajin Zhou, Yiling He, Xianhao Liao, Ke Wang,
Jinku Li, Zhan Qin
[Paper]
- IEEE TDSC — Lifting The Grey Curtain: Analyzing the Ecosystem of Android Scam Apps
Zhuo Chen, Lei Wu, Yubo Hu, Jing Cheng, Yufeng Hu, Yajin Zhou, Zhushou Tang,
Yexuan Chen, Jinku Li, Kui Ren
[Paper]
- S&P — VIDEZZO: Dependency‑aware Virtual Device Fuzzing
Qiang Liu, Flavio Toffalini, Yajin Zhou*, Mathias Payer
[Paper]
- DAC — DriverJar: Lightweight Device Driver Isolation for ARM
Huamao Wu, Yuan Chen, Yajin Zhou*, Yifei Wang, Lubo Zhang
[Paper]
- USENIX Security — MorFuzz: A Framework for Fuzzing WebAssembly Runtimes
Jinyan Xu, Yiyuan Liu, Sirui He, Haoran Lin, Yajin Zhou*, Cong Wang
[Paper]
- S&P — When Top-down Meets Bottom-up: Detecting and Exploiting Use-After-Cleanup Bugs in Linux Kernel
Lin Ma, Duoming Zhou, Hanjie Wu, Yajin Zhou*, Rui Chang, Hao Xiong, Lei Wu, Kui
Ren
[Paper]
- ASPLOS — VDom: Virtual Device Fuzzing
Ziqi Yuan, Siyu Hong, Rui Chang, Yajin Zhou, Wenbo Shen, Kui Ren
[Paper]
2022
- RAID — Penny Wise and Pound Foolish: Quantifying the Risk of Unlimited Approval of ERC20 Tokens on
Ethereum
Dabao Wang, Hang Feng, Siwei Wu, Yajin Zhou, Lei Wu, Xingliang Yuan
[Paper]
- ISSTA — NCScope: Hardware-Assisted Analyzer for Native Code in Android Apps
Hao Zhou, Shuohan Wu, Xiapu Luo, Ting Wang, Yajin Zhou, Chao Zhang, Haipeng
Cai
[Paper]
- DAC — RegVault: Hardware Assisted Selective Data Randomization for Operating System Kernels
Jinyan Xu, Haoran Lin, Ziqi Yuan, Wenbo Shen, Yajin Zhou, Rui Chang, Lei Wu, Kui
Ren
[Paper]
- EuroSys — OPEC: Operation-based Security Isolation for Bare-metal Embedded Systems
Xia Zhou, Jiaqi Li, Wenlong Zhang, Yajin Zhou*, Wenbo Shen, Kui Ren
[Paper]
- TOSEM — Time-Travel Investigation: Towards Building A Scalable Attack Detection Framework on
Ethereum
Siwei Wu, Lei Wu, Yajin Zhou*, Runhuai Li, Zhi Wang, Xiapu Luo, Cong Wang, Kui
Ren
[Paper]
- ASPLOS — EXAMINER: Automatically Locating Inconsistent Instructions between Real Devices and CPU
Emulators for ARM
Muhui Jiang, Tianyi Xu, Yajin Zhou*, Yufeng Hu, Ming Zhong, Lei Wu, Xiapu Luo, Kui
Ren
[Paper]
- NDSS — Uncovering Cross-Context Inconsistent Access Control Enforcement in Android
Hao Zhou, Haoyu Wang, Xiapu Luo, Ting Chen, Yajin Zhou, Ting Wang
[Paper]
- USENIX Security — SGXLock: Towards Efficiently Establishing Mutual Distrust Between Host Application and
Enclave for SGX
Yuan Chen, Jiaqi Li, Guorui Xu, Yajin Zhou*, Zhi Wang, Cong Wang, Kui
Ren
[Paper]
- USENIX Security — Towards Automatically Reverse Engineering Vehicle Diagnostic Protocols
Le Yu, Yangyang Liu, Pengfei Jing, Xiapu Luo, Lei Xue, Kaifa Zhao, Yajin Zhou,
Ting Wang, Guofei Gu, Sen Nie, Shi Wu
[Paper]
- USENIX Security — SAID: State-aware Defense Against Injection Attacks on In-vehicle Network
Lei Xue, Yangyang Liu, Tianqi Li, Kaifa Zhao, Jianfeng Li, Le Yu, Xiapu Luo, Yajin
Zhou, Guofei Gu
[Paper]
2021
- SEED — H2Cache: Building a Hybrid RandomizedCache Hierarchy for Mitigating Cache Side-Channel
Attacks
Xingjian Zhang, Ziqi Yuan, Rui Chang, Yajin Zhou
[Paper]
- SOSP — Forerunner: Constraint-based Speculative Transaction Execution for Ethereum
Yang Chen, Zhongxin Guo, Runhuai Li, Shuo Chen, Lidong Zhou, Yajin Zhou, Xian
Zhang
[Paper]
- CCS — ECMO: Peripheral Transplantation to Rehost Embedded Linux Kernels
Muhui Jiang, Lin Ma, Yajin Zhou*, Qiang Liu, Cen Zhang, Zhi Wang, Xiapu Luo, Lei
Wu, Kui Ren
[Paper]
- ASE — FirmGuide: Boosting the Capability of Rehosting Embedded Linux Kernels through Model-Guided Kernel
Execution
Qiang Liu^, Cen Zhang^, Lin Ma, Muhui Jiang, Yajin Zhou*, Lei Wu, Wenbo Shen,
Xiapu Luo, Yang Liu, Kui Ren
[Paper]
- ASE — Finding the Missing Piece: Permission Specification Analysis for Android NDK
Hao Zhou, Haoyu Wang, Shuohan Wu, Xiapu Luo, Yajin Zhou, Ting Chen, Ting
Wang
[Paper]
- ESORICS — Succinct Scriptable NIZK via Trusted Hardware
Bingshen Zhang, Yuan Chen, Jiaqi Li, Yajin Zhou*, Phuc Thai, Hong-Sheng Zhou, Kui
Ren
[Paper]
- APSys — Revisiting Challenges for Selective Data Protection of Real Applications
Lin Ma, Jinyan Xu, Jiadong Sun, Yajin Zhou, Xun Xie, Wenbo Shen, Rui Chang, Kui
Ren
[Paper]
- ISSTA — Parema: An Unpacking Framework for Demystifying VM-based Android Packers
Lei Xue, Yuxiao Yan, Luyi Yan, Muhui Jiang, Xiapu Luo, Dinghao Wu, Yajin
Zhou
[Paper]
- TSE — A Systematical Study on Application Performance Management Libraries for Apps
Yutian Tang, Haoyu Wang, Xian Zhan, Xiapu Luo, Yajin Zhou, Hao Zhou, Qiben Yan,
Yulei Sui, Jacky Wai Keung
[Paper]
- SBC — Towards A First Step to Understand Flash Loan and Its Applications in DeFi Ecosystem
Dabao Wang, Siwei Wu, Ziling Lin, Lei Wu, Xingliang Yuan, Yajin Zhou, Haoyu Wang,
Kui Ren
[Paper]
- S&P — Happer: Unpacking Android Apps via a Hardware-Assisted Approach
Lei Xue, Hao Zhou, Xiapu Luo, Yajin Zhou, Yang Shi, Guofei Gu, Fengwei Zhang, Man
Ho Au
[Paper]
- WWW — Towards Understanding and Demystifying Bitcoin Mixing Services
Lei Wu, Yufeng Hu, Yajin Zhou*, Haoyu Wang, Xiapu Luo, Zhi Wang, Fan Zhang, Kui
Ren
[Paper]
- NDSS — POP and PUSH: Demystifying and Defending against (Mach) Port-oriented Programming
Min Zheng, Xiaolong Bai, Yajin Zhou*, Chao Zhang, Fuping Qu
[Paper]
- SIGMETRICS — Tracking Counterfeit Cryptocurrency End-to-end
Bingyu Gao, Haoyu Wang, Pengcheng Xia, Siwei Wu, Yajin Zhou, Xiapu Luo, Gareth
Tyson
[Paper]
2020
- ASE — Demystifying Diehard Android Apps
Hao Zhou, Haoyu Wang, Yajin Zhou, Xiapu Luo, Yutian Tang, Lei Xue, Ting
Wang
[Paper]
- TSE — PackerGrind: An Adaptive Unpacking System for Android Apps
Lei Xue, Hao Zhou, Xiapu Luo, Le Yu, Dinghao Wu, Yajin Zhou, Xiaobo Ma
[Paper]
- TDSC — JNI Global References Are Still Vulnerable: Attacks and Defenses
Yi He, Yuan Zhou, Yajin Zhou*, Qi Li*, Kun Sun, Yacong Gu, Yong Jiang
[Paper]
- ISSTA — An Empirical Study on ARM Disassembly Tools
Muhui Jiang, Yajin Zhou*, Xiapu Luo, Ruoyu Wang, Yang Liu, Kui Ren
[Paper]
- ICDCS — HybrIDX: New Hybrid Index for Volume-hiding Range Queries in Data Outsourcing Services (Best
Paper Award)
Kui Ren, Yu Guo, Jiaqi Li, Xiaohua Jia, Cong Wang, Yajin Zhou, Sheng Wang, Ning
Cao, Feifei Li
[Paper]
- CODASPY — PESC: A Per System-Call Stack Canary Design for Linux Kernel
Jiadong Sun, Xia Zhou, Wenbo Shen, Yajin Zhou, Kui Ren
[Paper]
2019
- ASE — Demystifying Application Performance Management Libraries for Android
Yutian Tang, Zhan Xian, Hao Zhou, Xiapu Luo, Zhou Xu, Yajin Zhou, Qiben
Yan
[Paper]
- TDSC — PPSB: An Open and Flexible Platform for Privacy-Preserving Safe Browsing
Helei Cui, Yajin Zhou*, Cong Wang, Xinyu Wang, Yuefeng Du, Qian Wang
[Paper]
- CCS — Different is Good: Detecting the Use of Uninitialized Variables through Differential Replay
Mengchen Cao, Xiantong Hou, Tao Wang, Hunter Qu, Yajin Zhou*, Xiaolong Bai, Fuwei
Wang
[Paper]
- CCS — LightBox: Full-stack Protected Stateful Middlebox at Lightning Speed
Huayi Duan, Cong Wang, Xingliang Yuan, Yajin Zhou, Qian Wang, Kui Ren
[Paper]
- RAID — Towards a First Step to Understand the Cryptocurrency Stealing Attack on Ethereum
Zhen Cheng^, Xinrui Hou^, Runhuai Li, Yajin Zhou*, Xiapu Luo, Jinku Li, Kui
Ren
[Paper]
- ICDCS — SPEED: Accelerating Enclave Applications via Secure Deduplication
Helei Cui, Huayi Duan, Zhan Qin, Cong Wang, Yajin Zhou
[Paper]
- TDSC — Dating with Scambots: Understanding the Ecosystem of Fraudulent Dating Applications
Yangyu Hu, Haoyu Wang*, Yajin Zhou*, Yao Guo, Li Li, Bingxuan Luo, Fangren
Xu
[Paper]
- EuroS&P — Adaptive Call-site Sensitive Control Flow Integrity (Best Paper Award)
Mustakimur Khandaker, Abu Naser, Wenqing Liu, Zhi Wang, Yajin Zhou, Yueqiang
Cheng
[Paper]
- TIFS — NDroid: Towards Tracking Information Flows Across Multiple Android Contexts
Lei Xue, Chenxiong Qian, Hao Zhou, Xiapu Luo, Yajin Zhou, Yuru Shao, Alvin T.S.
Chan
[Paper]
2018
- ICPADS — Towards Privacy-Preserving Malware Detection Systems for Android (Best Paper Award)
Helei Cui, Yajin Zhou, Cong Wang, Qi Li, Kui Ren
[Paper]
- TDSC — AdCapsule: Practical Confinement of Advertisements in Android Applications
Xiaonan Zhu, Jinku Li, Yajin Zhou, Jianfeng Ma
[Paper]
2017
- ESEC/FSE — When Program Analysis Meets Mobile Security: An Industrial Study of Misusing Android Internet
Sockets
Wenqi Bu, Minhui Xue, Lihua Xu, Yajin Zhou, Zhushou Tang, Tao Xie
[Paper]
- USENIX Security — Malton: Towards On-Device Non-Invasive Mobile Malware Analysis for ART
Lei Xue, Yajin Zhou, Ting Chen, Xiapu Luo, Guofei Gu
[Paper]
- TDSC — Design and Implementation of SecPod, A Framework for Virtualization-based Security Systems
Xiaoguang Wang, Yong Qi, Zhi Wang, Yue Chen, Yajin Zhou
[Paper]
2016
- RAID — Blender: Self-randomizing Address Space Layout for Android Apps
Mingshen Sun, John C.S. Lui, Yajin Zhou
[Paper]
2015
- USENIX ATC — SecPod: a Framework for Virtualization-based Security Systems
Xiaoguang Wang, Yue Chen, Zhi Wang, Yong Qi, Yajin Zhou
[Paper]
- WiSec — Harvesting Developer Credentials in Android Apps
Yajin Zhou, Lei Wu, Zhi Wang, Xuxian Jiang
[Paper]
- ASIACCS — Hybrid User-level Sandboxing of Third-party Android Apps
Yajin Zhou, Kunal Patel, Lei Wu, Zhi Wang, Xuxian Jiang
[Paper]
2014
- CCS — ARMlock: Hardware-based Fault Isolation for ARM
Yajin Zhou, Xiaoguang Wang, Yue Chen, Zhi Wang
[Paper]
- TRUST — Owner-centric Protection of Unstructured Data on Smartphones
Yajin Zhou, Kapil Singh, Xuxian Jiang
[Paper]
- NDSS — AirBag: Boosting Smartphone Resistance to Malware Infection
Chiachih Wu, Yajin Zhou, Kunal Patel, Zhenkai Liang, Xuxian Jiang
[Paper]
- CODASPY — DIVILAR: Diversifying Intermediate Language for Anti-Repackaging on Android Platform
Wu Zhou, Zhi Wang, Yajin Zhou, Xuxian Jiang
[Paper]
2013
- CCS — The Impact of Vendor Customizations on Android Security
Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu, Xuxian Jiang
[Paper]
- CODASPY — Fast, Scalable Detection of “Piggybacked” Mobile Applications (Best Paper Award)
Wu Zhou, Yajin Zhou, Michael Grace, Xuxian Jiang, Shihong Zou
[Paper]
- NDSS — Detecting Passive Content Leaks and Pollution in Android Applications
Yajin Zhou, Xuxian Jiang
[Paper]
2012
- MobiSys — RiskRanker: Scalable and Accurate Zero-day Android Malware Detection
Michael Grace*, Yajin Zhou*, Qiang Zhang, Shihong Zou, Xuxian Jiang
[Paper]
- S&P — Dissecting Android Malware: Characterization and Evolution
Yajin Zhou, Xuxian Jiang
[Paper]
- CODASPY — DroidMOSS: Detecting Repackaged Smartphone Applications in Third-Party Android Marketplaces
(Best Paper Award)
Wu Zhou, Yajin Zhou, Xuxian Jiang, Peng Ning
[Paper]
- NDSS — Hey, You, Get off of My Market: Detecting Malicious Apps in Official and Alternative Android
Markets
Yajin Zhou, Zhi Wang, Wu Zhou, Xuxian Jiang
[Paper]
- NDSS — Systematic Detection of Capability Leaks in Stock Android Smartphones
Michael Grace, Yajin Zhou, Zhi Wang, Xuxian Jiang
[Paper]
2011
- TRUST — Taming Information-Stealing Smartphone Applications (on Android)
Yajin Zhou, Xinwen Zhang, Xuxian Jiang, Vince W. Freeh
[Paper]