I have published more than 60 papers, with 10,000+ citations (Google Scholar). One of my papers has been selected to the list of normalized Top-100 security papers since 1981. I was recognized as the Most Influential Scholar Award for my contributions to the field of Security and Privacy.

My current research spans traditional ones (software security, operating systems security and hardware-assisted security) and emerging areas (security of smart contracts, decentralized finance (DeFi) security, and underground economy.)

My group's research is focused on solving real-world problems, building secure software/hardware systems, and creating significant impact.

We are looking for students who are interested in these research areas, and possess a strong background in systems and/or security.

Dataset Release

• Dissecting Payload-based Transaction Phishing on Ethereum (NDSS 2025)
• Toss a Fault to BpfChecker: Revealing Implementation Flaws for eBPF runtimes with Differential Fuzzing (CCS 2024)
• DeFiRanger: Detecting DeFi Price Manipulation Attacks (TDSC 2024)
• TxPhishScope: Towards Detecting and Understanding Transaction-based Phishing on Ethereum (CCS 2023)
• An Empirical Study on ARM Disassembly Tools (ISSTA 2020, TSE 2022)

Publications

2025

[71] TDSC Detecting DBMS Bugs with Context-Sensitive Instantiation and Multi-Plan Execution[Paper]
Jiaqi Li, Ke Wang, Yaoguang Chen, Yajin Zhou*, Lei Wu, Jiashui Wang
Computers & Security (Computers & Security)

[70] ESORICS NLSaber: Enhancing Netlink Family Fuzzing via Automated Syscall Description Generation [Paper]
Lin Ma, Xingwei Lin, Ziming Zhang, Yajin Zhou*
Proceedings of the 30th European Symposium on Research in Computer Security (ESORICS 2025)

[69] USENIX Security Harness: Transparent and Lightweight Protection of Vehicle Control on Untrusted Android Automotive Operating System [Paper]
Haochen Gong, Siyu Hong, Shenyi Yang, Rui Chang, Wenbo Shen, Ziqi Yuan, Chenyang Yu, Yajin Zhou
Proceedings of the The 34th USENIX Security Symposium (USENIX Security 2025)

[68] USENIX Security Surviving in Dark Forest: Towards Evading the Attacks from Front-Running Bots in Application Layer [Paper]
Zuchao Ma, Muhui Jiang, Feng Luo, Xiapu Luo, Yajin Zhou
Proceedings of the The 34th USENIX Security Symposium (USENIX Security 2025)

[67] ICDCS HarDTAPE: Hardware Dedicated Trusted transAction Pre-Executor [Paper]
Sirui He, Zhibo Sun, Yuan Chen, Yajin Zhou, Cong Wang
Proceedings of the IEEE ICDCS 2025 (IEEE ICDCS)

[66] SIGMETRICS Phishing Tactics Are Evolving: An Empirical Study of Phishing Contracts on Ethereum [Paper]
Bowen He, Xiaohui Hu, Yufeng Hu, Ting Yu, Rui Chang, Lei Wu, Yajin Zhou*
Proceedings of the ACM SIGMETRICS 2025 (ACM SIGMETRICS)

[65] SIGMETRICS Towards Understanding and Analyzing Instant Cryptocurrency Exchanges [Paper]
Yufeng Hu, Yingshi Sun, Lei Wu, Yajin Zhou, Rui Chang
Proceedings of the ACM SIGMETRICS 2025 (ACM SIGMETRICS)

[64] SIGMETRICS Piecing Together the Jigsaw Puzzle of Transactions on Heterogeneous Blockchain Networks [Paper]
Xiaohui Hu, Hang Feng, Pengcheng Xia, Gareth Tyson, Lei Wu, Yajin Zhou, Haoyu Wang
Proceedings of the ACM SIGMETRICS 2025 (ACM SIGMETRICS)

[63] NDSS Dissecting Payload-based Transaction Phishing on Ethereum [Paper]
Zhuo Chen, Yufeng Hu, Bowen He, Dong Luo, Lei Wu, Yajin Zhou*
Proceedings of the NDSS Symposium 2025 (NDSS)

[62] EuroSys ParallelEVM: Operation-Level Concurrent Transaction Execution for EVM-Compatible Blockchains [Paper]
Haoran Lin, Hang Feng, Yajin Zhou*, Lei Wu
Proceedings of the 2025 EuroSys (EuroSys 2025)

2024

[61] MIDDLEWARE LightZone: Lightweight Hardware-Assisted In-Process Isolation for ARM64 [Paper]
Ziqi Yuan, Siyu Hong, Ruorong Guo, Rui Chang, Mingyu Gao, Wenbo Shen, Yajin Zhou
Proceedings of the Middleware 24 2024(MIDDLEWARE 2024)

[60] ISSTA Atlas: Automating Cross-Language Fuzzing on Android Closed-Source Libraries [Paper]
Hao Xiong, Qinming Dai, Rui Chang, Mingran Qiu, Renxiang Wang, Wenbo Shen, Yajin Zhou
Proceedings of the ACM SIGSOFT International Symposium on Software Testing and Analysis 2024(ISSTA 2024)

[59] CCS Toss a Fault to BpfChecker: Revealing Implementation Flaws for eBPF runtimes with Differential Fuzzing [Paper]
Chaoyuan Peng, Muhui Jiang, Lei Wu, Yajin Zhou*
Proceedings of the 31th ACM Conference on Computer and Communications Security (ACM CCS 2024)

[58] USENIX Security DMAAUTH: A Lightweight Pointer Integrity-based Secure Architecture to Defeat DMA Attacks [Paper]
Xingkai Wang, Wenbo Shen, Yujie Bu, Jinmeng Zhou, Yajin Zhou
Proceedings of the 2024 USENIX Security Symposium (USENIX Security 2024)

[57] ATC SlimArchive: A Lightweight Architecture for Ethereum Archive Nodes [Paper]
Hang Feng, Yufeng Hu, Yinghan Kou, Runhuai Li, Jianfeng Zhu, Lei Wu, Yajin Zhou*
Proceedings of The 2024 USENIX Annual Technical Conference (ATC 2024)

2023

[56] TDSC DeFiRanger: Detecting DeFi Price Manipulation Attacks [Paper]
Siwei Wu, Zhou Yu, Dabao Wang, Yajin Zhou*, Lei Wu, Haoyu Wang, Xingliang Yuan
IEEE Transactions on Dependable and Secure Computing (IEEE TDSC)

[55] CCS TxPhishScope: Towards Detecting and Understanding Transaction-based Phishing on Ethereum [Paper]
Bowen He, Yuan Chen, Zhuo Chen, Xiaohui Hu, Yufeng Hu, Lei Wu, Rui Chang, Haoyu Wang, Yajin Zhou*
Proceedings of the ACM Conference on Computer and Communications Security (CCS 2023)

[54] CCS Travelling the Hypervisor and SSD: A Tag-Based Approach Against Crypto Ransomware with Fine-Grained Data Recovery [Paper]
Boyang Ma, Yilin Yang, Jinku Li, Fengwei Zhang, Wenbo Shen, Yajin Zhou, Jianfeng Ma
Proceedings of the ACM Conference on Computer and Communications Security (CCS 2023)

[53] TACO DxPU: Large Scale Disaggregated GPU Pools in the Datacenter [Paper]
Bowen He, Xiao Zheng, Yuan Chen, Weinan Li, Yajin Zhou*, Xin Long, Pengcheng Zhang, Xiaowei Lu, Linquan Jiang, Qiang Liu, Dennis Cai, Xiantao Zhang
ACM Transactions on Architecture and Code Optimization (ACM TACO)

[52] TDSC An Empirical Study on the Insecurity of End-of-Life (EoL) IoT Devices [Paper]
Dingding Wang, Muhui Jiang, Rui Chang, Yajin Zhou*, Hexiang Wang, Baolei Hou, Lei Wu, Xiapu Luo
IEEE Transactions on Dependable and Secure Computing (IEEE TDSC)

[51] TSE Demystifying Random Number in Ethereum Smart Contract: Taxonomy, Vulnerability Identification, and Attack Detection [Paper]
Peng Qian, Jianting He, Lingling Lu, Siwei Wu, Zhipeng Lu, Lei Wu, Yajin Zhou*, Qinming He
IEEE Transactions on Software Engineering (IEEE TSE)

[50] ISSTA Detecting Underground Economy Apps Based on UTG Similarity [Paper]
Zhuo Chen, Jie Liu, Yubo Hu, Lei Wu, Yajin Zhou, Yiling He, Xianhao Liao, Ke Wang, Jinku Li, Zhan Qin
Proceedings of the 2023 ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2023)

[49] TDSC Lifting The Grey Curtain: Analyzing the Ecosystem of Android Scam Apps [Paper]
Zhuo Chen, Lei Wu, Yubo Hu, Jing Cheng, Yufeng Hu, Yajin Zhou, Zhushou Tang, Yexuan Chen, Jinku Li, Kui Ren
IEEE Transactions on Dependable and Secure Computing (IEEE TDSC)

[48] S&P VIDEZZO: Dependency-aware Virtual Device Fuzzing [Paper]
Qiang Liu, Flavio Toffalini, Yajin Zhou*, Mathias Payer
Proceedings of the 44th IEEE Symposium on Security and Privacy (IEEE S&P 2023)

[47] DAC DriverJar: Lightweight Device Driver Isolation for ARM [Paper]
Huamao Wu, Yuan Chen, Yajin Zhou*, Yifei Wang, Lubo Zhang
Proceedings of the 60th Design Automation Conference 2023 (DAC 2023)

[46] USENIX Security MorFuzz: Fuzzing Processor via Runtime Instruction Morphing enhanced Synchronizable Co-simulation [Paper]
Jinyan Xu, Yiyuan Liu, Sirui He, Haoran Lin, Yajin Zhou*, Cong Wang
Proceedings of the 32nd USENIX Security Symposium (USENIX Security 2023)

[45] S&P When Top-down Meets Bottom-up: Detecting and Exploiting Use-After-Cleanup Bugs in Linux Kernel [Paper]
Lin Ma, Duoming Zhou, Hanjie Wu, Yajin Zhou*, Rui Chang, Hao Xiong, Lei Wu, Kui Ren
Proceedings of the IEEE Symposium on Security and Privacy 2023 (IEEE S&P 2023)

[44] ASPLOS VDom: Fast and Unlimited Virtual Domains on Multiple Architectures [Paper]
Ziqi Yuan, Siyu Hong, Rui Chang, Yajin Zhou, Wenbo Shen, Kui Ren
Proceedings of the Architectural Support for Programming Languages and Operating Systems (ASPLOS 2023)

2022

[43] RAID Penny Wise and Pound Foolish: Quantifying the Risk of Unlimited Approval of ERC20 Tokens on Ethereum [Paper]
Dabao Wang, Hang Feng, Siwei Wu, Yajin Zhou, Lei Wu, Xingliang Yuan
Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2022)

[42] ISSTA NCScope: Hardware-Assisted Analyzer for Native Code in Android Apps [Paper]
Hao Zhou, Shuohan Wu, Xiapu Luo, Ting Wang, Yajin Zhou, Chao Zhang, Haipeng Cai
Proceedings of the 2022 International Symposium on Software Testing and Analysis (ISSTA 2022)

[41] DAC RegVault: Hardware Assisted Selective Data Randomization for Operating System Kernels [Paper]
Jinyan Xu, Haoran Lin, Ziqi Yuan, Wenbo Shen, Yajin Zhou, Rui Chang, Lei Wu, Kui Ren
Proceedings of the 59th The Design Automation Conference (DAC 2022)

[40] EuroSys OPEC: Operation-based Security Isolation for Bare-metal Embedded Systems [Paper]
Xia Zhou, Jiaqi Li, Wenlong Zhang, Yajin Zhou*, Wenbo Shen, Kui Ren
Proceedings of the 17th European Conference on Computer Systems (EuroSys 2022)

[39] TOSEM Time-Travel Investigation: Towards Building A Scalable Attack Detection Framework on Ethereum [Paper]
Siwei Wu, Lei Wu, Yajin Zhou*, Runhuai Li, Zhi Wang, Xiapu Luo, Cong Wang, Kui Ren
ACM Transactions on Software Engineering and Methodology (ACM TOSEM)

[38] ASPLOS EXAMINER: Automatically Locating Inconsistent Instructions between Real Devices and CPU Emulators for ARM [Paper]
Muhui Jiang, Tianyi Xu, Yajin Zhou*, Yufeng Hu, Ming Zhong, Lei Wu, Xiapu Luo, Kui Ren
Proceedings of the 2022 Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2022)

[37] NDSS Uncovering Cross-Context Inconsistent Access Control Enforcement in Android [Paper]
Hao Zhou, Haoyu Wang, Xiapu Luo, Ting Chen, Yajin Zhou, Ting Wang
Proceedings of the 2022 Network and Distributed System Security Symposium(NDSS 2022)

[36] USENIX Security SGXLock: Towards Efficiently Establishing Mutual Distrust Between Host Application and Enclave for SGX [Paper]
Yuan Chen, Jiaqi Li, Guorui Xu, Yajin Zhou*, Zhi Wang, Cong Wang, Kui Ren
Proceedings of the 31st USENIX Security Symposium(USENIX Security 2022)

[35] USENIX Security Towards Automatically Reverse Engineering Vehicle Diagnostic Protocols [Paper]
Le Yu, Yangyang Liu, Pengfei Jing, Xiapu Luo, Lei Xue, Kaifa Zhao, Yajin Zhou, Ting Wang, Guofei Gu, Sen Nie, Shi Wu
Proceedings of the 31st USENIX Security Symposium(USENIX Security 2022)

[34] USENIX Security SAID: State-aware Defense Against Injection Attacks on In-vehicle Network [Paper]
Lei Xue, Yangyang Liu, Tianqi Li, Kaifa Zhao, Jianfeng Li, Le Yu, Xiapu Luo, Yajin Zhou, Guofei Gu
Proceedings of the 31st USENIX Security Symposium(USENIX Security 2022)

2021

[33] SEED H2Cache: Building a Hybrid RandomizedCache Hierarchy for Mitigating Cache Side-Channel Attacks [Paper]
Xingjian Zhang, Ziqi Yuan, Rui Chang, Yajin Zhou
Proceedings of the IEEE International Symposium on Secure and Private Execution Environment Design (SEED 2021)

[32] SOSP Forerunner: Constraint-based Speculative Transaction Execution for Ethereum [Paper]
Yang Chen, Zhongxin Guo, Runhuai Li, Shuo Chen, Lidong Zhou, Yajin Zhou, Xian Zhang
Proceedings of the 28th ACM Symposium on Operating Systems Principles (SOSP 2021)

[31] CCS ECMO: Peripheral Transplantation to Rehost Embedded Linux Kernels [Paper] online demo
Muhui Jiang, Lin Ma, Yajin Zhou*, Qiang Liu, Cen Zhang, Zhi Wang, Xiapu Luo, Lei Wu, Kui Ren
Proceedings of the 28th ACM Conference on Computer and Communications Security (CCS 2021)

[30] ASE FirmGuide: Boosting the Capability of Rehosting Embedded Linux Kernels through Model-Guided Kernel Execution [Paper]
Qiang Liu^, Cen Zhang^, Lin Ma, Muhui Jiang, Yajin Zhou, Lei Wu, Wenbo Shen, Xiapu Luo, Yang Liu, Kui Ren
Proceedings of the 36th IEEE/ACM International Conference on Automated Software Engineering(ASE 2021)
(^The names of the first two authors are in alphabetical order)

[29] ASE Finding the Missing Piece: Permission Specification Analysis for Android NDK [Paper]
Hao Zhou, Haoyu Wang, Shuohan Wu, Xiapu Luo, Yajin Zhou, Ting Chen, Ting Wang
Proceedings of the 36th IEEE/ACM International Conference on Automated Software Engineering(ASE 2021)

[28] ESORICS Succinct Scriptable NIZK via Trusted Hardware [Paper]
Bingshen Zhang, Yuan Chen, Jiaqi Li, Yajin Zhou*, Phuc Thai, Hong-Sheng Zhou, Kui Ren
Proceedings of the 26th European Symposium on Research in Computer Security(ESORICS 2021)

[27] ApSys Revisiting Challenges for Selective Data Protection of Real Applications [Paper]
Lin Ma, Jinyan Xu, Jiadong Sun, Yajin Zhou, Xun Xie, Wenbo Shen, Rui Chang, Kui Ren
Proceedings of the 12th ACM SIGOPS Asia-Pacific Workshop on Systems(APSys 2021)

[26] ISSTA Parema: An Unpacking Framework for Demystifying VM-based Android Packers [Paper]
Lei Xue, Yuxiao Yan, Luyi Yan, Muhui Jiang, Xiapu Luo, Dinghao Wu, Yajin Zhou
Proceedings of the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2021)

[25] TSE A Systematical Study on Application Performance Management Libraries for Apps [Paper]
Yutian Tang, Haoyu Wang, Xian Zhan, Xiapu Luo, Yajin Zhou, Hao Zhou, Qiben Yan, Yulei Sui, Jacky Wai Keung
IEEE Transactions on Software Engineering (Preprints) (TSE)

[24] SBC Towards A First Step to Understand Flash Loan and Its Applications in DeFi Ecosystem [Paper]
Dabao Wang, Siwei Wu, Ziling Lin, Lei Wu, Xingliang Yuan, Yajin Zhou, Haoyu Wang, Kui Ren
Proceedings of the 9th International Workshop on Security in Blockchain and Cloud Computing (SBC 2021)

[23] S&P Happer: Unpacking Android Apps via a Hardware-Assisted Approach [Paper]
Lei Xue, Hao Zhou, Xiapu Luo, Yajin Zhou, Yang Shi, Guofei Gu, Fengwei Zhang, Man Ho Au
Proceedings of the 42nd IEEE Symposium on Security and Privacy (S&P 2021)

[22] WWW Towards Understanding and Demystifying Bitcoin Mixing Services [Paper | Data Set]
Lei Wu, Yufeng Hu, Yajin Zhou*, Haoyu Wang, Xiapu Luo, Zhi Wang, Fan Zhang, Kui Ren
Proceedings of the 30th The Web Conference (WWW 2021)

[21] NDSS POP and PUSH: Demystifying and Defending against (Mach) Port-oriented Programming [Paper]
Min Zheng, Xiaolong Bai, Yajin Zhou*, Chao Zhang, Fuping Qu
Proceedings of the 28th Annual Network and Distributed System Security Symposium (NDSS 2021)

[20] SIGMETRICS Tracking Counterfeit Cryptocurrency End-to-end [Paper]
Bingyu Gao, Haoyu Wang, Pengcheng Xia, Siwei Wu, Yajin Zhou, Xiapu Luo, Gareth Tyson
Proceedings of the ACM SIGMETRICS 2021 (SIGMETRICS 2021)

2020

[19] ASE Demystifying Diehard Android Apps [Paper]
Hao Zhou, Haoyu Wang, Yajin Zhou, Xiapu Luo, Yutian Tang, Lei Xue, Ting Wang
Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering (ASE 2020)

[18] TSE PackerGrind: An Adaptive Unpacking System for Android Apps [Paper]
Lei Xue, Hao Zhou, Xiapu Luo, Le Yu, Dinghao Wu, Yajin Zhou, Xiaobo Ma
IEEE Transactions on Software Engineering (TSE)

[17] TDSC JNI Global References Are Still Vulnerable: Attacks and Defenses [Paper]
Yi He, Yuan Zhou, Yajin Zhou*, Qi Li*, Kun Sun, Yacong Gu, Yong Jiang
IEEE Transactions on Dependable and Secure Computing (TDSC)

[16] ISSTA An Empirical Study on ARM Disassembly Tools [Paper | Data Set | 中文介绍]
Muhui Jiang, Yajin Zhou*, Xiapu Luo, Ruoyu Wang, Yang Liu, Kui Ren
Proceedings of the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2020)

[15] ICDCS HybrIDX: New Hybrid Index for Volume-hiding Range Queries in Data Outsourcing Services (Best Paper Award) [Paper]
Kui Ren, Yu Guo, Jiaqi Li, Xiaohua Jia, Cong Wang, Yajin Zhou, Sheng Wang, Ning Cao, Feifei Li
Proceedings of the 40th IEEE International Conference on Distributed Computing Systems (ICDCS 2020)

[14] CODASPY PESC: A Per System-Call Stack Canary Design for Linux Kernel [Paper]
Jiadong Sun, Xia Zhou, Wenbo Shen, Yajin Zhou, Kui Ren
Proceedings of the 10th ACM Conference on Data and Application Security and Privacy (CODASPY 2020)

2019

[13] 物联网设备软件安全综述 [Paper]
任 奎, 王丁玎, 周亚金
广州大学学报(自然科学版), Volume: 18, Issue: 3, pp. 11 - 16, 2019

[12] ASE Demystifying Application Performance Management Libraries for Android [Paper]
Yutian Tang, Zhan Xian, Hao Zhou, Xiapu Luo, Zhou Xu, Yajin Zhou, Qiben Yan
Proceedings of the 34th IEEE/ACM International Conference on Automated Software Engineering (ASE 2019)

[11] TDSC PPSB: An Open and Flexible Platform for Privacy-Preserving Safe Browsing [Paper | Website]
Helei Cui, Yajin Zhou*, Cong Wang, Xinyu Wang, Yuefeng Du, Qian Wang
IEEE Transactions on Dependable and Secure Computing (TDSC)
We have released a Chrome extension that provides privacy-preserving safe browsing to users.

[10] CCS Different is Good: Detecting the Use of Uninitialized Variables through Differential Replay [Paper | 中文介绍]
Mengchen Cao, Xiantong Hou, Tao Wang, Hunter Qu, Yajin Zhou*, Xiaolong Bai, Fuwei Wang
Proceedings of the 26th ACM Conference on Computer and Communications (ACM CCS 2019)

[9] CCS LightBox: Full-stack Protected Stateful Middlebox at Lightning Speed [Paper]
Huayi Duan, Cong Wang, Xingliang Yuan, Yajin Zhou, Qian Wang, Kui Ren
Proceedings of the 26th ACM Conference on Computer and Communications (ACM CCS 2019)

[8] RAID Towards a First Step to Understand the Cryptocurrency Stealing Attack on Ethereum [Paper | Data Set]
Zhen Cheng^, Xinrui Hou^, Runhuai Li, Yajin Zhou*, Xiapu Luo, Jinku Li, Kui Ren
Proceedings of the 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019)
(^The names of the first two authors are in alphabetical order)
(Our dataset of captured attacks is released at https://github.com/zjuicsr/eth-honey)

[7] ICDCS SPEED: Accelerating Enclave Applications via Secure Deduplication [Paper]
Helei Cui, Huayi Duan, Zhan Qin, Cong Wang, Yajin Zhou
Proceedings of the 39th IEEE International Conference on Distributed Computing Systems (IEEE ICDCS 2019)

[6] TDSC Dating with Scambots: Understanding the Ecosystem of Fraudulent Dating Applications [Paper]
Yangyu Hu, Haoyu Wang*, Yajin Zhou*, Yao Guo, Li Li, Bingxuan Luo, Fangren Xu
IEEE Transactions on Dependable and Secure Computing (TDSC)

[5] EuroS&P Adaptive Call-site Sensitive Control Flow Integrity (Best Paper Award) [Paper | Code]
Mustakimur Khandaker, Abu Naser, Wenqing Liu, Zhi Wang, Yajin Zhou, Yueqiang Cheng
Proceedings of the 4th IEEE European Symposium on Security and Privacy (IEEE EuroS&P 2019)

[4] TIFS NDroid: Towards Tracking Information Flows Across Multiple Android Contexts [Paper]
Lei Xue, Chenxiong Qian, Hao Zhou, Xiapu Luo, Yajin Zhou, Yuru Shao and Alvin T.S. Chan
IEEE Transactions on Information Forensics & Security (TIFS), Volume: 14, Issue: 3, pp. 814–828, March 2019

2018

[3] 移动应用安全：回顾与展望 [Paper]
周亚金, 任奎
中国计算机学会通讯 (2018年第三期)

[2] ICPADS Towards Privacy-Preserving Malware Detection Systems for Android (Best Paper Award) [Paper]
Helei Cui, Yajin Zhou, Cong Wang, Qi Li, Kui Ren
Proceedings of the 24th International Conference on Parallel and Distributed Systems (IEEE ICPADS 2018)

[1] TDSC AdCapsule: Practical Confinement of Advertisements in Android Applications [Paper]
Xiaonan Zhu, Jinku Li, Yajin Zhou, Jianfeng Ma
IEEE Transactions on Dependable and Secure Computing (TDSC)

Before 2018

2017

[21] When Program Analysis Meets Mobile Security: An Industrial Study of Misusing Android Internet Sockets [Paper]
Wenqi Bu, Minhui Xue, Lihua Xu, Yajin Zhou, Zhushou Tang, Tao Xie
Proceedings of the 11th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE 2017)

[20] Malton: Towards On-Device Non-Invasive Mobile Malware Analysis for ART [Paper]
Lei Xue, Yajin Zhou, Ting Chen, Xiapu Luo, Guofei Gu
Proceedings of the 26th USENIX Security Symposium (USENIX Security 2017)

[19] Design and Implementation of SecPod, A Framework for Virtualization-based Security Systems [Paper]
Xiaoguang Wang, Yong Qi, Zhi Wang, Yue Chen, Yajin Zhou
IEEE Transactions on Dependable and Secure Computing (TDSC)

2016

[18] Blender: Self-randomizing Address Space Layout for Android Apps [Paper]
Mingshen Sun, John C.S. Lui, Yajin Zhou
Proceedings of the the 19th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2016)

[17] AppShell: Making Data Protection Practical for Lost or Stolen Android Devices [Paper]
Yajin Zhou, Kapil Singh, Xuxian Jiang
Proceedings of IEEE/IFIP Network Operations and Management Symposium (NOMS 2016)

2015

[16] SecPod: a Framework for Virtualization-based Security Systems [Paper]
Xiaoguang Wang, Yue Chen, Zhi Wang, Yong Qi, Yajin Zhou
Proceedings of the 2015 USENIX Annual Technical Conference (USENIX ATC 2015)

[15] Harvesting Developer Credentials in Android Apps [Paper]
Yajin Zhou, Lei Wu, Zhi Wang, Xuxian Jiang
Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2015)

[14] Hybrid User-level Sandboxing of Third-party Android Apps [Paper]
Yajin Zhou, Kunal Patel, Lei Wu, Zhi Wang, Xuxian Jiang
Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2015)

2014

[13] ARMlock: Hardware-based Fault Isolation for ARM [Paper | Slides]
Yajin Zhou, Xiaoguang Wang, Yue Chen, Zhi Wang
Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS 2014)

[12] Owner-centric Protection of Unstructured Data on Smartphones [Paper]
Yajin Zhou, Kapil Singh, Xuxian Jiang
Proceedings of the 7th International Conference on Trust and Trustworthy Computing (TRUST 2014)

[11] AirBag: Boosting Smartphone Resistance to Malware Infection [Paper]
Chiachih Wu, Yajin Zhou, Kunal Patel, Zhenkai Liang, Xuxian Jiang
Proceedings of the 21st Network and Distributed System Security Symposium (NDSS 2014)

[10] DIVILAR: Diversifying Intermediate Language for Anti-Repackaging on Android Platform [Paper]
Wu Zhou, Zhi Wang, Yajin Zhou, Xuxian Jiang
Proceedings of the 4th ACM Conference on Data and Application Security and Privacy (CODASPY 2014)

2013

[9] The Impact of Vendor Customizations on Android Security [Paper]
Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu, Xuxian Jiang
Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS 2013)

[8] Fast, Scalable Detection of "Piggybacked" Mobile Applications (Best Paper Award) [Paper]
Wu Zhou, Yajin Zhou, Michael Grace, Xuxian Jiang, Shihong Zou
Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy (CODASPY 2013)

[7] Detecting Passive Content Leaks and Pollution in Android Applications [Paper | Slides]
Yajin Zhou, Xuxian Jiang
Proceedings of the 20th Network and Distributed System Security Symposium (NDSS 2013)

2012

[6] RiskRanker: Scalable and Accurate Zero-day Android Malware Detection [Paper]
Michael Grace*, Yajin Zhou*, Qiang Zhang, Shihong Zou, Xuxian Jiang
Proceedings of the 10th International Conference on Mobile Systems, Applications and Services (MobiSys 2012)
(*The names of the first two authors are in alphabetical order)

[5] Dissecting Android Malware: Characterization and Evolution [Paper]
Yajin Zhou, Xuxian Jiang
Proceedings of the 33rd IEEE Symposium on Security and Privacy (Oakland 2012)
(Our dataset is released at Android Malware Genome Project)

[4] DroidMOSS: Detecting Repackaged Smartphone Applications in Third-Party Android Marketplaces (Best Paper Award) [Paper]
Wu Zhou, Yajin Zhou, Xuxian Jiang, Peng Ning
Proceedings of the 2nd ACM Conference on Data and Application Security and Privacy (CODASPY 2012)

[3] Hey, You, Get off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets [Paper]
Yajin Zhou, Zhi Wang, Wu Zhou and Xuxian Jiang
Proceedings of the 19th Network and Distributed System Security Symposium (NDSS 2012)

[2] Systematic Detection of Capability Leaks in Stock Android Smartphones [Paper | Demo Video]
Michael Grace, Yajin Zhou, Zhi Wang and Xuxian Jiang
Proceedings of the 19th Network and Distributed System Security Symposium (NDSS 2012)

2011

[1] Taming Information-Stealing Smartphone Applications (on Android) [Paper]
Yajin Zhou, Xinwen Zhang, Xuxian Jiang, Vince W. Freeh
Proceedings of the 4th International Conference on Trust and Trustworthy Computing (TRUST 2011)