Our group won a Google Award to pursue research on malware detection! We will be collaborating with the Google Play Protect team to develop techniques for finding potentially harmful Android applications.
“Symbolic Reasoning for Automatic Signal Placement” by Kostas and Jacob and “Program Synthesis using Conflict-Driven Learning” by Yu and Ruben were both accepted in PLDI’18!
Navid and Xinyu’s paper on converting hierarchical datasets to relational format has been accepted to VLDB’18 in Rio de Janeiro, Brazil!
Xinyu’s paper on “Program Synthesis using Abstraction Refinement” and Yuepeng’s paper on “Verifying Equivalence of Database-Driven Applications” have been accepted to POPL’18 in Los Angeles, CA!
Congratulations to Xinyu, Navid, and Yuepeng for having their papers accepted to OOPSLA’17! The two papers are “SQLizer: Query Synthesis from Natural Language” (Navid & Yuepeng’s paper) and “Synthesis of Data Completion Scripts using Finite Tree Automata” (Xinyu’s paper).
This paper presents Themis, an end-to-end static analysis tool for finding resource-usage side-channel vulnerabilities in Java applications. We introduce the notion of ε-bounded non-interference, a variant and relaxation of Goguen and Meseguer’s well-known non-interference principle. We then present Quantitative Cartesian … Read More
Kostas’s work on “Failure-Directed Program Trimming” will appear at FSE’17! Here is the abstract of the upcoming paper: We present a new program simplification technique called program trimming that aims to improve the scalability and precision of safety checking tools. … Read More
Our paper called “Component-based Synthesis of Table Consolidation and Transformation Tasks from Examples” will appear in PLDI’17! Here is the abstract: This paper presents an example-driven synthesis technique for automating a large class of data preparation tasks that arise in … Read More
Our paper on automatically detecting regular expression denial-of-service (ReDoS) vulnerabilities got accepted into TACAS’17! Static Detection of DoS Vulnerabilities in Programs that use Regular Expressions In an algorithmic complexity attack, a malicious party takes advantage of the worst-case behavior … Read More
Our work on synthesizing semantic malware signatures is accepted at NDSS’17! Here is the abstract: This paper proposes a technique for automatically learning semantic malware signatures for Android from very few samples of a malware family. The key idea … Read More