Wenrui Diao's homepage

alt text 

Wenrui Diao 刁文瑞

Associate Professor

College of Cyber Security, Jinan University (暨南大学)

Guangzhou, China

Email: diaowenrui [AT] link.cuhk.edu.hk

[Google Scholar] [DBLP]

News:

>>> Jun 2018: One paper accepted by ICSME 2018.

>>> Apr 2018: One paper accepted by SecureComm 2018.

>>> Mar 2018: One paper accepted by DSN 2018.

>>> Mar 2018: One paper accepted by Journal of Computer Security.

>>> Feb 2018: I will serve as TPC Member for ACM CCS 2018.

招生意向

2019年度在网络空间安全专业(系统安全方向)招收硕士研究生,将主要开展移动安全、物联网安全、侧信道分析、代码分析等方向研究,欢迎对于系统安全感兴趣的同学报考。如需更多信息,请通过电子邮件同我取得联系。

Biography

I am an Associate Professor in College of Cyber Security at Jinan University. Before joining JNU, I obtained my Ph.D. degree from The Chinese University of Hong Kong, under the supervision of Prof. Kehuan Zhang. Also, I ever visited / worked / interned at Indiana University Bloomington, City University of Hong Kong, Syniverse Technologies, and EMC Labs China. My research focuses on system security, especially mobile security and IoT security. Also, I work closely with Dr. Zhou Li and Prof. XiaoFeng Wang. I was a member of System Security Lab of CUHK.

Education

Experience

Publications

Publications at top-tier venues (4 papers): IEEE S&P (’16), CCS (’14, ’15), NDSS (’18)

  1. [ICSME’18]​ Chao Chen, Wenrui Diao, Yingpei Zeng, Shanqing Guo, and Chengyu Hu. DRLgencert: Deep Learning-based Automated Testing of Certificate Verification in SSL/TLS Implementations. The 34th IEEE International Conference on Software Maintenance and Evolution, Madrid, Spain. September 2018. [CCF B] [PDF]

  2. [SecureComm’18]​ Shuaike Dong, Menghao Li, Wenrui Diao, Xiangyu Liu, Jian Liu, Zhou Li, Fenghao Xu, Kai Chen, XiaoFeng Wang, and Kehuan Zhang. Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild. The 14th EAI International Conference on Security and Privacy in Communication Networks, Singapore​. August 2018. [CCF C] [Full Version]

  3. [JCS] Wenrui Diao, Rui Liu, Xiangyu Liu, Zhe Zhou, Zhou Li, and Kehuan Zhang. Accessing Mobile User’s Privacy Based on IME Personalization: Understanding and Practical Attacks. Journal of Computer Security. vol. 26, no. 3, pp. 283-309, 2018. [CCF B] [Link]

  4. [DSN’18] Jia Chen, Ge Han, Shanqing Guo, and Wenrui Diao. FragDroid: Automated User Interface Interaction with Activity and Fragment Analysis in Android Applications. The 48th IEEE/IFIP International Conference on Dependable Systems and Networks, Luxembourg City, Luxembourg. June 2018. [CCF B] [PDF]

  5. [NDSS’18] Jiongyi Chen, Wenrui Diao, Qingchuan Zhao, Chaoshun Zuo, Zhiqiang Lin, XiaoFeng Wang, Wing Cheong Lau, Menghan Sun, Ronghai Yang, and Kehuan Zhang. IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing. The 25th Annual Network and Distributed System Security Symposium, San Diego, CA, USA. February 2018. [CCF B] [PDF]

  6. [PETS’17] Zhe Zhou, Wenrui Diao, Xiangyu Liu, Zhou Li, Kehuan Zhang, and Rui Liu. Vulnerable GPU Memory Management: Towards Recovering Raw Data from GPU. The 17th Privacy Enhancing Technologies Symposium, Minneapolis, MN, USA. July 2017. [CCF C]

  7. [Preprint] Nan Zhang, Soteris Demetriou, Xianghang Mi, Wenrui Diao, Kan Yuan, Peiyuan Zong, Feng Qian, XiaoFeng Wang, Kai Chen, Yuan Tian, Carl A. Gunter, Kehuan Zhang, Patrick Tague, and Yue-Hsun Lin. Understanding IoT Security Through the Data Crystal Ball: Where We Are Now and Where We Are Going to Be. arXiv Preprint, CoRR abs1703.09809/. 2017. [PDF]

  8. [WiSec’16] Wenrui Diao, Xiangyu Liu, Zhou Li, and Kehuan Zhang. Evading Android Runtime Analysis Through Detecting Programmed Interactions. The 9th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Darmstadt, Germany. July 2016. [CCF C] [PDF]

  9. [IEEE S&P’16] Wenrui Diao, Xiangyu Liu, Zhou Li, and Kehuan Zhang. No Pardon for the Interruption: New Inference Attacks on Android Through Interrupt Timing Analysis. The 37th IEEE Symposium on Security and Privacy, San Jose, CA, USA. May 2016. [CCF A] [PDF]

  10. [CCS’15] Xiangyu Liu, Zhe Zhou, Wenrui Diao, Zhou Li, and Kehuan Zhang. When Good Becomes Evil: Keystroke Inference with Smartwatch. The 22nd ACM Conference on Computer and Communications Security, Denver, CO, USA. October 2015. [CCF A] [PDF]

  11. [ESORICS’15] Wenrui Diao, Xiangyu Liu, Zhe Zhou, Kehuan Zhang, and Zhou Li. Mind-Reading: Privacy Attacks Exploiting Cross-App KeyEvent Injections. The 20th European Symposium on Research in Computer Security, Vienna, Austria. September 2015. [CCF B] [PDF] [Demo]

  12. [IFIP SEC’15] Xiangyu Liu, Zhe Zhou, Wenrui Diao, Zhou Li, and Kehuan Zhang. An Empirical Study on Android for Saving Non-shared Data on Public Storage. The 30th IFIP International Information Security and Privacy Conference, Hamburg, Germany. May 2015. [CCF C]

  13. [SPSM’14] Wenrui Diao, Xiangyu Liu, Zhe Zhou, and Kehuan Zhang. Your Voice Assistant is Mine: How to Abuse Speakers to Steal Information and Control Your Phone. The 4th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, Scottsdale, AZ, USA. November 2014. [PDF] [Demo] [Media Coverage: IBTimes, Help Net Security, Tom's Guide, The Register, Ta Kung Pao (大公報), Ming Pao (明報), Oriental Daily (東方日報)]

  14. [CCS’14] Zhe Zhou, Wenrui Diao, Xiangyu Liu, and Kehuan Zhang. Acoustic Fingerprinting Revisited: Generate Stable Device ID Stealthily with Inaudible Sound. The 21st ACM Conference on Computer and Communications Security, Scottsdale, AZ, USA. November 2014. [CCF A] [PDF]

Professional Activities

TPC Member:

Reviewer:

External Reviewer:

Invited Talks

Teaching

Instructor@JNU:

Part-time Instructor@CUHK:

Teaching Assistant@CUHK:

Awards

Useful Links