default search action
Tiffany Bao
Person information
Refine list
refinements active!
zoomed in on ?? of ?? records
view refined list in
export refined list as
2020 – today
- 2024
- [c36]Rana Pourmohamad, Steven Wirsz, Adam Oest, Tiffany Bao, Yan Shoshitaishvili, Ruoyu Wang, Adam Doupé, Rida A. Bazzi:
Deep Dive into Client-Side Anti-Phishing: A Longitudinal Study Bridging Academia and Industry. AsiaCCS 2024 - [c35]Mehrnoosh Zaeifi, Faezeh Kalantari, Adam Oest, Zhibo Sun, Gail-Joon Ahn, Yan Shoshitaishvili, Tiffany Bao, Ruoyu Wang, Adam Doupé:
Nothing Personal: Understanding the Spread and Use of Personally Identifiable Information in the Financial Ecosystem. CODASPY 2024: 55-65 - [c34]Vivin Paliath, Erik Trickel, Tiffany Bao, Ruoyu Wang, Adam Doupé, Yan Shoshitaishvili:
SandPuppy: Deep-State Fuzzing Guided by Automatic Detection of State-Representative Variables. DIMVA 2024: 227-250 - [c33]Zhibo Sun, Faris Bugra Kokulu, Penghui Zhang, Adam Oest, Gianluca Stringhini, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé, Gail-Joon Ahn:
From Victims to Defenders: An Exploration of the Phishing Attack Reporting Ecosystem. RAID 2024: 49-64 - [c32]Irina Ford, Ananta Soneji, Faris Bugra Kokulu, Jayakrishna Vadayath, Zion Leonahenahe Basque, Gaurav Vipat, Adam Doupé, Ruoyu Wang, Gail-Joon Ahn, Tiffany Bao, Yan Shoshitaishvili:
"Watching over the shoulder of a professional": Why Hackers Make Mistakes and How They Fix Them. SP 2024: 350-368 - [c31]Qian Sang, Yanhao Wang, Yuwei Liu, Xiangkun Jia, Tiffany Bao, Purui Su:
AirTaint: Making Dynamic Taint Analysis Faster and Easier. SP 2024: 3998-4014 - [c30]Zion Leonahenahe Basque, Ati Priya Bajaj, Wil Gibbs, Jude O'Kain, Derron Miao, Tiffany Bao, Adam Doupé, Yan Shoshitaishvili, Ruoyu Wang:
Ahoy SAILR! There is No Need to DREAM of C: A Compiler-Aware Structuring Algorithm for Binary Decompilation. USENIX Security Symposium 2024 - [c29]Ziyi Guo, Dang K. Le, Zhenpeng Lin, Kyle Zeng, Ruoyu Wang, Tiffany Bao, Yan Shoshitaishvili, Adam Doupé, Xinyu Xing:
Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation. USENIX Security Symposium 2024 - [c28]Chang Zhu, Ziyang Li, Anton Xue, Ati Priya Bajaj, Wil Gibbs, Yibo Liu, Rajeev Alur, Tiffany Bao, Hanjun Dai, Adam Doupé, Mayur Naik, Yan Shoshitaishvili, Ruoyu Wang, Aravind Machiry:
TYGR: Type Inference on Stripped Binaries using Graph Neural Networks. USENIX Security Symposium 2024 - [i6]Ziyi Guo, Dang K. Le, Zhenpeng Lin, Kyle Zeng, Ruoyu Wang, Tiffany Bao, Yan Shoshitaishvili, Adam Doupé, Xinyu Xing:
Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation. CoRR abs/2406.02624 (2024) - [i5]Xiang Mei, Pulkit Singh Singaria, Jordi Del Castillo, Haoran Xi, Abdelouahab Benchikh, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé, Hammond Pearce, Brendan Dolan-Gavitt:
ARVO: Atlas of Reproducible Vulnerabilities for Open Source Software. CoRR abs/2408.02153 (2024) - 2023
- [c27]Kyle Zeng, Zhenpeng Lin, Kangjie Lu, Xinyu Xing, Ruoyu Wang, Adam Doupé, Yan Shoshitaishvili, Tiffany Bao:
RetSpill: Igniting User-Controlled Data to Burn Away Linux Kernel Protections. CCS 2023: 3093-3107 - [c26]Marzieh Bitaab, Haehyun Cho, Adam Oest, Zhuoer Lyu, Wei Wang, Jorij Abraham, Ruoyu Wang, Tiffany Bao, Yan Shoshitaishvili, Adam Doupé:
Beyond Phish: Toward Detecting Fraudulent e-Commerce Websites at Scale. SP 2023: 2566-2583 - [c25]Erik Trickel, Fabio Pagani, Chang Zhu, Lukas Dresel, Giovanni Vigna, Christopher Kruegel, Ruoyu Wang, Tiffany Bao, Yan Shoshitaishvili, Adam Doupé:
Toss a Fault to Your Witcher: Applying Grey-box Coverage-Guided Mutational Fuzzing to Detect SQL and Command Injection Vulnerabilities. SP 2023: 2658-2675 - [c24]Hui Jun Tay, Kyle Zeng, Jayakrishna Menon Vadayath, Arvind S. Raj, Audrey Dutcher, Tejesh Reddy, Wil Gibbs, Zion Leonahenahe Basque, Fangzhou Dong, Zack Smith, Adam Doupé, Tiffany Bao, Yan Shoshitaishvili, Ruoyu Wang:
Greenhouse: Single-Service Rehosting of Linux-Based Firmware Binaries in User-Space Emulation. USENIX Security Symposium 2023: 5791-5808 - [i4]Fangzhou Wu, Qingzhao Zhang, Ati Priya Bajaj, Tiffany Bao, Ning Zhang, Ruoyu Wang, Chaowei Xiao:
Exploring the Limits of ChatGPT in Software Security Applications. CoRR abs/2312.05275 (2023) - 2022
- [j1]Penghui Zhang, Adam Oest, Haehyun Cho, Zhibo Sun, RC Johnson, Brad Wardman, Shaown Sarker, Alexandros Kapravelos, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé, Gail-Joon Ahn:
CrawlPhish: Large-Scale Analysis of Client-Side Cloaking Techniques in Phishing. IEEE Secur. Priv. 20(2): 10-21 (2022) - [c23]Haehyun Cho, Jinbum Park, Adam Oest, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé, Gail-Joon Ahn:
ViK: practical mitigation of temporal memory safety violations through object ID inspection. ASPLOS 2022: 271-284 - [c22]Penghui Zhang, Zhibo Sun, Sukwha Kyung, Hans Walter Behrens, Zion Leonahenahe Basque, Haehyun Cho, Adam Oest, Ruoyu Wang, Tiffany Bao, Yan Shoshitaishvili, Gail-Joon Ahn, Adam Doupé:
I'm SPARTACUS, No, I'm SPARTACUS: Proactively Protecting Users from Phishing by Intentionally Triggering Cloaking Behavior. CCS 2022: 3165-3179 - [c21]Sana Habib, Tiffany Bao, Yan Shoshitaishvili, Adam Doupé:
Mitigating Threats Emerging from the Interaction between SDN Apps and SDN (Configuration) Datastore. CCSW 2022: 23-39 - [c20]Faezeh Kalantari, Mehrnoosh Zaeifi, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé:
Context-Auditor: Context-sensitive Content Injection Mitigation. RAID 2022: 431-445 - [c19]Ananta Soneji, Faris Bugra Kokulu, Carlos E. Rubio-Medrano, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé:
"Flawed, but like democracy we don't have a better system": The Experts' Insights on the Peer Review Process of Evaluating Security Papers. SP 2022: 1845-1862 - [c18]Kyle Zeng, Yueqi Chen, Haehyun Cho, Xinyu Xing, Adam Doupé, Yan Shoshitaishvili, Tiffany Bao:
Playing for K(H)eaps: Understanding and Improving Linux Kernel Exploit Reliability. USENIX Security Symposium 2022: 71-88 - [c17]Octavian Suciu, Connor Nelson, Zhuoer Lyu, Tiffany Bao, Tudor Dumitras:
Expected Exploitability: Predicting the Development of Functional Vulnerability Exploits. USENIX Security Symposium 2022: 377-394 - [c16]Jayakrishna Vadayath, Moritz Eckert, Kyle Zeng, Nicolaas Weideman, Gokulkrishna Praveen Menon, Yanick Fratantonio, Davide Balzarotti, Adam Doupé, Tiffany Bao, Ruoyu Wang, Christophe Hauser, Yan Shoshitaishvili:
Arbiter: Bridging the Static and Dynamic Divide in Vulnerability Discovery on Binary Programs. USENIX Security Symposium 2022: 413-430 - [i3]Faezeh Kalantari, Mehrnoosh Zaeifi, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé:
Context-Auditor: Context-sensitive Content Injection Mitigation. CoRR abs/2204.08592 (2022) - 2021
- [c15]Jaswant Pakki, Yan Shoshitaishvili, Ruoyu Wang, Tiffany Bao, Adam Doupé:
Everything You Ever Wanted to Know About Bitcoin Mixers (But Were Afraid to Ask). Financial Cryptography (1) 2021: 117-146 - [c14]Pradeep Kumar Duraisamy Soundrapandian, Tiffany Bao, Jaejong Baek, Yan Shoshitaishvili, Adam Doupé, Ruoyu Wang, Gail-Joon Ahn:
MuTent: Dynamic Android Intent Protection with Ownership-Based Key Distribution and Security Contracts. HICSS 2021: 1-10 - [c13]Sung Ta Dinh, Haehyun Cho, Kyle Martin, Adam Oest, Kyle Zeng, Alexandros Kapravelos, Gail-Joon Ahn, Tiffany Bao, Ruoyu Wang, Adam Doupé, Yan Shoshitaishvili:
Favocado: Fuzzing the Binding Code of JavaScript Engines Using Semantically Correct Test Cases. NDSS 2021 - [c12]Nicola Ruaro, Kyle Zeng, Lukas Dresel, Mario Polino, Tiffany Bao, Andrea Continella, Stefano Zanero, Christopher Kruegel, Giovanni Vigna:
SyML: Guiding Symbolic Execution Toward Vulnerable States Through Pattern Learning. RAID 2021: 456-468 - [c11]Penghui Zhang, Adam Oest, Haehyun Cho, Zhibo Sun, RC Johnson, Brad Wardman, Shaown Sarker, Alexandros Kapravelos, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé, Gail-Joon Ahn:
CrawlPhish: Large-scale Analysis of Client-side Cloaking Techniques in Phishing. SP 2021: 1109-1124 - [c10]Zhibo Sun, Adam Oest, Penghui Zhang, Carlos E. Rubio-Medrano, Tiffany Bao, Ruoyu Wang, Ziming Zhao, Yan Shoshitaishvili, Adam Doupé, Gail-Joon Ahn:
Having Your Cake and Eating It: An Analysis of Concession-Abuse-as-a-Service. USENIX Security Symposium 2021: 4169-4186 - [i2]Octavian Suciu, Connor Nelson, Zhuoer Lyu, Tiffany Bao, Tudor Dumitras:
Expected Exploitability: Predicting the Development of Functional Vulnerability Exploits. CoRR abs/2102.07869 (2021) - [i1]Marzieh Bitaab, Haehyun Cho, Adam Oest, Penghui Zhang, Zhibo Sun, Rana Pourmohamad, Doowon Kim, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé, Gail-Joon Ahn:
Scam Pandemic: How Attackers Exploit Public Fear through Phishing. CoRR abs/2103.12843 (2021) - 2020
- [c9]Efrén López-Morales, Carlos E. Rubio-Medrano, Adam Doupé, Yan Shoshitaishvili, Ruoyu Wang, Tiffany Bao, Gail-Joon Ahn:
HoneyPLC: A Next-Generation Honeypot for Industrial Control Systems. CCS 2020: 279-291 - [c8]Marzieh Bitaab, Haehyun Cho, Adam Oest, Penghui Zhang, Zhibo Sun, Rana Pourmohamad, Doowon Kim, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé, Gail-Joon Ahn:
Scam Pandemic: How Attackers Exploit Public Fear through Phishing. eCrime 2020: 1-10 - [c7]Yanhao Wang, Xiangkun Jia, Yuwei Liu, Kyle Zeng, Tiffany Bao, Dinghao Wu, Purui Su:
Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization. NDSS 2020 - [c6]Haehyun Cho, Jinbum Park, Joonwon Kang, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé, Gail-Joon Ahn:
Exploiting Uses of Uninitialized Stack Variables in Linux Kernels to Leak Kernel Pointers. WOOT @ USENIX Security Symposium 2020
2010 – 2019
- 2019
- [c5]Faris Bugra Kokulu, Ananta Soneji, Tiffany Bao, Yan Shoshitaishvili, Ziming Zhao, Adam Doupé, Gail-Joon Ahn:
Matched and Mismatched SOCs: A Qualitative Study on Security Operations Center Issues. CCS 2019: 1955-1970 - [c4]Zhibo Sun, Carlos E. Rubio-Medrano, Ziming Zhao, Tiffany Bao, Adam Doupé, Gail-Joon Ahn:
Understanding and Predicting Private Interactions in Underground Forums. CODASPY 2019: 303-314 - 2017
- [c3]Tiffany Bao, Yan Shoshitaishvili, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna, David Brumley:
How Shall We Play a Game?: A Game-theoretical Model for Cyber-warfare Games. CSF 2017: 7-21 - [c2]Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, David Brumley:
Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits. IEEE Symposium on Security and Privacy 2017: 824-839 - 2014
- [c1]Tiffany Bao, Jonathan Burket, Maverick Woo, Rafael Turner, David Brumley:
BYTEWEIGHT: Learning to Recognize Functions in Binary Code. USENIX Security Symposium 2014: 845-860
Coauthor Index
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
Unpaywalled article links
Add open access links from to the list of external document links (if available).
Privacy notice: By enabling the option above, your browser will contact the API of unpaywall.org to load hyperlinks to open access articles. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Unpaywall privacy policy.
Archived links via Wayback Machine
For web page which are no longer available, try to retrieve content from the of the Internet Archive (if available).
Privacy notice: By enabling the option above, your browser will contact the API of archive.org to check for archived content of web pages that are no longer available. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Internet Archive privacy policy.
Reference lists
Add a list of references from , , and to record detail pages.
load references from crossref.org and opencitations.net
Privacy notice: By enabling the option above, your browser will contact the APIs of crossref.org, opencitations.net, and semanticscholar.org to load article reference information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Crossref privacy policy and the OpenCitations privacy policy, as well as the AI2 Privacy Policy covering Semantic Scholar.
Citation data
Add a list of citing articles from and to record detail pages.
load citations from opencitations.net
Privacy notice: By enabling the option above, your browser will contact the API of opencitations.net and semanticscholar.org to load citation information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the OpenCitations privacy policy as well as the AI2 Privacy Policy covering Semantic Scholar.
OpenAlex data
Load additional information about publications from .
Privacy notice: By enabling the option above, your browser will contact the API of openalex.org to load additional information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the information given by OpenAlex.
last updated on 2024-10-07 21:22 CEST by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint