Debin Gao
Associate Professor
Email: dbgao at smu.edu.sg
Tel: (65) 6828 0969
School of Computing and Information Systems
Singapore Management University
80 Stamford Road
Singapore 178902

Research interests

Mobile security
Software security
Computer security


Conferences to which I'm directly involved

The 19th ACM ASIA Conference on Computer and Communications Security (ACM AsiaCCS 2024)


Prospective students

I'm currently looking for undergraduate and graduate students to work with me. If you are interested, you can send me an email to arrange a meeting.


Employment opportunity

We are hiring research engineers and postdocs for various computer security projects. In particular, candidates with research experience in the following areas are most welcome to apply.

  • Software security, static and dynamic analysis of binaries;
  • Mobile security;
  • Security in cloud.

  • A research engineer needs to have at least a bachelor degree in computer science or related disciplines, and a masters degree is preferred. The postdoc needs to have a PhD degree.

    The positions have an initial contract of one year. Extension to a second year is conditioned on the successful review by the end of the first year. Monthly salary ranges between 2,800 and 5,500 Singapore dollars. We will assist in applying for employment passes for successful candidates. Positions are open until filled. Please contact me if you have any questions.


    Current graduate students

  • ZHANG Zicheng


  • Past graduate students

  • GUPTA Payas (Pindrop)
  • HAN Jin (ByteDance)
  • LI Peng (Vmware)
  • LIN Yan (Jinan University)
  • TEY Chee Meng (DSO)
  • WU Daoyuan (Chinese University of Hong Kong)
  • Selected publications

    Custom Permission Misconfigurations in Android: A Large-Scale Security Analysis
    Rui Li, Wenrui Diao, and Debin Gao
    In Proceedings of the 23rd IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2024), Sanya, China, Nov 2024, to appear

    PeepWith A Mirror: Breaking The Integrity of Android App Sandboxing via Unprivileged Cache Side Channel
    Yan Lin, Joshua Wong, Xiang Li, Haoyu Ma, and Debin Gao
    In Proceedings of the 33rd USENIX Security Symposium (USENIX Security 2024), Philadelphia, USA, Aug 2024

    MtdScout: Complementing the Identification of Insecure Methods in Android Apps via Source-to-Bytecode Signature Generation and Tree-based Layered Search
    Zicheng Zhang, Haoyu Ma, Daoyuan Wu, Debin Gao, Xiao Yi, Yufan Chen, Yan Wu, and Lingxiao Jiang
    In Proceedings of the 9th IEEE European Symposium on Security and Privacy (Euro S&P 2024), Vienna, Austria, July 2024

    Analyzing and Revivifying Function Signature Inference using Deep Learning
    Yan Lin, Trisha Singhal, Debin Gao, and David Lo
    In Proceedings of Empirical Software Engineering (EMSE 2024), May 2024

    MiniMon: Minimizing Android Applications with Intelligent Monitoring-Based Debloating
    Jiakun Liu, Zicheng Zhang, Xing Hu, Ferdian Thung, Shahar Maoz, Debin Gao, Eran Toch, Zhipeng Zhao, and David Lo
    In Proceedsings of the 46th International Conference on Software Engineering (ICSE 2024), Lisbon, Portugal, April 2024

    Beyond a Joke: Dead Code Elimination Can Delete Live Code
    Haoxin Tu, Lingxiao Jiang, Debin Gao, and He Jiang
    In Proceedsings of the 46th International Conference on Software Engineering: New Ideas and Emerging Results (ICSE-NIER 2024), Lisbon, Portugal, April 2024

    Towards Speedy Permission-Based Debloating for Android Apps
    Ferdian Thung, Jiakun Liu, Pattarakrit Rattanukul, Shahar Maoz, Eran Toch, Debin Gao, and David Lo
    In Proceedsings of the 11th International Conference on Mobile Software Engineering and Systems (MOBILESoft 2024), Lisbon, Portugal, April 2024

    TypeSqueezer: When Static Recovery of Function Signatures for Binary Executables Meets Dynamic Analysis
    Ziyi Lin, Jinku Li, Bowen Li, Haoyu Ma, Debin Gao, and Jianfeng Ma
    In Proceedings of the 30th ACM Conference on Computer and Communications Security (CCS 2023), Copenhagen, Denmark, Nov 2023

    AutoDebloater: Automated Android App Debloating
    Jiakun Liu, Xing Hu, Ferdian Thung, Shahar Maoz, Eran Toch, Debin Gao, and David Lo
    In Proceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering (ASE 2023), Luxembourg, Sep 2023

    Sparsity Brings Vulnerabilities: Exploring New Metrics in Backdoor Attacks
    Jianwen Tian, Kefan Qiu, Debin Gao, Zhi Wang, Xiaohui Kuang, and Gang Zhao
    In Proceedings of the 32nd USENIX Security Symposium (USENIX Security 2023), Anaheim, USA, Aug 2023

    BinAlign: Alignment Padding Based Compiler Provenance Recovery
    Maliha Ismail), Yan Lin, DongGyun Han, and Debin Gao
    In Proceedings of the 28th Australasian Conference on Information Security and Privacy (ACISP 2023), Brisbane, Australia, Jul 2023

    FA^3: Fine-Grained Android Application Analysis
    Yan Lin, Joshua Wong, and Debin Gao
    In Proceedings of the 24th International Workshop on Mobile Computing Systems and Applications (HotMobile 2023), Orange County, USA, Feb 2023

    UIPDroid: Unrooted Dynamic Monitor of Android App UIs for Fine-Grained Permission Control
    Mulin Duan, Lingxiao Jiang, Lwin Khin Shar, and Debin Gao
    In Proceedsings of the 44th International Conference on Software Engineering (ICSE 2022), Pittsburgh, USA, May 2022

    Chosen-Instruction Attack Against Commercial Code Virtualization Obfuscators
    Shijia Li, Chunfu Jia, Pengda Qiu, Qiyuan Chen, Jiang Ming, and Debin Gao
    In Proceedings of the Network and Distributed System Security (NDSS) Symposium 2022, San Diego, USA, April 2022

    ReSIL: Revivifying Function Signature Inference using Deep Learning with Domain-Specific Knowledge
    Yan Lin, Debin Gao, and David Lo
    In Proceedings of the 12th ACM Conference on Data and Application Security and Privacy (CODASPY 2022), Baltimore, USA, Apr 2022

    On the Usability (In)Security of In-App Browsing Interfaces in Mobile Apps
    Zicheng Zhang, Daoyuan Wu, Lixiang Li, and Debin Gao
    In Proceedings of the 24th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2021), San Sebastian, Spain, October 2021

    An Exploratory Study of Social Support Systems to Help Older Adults in Managing Mobile Safety
    Tamir Mendel, Debin Gao, David Lo, and Eran Toch
    In Proceedings of the ACM International Conference on Mobile Human-Computer Interaction (Mobile HCI 2021), September 2021

    Active Warden Attack: On the (In)Effectiveness of Android App Repackage-Proofing
    Haoyu Ma, Shijia Li, Debin Gao, Daoyuan Wu, Qiaowen Jia, and Chunfu Jia
    In IEEE Transactions on Dependable and Secure Computing (TDSC), July 2021

    Secure Repackage-Proofing Framework for Android Apps using Collatz Conjecture
    Haoyu Ma, Shijia Li, Debin Gao, and Chunfu Jia
    In IEEE Transactions on Dependable and Secure Computing (TDSC), June 2021

    On the Effectiveness of Using Graphics Interrupt as a Side Channel for User Behavior Snooping
    Haoyu Ma, Jianwen Tian, Debin Gao, and Chunfu Jia
    In IEEE Transactions on Dependable and Secure Computing (TDSC), June 2021

    When Program Analysis Meets Bytecode Search: Targeted and Efficient Inter-procedural Analysis of Modern Android Apps in BackDroid
    Daoyuan Wu, Debin Gao, Robert H. Deng, and Rocky K. C. Chang
    In Proceedings of the 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021), Jun 2021

    When Function Signature Recovery Meets Compiler Optimization
    Yan Lin and Debin Gao
    In Proceedings of the 42nd IEEE Symposium on Security and Privacy (Oakland 2021), May 2021

    Scalable Online Vetting of Android Apps for Measuring Declared SDK Versions and Their Consistency with API Calls
    Daoyuan Wu, Debin Gao, and David Lo
    In Proceedings of Empirical Software Engineering (EMSE 2021), Jan 2021

    Deep-Learning-Based App Sensitive Behavior Surveillance for Android Powered Cyber-Physical Systems
    Haoyu Ma, Jianwen Tian, Kefan Qiu, David Lo, Debin Gao, Daoyuan Wu, Chunfu Jia, and Thar Baker
    In Proceedings of IEEE Transactions on Industrial Informatics (TII 2020), November 2020

    Walls Have Ears: Eavesdropping User Behaviors via Graphics-Interrupt-Based Side Channel
    Haoyu Ma, Jianwen Tian, Debin Gao, Chunfu Jia
    In Proceedings of the 23rd International Conference on Information Security (ISC 2020), November 2020

    AppMoD: Helping Older Adults Manage Mobile Security with Online Social Help
    Zhiyuan Wan, Lingfeng Bao, Debin Gao, Eran Toch, Xin Xia, Tamir Mendel, and David Lo
    In Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies (IMWUT 2019, Issue 4), September 2020

    SplitSecond: Flexible Privilege Separation of Android Apps
    Jehyun Lee, Akshaya Venkateswara Raja, and Debin Gao
    In Proceedings of the 17th International Conference on Privacy, Security and Trust (PST 2019), Fredericton, NB, Canada, August 2019

    Control-Flow Carrying Code
    Yan Lin, Xianyang Cheng, and Debin Gao
    In Proceedings of the 14th ACM ASIA Conference on Computer and Communications Security (ASIACCS 2019), Auckland, New Zealand, July 2019

    Towards Understanding Android System Vulnerabilities: Techniques and Insights
    Daoyuan Wu, Debin Gao, Eric K. T. Cheng, Yichen Cao, Jintao Jiang, and Robert H. Deng
    In Proceedings of the 14th ACM ASIA Conference on Computer and Communications Security (ASIACCS 2019), Auckland, New Zealand, July 2019

    An Empirical Study of Mobile Network Behavior and Application Performance in the Wild
    Shiwei Zhang, Weichao Li, Daoyuan Wu, Bo Jin, Rocky K. C. Chang, Debin Gao, Yi Wang, and Ricky K. P. Mok
    In Proceedings of the IEEE/ACM International Symposium on Quality of Service (IWQOS 2019), Phoenix, AZ, USA, June 2019

    DynOpVm: VM-based Software Obfuscation with Dynamic Opcode Mapping
    Xiaoyang Cheng, Yan Lin, Debin Gao, and Chunfu Jia
    In 17th International Conference on Applied Cryptography and Network Security (ACNS 2019), Bogota, Colombia, June 2019

    Understanding Open Ports in Android Applications: Discovery, Diagnosis, and Security Assessment
    Daoyuan Wu, Debin Gao, Rocky K. C. Chang, En He, Eric K. T. Cheng, and Robert H. Deng
    In Proceedings of the 26th Annual Network & Distributed System Security Symposium (NDSS 2019), San Diego, CA, USA, February 2019

    Towards Mining Comprehensive Android Sandboxes
    Tien-Duy B. Le, Lingfeng Bao, David Lo, Debin Gao, and Li Li
    In Proceedings of the 23rd International Conference on Engineering of Complex Computer Systems (ICECCS 2018), Melbourne, Australia, December 2018

    Towards Dynamically Monitoring Android Applications on Non-rooted Devices in the Wild
    Xiaoxiao Tang, Yan Lin, Daoyuan Wu, and Debin Gao
    In Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2018), Stockholm, Sweden, June 2018

    SCLib: A Practical and Lightweight Defense against Component Hijacking in Android Applications
    Daoyuan Wu, Yao Cheng, Debin Gao, Yingjiu Li, and Robert Deng
    In Proceedings of the 8th ACM Conference on Data and Application Security and Privacy (CODASPY 2018), Tempe, AZ, USA, Feburary 2018

    On-Demand Time Blurring to Support Side-Channel Defense
    Weijie Liu, Debin Gao, and Michael K. Reiter
    In Proceedings of the 22nd European Symposium on Research in Computer Security (ESORICS 2017), Oslo, Norway, September 2017

    On Return Oriented Programming Threats in Android Runtime
    Akshaya Venkateswara Raja, Jehyun Lee and Debin Gao
    In Proceedings of Privacy, Security, and Trust 2017 (PST 2017), Calgary, Canada, August 2017

    MopEye: Opportunistic Monitoring of Per-app Mobile Network Performance
    Daoyuan Wu, Rocky K. C. Chang, Weichao Li, Eric K. T. Cheng, and Debin Gao
    In Proceedings of the 2017 USENIX Annual Technical Conference (USENIX ATC 2017), Santa Clara, California, USA, July 2017

    SafeStack+: Enhanced Dual Stack to Combat Data-Flow Hijacking
    Yan Lin, Xiaoxiao Tang, and Debin Gao
    In Proceedings of the 22nd Australasian Conference on Information Security and Privacy (ACISP 2017), Auckland, New Zealand, July 2017

    Measuring the Declared SDK Versions and Their Consistency with API Calls in Android Apps
    Daoyuan Wu, Ximing Liu, Jiayun Xu, David Lo, and Debin Gao
    In Proceedings of the 12th International Conference on Wireless Algorithms, Systems, and Applications (WASA 2017), Guilin, China, June 2017

    On the effectiveness of code-reuse-based Android application obfuscation
    Xiaoxiao Tang, Yu Liang, Xinjie Ma, Yan Lin, and Debin Gao
    In Proceedings of the 19th Annual International Conference on Information Security and Cryptology (ICISC 2016), Seoul, Korea, December 2016

    A novel covert channel detection method in cloud based on XSRM and improved event association algorithm
    Lina Wang, Weijie Liu, Neeraj Kumar, Debiao He, Cheng Tan, and Debin Gao
    In Security and Communication Networks, October 2016

    Control Flow Integrity Enforcement with Dynamic Code Optimization
    Yan Lin, Xiaoxiao Tang, Debin Gao and Jianming Fu
    In Proceedings of the 19th Information Security Conference (ISC 2016), Honolulu, USA, September 2016

    MobiPot: Understanding Mobile Telephony Threats with Honeycards
    Marco Balduzzi, Payas Gupta, Lion Gu, Debin Gao and Mustaque Ahamad
    In Proceedings of the 11th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2016), Xi'an, China, May 2016

    Integrated Software Fingerprinting via Neural-Network-Based Control Flow Obfuscation
    Haoyu Ma, Ruiqi Li, Xiaoxu Yu, Chunfu Jia and Debin Gao
    In IEEE Transactions on Information Forensics & Security (TIFS), Apr 2016

    MopEye: Monitoring Per-app Network Performance with Zero Measurement Traffic
    Daoyuan Wu, Weichao Li, Rocky K. C. Chang and Debin Gao
    In Proceedings of the 11th International Conference on emerging Networking EXperiments and Technologies (CoNEXT 2015), Heidelberg, Germany, December 2015

    Stack Layout Randomization with Minimal Rewriting of Android Binaries
    Yu Liang, Xinjie Ma, Daoyuan Wu, Xiaoxiao Tang, Debin Gao, Guojun Peng, Chunfu Jia and Huanguo Zhang
    In Proceedings of the 18th annual International Conference on Information Security and Cryptology (ICISC 2015), Seoul, Korea, November 2015

    Replica Placement for Availability in the Worst Case
    Peng Li, Debin Gao and Mike Reiter
    In Proceedings of the 35th International Conference on Distributed Computing Systems (ICDCS 2015), Columbus, Ohio, USA, June 2015

    Software Watermarking using Return-Oriented Programming
    Haoyu Ma, Kangjie Lu, Xinjie Ma, Haining Zhang, Chunfu Jia and Debin Gao
    In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2015), Singapore, April 2015

    Android or iOS for Better Privacy Protection?
    Jin Han, Qiang Yan, Debin Gao, Jiangying Zhou and Robert Deng
    In Proceedings of the International Conference on Secure Knowledge Mangagement in Big-data era (SKM 2014), Dubai, United Arab Emirates, December 2014, invited paper

    StopWatch: A Cloud Architecture for Timing Channel Mitigation
    Peng Li, Debin Gao and Michael K. Reiter
    In ACM Transactions on Information and System Security (TISSEC), November 2014

    Control Flow Obfuscation using Neural Network to Fight Concolic Testing
    Haoyu Ma, Xinjie Ma, Weijie Liu, Zhipeng Huang, Debin Gao and Chunfu Jia
    In Proceedings of the 10th International Conference on Security and Privacy in Communication Networks (SecureComm 2014), Bejing, China, September 2014

    RopSteg: Program Steganography with Return Oriented Programming
    Kangjie Lu, Siyang Xiong and Debin Gao
    In Proceedings of the 4th ACM Conference on Data and Application Security and Privacy (CODASPY 2014), San Antonio, TX, USA, Mar 2014

    Keystroke Biometrics: the user perspective
    Chee Meng Tey, Payas Gupta, Karthik Muralidharan and Debin Gao
    In Proceedings of the 4th ACM Conference on Data and Application Security and Privacy (CODASPY 2014), San Antonio, TX, USA, Mar 2014

    Defending against heap overflow by using randomization in nested virtual clusters
    Chee Meng Tey and Debin Gao
    In Proceedings of the 15th International Conference on Information and Communications Security (ICICS 2013), Beijing, China, November 2013

    Launching generic attacks on iOS with approved third-party applications
    Jin Han, Mon Kywe Su, Qiang Yan, Feng Bao, Huijie Robert Deng, Debin Gao, Yingjiu Li, and Jianying Zhou
    In Proceedings of the 11th International Conference on Applied Cryptography and Network Security (ACNS2013), Banff, Alberta, Canada, June 2013

    Keystroke Timing Analysis of on-the-fly Web Apps
    Chee Meng Tey, Payas Gupta, Debin Gao and Yan Zhang
    In Proceedings of the 11th International Conference on Applied Cryptography and Network Security (ACNS 2013), Banff, Alberta, Canada, June 2013

    Mitigating Access-Driven Timing Channels in Clouds using StopWatch
    Peng Li, Debin Gao and Michael K. Reiter
    In Proceedings of the 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2013), Budapest, Hungary, June 2013

    Your Love is Public Now: Questioning the use of Personal Information in Authentication
    Payas Gupta, Swapna Gottipati, Jing Jiang and Debin Gao
    In Proceedings of the 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2013), Hangzhou, China, May 2013

    Comparing Mobile Privacy Protection through Cross-Platform Applications
    Jin Han, Qiang Yan, Debin Gao, Jianying Zhou and Robert Deng
    In Proceedings of the 20th Annual Network & Distributed System Security Symposium (NDSS 2013), San Diego, CA, USA, February 2013

    I Can Be You: Questioning the Use of Keystroke Dynamics as Biometrics
    Chee Meng Tey, Payas Gupta and Debin Gao
    In Proceedings of the 20th Annual Network & Distributed System Security Symposium (NDSS 2013), San Diego, CA, USA, February 2013, best paper award

    iBinHunt: Binary Hunting with Inter-Procedural Control Flow
    Jiang Ming, Meng Pan and Debin Gao
    In Proceedings of the 15th Annual International Conference on Information Security and Cryptology (ICISC 2012), Seoul, Korea, December 2012

    OTO: Online Trust Oracle for User-Centric Trust Establishment
    Tiffany Hyun-Jin Kim, Payas Gupta, Jun Han, Emmanuel Owusu, Jason Hong, Adrian Perrig and Debin Gao
    In Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS 2012), Raleigh, NC, USA, October 2012

    Learning Fine-Grained Structured Input for Memory Corruption Detection
    Lei Zhao, Debin Gao and Lina Wang
    In Proceedings of the 15th Information Security Conference (ISC 2012), Passau, Germany, September 2012

    Active Malware Analysis using Stochastic Games
    Simon Williamson, Pradeep Varakantham, Debin Gao and Chen Hui Ong
    In Proceedings of the 11th International Conference on Autonomous Agents and Multiagent Systems (AAMAS 2012), Valencia, Spain, June 2012

    Coercion Resistance in Authentication Responsibility Shifting
    Payas Gupta, Xuhua Ding and Debin Gao
    In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2012), Seoul, Korea, May 2012

    Human: Creating Memorable Fingerprints of Mobile Users
    Payas Gupta, Tan Kiat Wee, Narayan Ramasubbu, David Lo, Debin Gao, and Krishna Balan
    In Proceedings of the 10th IEEE International Conference on Pervasive Computing and Communications (PerCom 2012), Lugano, Switzerland, March 2012

    deRop: Removing Return-Oriented Programming from Malware
    Kangjie Lu, Dabi Zou and Debin Gao
    In Proceedings of the 27th Annual Computer Security Applications Conference (ACSAC 2011), Orlando, Florida, USA, December 2011

    Launching Return-Oriented Programming Attacks against Randomized Relocatable Executables
    Limin Liu, Jin Han, Debin Gao, Jiwu Jing, and Daren Zha
    In Proceedings of the 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2011), Changsha, China, November 2011

    Towards Ground Truthing Observations in Gray-Box Anomaly Detection
    Jiang Ming, Haibin Zhang and Debin Gao
    In Proceedings of the 5th International Conference on Network and System Security (NSS 2011), Milan, Italy, September 2011

    On Detection of Erratic Arguments
    Jin Han, Qiang Yan, Robert H. Deng and Debin Gao
    In Proceedings of the 7th International Conference on Security and Privacy in Communication Networks (SecureComm 2011), London, United Kingdom, September 2011

    Linear Obfuscation to Combat Symbolic Execution
    Zhi Wang, Jiang Ming, Chunfu Jia and Debin Gao
    In Proceedings of the 16th European Symposium on Research in Computer Security (ESORICS 2011), Leuven, Belgium, September 2011

    Packed, Printable, and Polymorphic Return-Oriented Programming
    Kangjie Lu, Dabi Zou, Weiping Wen and Debin Gao
    In Proceedings of the 14th International Symposium on Recent Advances in Intrusion Detection (RAID 2011), Menlo Park, California, USA, September 2011

    Revisiting Address Space Randomization
    Zhi Wang, Renquan Cheng and Debin Gao
    In Proceedings of the 13th Annual International Conference on Information Security and Cryptology (ICISC 2010), Seoul, Korea, December 2010

    A Multi-User Steganographic File System on Untrusted Shared Storage
    Jin Han, Meng Pan, Debin Gao and HweeHwa Pang
    In Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC 2010), Austin, Texas, USA, December 2010

    On Challenges in Evaluating Malware Clustering
    Peng Li, Limin Liu, Debin Gao and Michael K. Reiter
    In Proceedings of the 13th International Symposium on Recent Advances in Intrusion Detection (RAID 2010), Ottawa, Ontario, Canada, September 2010

    Fighting Coercion Attacks in Key Generation using Skin Conductance
    Payas Gupta and Debin Gao
    In Proceedings of the 19th USENIX Security Symposium (USENIX Security 2010), Washington, DC, USA, August 2010

    Denial-of-Service Attacks on Host-Based Generic Unpackers
    Limin Liu, Jiang Ming, Zhi Wang, Debin Gao and Chunfu Jia
    In Proceedings of the 11th International Conference on Information and Communications Security (ICICS 2009), Beijing, China, December 2009

    Automatically Adapting a Trained Anomaly Detector to Software Patches
    Peng Li, Debin Gao and Michael K. Reiter
    In Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection (RAID 2009), Saint-Malo, Brittany, France, September 2009

    On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities
    Jin Han, Debin Gao and Robert H. Deng
    In Proceedings of the 6th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2009), Milan, Italy, July 2009

    Beyond Output Voting: Detecting Compromised Replicas using HMM-based Behavioral Distance
    Debin Gao, Michael K. Reiter and Dawn Song
    In IEEE Transactions on Dependable and Secure Computing (TDSC), April 2009

    Bridging the Gap between Data-flow and Control-flow Analysis for Anomaly Detection
    Peng Li, Hyundo Park, Debin Gao and Jianming Fu
    In Proceedings of the 24th Annual Computer Security Applications Conference (ACSAC 2008), Anaheim, California, USA, December 2008

    BinHunt: Automatically Finding Semantic Differences in Binary Programs
    Debin Gao, Michael K. Reiter and Dawn Song
    In Proceedings of the 10th International Conference on Information and Communications Security (ICICS 2008), pages 238-255, Birmingham, UK, October 2008

    Distinguishing between FE and DDoS using Randomness Check
    Hyundo Park, Peng Li, Debin Gao, Heejo Lee and Robert H. Deng
    In Proceedings of the 11th Information Security Conference (ISC 2008), Taipei, September 2008

    Behavioral Distance Measurement Using Hidden Markov Models
    Debin Gao, Michael K. Reiter and Dawn Song
    In Proceedings of the 9th International Symposium on Recent Advances in Intrusion Detection (RAID 2006), Hamburg, Germany, September 2006

    Behavioral Distance for Intrusion Detection
    Debin Gao, Michael K. Reiter and Dawn Song
    In Proceedings of the 8th International Symposium on Recent Advances in Intrusion Detection (RAID 2005), Seattle, WA, USA, September 2005

    Gray-Box Extraction of Execution Graphs for Anomaly Detection
    Debin Gao, Michael K. Reiter and Dawn Song
    In Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS 2004), pages 318-329, Washington, DC, USA, October 2004

    On Gray-Box Program Tracking for Anomaly Detection
    Debin Gao, Michael K. Reiter and Dawn Song
    In Proceedings of the 13th USENIX Security Symposium (USENIX Security 2004), pages 103-118, San Diego, CA, USA, August 2004