Xusheng Xiao

Assistant Professor
Department of Electrical Engineering & Computer Science
Case School of Engineering
Case Western Reserve University
Office: Olin 506
Phone: 216.368.0755
Email: xusheng.xiao [AT] case.edu

Short Bio [Publications][Google Scholar][DBLP]

My general research interests span between software engineering and computer security, with the focus on making software and computer systems more Reliable, Intelligent, Secure, and Efficient (RISE).

I developed effective and scalable techniques that extract mobile app behaviors from different perspectives by analyzing multiple types of artifacts, including app code, app descriptions, API documents, app meta-data, and graphical user interfaces (GUI). My work in mobile security was selected as one of the top ten finalists for CSAW Best Applied Security Paper Award 2015, and produced a static analysis tool that was deployed in TouchDevelop of Microsoft Research.  See my papers at ASE'12, USENIX Security'13, ICSE'15, ASEJ'15, USENIX Security'15, ICSE’19.

I developed security data analytics techniques that automatically identify the causes and impacts of attacks and query systems that enable attack investigation using system audit data. My work in attack investigation was selected as one of the top ten finalists for CSAW Best Applied Security Paper Award 2018. The security intelligence solution built by our team won first place in the Town Life and Society Innovation Category at CEATEC Award. See my papers at VLDB'16, CCS'16, USENIX ATC'18, USENIX Security'18, CCS' 18.

I developed static program analysis techniques and dynamic symbolic execution techniques to improve software testing (ICSE'2011, ASE'13, ICSE'16 Edu, DSN'18, HotMobile' 19), bug detection (ISSTA'14), and performance (ISSTA'13, RTAS'19). I also developed text analysis techniques to improve access control policy extraction (FSE'12, ACSAC'14) and precondition extraction from API documents (ICSE'12). My work in software testing received ICSE SRC Best Project Representing an Innovative Use of Microsoft Technology at ACM SRC Grand Final 2012

I received my Ph.D. in Computer Science from North Carolina State University, advised by Prof. Tao Xie and Prof. Laurie Williams. I was a visiting student at University of Illinois at Urbana-Champaign for 2013-2014. You can find more details about my research here.


  • 12/2018: Our paper "IconIntent: Automatic Identification of Sensitive UI Widgets based on Icon Classification for Android Apps" is acceted in ICSE 2019.
  • 12/2018: Our paper "Paladin: Automated Generation of Reproducible Test Cases for Android Apps" is accepted in HotMobile 2019.
  • 11/2018: Our papers "AIQL: Enabling Efficient Attack Investigation from System Monitoring Data" and "SAQL: A Stream-based Query System for Real-Time Abnormal System Behavior Detection" are selected to present by Peng Gao at IBM Programming Language Day, 2018.
  • 7/2018: Our paper "NodeMerge: Template Based Efficient Data Reduction For Big-Data Causality Analysis" is accepted in CCS 2018.
  • 5/2018: Our paper "SAQL: A Stream-based Query System for Real-Time Abnormal System Behavior Detection" is accepted in USENIX Security 2018.
  • 4/2018: Our paper "AIQL: Enabling Efficient Attack Investigation from System Monitoring Data" is accepted in USENIX ATC 2018.
  • 4/2018: SOURCE Award for undergraduate summer research (sole PI).
  • 3/2018: Our paper "PreInfer: Automatic Inference of Preconditions via Symbolic Analysis" is accepted in DSN 2018.
  • 12/2017: The National Science Foundation (NSF) CRII Award CCF-1755772 (sole PI)
  • 12/2017: Our paper "Are Vulnerabilities Discovered and Resolved like Other Defects?" is accepted to the journal first paper track at ICSE 2018.
  • 9/2017: Samsung Global Research Outreach Award (PI, News)
  • 8/2017: Our paper "Are Vulnerabilities Discovered and Resolved like Other Defects?" is accepted to Empirical Software Engineering, one of the top 3 software engineering journals.
  • 7/2017: Our demo paper "RunDroid: Recovering Excution Call Graph for Android Applications" is accepted to FSE 2017!
  • 4/2017: Presented a Tutorial at HotSoS 2017.
  • 2/2017: Joined Case Western Reserve University as an Assistant Professor


  • Spring 2019: Smartphone Security
  • Fall 2018: Computer Security
  • Spring 2018: Smartphone Security
  • Fall 2017: Introduction to Database Systems