b
b

Welcome!

 

Xusheng Xiao

Assistant Professor
Department of Computer and Data Sciences
Case School of Engineering
Case Western Reserve University
Office: Olin 506
Phone: 216.368.0755
Email: xusheng.xiao [AT] case.edu

Short Bio [Publications][Google Scholar][DBLP]

My general research interests span between software engineering and computer security, with the focus on making software and computer systems more Reliable, Intelligent, Secure, and Efficient (RISE)Specially, our lab is working on the research in mobile app security, system/enterprise security, blockchain security, automated software testing, program analysis, and bug detection.

Our lab develops Hyper Service, the first interoperability blockchain platform with programmability and strong security guarantees. It is open sourced at Github. See the paper at CCS' 19

Our lab develops effective and scalable techniques that extract mobile app behaviors from different perspectives by analyzing multiple types of artifacts, including app code, app descriptions, API documents, app meta-data, and graphical user interfaces (GUI). Our work in mobile security was selected as one of the top ten finalists for CSAW Best Applied Security Paper Award 2015, and produced a static analysis tool that was deployed in TouchDevelop of Microsoft Research.  Check out our open sourced tools for AppContext, WHYPER. See our papers at ASE'12, USENIX Security'13, ICSE'15, ASEJ'15, USENIX Security'15ICSE’19, CCS'19.

Our lab developes security data analytics techniques that automatically identify the causes and impacts of attacks and query systems that enable attack investigation using system audit data. Our work in attack investigation was selected as one of the top ten finalists for CSAW Best Applied Security Paper Award 2018. The security intelligence solution built by our team won first place in the Town Life and Society Innovation Category at CEATEC Award. Check out our project websites at AIQL, SAQL. See our papers at VLDB'16, CCS'16, USENIX ATC'18, USENIX Security'18, CCS' 18, ICDE'20.

Our lab develops static program analysis techniques and dynamic symbolic execution techniques to improve software testing (ICSE'2011, ASE'13, ICSE'16 Edu, DSN'18, HotMobile' 19), bug detection (ISSTA'14, FSE Demo'17), and software performance (ISSTA'13, RTAS'19). Our lab also develops text analysis techniques to improve access control policy extraction (FSE'12, ACSAC'14) and precondition extraction from API documents (ICSE'12). Our work in software testing received ICSE SRC Best Project Representing an Innovative Use of Microsoft Technology at ACM SRC Grand Final 2012. Check out our open sourced tools for Covana, APIInfer.

I received my Ph.D. in Computer Science from North Carolina State University, advised by Prof. Tao Xie and Prof. Laurie Williams. I was a visiting student at University of Illinois at Urbana-Champaign for 2013-2014. You can find more details about my research here.

News

  • 12/2019: Congratulations to my NEC intern Jiaping Gui! Our paper "APTrace: A Responsive System for Agile Enterprise Level Causality Analysis" is accepted in the industry and application track of ICDE 2020.
  • 9/2019: Congratulations to my student Shao Yang and collaborators! Our paper "DeepIntent: Deep Icon-Behavior Learning for Detecting Intention-Behavior Discrepancy in Mobile Apps" on exploring the synergy between deep learning and program analysis for enhancing mobile app security is accepted in CCS 2019
  • 8/2019: Congratulations to my student Changlin Liu and collaborators! Our paper "Root Cause Localization for Unreproducible Builds via Causality Analysis over System Call Tracing" is accepted in ASE 2019.
  • 8/2019: Congratulations to my collaborators! Our paper "Characterizing Android App Signing Issues" is accepted in ASE 2019.
  • 8/2019: Congratulations to my NEC intern Jiaping Gui! Our paper "Progressive Processing of System Behavioral Query" is accepted in ACSAC 2019.
  • 7/2019: Congratulations to my student Jian Shi and collaborators! Our first blockchain paper "HyperService: Interoperability and Programmability across Heterogeneous Blockchains" on interoperability platform with programmability and strong security guarantees is accepted in CCS 2019
  • 5/2019: Congratulations to my NEC intern Peng Gao! Our demo paper "A Query System for Efficiently Investigating Complex Attack Behaviors for Enterprise Security" has been accepted in VLDB 2019.
  • 1/2019: Congratulations to my collaborators! Our paper "Paladin: Automated Generation of Reproducible Test Cases for Android Apps" has been accepted in HotMobile 2019.
  • 12/2018: Congratulations to my students Hanlin Wang and Zhihao Cao and collaborators! Our paper "IconIntent: Automatic Identification of Sensitive UI Widgets based on Icon Classification for Android Apps" is acceted in ICSE 2019.
  • 12/2018: Congratulations to my collaborators!Our paper "Paladin: Automated Generation of Reproducible Test Cases for Android Apps" is accepted in HotMobile 2019.
  • 12/2018: Congratulations to my collaborators! Our paper "PIFA: An Intelligent Phase Identification and Frequency Adjustment Framework for Time-Sensitive Mobile Computing" has been accepted in RTAS 2019.
  • 11/2018: Congratulations to my NEC intern Peng Gao! Our papers "AIQL: Enabling Efficient Attack Investigation from System Monitoring Data" and "SAQL: A Stream-based Query System for Real-Time Abnormal System Behavior Detection" are selected to present by Peng Gao at IBM Programming Language Day, 2018.
  • 7/2018: Congratulations to my collaborators! Our paper "NodeMerge: Template Based Efficient Data Reduction For Big-Data Causality Analysis" is accepted in CCS 2018.
  • 5/2018: Congratulations to my NEC intern Peng Gao and collaborators! Our paper "SAQL: A Stream-based Query System for Real-Time Abnormal System Behavior Detection" is accepted in USENIX Security 2018.
  • 4/2018: Congratulations to my NEC intern Peng Gao and collaborators! Our paper "AIQL: Enabling Efficient Attack Investigation from System Monitoring Data" is accepted in USENIX ATC 2018.
  • 4/2018: Congratulations to my undergraduate student Taylor Smith! SOURCE Award for undergraduate summer research (sole PI).
  • 3/2018: Congratulations to my collaborators! Our paper "PreInfer: Automatic Inference of Preconditions via Symbolic Analysis" is accepted in DSN 2018.
  • 12/2017: The National Science Foundation (NSF) CRII Award CCF-1755772 (sole PI)
  • 12/2017: Congratulations to my collaborators! Our paper "Are Vulnerabilities Discovered and Resolved like Other Defects?" is accepted to the journal first paper track at ICSE 2018.
  • 9/2017: Samsung Global Research Outreach Award (PI, News)
  • 8/2017: Congratulations to my collaborators! Our paper "Are Vulnerabilities Discovered and Resolved like Other Defects?" is accepted to Empirical Software Engineering, one of the top 3 software engineering journals.
  • 7/2017: Congratulations to my collaborators! Our demo paper "RunDroid: Recovering Excution Call Graph for Android Applications" is accepted to FSE 2017!
  • 4/2017: Presented a Tutorial at HotSoS 2017.
  • 2/2017: Joined Case Western Reserve University as an Assistant Professor

Teaching

  • Spring 2018, 2019, 2020: Smartphone Security
  • Fall 2018: Computer Security
  • Fall 2017, 2019: Introduction to Database Systems