b
b

Xusheng Xiao's Homepage

 

Xusheng Xiao

Assistant Professor
Department of Computer and Data Sciences
Case School of Engineering
Case Western Reserve University
Office: Olin 506
Phone: 216.368.0755
Email: xusheng.xiao [AT] case.edu  

 

Short Bio [Publications][Google Scholar][DBLP]

Xusheng Xiao is an Assistant Professor in the Department of Computer and Data Sciences at Case Western Reserve University. His general research interests span between software engineering and computer security, with the focus on making software and computer systems more Reliable, Intelligent, Secure, and Efficient (RISE). Specifically, his lab is working on the research in mobile app security, system/enterprise security, blockchain security, automated software testing, program analysis, and bug detection. He is a recipient of the NSF CAREER Award for 2021. His collaboration work with industries (NEC and Microsoft) has been granted 6 US patents. His research is supported by NSF, DoE, and Samsung. 

Xusheng received his Ph.D. in Computer Science from North Carolina State University, advised by Prof. Tao Xie and Prof. Laurie Williams. He was a visiting student at University of Illinois at Urbana-Champaign for 2013-2014. More details about his research can be found here.


Research Projects

RISE lab develops effective and scalable techniques that extract mobile app behaviors from different perspectives by analyzing multiple types of artifacts, including app code, app descriptions, API documents, app meta-data, and graphical user interfaces (GUI). Our work in mobile security was selected as one of the top ten finalists for CSAW Best Applied Security Paper Award 2015, and produced a static analysis tool that was deployed in TouchDevelop of Microsoft Research.  Check out our open sourced tools for AppContext, WHYPER. See our papers at ASE'12, USENIX Security'13, ICSE'15, ASEJ'15, USENIX Security'15ICSE’19, CCS'19, ICSE'21. The recent work DeepIntent (CCS'19) that detects intention-behavior discrepancies using the synergy of program analysis and deep learning releases the code and the complete dataset (including example dataset) at Github.

RISE lab developes system security techniques that automatically identify the causes and impacts of attacks and query systems that enable attack investigation using system audit data. Our work in attack investigation was selected as one of the top ten finalists for CSAW Best Applied Security Paper Award 2018. The security intelligence solution built by our team won first place in the Town Life and Society Innovation Category at CEATEC Award. Check out our project websites at AIQL, SAQL. See our papers at VLDB'16, CCS'16, USENIX ATC'18, USENIX Security'18, CCS' 18, ICDE'20, ICDE'21.

RISE lab develops Hyper Service, the first interoperability blockchain platform with programmability and strong security guarantees. It is open sourced at Github. See the paper at CCS' 19

RISE lab develops static program analysis techniques and dynamic symbolic execution techniques to improve software testing (ICSE'2011, ASE'13, ICSE'16 Edu, DSN'18, HotMobile' 19), bug detection (ISSTA'14, FSE Demo'17), and software performance (ISSTA'13, RTAS'19). Our lab also develops text analysis techniques to improve access control policy extraction (FSE'12, ACSAC'14) and precondition extraction from API documents (ICSE'12). Our work in software testing received ICSE SRC Best Project Representing an Innovative Use of Microsoft Technology at ACM SRC Grand Final 2012. Check out the open sourced tools for Covana, APIInfer.


News

  • 4/2021: Congratulations to my students Fei Shao and Rui Xu and my collaborators! Our paper "WebEvo: Taming Web Application Evolution via Detecting Semantic Structure Change" has been accepted in ISSTA 2021!
  • 4/2021: Congratulations to my students Jian Shi and my collaborators! Our paper "Make Web3.0 Connected - A Perspective from Interoperability and Programmability across Blockchains" has been accepted to TDSC!
  • 2/2021: I am really excited to receive the NSF CAREER Award! Thank you, NSF!
  • 2/2021: Congratulations to my student Fei Shao and my collaborators! Our paper "Enabling Efficient Cyber Threat Hunting With Cyber Threat Intelligence" has been accepted in ICDE 2021!
  • 2/2021: Congratulations to my collaborators. Our US patent applications "System and method for detecting security risks in a computer system" have been granted. 
  • 1/2021: Congratulations to my student Fei Shao and my collaborators! Our demo paper "A System for Efficiently Hunting for Cyber Threats in Computer Systems Using Threat Intelligence" has been accepted in ICDE 2021!
  • 1/2021: Congratulations to my collaborators. Our US patent applications "Progressive processing for querying system behavior" have been granted. 
  • 12/2020: Congratulations to my student Tiantong Ji and my collaborators! Our paper "CHAMP: Characterizing Undesired App Behaviors from User Comments based on Market Policies" has been accepted in ICSE 2021!
  • 12/2020: Congratulations to Jiaping, Peng Gao, and my collaborators. Our US patent applications "Risky behavior query construction and execution" and "Security monitoring with progressive behavioral query language databases" have been granted. 
  • 8/2020: Our proposal (news, school daily news) was awarded by National Science Foundation (NSF). Thank you, NSF!
  • 8/2020: Congratulations to my collaborators! Our paper "Metagraph Aggregated Heterogeneous Graph Neural Network for Illicit Traded Product Identification in Underground Market" has been accepted in ICDM 2020.
  • 2/2020: Congratulations to my collaborators! Our demo paper "DroidMutator: An Effective Mutation Analysis Tool for Android Applications" has been accepted in ICSE 2020.
  • 1/2020: Congratulations to my collaborators! Our demo paper "Querying Streaming System Monitoring Data for Enterprise System Anomaly Detection" has been accepted in ICDE 2020.
  • 12/2019: Congratulations to my NEC intern Jiaping Gui! Our paper "APTrace: A Responsive System for Agile Enterprise Level Causality Analysis" is accepted in the industry and application track of ICDE 2020.
  • 9/2019: Congratulations to my student Shao Yang and collaborators! Our paper "DeepIntent: Deep Icon-Behavior Learning for Detecting Intention-Behavior Discrepancy in Mobile Apps" on exploring the synergy between deep learning and program analysis for enhancing mobile app security is accepted in CCS 2019
  • more...

Teaching

  • Spring 2021: Software Engineering
  • Spring 2018-2021: Smartphone Security
  • Fall 2018, 2020: Computer Security
  • Fall 2017, 2019: Introduction to Database Systems