Guofei Gu
YOU?
Author Swipe
View article: LLMs in Software Security: A Survey of Vulnerability Detection Techniques and Insights
LLMs in Software Security: A Survey of Vulnerability Detection Techniques and Insights Open
Large Language Models (LLMs) are emerging as transformative tools for software vulnerability detection. Traditional methods, including static and dynamic analysis, face limitations in efficiency, false-positive rates, and scalability with …
View article: GuardianPWA: Enhancing Security Throughout the Progressive Web App Installation Lifecycle
GuardianPWA: Enhancing Security Throughout the Progressive Web App Installation Lifecycle Open
Progressive Web App (PWA) installation is critical for integrating web and mobile app functionalities, offering a seamless user experience. However, ensuring the security of the PWA installation lifecycle is essential for maintaining user …
View article: Demystifying Progressive Web Application Permission Systems
Demystifying Progressive Web Application Permission Systems Open
Progressive Web Applications (PWAs) blend the advantages of web and native apps, offering features like offline access, push notifications, and installability. Beyond these, modern PWAs are increasingly granted system-level capabilities su…
View article: All You Need Is A Fuzzing Brain: An LLM-Powered System for Automated Vulnerability Detection and Patching
All You Need Is A Fuzzing Brain: An LLM-Powered System for Automated Vulnerability Detection and Patching Open
Our team, All You Need Is A Fuzzing Brain, was one of seven finalists in DARPA's Artificial Intelligence Cyber Challenge (AIxCC), placing fourth in the final round. During the competition, we developed a Cyber Reasoning System (CRS) that a…
View article: PromptSleuth: Detecting Prompt Injection via Semantic Intent Invariance
PromptSleuth: Detecting Prompt Injection via Semantic Intent Invariance Open
Large Language Models (LLMs) are increasingly integrated into real-world applications, from virtual assistants to autonomous agents. However, their flexibility also introduces new attack vectors-particularly Prompt Injection (PI), where ad…
View article: LLMs in Software Security: A Survey of Vulnerability Detection Techniques and Insights
LLMs in Software Security: A Survey of Vulnerability Detection Techniques and Insights Open
Large Language Models (LLMs) are emerging as transformative tools for software vulnerability detection, addressing critical challenges in the security domain. Traditional methods, such as static and dynamic analysis, often falter due to in…
View article: Towards Understanding Crypto-Asset Risks on Ethereum Caused by Key Leakage on the Internet
Towards Understanding Crypto-Asset Risks on Ethereum Caused by Key Leakage on the Internet Open
In public blockchains, leaking secret keys can cause the permanent loss of crypto assets. It is imperative to understand the illicit activities on blockchains related to leaked keys. This paper presents the first measurement study that unc…
View article: #DM-Me: Susceptibility to Direct Messaging-Based Scams
#DM-Me: Susceptibility to Direct Messaging-Based Scams Open
In an emerging scam on social media platforms, cyber-miscreants are luring users into sending them a direct-message (DM) and are subsequently exploiting the messaging channel. We term this attack approach as the DM-Me scam. We report on a …
View article: Mew: Enabling Large-Scale and Dynamic Link-Flooding Defenses on Programmable Switches
Mew: Enabling Large-Scale and Dynamic Link-Flooding Defenses on Programmable Switches Open
Link-flooding attacks (LFAs) can cut off the Internet connection to selected server targets and are hard to mitigate because adversaries use normal-looking and low-rate flows and can dynamically adjust the attack strategy. Traditional cent…
View article: Enhancing Security in SDN: Systematizing Attacks and Defenses from a Penetration Perspective
Enhancing Security in SDN: Systematizing Attacks and Defenses from a Penetration Perspective Open
Software-Defined Networking (SDN) has manifested both its bright and dark sides so far. On the one hand, it has been advocated by research communities and industry for its open nature and programmability. Every stakeholder, such as researc…
View article: Systematizing Attacks and Defenses in Software-Defined Networking: A Survey
Systematizing Attacks and Defenses in Software-Defined Networking: A Survey Open
Software-Defined Networking (SDN) has manifested both its bright and dark sides so far. On the one hand, it has been advocated by research communities and industry for its open nature and programmability. Every stakeholder, such as researc…
View article: ExAD: An Ensemble Approach for Explanation-based Adversarial Detection
ExAD: An Ensemble Approach for Explanation-based Adversarial Detection Open
Recent research has shown Deep Neural Networks (DNNs) to be vulnerable to adversarial examples that induce desired misclassifications in the models. Such risks impede the application of machine learning in security-sensitive domains. Sever…
View article: Practical Speech Re-use Prevention in Voice-driven Services
Practical Speech Re-use Prevention in Voice-driven Services Open
Voice-driven services (VDS) are being used in a variety of applications ranging from smart home control to payments using digital assistants. The input to such services is often captured via an open voice channel, e.g., using a microphone,…
View article: Unexpected Data Dependency Creation and Chaining: A New Attack to SDN
Unexpected Data Dependency Creation and Chaining: A New Attack to SDN Open
Software-Defined Networking (SDN) is an emerging network architecture that provides programmable networking through a logically centralized controller. As SDN becomes more prominent, its security vulnerabilities become more evident than ev…
View article: MinerGate: A Novel Generic and Accurate Defense Solution Against Web Based Cryptocurrency Mining Attacks
MinerGate: A Novel Generic and Accurate Defense Solution Against Web Based Cryptocurrency Mining Attacks Open
Web-based cryptocurrency mining attacks, also known as cryptojacking, become increasingly popular. A large number of diverse platforms (e.g., Windows, Linux, Android, and iOS) and devices (e.g., PC, smartphones, tablets, and even critical …
View article: When Match Fields Do Not Need to Match: Buffered Packets Hijacking in SDN
When Match Fields Do Not Need to Match: Buffered Packets Hijacking in SDN Open
Software-Defined Networking (SDN) greatly meets the need in industry for programmable, agile, and dynamic networks by deploying diversified SDN applications on a centralized controller.However, SDN application ecosystem inevitably introduc…
View article: Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches
Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches Open
Distributed Denial-of-Service (DDoS) attacks have become a critical threat to the Internet.Due to the increasing number of vulnerable Internet of Things (IoT) devices, attackers can easily compromise a large set of nodes and launch highvol…
View article: Guest Editors’ Introduction: Special Section on Security in Emerging Networking Technologies
Guest Editors’ Introduction: Special Section on Security in Emerging Networking Technologies Open
The papers in this special section examine security in emerging networking technologies. Network infrastructure is undergoing a major shift away from ossified hardware-based networks to programmable software-based networks. One compelling …
View article: Life after Speech Recognition: Fuzzing Semantic Misinterpretation for Voice Assistant Applications
Life after Speech Recognition: Fuzzing Semantic Misinterpretation for Voice Assistant Applications Open
Popular Voice Assistant (VA) services such as Amazon Alexa and Google Assistant are now rapidly appifying their platforms to allow more flexible and diverse voice-controlled service experience.However, the ubiquitous deployment of VA devic…
View article: vNIDS
vNIDS Open
Traditional Network Intrusion Detection Systems (NIDSes) are generally implemented on vendor proprietary appliances or middleboxes with poor versatility and flexibility. Emerging Network Function Virtualization (NFV) and Software-Defined N…
View article: Mobile Application Web API Reconnaissance: Web-to-Mobile Inconsistencies & Vulnerabilities
Mobile Application Web API Reconnaissance: Web-to-Mobile Inconsistencies & Vulnerabilities Open
Modern mobile apps use cloud-hosted HTTP-based API services and heavily rely on the Internet infrastructure for data communication and storage. To improve performance and leverage the power of the mobile device, input validation and other …
View article: Study and Mitigation of Origin Stripping Vulnerabilities in Hybrid-postMessage Enabled Mobile Applications
Study and Mitigation of Origin Stripping Vulnerabilities in Hybrid-postMessage Enabled Mobile Applications Open
PostMessage is popular in HTML5 based web apps to allow the communication between different origins. With the increasing popularity of the embedded browser (i.e., WebView) in mobile apps (i.e., hybrid apps), postMessage has found utility i…
View article: Uncovering HTTP Header Inconsistencies and the Impact on Desktop/Mobile Websites
Uncovering HTTP Header Inconsistencies and the Impact on Desktop/Mobile Websites Open
The paradigm shift to a mobile-first economy has seen a drastic increase in mobile-optimized websites that in many cases are derived from their desktop counterparts. Mobile website design is often focused on performance optimization rather…
View article: Automated Generation of Event-Oriented Exploits in Android Hybrid Apps
Automated Generation of Event-Oriented Exploits in Android Hybrid Apps Open
Recently more and more Android apps integrate the embedded browser, known as "WebView", to render web pages and run JavaScript code without leaving these apps.WebView provides a powerful feature that allows event handlers defined in the na…