[News] (2023) [Award] Thrilled to learn that our CARMEN+ Tier 1 UTC proposal is awarded by USDOT! Excited to leverage this award to keep exploring and addressing cybersecurity challenges in autonomous driving and intelligent transportation systems.
[News] (2023) Excited to be invited by the IEEE Intelligent Transportation Systems Society to serve on the IEEE Emerging Transportation Technology Testing (ET3) Technical Committee! Will leverage this opportunity to contribute to the emerging transportation technology testing methods development and standardization from the security/privacy angles.
[News] (2023) [Award] Huge congratulations to my student Takami Sato for winning the Graduate Dean’s Dissertation Fellowship! This is one of UCI's most distinguished fellowships and only awarded to the top 1-2 students per each school. Well deserved and very proud of you!
[News] (2023) [Award] Huge congratulations to my student Takami Sato for winning the Public Impact Fellowship! This is a highly prestigious fellowship at UCI that is only awarded to top 15 students across all schools. Due to the emphasis on public/societal impacts, it is especially rare for CS student to win it. Very proud of you!
[News] (2022) [Award] Thrilled to annouce that I just received the NSF CAREER award! Excited to leverage this award to keep exploring AI security in the emerging Internet of Autonomous Things (IoAT) such as autonomous cars, drones, and robots.
[News] (2022) Excited to be invited by NIST to serve on the AI panel & focused group on standards & performance metrics development for on-road autonomous vehicles! I am the only invitee on AI security from academia and will leverage this opportunity to contribute to the standard and metric design discussions from the security/privacy angles.
[News] (2021) [Award] Congratulations to Kanglan Tang, an undergraduate student in my group, for receiving the prestigous UCI Chancellor’s Award for Excellence in Undergraduate Research! This award is given to only 1 student per school. Kanglan is extremely excellent with a 1st-author paper published, presented herself, and accepted for demos at multiple academic venues, and also awarded multiple travel grants to top-tier security venues. Look forward to her continued success at UC Berkeley!
[News] (2021) [Award]
Our
undergrad cyberseucrity team Cyber@UCI
finished 5st place nation-wide at
National CCDC, out of 168+
university/college teams in US!
Absolutely a huge achievement for the first time at National. Can't wait for
next year :)
>> News coverage:
UCI Finishes in Top 5 at National Collegiate Cyber Defense Competition
>>
News coverage by Irvine Standard (local news paper):
UCI's cybersecurity club makes history
[News] (2021) [Award] Our
undergrad cyberseucrity team Cyber@UCI won
the 1st place (Gold Medal) at
CCDC Western Regional, and advanced to
National CCDC for the first time!
We beat many strong rivals such as Stanford, UCSD, ASU, and UCR. Super proud of
the team!
>> News coverage:
UCI advances to national cyber defense competition following “historic”
regionals win
[News] (2020) [Award] My
research group ASGuard (Autonomous Systems Guard) won the
champion
(1st place) at
the world's
first Autonomous Driving Security CTF organized by Baidu Security! Was quite
a close game, and we were able to beat 20+ teams! Congratulations to my students Junjie Shen (Captain), Ningfei
Wang, Takami Sato, Ziwen Wan, Yunpeng Luo, and BS Alumni Zeyuan Chen (now at
CMU)!
>> News coverage:
ICS Team Takes 1st Place at Baidu’s AutoDriving Capture the Flag Competition
[News] (2020) [Usenix Security'20] Our paper on the first security analysis of Multi-Sensor Fusion (MSF) based localization in autonomous driving got into Usenix Security'20! Discovered a novel & general attack, FusionRipper, that can fundamenally defeat MSF design principle! Attack demos are in our project website. Earlier version of this work also won the NDSS'19 Distinguished Poster Presentation Award.
[News] (2020) [Usenix Security'20] Our paper on the first general adversarial sensor attack & defense for LiDAR-based perception in autonomous driving got into Usenix Security'20! Discovered a general black-box attack based on LiDAR spoofing, and designed novel physical invariants based defense at both system & DNN model levels! More details in our project website.
[News] (2019) [Award] Our poster "Security of Deep Learning based Lane Keeping Assistance System under Physical-World Adversarial Attack" wins the NDSS 2020 Best Technical Poster Award (top 1/30)! Congratulations to my students Takami, Junjie, and Ningfei! Junjie has been winning NDSS Best Poster Award for 2 consecutive years, bravo!
[News] (2020) [EuroS&P'20] Our paper on the first study of publish-subscribe overprivilege vulnerability in autonomous driving software got into EuroS&P'20! It's the first to discover this new class of domain-specific vulnerability, and contributes not only a novel static detection method but also an efficient & module-transparent defense solution! Website & attack demos coming soon.
[News] (2020) [EuroSys'20] Our paper on the first study of real-world challenges in deploying ML-based smartphone malware detection at market scale got into EuroSys'20 (top-tier conference in computer systems)!
[News] (2020) CTF team from Cyber@UCI placed 4th out of 18 teams in National Collegiate Cyber Defense Competition (CCDC) Qualifiers, and moved on to the Western Region Final! So proud!
[News] (2020) [NDSS'20] Our paper on reverse engineering CAN bus commands using mobile apps got into NDSS'20! It's the first cost-effective (no real car needed) & automatic (no human intervention required) approach for reverse engineering CAN bus commands!
[News] (2019) [ICLR'20] Our paper on the first adversarial physical-world attack against object tracking in autonomous driving got into ICLR'20 (top-tier conference in machine learning)!
[News] (2019) [ICSE'20] Our paper on the first comprehensive study of autonomous driving software bugs got into ICSE'20 (top-tier conference in software engineering)!
[News] (2019) [Usenix Security'20] Our paper on the first security analysis of car IoT dongles got into Usenix Security'20! Identified 5 types of security vulnerabilities that can cause safety threat and car theft, with 4 CVEs newly generated (and more to come)!
[News] (2019) [News Coverage] Our ACM CCS'19 work on attacking LiDAR-based perception in self-driving cars is recognized by Forbes: Five Components Of Autonomous Car Security
[News] (2019) [CCS'19] Our paper on the first effective & light-weight PowerShell deobfuscation and attack detection got into ACM CCS'19!
[News] (2019) [Award] My HotSec'19 talk on self-driving and smart transportation security won 2 out of 4 awards (Most Amusing & Most Engaging)! More details: Professor Chen’s Talk on Self-Driving Security Wins HotSec Awards.
[News] (2019) Please check out the project website and attack demo for our new ACM CCS'19 work on autonomous driving systems security! A collection of our recent research progress in this space is here: Connected and Autonomous Vehicle Systems Security.
[News] (2019) [CCS'19] Our paper on the first security analysis of LiDAR-based perception in autonomous driving got into ACM CCS'19!
[News] (2019) [MobiSys'19*2] Two papers accepted by MobiSys'19! One is about capturing and characterizing emerging fileless IoT malware, and the other is about market-scale detection of UI-based Android malware.
[News] (2019) I am co-chairing the first ACM Workshop on Automotive Cybersecurity (AutoSec) in conjuction with ACM CODASPY 2019, and will give a tutorial on "The Dawn of Systems Security Research in Connected and Automated Vehicles". Please join us on March 27 to build a community on automotive and transportation systems security together!
[News] (2019) [Award] Our poster "Security Analysis of Multi-Sensor Fusion based Localization in Autonomous Vehicles" wins the NDSS 2019 Distinguished Poster Presentation! Congratulations, Junjie!
[News] (2019) [Award] Thrilled to learn that my Ph.D. dissertation is selected to receive the 2018 ProQuest Distinguished Dissertation Award! It recognizes top 10 dissertations across all graduate schools in U of Michigan ranging from science and engineering to archaeology and history.
[News] (2019) My NSF proposal about automated security analysis of emerging smart transportation software is awarded! Excited to keep exploring security problems in emerging Connected and Autonomous Vehicle technology.
[News] (2018) Joined CS@UC-Irvine as a tenure-track assistant professor!
[News] (2018) Please checkout my article in The Conversation about our recent work on software security in emerging smart traffic control!
[News] (2018) [News Coverage] Our NDSS'18 paper on next generation smart transportation systems security is receiving widespread news coverage: The Register, Trend Micro, Naked Security, Slashdot, Bleeping Computer, Smart Cities Dive, Boing Boing, PriusChat, ...
[News] (2018) Please check out the project webpage and the attack video demo for our NDSS'18 work! This website will keep documenting our research progress in Connected and Autonomous Vehicle Security.
[News] (2018) First time attending the Transportation Research Board annual meeting in D.C.! Got in touch with members in Connected Vehicle Pilot Program team in Tampa, FL and reported the problems discovered in our NDSS'18 paper.
[News] (2017) I gave a short talk on our recent work of emerging smart transportation system security in ACM FEAST workshop. The slides can be accessed here.
[News] (2017) Our paper on the first security analysis of the emerging Connected Vehicle (CV) based traffic signal control got into NDSS'18! We find that due to several newly-discovered vulnerabilties, even one single attack vehicle can greatly manipulate the intelligent traffic control algorithm, causing severe traffic jams.
[News] (2017) Our paper on analyzing the vulnerability of traffic signal operations under falsified data attacks got into TRB'18!
[News] (2017) Our position paper on developing systematic and automated protocol customization got into FEAST'17!
[News] (2017) Our paper on the first systematic study of client-side name collision vulnerability got into CCS'17! We find that the name collision problem broadly breaks common security assumptions in internal network services today, causing widespread vulnerability exposure.
[News] (2017) Our Euro S&P'17 are receiving widespread news coverage! Please checkout My TV interview at FOX news, and other coverage in Wired, TechRepublic, Bleeping Computer, and more!
[News] (2017) Our position paper on securing future appified autonoumous vehicle (AV) systems got into IEEE IV'17!
[News] (2017) I am awarded the prestigious Rackham Predoctoral Fellowship to support my security research in smart systems and IoT! Check out the news coverage here. Thanks, Rackham!
[News] (2016) Our paper on securing access control in emerging smart home IoT systems got into NDSS'17!
[News] (2016) Our paper on Android open port usage security got into Euro S&P'17!
[News] (2016) Our paper on analyzing on-device bufferbloat problem got into IMC'16!
[News] (2016) Our WPAD name collision attack paper got into S&P'16! This is a newly-exposed MitM attack vector in the new gTLD era, which can be exploited to launch MitM attack from anywhere on the Internet with only a domain name registration!
[News] (2015) Our paper on new Android UI deception attacks and defenses got into FC'16!
[News] (2015) Our Kratos paper on discovering inconsistent security policy enforcement in Android got into NDSS'16!
[News] (2015) Our PacketGuardian paper got into CCS'15'! Visit our website to see full details of packet injection vulnerabilities we found, covering TCP, RTP, and more!
----Packet injection vulnerability detection is one case of identifying attacker-controlled implicit information leaks, a new class of highly-exploitable implicit information leaks coined by this paper.
[News] (2015) Our VoLTE performance measurement & problem diagnosis paper got into Mobicom'15!
[News] (2015) New 90 sec lightning video for UI state inference attack at 2015 NSF Secure and Trustworthy Cyberspace PIs' Meeting (SaTCPI'15)!
[News] (2014) My UI state inference attack videos attracted more than 60,000 views on YouTube!
[News] (2014) Check out this 60 sec video to know about our UI state inference attack work in Usenix Security'14!
[News] (2014) Our QoE Doctor paper got into IMC'14!
[News] (2014) Our fine-grained & global-scale RRC state analysis paper got into Mobicom'14!
[News] (2014) I just passed the PhD qualification exam and now becomes a PhD candidate!
[News] (2014) Our UI state inference attack paper got into Usenix Security'14!