Tiffany Bao
Tiffany Bao
Verified email at
Cited by
Cited by
ByteWeight: Learning to Recognize Functions in Binary Code
T Bao, J Burket, M Woo, R Turner, D Brumley
USENIX Security, 845-860, 2014
Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization
Y Wang, X Jia, Y Liu, K Zeng, T Bao, D Wu, P Su
The Network and Distributed System Security Symposium, 2020
Matched and mismatched SOCs: A qualitative study on security operations center issues
FB Kokulu, A Soneji, T Bao, Y Shoshitaishvili, Z Zhao, A Doupé, GJ Ahn
Proceedings of the 2019 ACM SIGSAC conference on computer and communications …, 2019
Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits
T Bao, R Wang, Y Shoshitaishvili, D Brumley
38th IEEE Symposium on Security and Privacy, 2017
CrawlPhish: Large-scale Analysis of Client-side Cloaking Techniques in Phishing
P Zhang, A Oest, H Cho, Z Sun, RC Johnson, B Wardman, S Sarker, ...
IEEE Symposium on Security and Privacy, 2021
HoneyPLC: A Next-Generation Honeypot for Industrial Control Systems
E López-Morales, C Rubio-Medrano, A Doupé, Y Shoshitaishvili, R Wang, ...
Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications …, 2020
Favocado: Fuzzing the Binding Code of JavaScript Engines Using Semantically Correct Test Cases.
ST Dinh, H Cho, K Martin, A Oest, K Zeng, A Kapravelos, GJ Ahn, T Bao, ...
NDSS, 2021
Scam Pandemic: How Attackers Exploit Public Fear through Phishing
M Bitaab, H Cho, A Oest, P Zhang, Z Sun, R Pourmohamad, D Kim, T Bao, ...
Symposium on Electronic Crime Research, 2020
Expected exploitability: Predicting the development of functional vulnerability exploits
O Suciu, C Nelson, Z Lyu, T Bao, T Dumitraș
31st USENIX Security Symposium (USENIX Security 22), 377-394, 2022
How Shall We Play a Game: A Game-Theoretical Model for Cyber-warfare Games
T Bao, Y Shoshitaishvili, R Wang, C Kruegel, G Vigna, D Brumley
30th IEEE Computer Security Foundations Symposium, 2017
SoK: Everything You Ever Wanted to Know About Bitcoin Mixers (But Were Afraid to Ask)
J Pakki, Y Shoshitaishvili, R Wang, T Bao, A Doupé
Financial Cryptography and Data Security, 2021
Understanding and predicting private interactions in underground forums
Z Sun, CE Rubio-Medrano, Z Zhao, T Bao, A Doupé, GJ Ahn
Proceedings of the Ninth ACM Conference on Data and Application Security and …, 2019
Exploiting Uses of Uninitialized Stack Variables in Linux Kernels to Leak Kernel Pointers
H Cho, J Park, J Kang, T Bao, R Wang, Y Shoshitaishvili, A Doupé, ...
14th USENIX Workshop on Offensive Technologies, 2020
Having Your Cake and Eating It: An Analysis of Concession-Abuse-as-a-Service.
Z Sun, A Oest, P Zhang, CE Rubio-Medrano, T Bao, R Wang, Z Zhao, ...
USENIX Security Symposium, 4169-4186, 2021
Playing for {K (H) eaps}: Understanding and Improving Linux Kernel Exploit Reliability
K Zeng, Y Chen, H Cho, X Xing, A Doupé, Y Shoshitaishvili, T Bao
31st USENIX Security Symposium (USENIX Security 22), 71-88, 2022
Type-based Dynamic Taint Analysis Technology
L Chen, J Zhuge, F Tian, T Bao, X Lu
Tsinghua Science and Technology Journal, 2012
ViK: practical mitigation of temporal memory safety violations through object ID inspection
H Cho, J Park, A Oest, T Bao, R Wang, Y Shoshitaishvili, A Doupé, ...
Proceedings of the 27th ACM International Conference on Architectural …, 2022
Arbiter: Bridging the Static and Dynamic Divide in Vulnerability Discovery on Binary Programs
J Vadayath, M Eckert, K Zeng, N Weideman, GP Menon, Y Fratantonio, ...
31st USENIX Security Symposium (USENIX Security 22), 413-430, 2022
Mutent: Dynamic android intent protection with ownership-based key distribution and security contracts
DSP Kumar, J Baek, T Bao, Y Shoshitaishvili, AL Doupe, R Wang, GJ Ahn
54th Annual Hawaii International Conference on System Sciences, HICSS 2021 …, 2021
Toss a fault to your witcher: Applying grey-box coverage-guided mutational fuzzing to detect sql and command injection vulnerabilities
E Trickel, F Pagani, C Zhu, L Dresel, G Vigna, C Kruegel, R Wang, T Bao, ...
2023 IEEE Symposium on Security and Privacy (SP), 116-133, 2022
The system can't perform the operation now. Try again later.
Articles 1–20