Full Papers in Top-tier Venues (147), CCF-A Research Track (133), CSRankings (110), Best/Distinguished Paper Award (7)
(s) the student/RA/postdoc I advised or co-advised during the work
When Updates Backfire: A Black-Box Security Analysis of Desktop Software Update Mechanisms
Jie Wan(s)#, Pengcheng Xia(s)#, and Haoyu Wang*
The 35th USENIX Security Symposium
PDF
Mapping the Landscape of LLM Deployment in the Wild: Prevalence, Patterns, and Perils
Xinyi Hou(s)#, Jiahao Han(s)#, Yanjie Zhao(s), Shenao Wang(s) and Haoyu Wang*
SIGMETRICS 2026
PDF
Doxing-as-a-Service: Demystifying the Chinese Online Doxing Ecosystem
Yiran Gao(s), Pengcheng Xia(s), Liu Wang(s), Tianming Liu(s) and Haoyu Wang
WWW 2026
PDF
WalleTruth: Visual-oriented Software Testing for Web3 Wallet Browser Extensions
Xiaohui Hu(s), Ningyu He*, and Haoyu Wang*
FSE 2026
PDF
Not All RAGs Are Created Equal: A Component-Wise Empirical Study for Software Engineering Tasks
Qiang Ke(s), Yanjie Zhao(s), Hongjin Leng, Shengming Zhao and Haoyu Wang
FSE 2026
PDF
YASA: Scalable Multi-Language Taint Analysis on the Unified AST at Ant Group
Yayi Wang, Shenao Wang(s), Jian Zhao(s), Shaosen Shi, Ting Li, Yan Cheng, Lizhong Bian, Kan Yu*, Yanjie Zhao(s), and Haoyu Wang*
FSE 2026 Industry Track
PDF
An Empirical Analysis of Rust Integration in Android Open Source Project
Yinte Fan(s), Chao Wang(s), Zikan Dong(s), Tianming Liu(s), and Haoyu Wang
FSE 2026 Industry Track
PDF
TaintP2X: Detecting Taint-Style Prompt-to-Anything Injection Vulnerabilities in LLM-Integrated Applications
Junjie He(s)#, Shenao Wang(s)#, Yanjie Zhao(s), Xinyi Hou(s), Zhao Liu, Quanchen Zou, and Haoyu Wang*
ICSE 2026
PDF
VDBFuzz: Understanding and Detecting Crash Bugs in Vector Database Management Systems
Shenao Wang(s)#, Zhao Liu#, Yanjie Zhao(s), Quanchen Zou*, and Haoyu Wang*
ICSE 2026
PDF
NotDec: WebAssembly Decompilation With Inter-Procedural Type Recovery
Jikai Wang(s), Ningyu He*, Tianming Liu(s), Junhai Wang(s), and Haoyu Wang*
ICSE 2026
PDF
Understanding DevOps Security of Google Workspace Apps
Liuhuo Wan, Chuan Yan, Zicong Liu, Haoyu Wang, and Guangdong Bai
ICSE 2026
PDF
Beyond Correctness: Exposing LLM-generated Logical Flaws in Reasoning via Multi-step Automated Theorem Proving
Xinyi Zheng(s), Ningke Li, Xiaokun Luan, Kailong Wang, Ling Shi, Meng Sun, Haoyu Wang
ICSE 2026
PDF
MazeBreaker: Multi-Agent Reinforcement Learning for Dynamic Jailbreaking of LLM Security Defenses
Zhihao Lin, Wei Ma, Mingyi Zhou, Yanjie Zhao(s), Haoyu Wang, Yang Liu, Jun Wang, and Li Li
ICSE 2026
PDF
Acoda: Adversarial Code Obfuscation for Defending against LLM-based Analysis
Hongzhou Rao(s), Zikan Dong(s), Yanjie Zhao(s), Haodong Li(s), and Haoyu Wang
ICSE 2026 Industry Challenge Track
PDF
Model Context Protocol (MCP): Landscape, Security Threats, and Future Research Directions
Xinyi Hou(s), Yanjie Zhao(s), Shenao Wang(s), and Haoyu Wang*
ACM Transactions on Software Engineering and Methodology (TOSEM)
PDF
On the (In)Security of LLM App Stores
Xinyi Hou(s)#, Yanjie Zhao(s)#, and Haoyu Wang*
The 46th IEEE Symposium on Security and Privacy (Oakland'25)
PDF
Born with a Silver Spoon: On the (In)Security of Native Granted App Privileges in Custom Android ROMs
Chao Wang(s)#, Yanjie Zhao(s)#, and Haoyu Wang*
The 46th IEEE Symposium on Security and Privacy (Oakland'25)
PDF
A Big Step Forward? A User-Centric Examination of iOS App Privacy Report and Enhancements
Liu Wang(s), Dong Wang(s), Shidong Pan, Zheng Jiang, Haoyu Wang, Yi Wang
The 46th IEEE Symposium on Security and Privacy (Oakland'25)
PDF
Following Devils' Footprint: Towards Real-time Detection of Price Manipulation Attacks
Bosi Zhang(s), Ningyu He(s)*, Xiaohui Hu(s), Kai Ma(s), and Haoyu Wang*
USENIX Security 2025
PDF
VoiceWukong: Benchmarking Deepfake Voice Detection
Ziwei Yan(s)#, Yanjie Zhao(s)#, and Haoyu Wang*
USENIX Security 2025
PDF
Parcel Mismatch Demystified: Addressing a Decade-Old Security Challenge in Android
Sheng Cao(s), Hao Zhou, Songzhou Shi, Yanjie Zhao(s), and Haoyu Wang*
ACM CCS 2025
PDF
Needle in a Haystack: Automated and Scalable Vulnerability Hunting in the Windows ALPC Sea
Haoyi Liu(s), Feng Dong, Yunpeng Tian(s), Mu Zhang, Xuefeng Li, Fangming Gu, Zhiniang Peng and Haoyu Wang
ACM CCS 2025
PDF
Error Messages to Fuzzing: Detecting XPS Parsing Vulnerabilities in Windows Printing Components
Yunpeng Tian(s), Feng Dong, Junhai Wang(s), Mu Zhang, Zhiniang Peng*, Zesen Ye, Xiapu Luo, and Haoyu Wang*
ACM CCS 2025
PDF
Be Careful of What You Embed: Demystifying OLE Vulnerabilities
Yunpeng Tian(s)#, Feng Dong#, Haoyi Liu(s), Meng Xu, Zhiniang Peng, Zesen Ye, Shenghui Li, Xiapu Luo, and Haoyu Wang
NDSS 2025
PDF
Cybersquatting in Web3: The Case of NFT
Kai Ma(s), Ningyu He(s)*, Jintao Huang(s), Bosi Zhang(s), Ping Wu, and and Haoyu Wang*
The 10th IEEE European Symposium on Security and Privacy (EuroS&P 2025)
PDF
On the (In)Security of Non-resettable Device Identifiers in Custom Android Systems
Zikan Dong(s)#, Liu Wang(s)#, Guoai Xu and Haoyu Wang*
ASE 2025
PDF
TensorGuard: Gradient-Based Model Fingerprinting for LLM Similarity Detection and Family Classification
Zehao Wu(s)#, Yanjie Zhao(s)#, and Haoyu Wang*
ASE 2025
PDF
Demystifying Cookie Sharing Risks in WebView-based Mobile App-in-app Ecosystems
Miao Zhang, Shenao Wang(s), Guilin Zheng, Yanjie Zhao(s), and Haoyu Wang*
ASE 2025
PDF
HarmoBridge: Bridging ArkTS and C/C++ for Cross-Language Static Analysis on HarmonyOS
Jiale Wu(s)#, Jiapeng Deng(s)#, Yanjie Zhao(s), Li Li, and Haoyu Wang
ASE 2025 Industry
PDF
ApkArmor: Low-Cost Lightweight Anti-Decompilation Techniques for Android Apps
Jiayang Liu(s)#, Yanjie Zhao(s)#, Pengcheng Xia(s), and Haoyu Wang*
ASE 2025 Industry
PDF
A Characterization Study of Bugs in LLM Agent Workflow Orchestration Frameworks
Ziluo Xue(s)#, Yanjie Zhao(s)#, Shenao Wang(s), Kai Chen* and Haoyu Wang*
ASE 2025 Industry
PDF
SCOPE: Evaluating and Enhancing Permission Explanation Transparency in Mobile Apps
Liu Wang(s), Tianshu Zhou, Haoyu Wang, Xiyuan Liu, Yi Wang
ASE 2025 Industry
PDF
The Gold Digger in the Dark Forest: Industrial-Scale MEV Analysis in Ethereum
Ningyu He(s), Tianyang Chi(s), Xiaohui Hu(s), Haoyu Wang*
ASE 2025 Industry
PDF
Enhancing Semantic Understanding in Pointer Analysis Using Large Language Models
Baijun Cheng, Kailong Wang, Ling Shi, Haoyu Wang, Yao Guo, Ding Li, Xiangqun Chen
International Workshop on Language Models and Programming Languages (LMPL) at SPLASH 2025
PDF
DeclarUI: Bridging Design and Development with Automated Declarative UI Code Generation
Ting Zhou(s)#, Yanjie Zhao(s)#, Xinyi Hou(s), Xiaoyu Sun, Kai Chen*, and Haoyu Wang*
FSE 2025
PDF
LLMDroid: Enhancing Automated Mobile App GUI Testing Coverage with Large Language Model Guidance
Chenxu Wang(s)#, Tianming Liu(s)#, Yanjie Zhao(s), Minghui Yang, and Haoyu Wang*
FSE 2025
PDF
Mitigating Emergent Malware Label Noise in DNN-Based Android Malware Detection
Haodong Li(s)#, Xiao Cheng#, Guohan Zhang*, Guosheng Xu, Guoai Xu and Haoyu Wang*
FSE 2025
PDF
LLM App Squatting and Cloning
Yinglin Xie(s)#, Xinyi Hou(s)#, Yanjie Zhao(s), Kai Chen*, Haoyu Wang*
FSE 2025, Industry Track
PDF
The Promise and Pitfalls of WebAssembly: Perspectives from the Industry
Ningyu He(s), Shangtong Cao(s), Haoyu Wang, Yao Guo, Xiapu Luo
FSE 2025, Industry Track
PDF
Are iOS Apps Immune to Abusive Advertising Practices?
Tianming Liu(s), Jiapeng Deng(s), Yanjie Zhao(s), Xiao Chen, Xiaoning Du, Li Li, Haoyu Wang
FSE 2025, Industry Track
PDF
AI Model Genome
Yanjie Zhao(s), and Haoyu Wang*
The 1st Workshop on Software Genomics (SWGeno'25), co-located with FSE 2025
PDF
Walls Have Ears: Demystifying Notification Listener Usage in Android Apps
Jiapeng Deng(s)#, Tianming Liu(s)#, Yanjie Zhao(s), Chao Wang(s), Lin Zhang and Haoyu Wang*
ISSTA 2025
PDF
Understanding Model Weaknesses: A Path to Strengthening DNN-Based Android Malware Detection
Haodong Li(s)#, Xiao Cheng*, Yanjie Zhao(s), Guosheng Xu, Guoai Xu, and Haoyu Wang*
ISSTA 2025
PDF
OpDiffer: LLM-Assisted Opcode-Level Differential Testing of Ethereum Virtual Machine
Jie Ma(s), Ningyu He(s), Jinwen Xi, Mingzhe Xing, Haoyu Wang, Ying Gao, Yinliang Yue
ISSTA 2025
PDF
Piecing Together the Jigsaw Puzzle of Transactions on Heterogeneous Blockchain Networks
Xiaohui Hu(s), Hang Feng, Pengcheng Xia(s), Gareth Tyson, Lei Wu, Yajin Zhou and Haoyu Wang*
ACM SIGMETRICS 2025
PDF
Beyond App Markets: Demystifying Underground Mobile App Distribution Via Telegram
Yanhui Guo, Dong Wang(s), Liu Wang(s), Yongsheng Fang, Chao Wang(s), Minghui Yang, Tianming Liu*(s) and Haoyu Wang*
ACM SIGMETRICS 2025
PDF
TacDroid: Detection of Illicit Apps through Hybrid Analysis of UI-based Transition Graphs
Yanchen Lu, Hongyu Lin, Zehua He, Haitao Xu, Zhao Li, Shuai Hao, Liu Wang(s), Haoyu Wang, Kui Ren
ICSE 2025
PDF
Decoding Secret Memorization in Code LLMs Through Token-Level Characterization
Yuqing Nie, Chong Wang, Kailong Wang, Guoai Xu, Guosheng Xu, and Haoyu Wang
ICSE 2025
PDF
Understanding the Effectiveness of Coverage Criteria for Large Language Models: A Special Angle from Jailbreak Attacks
Shide Zhou(s), Tianlin Li, Kailong Wang, Yihao Huang, Ling Shi, Yang Liu and Haoyu Wang
ICSE 2025
PDF
CKGFuzzer: LLM-Based Fuzz Driver Generation Enhanced By Code Knowledge Graph
Hanxiang Xu(s)#, Wei Ma#, Ting Zhou(s), Yanjie Zhao(s)*, Kai Chen, Qiang Hu, Yang Liu, Haoyu Wang
ICSE 2025, Industry Challenge Track
Best Paper AWARD
PDF
CodeMorph: Mitigating Data Leakage in Large Language Model Assessment
Hongzhou Rao(s), Yanjie Zhao(s)*, Wenjie Zhu(s), Ling Xiao, Meizhen Wang, Haoyu Wang
ICSE 2025, Industry Challenge Track
PDF
CommitShield: Tracking Vulnerability Introduction and Fix in Version Control Systems
Zhaonan Wu(s), Yanjie Zhao(s)*, Chen Wei*, Zirui Wan(s), Yue Liu, Haoyu Wang
ICSE 2025, Industry Challenge Track
PDF
ClauseBench: Enhancing Software License Analysis with Clause-Level Benchmarking
Qiang Ke(s)#, Xinyi Hou(s)#, Yanjie Zhao(s)*, Haoyu Wang
ICSE 2025, Industry Challenge Track
PDF
GPT Store Mining and Analysis
Dongxun Su(s)#, Yanjie Zhao(s)#, Xinyi Hou(s), Shenao Wang(s), Haoyu Wang*
InternetWare 2025
PDF
Exploring Typo Squatting Threats in the Hugging Face Ecosystem
Ningyuan Li(s), Yanjie Zhao(s), Shenao Wang(s), Zehao Wu(s), Haoyu Wang
InternetWare 2025
PDF
Seeing is (Not) Believing: The Mirage Card Attack Targeting Online Social Networks
Wangchenlu Huang(s), Shenao Wang(s), Yanjie Zhao(s), Tianxiang Wang, Yuhao Gao, Guosheng Xu, Haoyu Wang
InternetWare 2025
PDF
Measuring and Explaining the Effects of Android App Transformations in Online Malware Detection
Guozhu Meng, Zhixiu Guo, Xiaodong Zhang, Haoyu Wang, Kai Chen, Yang Liu
InternetWare 2025
PDF
Research on WebAssembly Runtimes: A Survey
Yixuan Zhang(s), Mugeng Liu, Haoyu Wang*, Yun Ma*, Gang Huang, Xuanzhe Liu
ACM Transactions on Software Engineering and Methodology (TOSEM)
PDF
Pitfalls in Language Models for Code Intelligence: A Taxonomy and Survey
Xinyu She(s)#, Yue Liu#, Yanjie Zhao(s), Yiling He, Li Li, Chakkrit Tantithamthavorn, Zhan Qin, Haoyu Wang*
ACM Transactions on Software Engineering and Methodology (TOSEM)
PDF
SPOLRE: Semantic Preserving Object Layout Reconstruction for Image Captioning System Testing
Yi Liu, Guanyu Wang, Xinyi Zheng, Gelei Deng, Kailong Wang, Yang Liu, and Haoyu Wang
ACM Transactions on Software Engineering and Methodology (TOSEM)
PDF
NeuSemSlice: Towards Effective DNN Model Maintenance via Neuron-level Semantic Slicing
Shide Zhou(s), Tianlin Li, Yihao Huang, Ling Shi, Kailong Wang, Yang Liu, Haoyu Wang
ACM Transactions on Software Engineering and Methodology (TOSEM)
PDF
DrWASI: LLM-assisted Differential Testing for WebAssembly System Interface Implementations
Yixuan Zhang(s), Ningyu He(s), Jianting Gao(s), Shangtong Cao(s), Kaibo Liu, Haoyu Wang, Yun Ma, Gang Huang, Xuanzhe Liu
ACM Transactions on Software Engineering and Methodology (TOSEM)
Selected for FSE 2025 journal-first presentation
PDF
MiniScope: Automated UI Exploration and Privacy Inconsistency Detection of MiniApps via Two-phase Iterative Hybrid Analysis
Shenao Wang(s), Yuekang Li, Kailong Wang*, Yi Liu, Hui Li, Yang Liu, Haoyu Wang*
ACM Transactions on Software Engineering and Methodology (TOSEM)
Selected for FSE 2025 journal-first presentation
PDF
Large Language Models for Cyber Security: A Systematic Literature Review
Hanxiang Xu(s), Shenao Wang(s), Ningke Li(s), Kailong Wang*, Yanjie Zhao(s), Kai Chen*, Ting Yu, Yang Liu, Haoyu Wang*
ACM Transactions on Software Engineering and Methodology (TOSEM)
PDF
Uncovering NFT Domain-Specific Defects on Smart Contract Bytecode
Zuochao Ma, Muhui Jiang, Xiapu Luo, Haoyu Wang, Yajin Zhou
IEEE Transactions on Dependable and Secure Computing (TDSC)
PDF
Minoris: Practical Out-of-Emulator Kernel Module Fuzzing
Yangxi Xiang, Feng Wang, Yuan Chen, Qiang Liu, Haoyu Wang, Jiashui Wang, Lei Wu, Chaoyuan Chen, Yajin Zhou
IEEE Transactions on Dependable and Secure Computing (TDSC)
PDF
Software Engineering for OpenHarmony: A Research Roadmap
Li Li, Xiang Gao, Hailong Sun, Chunming Hu, Xiaoyu Sun, Haoyu Wang, Haipeng Cai, Ting Su, Xiapu Luo, Tegawendé F. Bissyandé, Jacques Klein, John Grundy, Tao Xie, Haibo Chen, Huaimin Wang
ACM Computing Surveys
PDF
The arts and crafts of android adware across a decade
Chao Wang(s)#, Tianming Liu(s)#, Yanjie Zhao(s), Lin Zhang, Xiaoning Du, Li Li, and Haoyu Wang*
Automated Software Engineering (ASE Journal)
PDF
Malmodel: Hiding malicious payload in mobile deep learning models with black-box backdoor attack
Jiayi Hua(s), Kailong Wang*, Meizhen Wang, Guangdong Bai, Xiapu Luo, and Haoyu Wang*
Automated Software Engineering (ASE Journal)
PDF
Large language models for software engineering: A systematic literature review
Xinyi Hou(s)#, Yanjie Zhao(s)#, Yue Liu, Zhou Yang, Kailong Wang, Li Li, Xiapu Luo, David Lo, John Grundy, Haoyu Wang*
ACM Transactions on Software Engineering and Methodology (TOSEM)
Selected for FSE 2025 journal-first presentation
PDF
Large Language Model Supply Chain: A Research Agenda
Shenao Wang(s), Yanjie Zhao(s), Xinyi Hou(s), Haoyu Wang*
ACM Transactions on Software Engineering and Methodology (TOSEM)
PDF
LLM App Store Analysis: A Vision and Roadmap
Yanjie Zhao(s), Xinyi Hou(s), Shenao Wang(s), Haoyu Wang*
ACM Transactions on Software Engineering and Methodology (TOSEM)
PDF
LLM for Mobile: An Initial Roadmap
Daihang Chen, Yonghui Liu, Mingyi Zhou, Yanjie Zhao(s), Haoyu Wang, Shuai Wang, Xiao Chen, Tegawendé F. Bissyandé, Jacques Klein, Li Li
ACM Transactions on Software Engineering and Methodology (TOSEM)
PDF
All Your Tokens are Belong to Us: Demystifying Address Verification Vulnerabilities in Solidity Smart Contracts
Tianle Sun(s), Ningyu He(s), Jiang Xiao, Yinliang Yue, Xiapu Luo, and Haoyu Wang*
USENIX Security 2024
PDF
Exploring Covert Third-party Identifiers through External Storage in the Android New Era
Zikan Dong(s)#, Tianming Liu(s)#, Jiapeng Deng(s), Haoyu Wang*, Li Li, Minghui Yang, Meng Wang, Guosheng Xu*, Guoai Xu
USENIX Security 2024
PDF
Towards Smart Contract Fuzzing on GPU
Weimin Chen, Xiapu Luo, Haipeng Cai and Haoyu Wang
The 45th IEEE Symposium on Security and Privacy (Oakland'24)
PDF
CanCal: Towards Real-time and Lightweight Ransomware Detection and Response in Industrial Environments
Shenao Wang(s)#, Feng Dong#, Hangfeng Yang, Jingheng Xu*, and Haoyu Wang*
CCS 2024
PDF
Abusing the Ethereum Smart Contract Verification Services for Fun and Profit
Pengxiang Ma(s)#, Ningyu He(s)#, Yuhua Huang, Haoyu Wang*, Xiapu Luo
NDSS 2024
PDF
VETEOS: Statically Vetting EOSIO Contracts for the “Groundhog Day” Vulnerabilities
Levi Taiji Li, Ningyu He(s), Haoyu Wang, Mu Zhang
NDSS 2024
PDF
MASTERKEY: Automated Jailbreaking of Large Language Model Chatbots
Gelei Deng, Yi Liu, Yuekang Li, Kailong Wang, Ying Zhang, Zefeng Li, Haoyu Wang, Tianwei Zhang, Yang Liu
NDSS 2024
PDF
NODLINK: An Online System for Fine-Grained APT Attack Detection and Investigation
Shaofei Li, Feng Dong(s), Ding Li, Xusheng Xiao, Haoyu Wang, Fei Shao, Jiedong Chen, Yao Guo, Xiangqun Chen
NDSS 2024
PDF
WaDec: Decompiling WebAssembly Using Large Language Model
Xinyu She(s)#, Yanjie Zhao(s)#, and Haoyu Wang*
ASE 2024
PDF
GlitchProber: Advancing Effective Detection and Mitigation of Glitch Tokens in Large Language Models
Zhibo Zhang(s), Wuxia Bai(s), Yuxi Li(s), Huasong Meng, Kailong Wang, Ling Shi, Li Li, Jun Wang and Haoyu Wang
ASE 2024
PDF
Semantic-Enhanced Indirect Call Analysis with Large Language Models
Baijun Cheng(s), Cen Zhang, Kailong Wang, Ling Shi, Yang Liu, Haoyu Wang, Yao Guo, Xiangqun Chen
ASE 2024
PDF
GPTZoo: A Large-scale Dataset of GPTs for the Research Community
Xinyi Hou(s), Yanjie Zhao(s), Shenao Wang(s) and Haoyu Wang
ASE 2024, The New Ideas and Emerging Results (NIER) Track
PDF
Same App, Different Behaviors: Uncovering Device-specific Behaviors in Android Apps
Zikan Dong(s), Yanjie Zhao(s), Tianming Liu(s), Chao Wang(s), Guosheng Xu, Guoai Xu, Lin Zhang, Haoyu Wang
ASE 2024 Industry Track
PDF
Android Malware Family Labeling: Perspectives from the Industry
Liu Wang(s), Haoyu Wang, Tao Zhang, Haitao Xu, Guozhu Meng, Peiming Gao, Chen Wei, and Yi Wang
ASE 2024 Industry Track
PDF
Models Are Codes: Towards Measuring Malicious Code Poisoning Attacks on Pre-trained Model Hubs
Jian Zhao(s)#, Shenao Wang(s)#, Yanjie Zhao(s), Xinyi Hou(s), Kailong Wang, Peiming Gao, Yuanchao Zhang, Chen Wei, Haoyu Wang
ASE 2024 Industry Track
PDF
Towards Robust Detection of Open Source Software Supply Chain Poisoning Attacks in Industry Environments
Xinyi Zheng(s), Chen Wei, Shenao Wang(s), Yanjie Zhao(s), Peiming Gao, Yuanchao Zhang, Kailong Wang, Haoyu Wang
ASE 2024 Industry Track
PDF
A First Look at LLM-powered Smartphones
Liangxuan Wu(s), Yanjie Zhao(s), Chao Wang(s), Tianming Liu(s) and Haoyu Wang
A-Mobile 2024, Co-located with ASE 2024
PDF
Towards Demystifying Android Adware: Dataset and Payload Location
Chao Wang(s), Tianming Liu(s), Yanjie Zhao(s), Lin Zhang, Xiaoning Du, Li Li and Haoyu Wang
A-Mobile 2024, Co-located with ASE 2024
PDF
NativeSummary: Summarizing Native Binary Code for Inter-language Static Analysis of Android Apps
Jikai Wang(s), Haoyu Wang*
The 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2024)
PDF
WASMaker: Differential Testing of WebAssembly Runtimes via Semantic-aware Binary Generation
Shangtong Cao(s), Ningyu He(s), Xinyu She(s), Yixuan Zhang(s), Mu Zhang, and Haoyu Wang*
The 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2024)
PDF
Following the "Thread": Toward Finding Manipulatable Bottlenecks In Blockchain Clients
Shuohan Wu, Zihao Li, Hao Zhou, Xiapu Luo, Jianfeng Li and Haoyu Wang
The 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2024)
PDF
SeeWasm: An Efficient and Fully-Functional Symbolic Execution Engine for WebAssembly Binaries
Ningyu He(s), Zhehao Zhao, Hanqin Guan, Jikai Wang(s), Shuo Peng(s), Ding Li, Haoyu Wang, Xiangqun Chen, and Yao Guo
ISSTA 2024, Tool Demo Track
PDF
Drowzee: Metamorphic Testing for Fact-conflicting Hallucination Detection in Large Language Models
Ningke Li(s), Yuekang Li, Yi Liu, Ling Shi, Kailong Wang and Haoyu Wang
OOPSLA 2024
PDF
Glitch Tokens in Large Language Models: Categorization Taxonomy and Effective Detection
Yuxi Li(s), Yi Liu, Gelei Deng, Ying Zhang, Wenjia Song, Ling Shi, Kailong Wang, Yuekang Li, Yang Liu, and Haoyu Wang
The 2024 ACM International Conference on the Foundations of Software Engineering (FSE 2024)
PDF
WASMixer: Binary Obfuscation for WebAssembly
Shangtong Cao(s)#, Ningyu He(s)#, Yao Guo, and Haoyu Wang*
The 29th European Symposium on Research in Computer Security (ESORICS 2024)
PDF
MalCertain: Enhancing Deep Neural Network Based Android Malware Detection by Tackling Prediction Uncertainty
Haodong Li(s), Guosheng Xu*, Liu Wang(s), Xusheng Xiao, Xiapu Luo, Guoai Xu, and Haoyu Wang*
ICSE 2024
PDF
Miracle or Mirage? A Measurement Study of NFT Rug Pulls
Jintao Huang(s), Ningyu He(s), Kai Ma(s), Jiang Xiao, Haoyu Wang*
SIGMETRICS 2024
PDF
ConFuzz: Towards Large Scale Fuzz Testing of Smart Contracts in Ethereum
Taiyu Wong, Chao Zhang, Yuandong Ni, Mingsen Luo, Heying Chen, Yufei Yu, Weilin Li, Xiapu Luo, Haoyu Wang
INFOCOM 2024
PDF
Unveiling the Paradox of NFT Prosperity
Jintao Huang(s), Pengcheng Xia(s), Jiefeng Li(s), Kai Ma(s), Gareth Tyson, Xiapu Luo, Lei Wu, Yajin Zhou, Wei Cai, Haoyu Wang*
The Web Conference 2024 (WWW'24)
PDF
Is it safe to share your files? An Empirical Security Analysis of Google Workspace
Liuhuo Wan, Kailong Wang, Haoyu Wang, Guangdong Bai
The Web Conference 2024 (WWW'24)
PDF
Don’t bite off more than you can chew: Investigating Excessive Permission Requests in Trigger-Action Integrations
Liuhuo Wan, Kailong Wang, Kulani Tharaka Mahadewa, Haoyu Wang, Guangdong Bai
The Web Conference 2024 (WWW'24)
PDF
EVMBT: A Binary Translation Scheme for Upgrading EVM Smart Contracts to WASM
Weimin Chen, Xiapu Luo, Haoyu Wang, Heming Cui, Shuyu Zheng, Xuanzhe Liu
The 25th ACM SIGPLAN/SIGBED International Conference on Languages, Compilers, and Tools for Embedded Systems (LCTES 2024)
PDF
Decoding Web3: In-depth Analysis of the Third-Party Package Supply Chain
Kai Ma(s)#, Zhuo Wang(s)#, Yanjie Zhao(s), and Haoyu Wang*
Internetware 2024
PDF
ChatGPT Chats Decoded: Uncovering Prompt Patterns for Superior Solutions in Software Development Lifecycle
Liangxuan Wu(s), Yanjie Zhao(s), Xinyi Hou(s), Tianming Liu(s), Haoyu Wang*
The 21st International Conference on Mining Software Repositories (MSR 2024), Mining Challenge
PDF
Global Prosperity or Local Monopoly? Understanding the Geography of App Popularity
Liu Wang(s), Conghui Zheng(s), Haoyu Wang*, Xiapu Luo, Gareth Tyson, Yi Wang*, Shangguang Wang
The 21st International Conference on Mining Software Repositories (MSR 2024)
PDF
MeTMaP: Metamorphic Testing for Detecting False Vector Matching Problems in LLM Augmented Generation
Guanyu Wang(s), Yuekang Li, Yi Liu, Gelei Deng, Tianlin Li, Guosheng Xu, Yang Liu, Haoyu Wang, Kailong Wang
The first special event of AI Foundation Models and Software Engineering (FORGE 2024)
PDF
Analyzing Excessive Permission Requests in Google Workspace Add-ons
Liuhuo Wan, Chuan Yan, Mark Huasong Meng, Kailong Wang, and Haoyu Wang
The 28th International Conference on Engineering of Complex Computer Systems (ICECCS 2024)
PDF
SoK: On the Security of Non-Fungible Tokens
Kai Ma(s)#, Jintao Huang(s)#, Ningyu He(s)#, Zhuo Wang, and Haoyu Wang*
International Conference on Blockchain Research and Applications (BCRA 2024)
Best Paper AWARD
PDF
VM Matters: A Comparison of WASM VMs and EVMs in the Performance of Blockchain Smart Contracts
Yixuan Zhang(s), Shuyu Zheng(s), Haoyu Wang*, Lei Wu, Gang Huang, Xuanzhe Liu
ACM Transactions on Modeling and Performance Evaluation of Computing Systems (TOMPECS)
PDF
Unearthing Gas-Wasting Code Smells in Smart Contracts with Large Language Models
Jinan Jiang, Zihao Li, Haoran Qin, Muhui Jiang, Xiapu Luo, Xiaoming Wu, Haoyu Wang, Yutian Tang, Chenxiong Qian, Ting Chen
IEEE Transactions on Software Engineering (TSE)
PDF
Beyond Fidelity: Explaining Vulnerability Localization of Learning-based Detectors
Baijun Cheng(s), Shengming Zhao(s), Kailong Wang*, Meizhen Wang, Guangdong Bai, Ruitao Feng, Yao Guo*, Lei Ma, Haoyu Wang*
ACM Transactions on Software Engineering and Methodology (TOSEM)
PDF
A Survey on EOSIO Systems Security: Vulnerability, Attack, and Mitigation
Ningyu He(s), Haoyu Wang*, Lei Wu, Xiapu Luo, Yao Guo*, and Xiangqun Chen
Frontiers of Computer Science
PDF
LIVABLE: Exploring Long-Tailed Classification of Software Vulnerability Types
Xin-Cheng Wen, Cuiyun Gao, Feng Luo, Haoyu Wang, Ge Li, Qing Liao
IEEE Transactions on Software Engineering (TSE)
PDF
DefiRanger: Detecting DeFi Price Manipulation Attacks
Siwei Wu, Zhou Yu(s), Dabao Wang, Yajin Zhou, Lei Wu, Haoyu Wang, Xiangliang Yuan
IEEE Transactions on Dependable and Secure Computing (TDSC)
PDF
WalletRadar: Towards Automating the Detection of Vulnerabilities in Browser-based Cryptocurrency Wallets
Xia. P(s)#, Guo. Y, Lin. Z, Wu. J, Duan. P, He. N, Wang. K, Liu. T, Yue. Y, Xu. G, and Haoyu Wang
Automated Software Engineering
PDF
Characterizing the App Recommendation Relationships in the iOS App Store: A Complex Network's Perspective
Gang Huang, Fuqin Lin, Yun Ma*, Haoyu Wang*, Qingxiang Wang, Gareth Tyson, and Xuanzhe Liu
SCIENCE CHINA: Information Sciences
PDF
Re-measuring the Label Dynamics of Online Anti-Malware Engines from Millions of Samples
Jingjing Wang(s)#, Liu Wang(s)#, Feng Dong*, Haoyu Wang*
ACM Internet Measurement Conference 2023 (IMC'23)
PDF
TxPhishScope: Towards Detecting and Understanding Transaction-based Phishing on Ethereum
Bowen He, Yuan Chen, Zhuo chen, Xiaohui Hu(s), Yufeng Hu, Lei Wu, Rui Chang, Haoyu Wang, Yajin Zhou
ACM CCS 2023
PDF
Are we there yet? An Industrial Viewpoint on Provenance-based Endpoint Detection and Response Tools
Feng Dong(s), Shaofei Li, Peng Jiang, Ding Li*, Haoyu Wang*, Liangyi Huang, Xusheng Xiao, Jiedong Chen, Xiapu Luo, Yao Guo, Xiangqun Chen
ACM CCS 2023
PDF
Characterizing and Detecting WebAssembly Runtime Bugs
Yixuan Zhang(s), Shangtong Cao(s), Haoyu Wang*, Zhenpeng Chen, Xiapu Luo, Dongliang Mu, Yun Ma*, Gang Huang, Xuanzhe Liu
ACM Transactions on Software Engineering and Methodology
PDF
BREWasm: A General Static Binary Rewriting Framework for WebAssembly
Shangtong Cao(s)#, Ningyu He(s)#, Yao Guo, and Haoyu Wang*
The 30th Static Analysis Symposium (SAS 2023)
PDF
WeMinT: Tainting Sensitive Data Leaks in WeChat Mini-Programs
S. Meng (s)#, L. Wang(s)#, S. Wang(s), K. Wang*, X. Xiao, G. Bai, and Haoyu Wang*
The 38th IEEE/ACM International Conference on Automated Software Engineering (ASE 2023)
PDF
WADIFF: A Differential Testing Framework for WebAssembly Runtimes
Shiyao Zhou, Muhui Jiang, Weimin Chen, Hao Zhou, Haoyu Wang, Xiapu Luo
The 38th IEEE/ACM International Conference on Automated Software Engineering (ASE 2023)
PDF
MalWuKong: Towards Fast, Accurate, and Multilingual Detection of Malicious Code Poisoning in OSS Supply Chains
Ningke Li(s), Shenao Wang(s), Mingxi Feng(s), Kailong Wang*, Meizhen Wang, Haoyu Wang*
The 38th IEEE/ACM International Conference on Automated Software Engineering (ASE 2023), Industry Challenge Track (full paper)
PDF
Ransomware as a Service: Demystifying Android Ransomware Generators
Can Tu(s), Liu Wang(s), Yang Xu, Yiping Zhao(s), Haitao Xu, Haoyu Wang*
SecureComm 2023
PDF
DISTDET: A Cost-Effective Distributed Cyber Threat Detection System
Feng Dong(s), Liu Wang(s), Xu Nie(s), Fei Shao, Haoyu Wang*, Ding Li, Xiapu Luo and Xusheng Xiao
USENIX Security 2023
PDF
MTSan: A Feasible and Practical Memory Sanitizer for Fuzzing COTS Binaries
Xingman Chen, Yinghao Shi, Zheyu Jiang, Yuan Li, Ruoyu Wang, Haixin Duan, Haoyu Wang, Chao Zhang
USENIX Security 2023
PDF
Understanding and Tackling Label Errors in Deep Learning-based Vulnerability Detection
Xu Nie(s)#, Ningke Li(s)#, Kailong Wang*, Shangguang Wang, Xiapu Luo, Haoyu Wang*
ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2023)
PDF
Eunomia: Enabling User-specified Fine-Grained Search in Symbolically Executing WebAssembly Binaries
Ningyu He, Zhehao Zhao, Jikai Wang(s), Yubin Hu, Shengjian Guo, Haoyu Wang, Guangtai Liang, Ding Li, Xiangqun Chen, and Yao Guo
ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2023)
PDF
ACM SIGSOFT Distinguished Paper AWARD
CydiOS: a model-based testing framework for iOS apps
Shuohan Wu, Jianfeng Li, Hao Zhou, Yongsheng Fang(s), Kaifa Zhao, Haoyu Wang, Chenxiong Qian, Xiapu Luo
ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2023)
PDF
ScamRadar: Identifying Blockchain Scams When They are Promoting
Xinzhe Zheng(s), Pengcheng Xia(s), Kailong Wang and Haoyu Wang*
BlockSys 2023
PDF
Best Student Paper AWARD
A Deep Dive into the Featured iOS Apps
Liu Wang(s), Haoyu Wang*, Huiyi Wang, Li Li, and Yi Wang*
The 14th Asia-Pacific Symposium on Internetware (Internetware 2023)
PDF
Characterizing Cryptocurrency-themed Malicious Browser Extensions
Kailong Wang, Yuxi Ling, Yanjun Zhang, Zhou Yu(s), Haoyu Wang*, Guangdong Bai*, Beng Chin Ooi, Jin Song Dong
ACM SIGMETRICS 2023
PDF
Are Mobile Advertisements in Compliance with App’s Age Group?
Yanjie Zhao, Tianming Liu, Haoyu Wang, Yepang Liu, John Grundy, and Li Li
The Web Conference 2023 (WWW 2023)
PDF
FaaSLite: Application-Level FaaS Optimization for Cold Start Latency in Serverless Computing
Xuanzhe Liu, Jinfeng Wen, Zhenpeng Chen, Ding Li, Junkai Chen, Yi Liu, Haoyu Wang, Xin Jin
ACM Transactions on Software Engineering and Methodology
Selected for ASE 2023 journal-first presentation
PDF
Rise of Distributed Deep Learning Training in the Big Model Era: From a Software Engineering Perspective
Xuanzhe Liu, Diandian Gu, Zhenpeng Chen, Jinfeng Wen, Zili Zhang, Yun Ma, Haoyu Wang, Xin Jin
ACM Transactions on Software Engineering and Methodology
Selected for ASE 2023 journal-first presentation
PDF
On the Usage-scenario-based Data Minimization in Mini Programs
Shenao Wang(s), Yanjie Zhao(s), Kailong Wang, Haoyu Wang
The 2023 ACM Workshop on Secure and Trustworthy Superapps (SaTS'23), co-located with CCS'23
PDF
Potential Risks Arising from the Absence of Signature Verification in Miniapp Plugins
Yanjie Zhao(s), Yue Zhang, Haoyu Wang
The 2023 ACM Workshop on Secure and Trustworthy Superapps (SaTS'23), co-located with CCS'23
PDF
Challenges in Decentralized Name Management: The Case of ENS
Pengcheng Xia(s), Haoyu Wang*, Zhou Yu(s), Xinyu Liu(s), Xiapu Luo, Guoai Xu, and Gareth Tyson
The 2022 ACM Internet Measurement Conference (IMC'22)
PDF
MalWhiteout: Reducing Label Errors in Android Malware Detection
Liu Wang(s), Haoyu Wang*, Xiapu Luo, and Yulei Sui
The 37th IEEE/ACM International Conference on Automated Software Engineering (ASE 2022)
PDF
Are they Toeing the Line? Diagnosing Privacy Compliance Violations among Browser Extensions
Yuxi Ling, Kailong Wang, Guangdong Bai*, Haoyu Wang*, and Jin Song Dong
The 37th IEEE/ACM International Conference on Automated Software Engineering (ASE 2022)
PDF
Privacy Analysis of Period Tracking Mobile Apps in the Post-Roe v. Wade Era
Zikan Dong(s), Liu Wang(s), Hao Xie(s), Guoai Xu and Haoyu Wang*
A-Mobile Workshop, co-located with ASE'22
PDF
What Did You Pack in My App? A Systematic Analysis of Commercial Android Packers
Zikan Dong(s), Hongxuan Liu(s), Liu Wang(s), Xiapu Luo, Yao Guo,Guoai Xu, Xusheng Xiao, and Haoyu Wang*
ESEC/FSE 2022 (Industry Track)
PDF
Demystifying "Removed Reviews" in iOS App Store
Liu Wang(s), Haoyu Wang*, Xiapu Luo, Tao Zhang, Shangguang Wang, and Xuanzhe Liu
ESEC/FSE 2022 (Industry Track)
PDF
Uncovering Intent based Leak of Sensitive Data in Android Framework
Hao Zhou, Xiapu Luo, Haoyu Wang, Haipeng Cai
The 29th ACM Conference on Computer and Communications Security (CCS 2022)
PDF
MalRadar: Demystifying Android Malware in the New Era
Liu Wang(s), Haoyu Wang*, Ren He(s), Ran Tao(s), Guozhu Meng, Xiapu Luo, Xuanzhe Liu
ACM SIGMETRICS 2022 (Acceptance Rate = 11%, Winter Deadline)
PDF
Path-Sensitive Code Embedding via Contrastive Learning for Software Vulnerability Detection
Xiao Cheng, Guanqin Zhang, Haoyu Wang, Yulei Sui
The 31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA '22)
PDF
WASAI: Uncovering Vulnerabilities in Wasm Smart Contracts
Weimin Chen(s), Zihan Sun(s), Haoyu Wang*, Xiapu Luo*, Haipeng Cai, Lei Wu
The 31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA '22)
PDF
A Tale of Two Countries: A Longitudinal Cross-Country Study of Mobile Users' Reactions to the COVID-19 Pandemic Through the Lens of App Popularity
Liu Wang(s), Haoyu Wang*, Yi Wang, Gareth Tyson, Fei Lyu
The 9th IEEE/ACM International Conference on Mobile Software Engineering and Systems 2022 (MobileSoft 2022)
PDF
Lie to Me: Abusing the Mobile Content Sharing Service for Fun and Profit
Guosheng Xu, Siyi Li(s), Hao Zhou, Shucen Liu, Yutian Tang, Li Li, Xiapu Luo, Xusheng Xiao, Guoai Xu* and Haoyu Wang*
The ACM Web Conference 2022 (WWW '22)
PDF
How About Bug-Triggering Paths? - Understanding and Characterizing Learning-Based Vulnerability Detectors
Xiao Cheng, Xu Nie(s), Ningke Li(s), Haoyu Wang, Zheng Zheng, Yulei Sui
IEEE Transactions on Dependable and Secure Computing (TDSC)
PDF
APIMatchmaker: Matching the Right APIs for Supporting the Development of Android Apps
Yanjie Zhao, Li Li, Haoyu Wang, Qiang He, John Grundy
IEEE Transactions on Software Engineering (TSE)
PDF
===================================================================================================
↑ ↑ ↑ ↑ ↑ Publications after Joining HUST ↑ ↑ ↑ ↑ ↑
===================================================================================================
Trade or Trick? Detecting and Characterizing Scam Tokens on Uniswap Decentralized Exchange
Pengcheng Xia(s), Haoyu Wang*, Bingyu Gao(s), Weihang Su(s), Zhou Yu(s), Xiapu Luo, Chao Zhang, Xusheng Xiao, Guoai Xu
ACM SIGMETRICS 2022 (Acceptance Rate = 16%, Summer Deadline)
PDF
Uncovering Cross-Context Inconsistent Access Control Enforcement in Android
Hao Zhou, Haoyu Wang, Xiapu Luo, Ting Chen, Yajin Zhou, Ting Wang
The Network and Distributed System Security Symposium (NDSS 2022)
PDF
DescribeCtx: Context-Aware Description Synthesis for Sensitive Behaviors in Mobile Apps
Shao Yang, Yuehan Wang, Yuan Yao, Haoyu Wang, Yanfang Ye, Xusheng Xiao
The 44th International Conference on Software Engineering (ICSE 2022)
PDF
Promal: Precise Window Transition Graphs for Android via Synergy of Program Analysis and Machine Learning
Changlin Liu, Hanlin Wang, Tianming Liu(s), Diandian Gu, Yun Ma, Haoyu Wang, Xusheng Xiao
The 44th International Conference on Software Engineering (ICSE 2022)
PDF
Towards Automatically Localizing Function Errors in Mobile Apps with User Reviews
Le Yu, Haoyu Wang, Xiapu Luo, Tao Zhang, Kang Liu, Jiachi Chen, Hao Zhou, Yutian Tang, Xusheng Xiao
IEEE Transactions on Software Engineering (TSE)
PDF
BATscope: Demystifying Malicious Addresses and Mixing Transactions in Bitcoin (In Chinese)
WONG Taiyu, YIN Tingting, LI Yun, QIN Siliang, REN Xin, LUO Xiapu, WANG Haoyu, YIN Xia, ZHANG Chao
Journal of Cyber Security
PDF
Finding the Missing Piece: Permission Specification Analysis for Android NDK
Hao Zhou, Haoyu Wang, Shuohan Wu, Xiapu Luo, Yajin Zhou, Ting Chen, Ting Wang
The 36th IEEE/ACM International Conference on Automated Software Engineering (ASE 2021)
PDF
SADPonzi: Detecting and Characterizing Ponzi Schemes in Ethereum Smart Contracts
Weimin Chen(s), Xinran Li(s), Yuting Sui(s), Ningyu He(s), Haoyu Wang*, Lei Wu, and Xiapu Luo.
ACM SIGMETRICS 2021 (Acceptance Rate: 12%, winter deadline),
published in ACM POMACS
PDF
Tracking Counterfeit Cryptocurrency End-to-end
Bingyu Gao(s), Haoyu Wang*, Pengcheng Xia(s), Siwei Wu, Yajin Zhou, Xiapu Luo, and Gareth Tyson.
ACM SIGMETRICS 2021 (Acceptance Rate: 16%, summer deadline),
published in ACM POMACS
PDF
EOSafe: Security analysis of EOSIO smart contracts
Ningyu He(s), Ruiyi Zhang, Haoyu Wang*, Lei Wu*, Xiapu Luo, Yao Guo*, Ting Yu, and Xuxian Jiang.
Proceedings of The 30th USENIX Security Symposium (USENIX Security 2021)
PDF
CHAMP: Characterizing Undesired App Behaviors from User Comments based on Market
Policies
Yangyu Hu(s)#, Haoyu Wang*#, Tiantong Ji, Xusheng Xiao, Xiapu Luo, Peng Gao and Yao Guo.
Proceedings of the 43rd ACM/IEEE International Conference on Software Engineering (ICSE
2021)
PDF
DeepBackdoor: Black-box Backdoor Attack on Deep Learning Models through Neural Payload
Injection
Yuanchun Li, Jiayi Hua(s), Haoyu Wang*, Chunyang Chen and Yunxin Liu.
Proceedings of the 43rd ACM/IEEE International Conference on Software Engineering (ICSE
2021)
PDF
An Empirical Study on Deployment Faults of Deep Learning Based Mobile
Applications
Zhenpeng Chen, Huihan Yao, Yiling Lou, Yanbin Cao, Yuanqiang Liu, Haoyu Wang, and Xuanzhe Liu*.
Proceedings of the 43rd ACM/IEEE International Conference on Software Engineering (ICSE
2021)
PDF
Demystifying Illegal Mobile Gambling Apps
Yuhao Gao(s), Haoyu Wang*, Li Li, Xiapu Luo, Xuanzhe Liu and Guoai Xu*.
Proceedings of the 30th The Web Conference (WWW 2021), acceptance rate =
20.6%
PDF
A Longitudinal Study of Removed Apps in iOS App Store
Fuqi Lin(s)#, Haoyu Wang*#, Liu Wang(s) and Xuanzhe Liu*.
Proceedings of the 30th The Web Conference (WWW 2021), acceptance rate =
20.6%
PDF
Towards Understanding and Demystifying Bitcoin Mixing Services
Lei Wu, Yufeng Hu, Yajin Zhou*, Haoyu Wang, Xiapu Luo, Zhi Wang, Fan Zhang and Kui Ren.
Proceedings of the 30th The Web Conference (WWW 2021), acceptance rate =
20.6%
PDF
Beyond the Virus: A First Look at Coronavirus-themed Android Malware
Liu Wang(s)#, Ren He(s)#, Haoyu Wang*, Pengcheng Xia(s), Yuanchun Li, Lei Wu, Yajin Zhou, Xiapu Luo,
Yulei Sui, Yao Guo, Guoai Xu.
Empirical Software Engineering (EMSE)
PDF
Github
Zenodo
DeepWukong: Statically Detecting Software Vulnerabilities using Deep Graph Neural
Network
Xiao Cheng(s), Haoyu Wang*, Jiayi Hua(s), Guoai Xu* and Yulei Sui.
ACM Transactions on Software Engineering and Methodology
(TOSEM)
PDF
On the Impact of Sample Duplication in Machine Learning based Android Malware
Detection
Yanjie Zhao, Li Li, Haoyu Wang, Haipeng Cai, Tegawende F. Bissyande, Jacques Klein, John Grundy.
ACM Transactions on Software Engineering and Methodology
(TOSEM)
PDF
XDebloat: Towards Automated Feature-Oriented App Debloating
Yutian Tang, Hao Zhou, Xiapu Luo, Ting Chen, Haoyu Wang, Zhou Xu, and Yan Cai
IEEE Transactions on Software Engineering (TSE)
PDF
A Systematic Assessment on Android Third-party Library Detection Tools
Xian Zhan, Tianming Liu(s), Yepang Liu, Yang Liu, Li Li, Haoyu Wang, Xiapu Luo
IEEE Transactions on Software Engineering (TSE)
PDF
A Systematical Study on Application Performance Management Libraries for Apps
Yutian Tang, Haoyu Wang, Xian Zhan, Xiapu Luo, Yajin Zhou, Hao Zhou, Qiben Yan, Yulei Sui, Jacky Keung.
IEEE Transactions on Software Engineering
(TSE)
PDF
Make Web3.0 Connected
Zhuotao Liu, Yangxi Xiang(s), Jian Shi, Peng Gao, Haoyu Wang, Xusheng Xiao, Bihan Wen, Qi Li, Yih-Chun
Hu.
IEEE Transactions on Dependable and Secure Computing
(TDSC)
PDF
Identifying and Characterizing COVID-19 Themed Malicious Domain Campaigns
Pengcheng Xia(s), Mohamed Nabeel, Issa Khalil, Haoyu Wang and Ting Yu.
Proceedings of the 11th ACM Conference on Data and Application Security and Privacy
(CODASPY 2021)
PDF
MMGuard: Automatically Protecting On-Device Deep Learning Models in Android Apps
Jiayi Hua(s), Yuanchun Li, Haoyu Wang*.
Proceedings of the 4th Deep Learning and Security Workshop (DLS 2021), Co-located
with S&P 2021
PDF
Github
On the Effectiveness of Deep Vulnerability Detectors to Simple Stupid Bug
Detection
Jiayi Hua(s), Haoyu Wang*.
Proceedings of the 2021 Mining Software Repositories Conference (MSR'21), Mining
Challenge Track
PDF
Towards A First Step to Understand Flash Loan and Its Applications in DeFi
Ecosystem
Dabao Wang, Siwei Wu, Ziling Lin, Lei Wu, Xingliang Yuan, Yajin Zhou, Haoyu Wang and Kui Ren.
Proceedings of the Ninth International Workshop on Security in Blockchain and Cloud Computing,
co-located with ASIACCS'21
PDF
Assessing the Feasibility of Web-Request Prediction Models on Mobile Platforms
Yixue Zhao, Siwei Yin(s), Adriana Sejfia, Marcelo Schmitt Laser, Haoyu Wang and Nenad Medvidovic.
MobileSoft'21, co-located with ICSE'21
PDF
Towards Understanding iOS App Store Search Advertising: An Explorative Study
Siming Su(s), Haoyu Wang* and Guoai Xu.
MobileSoft'21, co-located with ICSE'21
PDF
A Large-Scale Empirical Study of COVID-19 Themed GitHub Repositories
Liu Wang(s), Ruiqing Li, Jiaxin Zhu, Guangdong Bai and Haoyu Wang*.
IEEE Computer Society Signature Conference on Computers, Software and Applications (COMPSAC 2021)
PDF
Understanding the Impact of COVID-19 on Github Developers: A Preliminary Study
Liu Wang(s), Ruiqing Li, Jiaxin Zhu, Guangdong Bai, Weihang Su(s) and Haoyu Wang*.
The 33rd International Conference on Software Engineering & Knowledge Engineering (SEKE'21)
PDF
Understanding (Mis)Behavior on the EOSIO Blockchain
Yuheng Huang(s), Haoyu Wang*, Lei Wu*, Gareth Tyson, Xiapu Luo, Run Zhang(s), Xuanzhe Liu, Gang Huang
and Xuxian Jiang.
ACM SIGMETRICS 2020 (Acceptance Rate: 15%), published in
ACM POMACS
PDF
Flow2Vec: Value-Flow-Based Precise Code Embedding
Yulei Sui, Xiao Cheng(s), Guanqin Zhang, and Haoyu Wang.
Proceedings of ACM OOPSLA 2020
PDF
ACM SIGPLAN Distinguished Paper AWARD
Mobile App Squatting
Yangyu Hu(s), Haoyu Wang*, Ren He(s), Li Li, Gareth Tyson, Ignacio Castro, Yao Guo, Lei Wu and Guoai
Xu*.
Proceedings of the Web Conference 2020 (WWW'20), acceptance rate = 19%, Full
paper, Oral.
PDF
BEST STUDENT PAPER AWARD (the first award in
China)
MadDroid: Characterising and Detecting Devious Ad Content for Android Apps
Tianming Liu#(s), Haoyu Wang#*, Li Li, Xiapu Luo, Feng Dong(s), Yao Guo, Liu Wang(s), Tegawende F.
Bissyande and Jacques Klein
Proceedings of the Web Conference 2020 (WWW'20), acceptance rate = 19%, Full
paper, Oral.
PDF
DEPOSafe: Demystifying the Fake Deposit Vulnerability in Ethereum Smart
Contracts
Ru Ji(s)#, Ningyu He(s)#, Lei Wu, Haoyu Wang*, Guangdong Bai and Yao Guo.
Proceedings of the 25th International Conference on Engineering of Complex Computer Systems
(ICECCS 2020)
Media Coverage: CoinDesk,
Yahoo
Finance,
Coin Geek,
Publish0x,
nasdaq.com,
Cryptonews,
CoinGenius
PDF
Don't Fish in Troubled Waters! Characterizing Coronavirus-themed Cryptocurrency
Scams
Pengcheng Xia(s), Haoyu Wang*, Xiapu Luo, Lei Wu, Yajin Zhou, Guangdong Bai, Guoai Xu, Gang Huang,
Xuanzhe Liu.
Proceedings of APWG Symposium on Electronic Crime Research (eCrime 2020)
PDF
Dataset
Demystifying Diehard Android Apps
Hao Zhou, Haoyu Wang, Yajin Zhou, Xiapu Luo, Yutian Tang, Lei Xue and Ting Wang.
The 35th IEEE/ACM International Conference on Automated Software Engineering (ASE
2020), acceptance rate = 22.5%.
PDF
Automated Third-party Library Detection for Android Applications: Are We There
Yet?
Xian Zhan, Lingling Fan, Tianming Liu(s), Sen Chen, Li Li, Haoyu Wang, Yifei Xu, Xiapu Luo and Yang
Liu.
The 35th IEEE/ACM International Conference on Automated Software Engineering (ASE
2020), acceptance rate = 22.5%.
PDF
UI Obfuscation and its Effects on Automated UI Analysis for Android Apps
Hao Zhou, Ting Chen, Haoyu Wang, Le Yu, Xiapu Luo, Ting Wang and Wei Zhang.
The 35th IEEE/ACM International Conference on Automated Software Engineering (ASE
2020), acceptance rate = 22.5%.
PDF
All Your App Links are Belong to Us: Understanding the Threats of Instant Apps based
Attacks
Yutian Tang, Yulei Sui, Haoyu Wang, Xiapu Luo, Hao Zhou and Zhou Xu.
ESEC/FSE 2020.
PDF
A Comprehensive Study on Challenges in Deploying Deep Learning Based Software
Zhenpeng Chen, Yanbin Cao, Yuanqiang Liu, Haoyu Wang, Tao Xie and Xuanzhe Liu*.
ESEC/FSE 2020.
PDF
Characterizing Code Clones in the Ethereum Smart Contract Ecosystem
Ningyu He(s), Lei Wu, Haoyu Wang*, Yao Guo*, and Xuxian Jiang.
The 24th International Conference on Financial Cryptography and Data Security 2020
(FC'20), acceptance rate = 22%.
PDF
A3IDENT: A Two-phased Approach to Identify the Leading Authors of Android Apps
Wei Wang, Guozhu Meng, Haoyu Wang, Kai Chen, Weimin Ge and Xiaohong Li.
IEEE International Conference on Software Maintenance and Evolution (ICSME
2020)
PDF
Characterizing Cryptocurrency Exchange Scams
Pengcheng Xia(s), Haoyu Wang*, Bowen Zhang(s), Ru Ji(s), Bingyu Gao(s), Lei Wu, Xiapu Luo, and Guoai
Xu.
Elsevier Computers & Security (COSE, IF=3.579)
PDF
Market-level Analysis of Government-backed COVID-19 Contact Tracing Apps
Huiyi Wang(s), Liu Wang(s), and Haoyu Wang*.
The International Workshop on Advances in Mobile App Analysis (A-Mobile 2020),
co-located with ASE 2020
PDF
KnowledgeZooClient: Constructing Knowledge Graph for Android
Li Li, Jun Gao, Pingfan Kong, Haoyu Wang, Mengyu Huang, Yuan-Fang Li and Tegawende F. Bissyande
The International Workshop on Advances in Mobile App Analysis (A-Mobile 2020),
co-located with ASE 2020
PDF
Dissecting Mobile Offerwall Advertisements: An Explorative Study
Guosheng Xu, Yangyu Hu(s), Qian Guo(s), Ren He(s), Li Li, Guoai Xu, Zhihui Han, Haoyu Wang
The 20th IEEE International Conference on Software Quality, Reliability, and Security
(QRS'20)
PDF
Does the Presence of Privacy Relevant Information Affect App Market Choice?
Maria K Wolters, Shuobing Li, Haoyu Wang, Xinyu Yang(s), and Yao Guo
The ACM CHI Conference on Human Factors in Computing Systems (ACM CHI'20),
Late-Breaking Work.
PDF
Same origin based fine-grained privacy protection for mobile applications
Wenxiong Lu(s), Haoyu Wang*
Invited Paper, BIG DATA RESEARCH (in Chinese).
PDF
Automated Deobfuscation of Android Native Binary Code
Zeliang Kan(s), Haoyu Wang, Lei Wu, Yao Guo, and Xiapu Luo.
PDF
Tool
(Github)
EVulHunter: Detecting Fake Transfer Vulnerabilities for EOSIO's Smart Contracts at
Webassembly-level
Lijin Quan(s), Lei Wu, and Haoyu Wang*.
PDF
Tool (Github)
Demo
DeepIntent: Deep Icon-Behavior Learning for Detecting Intention-Behavior Discrepancy in
Mobile Apps
Shengqu Xi, Shao Yang, Xusheng Xiao, Yuan Yao, Yayuan Xiong, Fengyuan Xu, Haoyu Wang, Peng Gao,
Zhuotao Liu, Feng Xu, Jian Lv.
The 26th ACM Conference on Computer and Communications Security (ACM CCS
2019)
PDF
HyperService: Interoperability and Programmability across Heterogeneous
Blockchains
Zhuotao Liu*, Yangxi Xiang(s), Jian Shi, Peng Gao, Haoyu Wang*, Xusheng Xiao, Bihan Wen, Yih-Chun
Hu.
The 26th ACM Conference on Computer and Communications Security (ACM CCS
2019)
PDF
Characterizing Android App Signing Issues
Haoyu Wang, Hongxuan Liu(s), Xusheng Xiao, Guozhu Meng, and Yao Guo.
The 34th IEEE/ACM International Conference on Automated Software Engineering (ASE
2019), full paper.
PDF
DaPanda: Detecting Aggressive Push Notification in Android Apps
Tianming Liu#(s), Haoyu Wang#*, Li Li, Guangdong Bai, Yao Guo and Guoai Xu.
The 34th IEEE/ACM International Conference on Automated Software Engineering (ASE
2019), full paper.
PDF
Dating with Scambots: Understanding the Ecosystem of Fraudulent Dating
Applications
Yangyu Hu(s), Haoyu Wang*, Yajin Zhou*, Yao Guo, Li Li, Bingxuan Luo(s), Fangren Xu(s).
IEEE Transactions on Dependable and Secure Computing (TDSC)
PDF
Understanding the Evolution of Mobile App Ecosystems: A Longitudinal Measurement Study of
Google Play
Haoyu Wang, Hao Li and Yao Guo.
THE WEB CONFERENCE 2019 (WWW 2019), acceptance rate = 18% , full paper.
PDF
Static Detection of Control-Flow-Related Vulnerabilities Using Graph Embedding
Xiao Cheng(s), Haoyu Wang*, Jiayi Hua(s), Miao Zhang, Guoai Xu, Li Yi* and Yulei Sui.
The 24th International Conference on Engineering of Complex Computer Systems (ICECCS
2019)
PDF
AppNet: Understanding App Recommendation in Google Play
Qian Guo(s), Haoyu Wang, Chenwei Zhang, Yao Guo and Guoai Xu.
The 3rd International Workshop on App Market Analytics (WAMA 2019), co-located
with ESEC/FSE 2019.
PDF
LightSense: A Novel Side Channel for Zero-permission Mobile User Tracking
Quanqi Ye, Yan Zhang, Guangdong Bai, Naipeng Dong, Zhenkai Liang, Jin Song Dong and Haoyu Wang.
The 22nd Information Security Conference (ISC 2019)
PDF
Deobfuscating Android Native Binary Code
Zeliang Kan(s), Haoyu Wang, Lei Wu, Yao Guo and Guoai Xu.
The 41st ACM/IEEE International Conference on Software Engineering (ICSE 2019),
Poster Track (Invitation).
PDF
Revisiting the Impact of Common Libraries for Android-related Investigations
Li Li, Timothee Riom, Tegawende F. Bissyande, Haoyu Wang, Jacques Klein, and Yves Le Traonb.
Journal of Systems and Software (JSS)
PDF
Characterizing the Global Mobile App Developers: A Large-scale Empirical Study
Haoyu Wang, Xupu Wang(s) and Yao Guo.
IEEE/ACM International Conference on Mobile Software Engineering and Systems (MobileSoft
2019)
PDF
RmvDroid: Towards A Reliable Android Malware Dataset with App Metadata
Haoyu Wang, Junjun Si, Hao Li and Yao Guo.
The 16th International Conference on Mining Software Repositories (MSR 2019),
Data Showcase.
PDF
Want to Earn a Few Extra Bucks? A First Look at Money-making Apps
Yangyu Hu(s), Haoyu Wang*, Li Li, Yao Guo, Guoai Xu* and Ren He(s)
IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER
2019)
PDF
Knowledge Graphing Git Repositories: A Preliminary Study
Yanjie Zhao(s), Haoyu Wang*, Lei Ma, Yuxin Liu, Li Li and John Grundy.
IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER
2019), ERA Track.
PDF
On Identifying and Explaining Similarities in Android Apps
Li Li, Tegawende F. Bissyande, Haoyu Wang and Jacques Klein.
Journal of Computer Science and Technology (JCST)
PDF
AppAuth: Authorship Attribution for Android App Clones
Guoai Xu, Chengpeng Zhang(s), Bowen Sun(s), Xinyu Yang(s), Yanhui Guo, Chengze Li(s), Haoyu Wang.
PDF
Mobile Device Security
Miao Zhang, Shuai Shao, Haoyu Wang.
BOOK (textbook for undergraduate student), BUPT Press
Mobile Application Security
Haoyu Wang, Guoai Xu, Yao Guo.
BOOK (textbook for graduate student), BUPT Press
Beyond Google Play: A Large-Scale Comparative Study of Chinese Android App
Markets
Haoyu Wang, Zhe Liu(s), Jingyue Liang(s), Narseo Vallina-Rodriguez, Yao Guo, Li Li, Juan Tapiador,
Jingcun Cao, Guoai Xu.
ACM Internet Measurement Conference (IMC 2018), our paper is the only one coming
from Asia.
PDF
FraudDroid: Automated Ad Fraud Detection for Android Apps
Feng Dong(s), Haoyu Wang*#, Li Li, Yao Guo, Tegawende F. Bissyande, Tianming Liu(s),
Guoai Xu and Jacques Klein
ESEC/FSE 2018 (acceptance rate of 19%)
PDF
CiD: Automating the Detection of API-related Compatibility Issues in Android
Apps
Li Li, Tegawende F. Bissyande, Haoyu Wang, Jacques Klein.
The 27th International Symposium on Software Testing and Analysis (ISSTA
2018)
PDF
How do Mobile Apps Violate the Behavioral Policy of Advertisement Libraries?
Feng Dong(s), Haoyu Wang*, Li Li, Yao Guo, Guoai Xu, Shaodong Zhang.
The 19th Workshop on Mobile Computing Systems and Applications (HotMobile
2018)
PDF
Why are Android Apps Removed From Google Play? A Large-scale Empirical Study
Haoyu Wang, Hao Li, Li Li, Yao Guo, Guoai Xu.
The 15th International Conference on Mining Software Repositories (MSR 2018)
PDF
Towards Light-weight Deep Learning based Malware Detection
Zeliang Kan(s), Haoyu Wang*, Guoai Xu*, Yao Guo, Xiangqun Chen.
The 42nd IEEE International Conference on Computers, Software & Applications (COMPSAC
2018)
PDF
Re-checking App Behavior against App Description in the Context of Third-party
Libraries
Chengpeng Zhang(s), Haoyu Wang*, Ran Wang(s), Yao Guo, Guoai Xu*.
The 30th International Conference on Software Engineering & Knowledge Engineering (SEKE
2018)
PDF
An Explorative Study of the Mobile App Ecosystem from App Developers'
Perspective
Haoyu Wang, Zhe Liu(s), Yao Guo, Xiangqun Chen, Miao Zhang, Guoai Xu and Jason Hong.
Proceedings of the 26th International World Wide Web Conference (WWW 2017)
PDF
Understanding the Purpose of Permission Use in Mobile Apps
Haoyu Wang, Yuanchun Li, Yao Guo, Yuvraj Agarwal, Jason Hong.
ACM Transactions on Information Systems (TOIS)
PDF
Understanding Third-party Libraries in Mobile App Analysis
Haoyu Wang and Yao Guo.
ICSE 2017, Technical Briefings
PDF
Purpose-based Access Control for Android
Haoyu Wang
2017 USENIX Summit on Hot Topics in Security (HotSec '17)
PDF
CRSPR: PageRank for Android Apps
Chengze Li(s), Haoyu Wang, Junfeng Wang, Qi Li, Jianbo Yu, Jingyi Guo, Guoai Xu and Yanhui Guo.
IEEE ACCESS 14(8), 2017
PDF
Automated Detection and Classification of Third-party Libraries in Large Scale Android
Apps
Haoyu Wang, Yao Guo, Ziang Ma and Xiangqun Chen.
Journal of Software (in Chinese)
PDF
Privacy Rating for Mobile Apps based on Crowdsourcing and Machine-learning
Techniques
ZHANG Xianxian(s), WANG Haoyu, GUO Yao and XU Guoai.
NASAC 2017 (in Chinese)
PDF
Best Paper Award
Automated Detection of the Inconsistence between App Behavior and Privacy Policy of Android
Apps
WANG Jingyu(s), XU Mingkun, WANG Haoyu and XU Guoai.
NASAC 2017 (in Chinese)
PDF
Security Analytics for Mobile Apps: Achievements and Challenges
Wei Yang, Xusheng Xiao, Dengfeng Li, Huoran Li, Xuanzhe Liu, Haoyu Wang, Yao Guo, and Tao Xie.
Journal of Cyber Security (in Chinese), 1(2), pages 1-14, April 2016.
PDF
LibRadar: Detecting Third-party Libraries in Android Apps
Ziang Ma, Haoyu Wang, Yao Guo and Xiangqun Chen.
ICSE 2016 (Demo Track)
PDF
Tool Website
Identifying and Analyzing the Privacy of Apps for Kids
Minxing Liu, Haoyu Wang, Yao Guo and Jason Hong.
The 17th International Workshop on Mobile Computing Systems and Applications (HotMobile
2016)
PDF
Using Text Mining to Infer the Purpose of Permission Use in Mobile Apps
Haoyu Wang, Jason Hong and Yao Guo.
The 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing (UbiComp
2015)
PDF
Reevaluating Android Permission Gaps with Static and Dynamic Analysis
Haoyu Wang, Yao Guo, Zihao Tang, Guangdong Bai and Xiangqun Chen.
IEEE GLOBECOM 2015
PDF
WuKong: A Scalable and Accurate Two-Phase Approach to Android App Clone
Detection
Haoyu Wang, Yao Guo, Ziang Ma and Xiangqun Chen.
International Symposium on Software Testing and Analysis (ISSTA 2015), Baltimore,
MD, pp. 71-82.
PDF
Similarity-based Web Browser Optimization
Haoyu Wang, Mengxin Liu, Yao Guo and Xiangqun Chen.
The 23rd International World Wide Web Conference (WWW 2014), Seoul, Korea, pp
575-584, 2014. (acceptance rate: 12.9%)
PDF
Detecting repackaged Android applications based on code clone detection
technique
Haoyu Wang, Zhongyu Wang, Yao Guo and Xiangqun Chen.
SCIENCE CHINA Information Sciences, 2014, 44 (1): 142-157. (in Chinese)
PDF
Mobile Web Browser Optimization in the Cloud Era: A Survey
Haoyu Wang, Junjun Kong, Yao Guo and Xiangqun Chen.
IEEE MobileCloud 2013
PDF