Research
The main theme of my research is to address software vulnerabilities, which is prevalent in all kinds of software systems and critically impairs software security. As manual effort has been shown to be not only costly but also inadequate for effectively and efficiently solving the issues caused by vulnerabilities, the goal of my research is to develop approaches to automatically detecting, mitigating, and fixing real-world vulnerabilities in widely adopted software.
Detecting Vulnerabilities
Our recent projects detect vulnerabilities in two ways: static analysis and dynamic analysis. We use machine learning and deep learning to detect vulnerabilities statically. By extracting program slices containing syntactical and semantical information about program code as features, our approach can accurately distinguish vulnerable code from non-vulnerable code.
We have also developed a technique to effectively reduce the false positives in detecting integer overflow vulnerabilities dynamically. The technique focuses on eliminating false positives caused by sanitization code added by software developers to filter out input data that can trigger integer overflow vulnerabilities.
Mitigating Vulnerabilities
To mitigate vulnerabilities, we propose Software Workaround for Rapid Response (SWRR) that mitigate vulnerabilities by disabling the execution of vulnerable code. With the help of error-handling code, SWRRs gracefully continue program execution after bypassing vulnerable code. We design SWRRs to be used like configuration workarounds. After SWRRs are deployed in applications, users can activate or deactivate them just like configuration options. Our prototype Talos employs program analysis to automatically synthesize SWRRs in the form of source code and instrument SWRRs into existing applications.
In situations where source code is not available, applying SWRRs to binary code directly is needed. We have developed an approach called RVM to automatically hardening binary code with security workarounds. RVM statically analyzes binary code of programs to identify error-handling code in the programs, in order to synthesize security workarounds. We have developed a prototype of RVM that automatically synthesizes SWRRs in the form of binary code and instruments them directly to Windows and Linux binaries.
Fixing Vulnerabilities
We aim to automatically generate correct patches for vulnerabilities. Focusing on three of the most common and severe software vulnerabilities, buffer overflow, bad cast, and integer overflow, Senx combines symbolic execution and program analysis to generate semantically correct security patches based on pre-defined patch models. Particularly we design Senx to address complex vulnerabilities by taking into account complex code structures and data structures. The security patches generated by Senx mimic security patches produced by software developers. Our prototype illustrates that security patches generated by Senx are effective, safe, and efficient in fixing real-world software vulnerabilities.
Students
I have had the opportunity to work with a group of awesome students at DePaul University.
Graduate Students
- Hristina Dokic
- Crystal Contreras
- Zishi Li
- Tavis Sotirin-Miller
- Xiaowei Yu
- Amy Aumpansub
Undergraduate Students
- Marc White
- Corey Hardesty
- Syed Athar
- Elona Selenica
- Murtaza Meerza
Publications
(Underlined authors are students mentored by me.)
2024
- Z. Huang. Debloating Feature-Rich Closed-Source Windows Software. IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). To appear. [PDF]
2023
- Z. Huang. Targeted Symbolic Execution for UAF Vulnerabilities. 7th International Conference on System Reliability and Safety (ICSRS). November 2023. [PDF]
- C. Contreras, H. Dokic, Z. Huang, D. Stan Raicu, J. Furst and R. Tchoua. Multiclass Classification of Software Vulnerabilities with Deep Learning. 15th International Conference on Machine Learning and Computing (ICMLC). February 2023. [PDF][Bib]
2022
- Z. Huang. Runtime Recovery for Integer Overflows. 6th International Conference on System Reliability and Safety (ICSRS). November 2022. [PDF][Bib]
- Z. Huang, G. Tan and X. Yu. Mitigating Vulnerabilities in Closed Source Software. EAI Endorsed Transactions on Security and Safety. August 2022. [PDF][Bib]
- Z. Huang and M. White. Semantic-Aware Vulnerability Detection. 2022 IEEE Cyber Security and Resilience (CSR). July 2022. [PDF][Bib]
- A. Aumpansub and Z. Huang. Learning-based Vulnerability Detection in Binary Code. 14th International Conference on Machine Learning and Computing (ICMLC). February 2022. [PDF][Bib]
2021
- Z. Huang and X. Yu. Integer Overflow Detection with Delayed Runtime Test. 16th International Conference on Availability, Reliability and Security (ARES). August 2021. [PDF][Bib]
-
Z. Huang, T. Jaeger and G. Tan.
Fine Grained Program Partitioning for Security.
14th European Workshop on Systems Security (EuroSec).
April 2021.
[PDF][Bib]
-
A. Aumpansub and Z. Huang.
Detecting Software Vulnerabilities Using Neural Networks.
13th International Conference on Machine Learning and Computing (ICMLC).
February 2021.
[PDF][Bib][Code]
2020
-
Z. Huang, D. Lie, G. Tan and T. Jaeger.
Using Safety Properties to Generate Vulnerability Patches.
Usenix ;Login: Volume 45, Number 4.
October 2020.
[PDF][Bib]
2019
-
Z. Huang, D. Lie, G. Tan and T. Jaeger.
Using Safety Properties to Generate Vulnerability Patches.
40th IEEE Symposium on Security and Privacy (S&P).
May 2019.
(Acceptance Rate: 12.5%, 84 out of 673)
[PDF][Bib]
-
Z. Huang and G. Tan.
Rapid Vulnerability Mitigation with Security Workarounds.
2nd NDSS Workshop on Binary Analysis Research (BAR).
February 2019.
[PDF][Bib][Code]
2018
-
W. Huang, V. Rudchenko, H. Shuang, Z. Huang and D. Lie.
Pearl-TEE: Supporting Untrusted Applications in TrustZone.
3rd ACM CCS Workshop on System Software for Trusted Execution (SysTEX).
October 2018.
[PDF][Bib]
2017
-
D. Miyani, Z. Huang and D. Lie.
BinPro: A Tool for Binary Source Code Provenance.
arXiv:1711.00830.
2017.
[PDF][Bib]
2016
-
Z. Huang, M. D'Angelo, D. Miyani and D. Lie.
Talos: Neutralizing Vulnerabilities with Security
Workarounds for Rapid Response.
37th
IEEE Symposium on Security and Privacy (S&P).
May 2016.
(Acceptance Rate: 13.3%, 55 out of 413)
[PDF][Bib][Code]
-
W. Huang, Z. Huang, D. Miyani and D. Lie.
LMP: Light-Weighted Memory Protection with Hardware Assistance.
2016 Annual Computer Security Application Conference (ACSAC).
December 2016.
(Acceptance Rate: 22.8%, 48 out of 210)
[PDF][Bib]
2014
-
Z. Huang and D. Lie.
Ocasta: Clustering Configuration Settings For Error Recovery.
44th Annual
IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). Pages 479-490.
June 2014.
(Acceptance Rate: 30.3%, 56 out of 185)
[PDF][Bib][Code]
2012
-
K. Au, Y. Zhou, Z. Huang and D. Lie.
PScout: Analyzing the Android Permission Specification.
19th
ACM Conference on Computer and Communications Security (CCS). Pages 217-228.
October 2012.
(Acceptance Rate: 18.9%, 80 out of 423)
[PDF][Bib][Code]
2011
-
K. Au, Y. Zhou, Z. Huang, P. Gill and D. Lie.
A Look at SmartPhone Permission Models.
1st
ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM). Pages 63-67.
October 2011.
[PDF][Bib]