Selected Recent Publications

Vet Enhancing Mobile Testing via Patching Apps.

ACM SIGSOFT Distinguished Paper Award.
In FSE, 2021

GLIB Automated Test Oracle for Mobile Games.
In FSE, 2021

HomDroid Malware Detection via Homophily Analysis.
In ISSTA, 2021

WebEvo Evolutionary Web Monitoring.
In ISSTA, 2021

UI-Flaky An Empirical Analysis of UI-based Flaky Tests.
In ICSE, 2021

SCDetector Code Clone Detection by Centrality Analysis.
In ASE, 2020

DENAS Automated Heuristic Generation for Non-ML Systems via ML
In FSE, 2020

ILFO Adversarial Attack on Adaptive Neural Networks
In CVPR, 2020

TextExerciser Feedback-driven Text Input Exercising for Android Applications
In IEEE S&P, 2020

MalScan Malware Detection by Centrality Analysis.
In ASE, 2019

iRuler Detecting inter-rule vulnerabilities in IoT applications.
In CCS, 2019

REINAM Synthesizing high-coverage context-free program input grammars.
In FSE, 2019

SemRegex Synthesizing regex from natural language descriptions.
In EMNLP, 2018

PermuteInvariance Inferring private properties of neural networks.
In CCS, 2018

WCTester Android test generation for industrial mobile applications.
In ASE, 2018

EnMobile Detection of command & control behaviors in mobile applications.
In ICSE, 2018

Other Publications

More Publications

. IntDroid: Android Malware Detection Based on API Intimacy Analysis. In TOSEM, 2021.


. Database-Access Performance Antipatterns in Database-Backed Web Applications. In ICSME, 2020.


. Detecting Failures of Neural Machine Translation in the Absence of Reference Translations. In DSN, 2019.


. Testing Untestable Neural Machine Translation: An Industrial Case. In ICSE, 2019.


. A Large-Scale Empirical Study on Android Runtime Permission Rationale Messages. In VL/HCC, 2018.


. Mining Android App Description for Permission Requirements Recommendation. In RE, 2018.


. Generating Regular Expressions from Natural Language Specifications: Are We There Yet?. In AAAI-W, 2018.


. Automated Test Input Generation for Android: Towards Getting There in an Industrial Case. In ICSE, 2017.


. Towards Privacy-Preserving Mobile Apps: A Balancing Act. . In HotSoS, 2017.


. Free for All! Assessing User Data Exposure to Advertising Libraries on Android. In NDSS, 2016.


. Automated Test Input Generation for Android: Are We Really There Yet in an Industrial Case?. In FSE, 2016.


. Security Analytics for Mobile Apps: Achievements and Challenges.. In JCS, 2016.


. AppContext: Differentiating Malicious and Benign Mobile App Behaviors Using Context. In ICSE, 2015.


. Improving Mobile Application Security via Bridging User Expectations and Application Behaviors.. In HotSoS, 2014.


. WHYPER: Towards Automating Risk Assessment of Mobile Applications. In USENIX Security, 2013.



  1. co-advised with Cong Liu ^
  2. externally co-advised at HUST with Deqing Zou ^


  • (972) 883-4173
  • ECSS 4.225, 800 W. Campbell Rd., Richardson, TX 75080, USA.
  • email for appointment