Home

Xunchao Hu

3499 Tenth St, Riverside, CA 92501

clickme@deepbitstech.com

Bio

I received my Ph.D. in Electrical and Computer Engineering from Syracuse University, advised by Prof. Heng Yin. My research interests lie in software security and program analysis.

Education

    • Ph.D. in Computer & Information Science & Engineering, Syracuse University
    • M.E. in System Engineering, Xi'an Jiaotong University,China
    • B.E. in Software Engineering, Xi'an Jiaotong Univerisity,China

Industry

    • Research Intern@FireEye Labs, 2015 Spring, 2015 Summer.

Journals

    1. Andrew Henderson, Lok Yan, Xunchao Hu, Aravind Prakash, Heng Yin, Stephen McCamant, “DECAF: A Platform-Neutral Whole-System Dynamic Binary Analysis Plat- form”, IEEE Transactions on Software Engineering, doi:10.1109/TSE.2016.2589242

Conferences

    1. Xunchao Hu, Aravind Prakash, Jinghan Wang, Rundong Zhou, Yao Cheng, and Heng Yin, “Semantics-Preserving Dissection of JavaScript Exploits via Dynamic JS-Binary Analysis”, to appear in the 19th Symposium on Research in Attacks, Intrusions and Defenses (RAID’16), September 2016.
    2. Curtis Carmony, Mu Zhang, Xunchao Hu , Abhishek Vasisht Bhaskar, and Heng Yin, “Extract Me If You Can: Abusing PDF Parsers in Malware Detectors”, In Proceedings of Network and Distributed System Security Symposium (NDSS’16), February 2016
    3. Aravind Prakash, Xunchao Hu, and Heng Yin, “vfGuard: Strict Protection for Virtual Function Calls in COTS C++ Binaries”, In Proceedings of ISOC Network and Distributed System Security Symposium(NDSS'15),Feb 2015
    4. Xing Jin, Xunchao Hu, Kailiang Ying, Wenliang Du, Heng Yin and Gautam Nagesh Peri, "Code Injection Attacks on HTML5-based Mobile Apps: Characterization, Detection and Mitigation", In Proceedings of the 21st ACM Conference on Computer and Communications Security(CCS'14), November 2014. [PDF] [website]
    5. Andrew Henderson, Aravind Prakash, Lok Kwong Yan, Xunchao Hu, Xujiewen Wang, Rundong Zhou, and Heng Yin. Make it work, make it right, make it fast: Building a platform-neutral whole-system dynamic binary analysis platform. In Proceedings of the 2014 International Symposium on Software Testing and Analysis (ISSTA'14), July 2014. [PDF]

Technical Reports & Posters

    1. Lok Kwong Yan, Andrew Henderson, Xunchao Hu, Heng Yin, and Stephen McCamant. On soundness and precision of dynamic taint analysis. Technical Report SYR-EECS-2014-04, Syracuse University, January 2014 [PDF]
    2. Xunchao Hu, Aravind Prakash, Jinghan Wang, Rundong Zhou and Heng Yin, "Poster: Automatic Dissection of JavaScript Exploits through Dynamic JS-Binary Analysis", In 36th IEEE Symposium on Security and Privacy (Oakland'15), May 2015

Talks

  1. Xunchao Hu, "DECAF: A Binary Analysis Framework", Security community event for malware and exploit analysis research (ANALYZE2015), San Francisco, CA, April 2015

Software

    1. DECAF(short for Dynamic Executable Code Analysis Framework) is a platform-agnostic whole-system dynamic binary analysis framework. It provides the following key features.1.Right-on-Time Virtual Machine Introspection, 2.Support for Multiple Platforms,3.Precise and Lossless Tainting,4.Event-driven programming interfaces,5.Dynamic instrumentation management. Users can build different kind of plugins like apitracer, keylogger detector,buffer overflow detector etc. on top of this tool.
  1. MCIFINDER is a static analysis tool to detect code injection vulnerability in HTML5 based mobile apps. Of 15510 PhoneGap apps collected from the Android Market, It flagged 478 apps as vulnerable with only 2.30% false positive. Here is the instruction to help you run this tool.
    1. KeyloggerDetector leverages the VMI, tainting and event-driven programming features of DECAF to identify keyloggers and analyze their stealthy behaviors.It successfully detected the keylogging behaviors in all of these 117 samples.

External Reviewer

    1. CCS'14,SecureComm'14,15,ACSAC'14,15,NDSS'15