JBomAudit: Assessing the Landscape, Compliance, and Security Implications of Java SBOMs
Yue Xiao, Dhilung Kirat, Douglas Lee Schales, Jiyong Jang, Luyi Xing, Xiaojing Liao.
in Proceeding of the ISOC Network and Distributed System Security Symposium (NDSS), 2025.
Automated Expansion of Privacy Data Taxonomy for Compliant Data Breach Notification
Yue Qin*, Yue Xiao* (Co-first author, ordered by alphabet), Xiaojing Liao.
in Proceeding of the ISOC Network and Distributed System Security Symposium (NDSS), 2025.
Understanding Legal Professionals’ Practices and Expectations in Data Breach Incident Reporting.
Ece Gumusel*, Yue Xiao* (Co-first author, ordered by alphabet), Yue Qin, Jiaxin Qin, Xiaojing Liao.
in Proceeding of ACM Conference on Computer and Communications Security (CCS), 2024.
Measuring Compliance Implications of Third-party Libraries’ Privacy Label Disclosure Guidelines
Yue Xiao, Chaoqi Zhang, Yue Qin, Fares Fahad S Alharbi, Luyi Xing, Xiaojing Liao
in Proceeding of ACM Conference on Computer and Communications Security (CCS), 2024.
iHunter: Hunting Privacy Violations at Scale in the Software Supply Chain on iOS.
Liu, Dexin, Yue Xiao* (Co-first author, ordered by alphabet), Chaoqi Zhang, Kaitao Xie, Xiaolong Bai, Shikun Zhang, and Luyi Xing.
in Proceedings of USENIX Security Symposium (Security), 2024
Yue Xiao, Adwait Nadkarni, Xiaojing Liao.
in Proceeding of the 3rd ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses (SCORED), 2024
Lalaine: Measuring and Characterizing Non-Compliance of Apple Privacy Labels at Scale
Yue Xiao, Zhengyi Li, Yue Qin, Xiaolong Bai, Jiale Guan, Xiaojing Liao, Luyi Xing
in Proceedings of USENIX Security Symposium (Security), 2023.
[Artifact Appendix] Showcase in the 2023 NSA CAE-R Research Symposium
Vulnerability Intelligence Alignment via Masked Graph Attention Networks
Yue Qin, Yue Xiao, Xiaojing Liao
in Proceedings of ACM Conference on Computer and Communications Security (CCS), 2023.
OS-Aware Vulnerability Prioritization via Differential Severity Analysis
Qiushi Wu*, Yue Xiao* (Co-first author, ordered by alphabet), Xiaojing Liao, Kangjie Lu
in Proceedings of USENIX Security Symposium (Security), 2022.
Understanding Malicious Cross-library Data Harvesting on Android
Jice Wang*, Yue Xiao* (Co-first author, ordered by alphabet), Xueqiang Wang, Yuhong Nan, Luyi Xing, Xiaojing Liao, JinWei Dong, Nicolas Serrano, XiaoFeng Wang, Yuqing Zhang, Haoran Lu. in Proceedings of USENIX Security Symposium (Security), 2021.
Demystifying Resource Management Risks in Emerging Mobile App-in-App Ecosystems
Haoran Lu, Luyi Xing, Yue Xiao, Yifan Zhang, Xiaojing Liao, Xiaofeng Wang, Xueqiang Wang
in the ACM Conference on Computer and Communications Security (CCS), 2020