SSlab

Systems Software & Security Lab

We build practical systems with focuses on security, performance, robustness, or often just for fun. Our research projects have been published in top academic conferences, and have made great impacts on real programs, such as Firefox, Android, and the Linux kernel, that you might be using every day. If you are interested in hacking with us, please fill the form (link).

We are hiring prominent researchers, hackers and staff programmers to team up with us to compete at AIxCC!

News (all/24/23/22/21/20/19/18/17/16/15/14)

[09/11/2024] PORTAL and TikTag are accepted to SP'25!
[09/02/2024] MALintent is accepted to NDSS'25!
[08/21/2024] RAKIS is accepted to Eurosys'25!
[08/20/2024] PeTAL is accepted to CCS'24!
[08/11/2024] Team Atlanta proceeds to the AIxCC final!
[08/08/2024] TikTag is presented at Blackhat'24!
[06/24/2024] BluePrint is accepted to RAID'24!
[06/14/2024] Our DeFi user study is accepted to Usenix Security'24!
[12/15/2023] Sui Research Award ($20k)!
[10/19/2023] Sense is accepted to NDSS'24!
[07/17/2023] QSYM got a Best Paper Award in Theoretical Computer and Information Sciences!
[06/04/2023] AEX-Notify is accepted to USENIX Security'23
[03/30/2023] DeepSemantic is accepted to IEEE Access
[02/22/2023] MPKfacts is accepted to S&P'23 Magazine
[02/22/2023] ACon² is accepted to USENIX Security'23
[02/21/2023] autofz is accepted to USENIX Security'23
[09/02/2022] POPKORN is accepted to ACSAC'22
[06/14/2022] RoboFuzz is accepted to ESEC/FSE'22!
[06/11/2022] Fuzzing@Home is accepted to RAID'22!
[05/30/2022] "perfect r00t" proceeds to the DEF CON CTF final!
[04/30/2022] Pridwen and Modulo are accepted to ATC'22!
[03/19/2022] SynCord is accepted to OSDI'22!
[02/08/2022] DeFi Bug Bounty ($100K), from APWine!
[01/22/2022] PAL (ARM PAC for Linux) is accepted to USENIX Security'22!
[11/25/2021] DeFi Bug Bounty ($90K), from Enzyme Finance!
[10/26/2021] Rudra got a Distinguished Artifact Award at SOSP'21!
[08/08/2021] Rudra is accepted to SOSP'21!
[07/21/2021] HardsHeap is accepted to CCS'21!
[04/12/2021] C3 is accepted to HotOS'21!
[03/31/2021] Sanidhya got the Dissertation Award from CoC!
[03/22/2021] SNAP is accepted to CCS'21!
[03/12/2021] Fluffy is accepted to OSDI'21!
[02/01/2021] Grant by GT CoC to support our Fuzzing Farm construction ($10K)
[01/14/2021] Grant by Google to support our JavaScript fuzzing research ($5K)
[11/17/2020] Winnie is accepted to NDSS '21
[09/28/2020] FFmalloc is accepted to Usenix Security '21
[08/25/2020] Revisiting Function Identification with Machine Learning is accepted to MLPA '20
[07/30/2020] Slimium and FreeDom are accepted to CCS '20!
[07/30/2020] Sanidhya, Meng and Hong start as an assistant professor at EPFL, the University of Waterloo, and Pennsylvania State University!
[05/01/2020] Our Pwn2Own 2020 winning submission for Safari is accepted to Black Hat USA 2020!
[04/27/2020] Sanidhya got the "Outstanding Research Graduate Research Assistant" Award from CoC!
[03/18/2020] Our team won Pwn2Own 2020 by exploiting Apple Safari with a kernel privilege escalation ($70K)!
[02/28/2020] Krace is accepted to S&P'20!
[02/09/2020] DIE is accepted to S&P'20!
[01/10/2020] Desensitization is accepted to NDSS'20!
[12/18/2019] ArcHeap is accepted to Security'20!
[11/13/2019] TypeDive got the Best Paper Award at CCS'19!
[11/11/2019] Our talk of ESXi security is accepted to 36C3!
[08/14/2019] Apollo is accepted to VLDB '20!
[07/30/2019] TypeDive is accepted to CCS '19!
[07/22/2019] Hydra, Recipe, Shfllock, and Splitfs (4 papers) are accepted to SOSP '19!
[07/11/2019] Google Tech Talk by Wen on file system fuzzing!
[06/25/2019] Exploitation chain of VMware ESXi is accepted to WOOT '19
[05/24/2019] Razor is accepted to Security'19!
[05/24/2019] $15k Bug Bounty from Microsoft (ChakraCore/CVE-2019-0609)
[04/18/2019] libmpk is accepted to ATC'19
[02/28/2019] Google Research Award
[02/18/2019] Fuzzification is accepted to Security'19!
[11/25/2018] Janus is accepted to S&P'19!
[08/15/2018] QSYM got a Distinguished Paper Award at USENIX Security'18!
[08/12/2018] DEFKOR00T won DEF CON CTF 2018!!
[07/24/2018] uCFI is accepted to CCS 2018!
[05/02/2018] QSYM and RTAG are accepted to USENIX Security!
[04/18/2018] eCS is accepted to ATC'18
[03/10/2018] Kaleidoscope accepted at the EuroSys Doctoral Workshop
[02/07/2018] Steffen got the best poster award at the KAUST OBD Workshop!
[01/22/2018] Solros and Ordo are accepted to EuroSys'18!
[11/27/2017] Deadline is accepted to S&P'18!
[11/14/2017] LATR is accepted to ASPLOS'18
[11/11/2017] Insu has been selected as one of finalists for the MSR PhD fellowship!
[11/03/2017] Gift by Intel to support our SGX research ($90K)!
[09/20/2017] SGX-Bomb is accepted to SysTEX'17!
[08/02/2017] RAIN, OSSPolice and OS for Fuzzing are accepted to CCS 2017!
[08/01/2017] SAMSUNG Global Research Outreach (GRO) 2017 Awarded
[07/25/2017] AVPASS is on DARK Reading 1/2/3 and WIRED
[05/11/2017] PlatPal, PITTYPAT, Branch Shadowing Attack, and Dark ROP are accepted to USENIX Security!
[05/04/2017] AVPASS is accepted to Black Hat USA 2017
[05/03/2017] Gift by Mozilla to support our research on fuzzing ($60K)!
[04/24/2017] Mosaic has won the best student paper award at EuroSys'17!
[04/21/2017] CST-lock, CAB-Fuzz and Bunshin are accepted to ATC17.
[02/12/2017] Microsoft recognizes the Coordinated Vulnerability Disclosure of DrK.
[02/08/2017] DrK is on Google Project Zero!
[01/23/2017] Mosaic is accepted to EuroSys'17
[01/01/2017] GT ranks first in NSA Codebreaker Challenge.
[12/03/2016] DrK has been used by IOActive to bypass KASLR to avoid the mitigation on CVE-2016-7255
[12/02/2016] SGX-Tor is accepted to NSDI17
[11/11/2016] APISan is nominated as the top 10 research papers by CSAW16
[10/23/2016] DrK is on LWN and Hacker News!
[10/22/2016] SGX-Shield and T-SGX are accepted to NDSS 2017
[07/22/2016] UniSan and DrK are accepted to CCS 2016
[06/22/2016] DrK is accepted to Black Hat USA 2016
[06/09/2016] A Python bug found by Insu(@Jakkdu) and Yeongjin(@blue9057), $1,000 from the Internet Bug Bounty
[06/04/2016] Our "Android-SoK" paper (12 authors!) is accepted to the ACM Computing Surveys (CSUR)
[05/27/2016] AirBox is accepted to SEC16
[05/13/2016] APISan is accepted to Security16
[05/10/2016] More kernel information leaks found by us: CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, etc.
[05/05/2016] Three Linux kernel information leaks found by Kangjie: CVE-2016-4485, CVE-2016-4486, CVE-2016-4482
[05/04/2016] Three PHP bugs found by Insu (@Jakkdu) and Yeongjin (@blue9057), $1,500 from the Internet Bug Bounty!
[04/25/2016] Congrats Changwoo on getting the "Outstanding Post Doctorate Research" award from CoC!
[04/14/2016] Kup and FxMark are accepted to ATC16
[04/02/2016] Insu (Winner, 1st place) and Yeongjin (2nd place) won prizes from HungryHungryHackers 2016
[03/15/2016] S-NFV has been selected as one of the best papers in SDN-NFV Security 2016, invited to the NFV World Congress
[02/18/2016] Morula on LWN (CopperheadOS: Securing the Android)!
[02/09/2016] Acknowledged for finding the Windows kernel vulnerability MS16-014 (CVE-2016-0040)
[02/07/2016] HDFI is accepted to S&P16
[01/06/2016] S-NFV is accepted to SDN-NFV Security 2016
[11/14/2015] DangNull has won the best applied security research paper (3rd place) in CSAW15
[10/24/2015] DangNull and Caver are nominated as the top 10 papers by CSAW15
[10/23/2015] Kenali, OpenSGX, FlexDroid, and RuntimeASLR are accepted to NDSS16
[09/19/2015] SGX-Tor is accepted to HotNets15
[09/01/2015] Oticket has been selected as one of the best papers in APSys, forwarded to OSR!
[08/12/2015] Caver has won the 2015 Internet Defense Prize by USENIX and Facebook ($100K Prize)!
[08/09/2015] Two of our lab members (Yeongjin and Insu) won the black badge from DEFCON 23 CTF as team DEFKOR!
[07/22/2015] Oticket idea acknowledged by scalable queue spinlock in the Linux kernel (LWN)
[07/22/2015] Three papers (UCognito, ASLR-Guard, and Breaking VoLTE) are accepted to CCS15!
[07/08/2015] Disekt is qualified to DARPA Cyber Grand Challenge!
[06/28/2015] Juxta is accepted to SOSP15
[06/18/2015] Oticket is accepted to APSYS15
[05/12/2015] Caver is accepted to Security15
[04/18/2015] MetaSync and CFS are accepted to ATC15
[02/08/2015] Dangnull at NDSS15
[11/25/2014] Mozilla Bug Bounty for BUG:1074280 (CVE-2014-1594)