default search action
Wenrui Diao
Person information
Refine list
refinements active!
zoomed in on ?? of ?? records
view refined list in
export refined list as
2020 – today
- 2025
- [j5]Shishuai Yang, Qinsheng Hou, Shuang Li, Fenghao Xu, Wenrui Diao:
From guidelines to practice: assessing Android app developer compliance with google's security recommendations. Empir. Softw. Eng. 30(1): 11 (2025) - 2024
- [c33]Pengcheng Ren
, Chaoshun Zuo
DEMISTIFY: Identifying On-device Machine Learning Models Stealing and Reuse Vulnerabilities in Mobile Apps. ICSE 2024: 41:1-41:13 - [c32]Jianing Wang
CrypTody: Cryptographic Misuse Analysis of IoT Firmware via Data-flow Reasoning. RAID 2024: 579-593 - [c31]Shuang Li, Rui Li, Yifan Yu, Kailun Yan, Shishuai Yang, Wenrui Diao:
Understanding Android OS Forward Compatibility Support for Legacy Apps: A Data-Driven Analysis. SANER 2024: 216-226 - [c30]Xiaoyin Liu
From Promises to Practice: Evaluating the Private Browsing Modes of Android Browser Apps. WWW 2024: 1561-1572 - [i8]Kailun Yan, Xiaokuan Zhang, Wenrui Diao:
Stealing Trust: Unveiling Vulnerabilities in Web3 Authentication. CoRR abs/2406.00523 (2024) - 2023
- [j4]Qinsheng Hou
Can We Trust the Phone Vendors? Comprehensive Security Measurements on the Android Firmware Ecosystem. IEEE Trans. Software Eng. 49(7): 3901-3921 (2023) - [c29]Shishuai Yang, Qinsheng Hou, Shuang Li, Wenrui Diao:
Do App Developers Follow the Android Official Data Security Guidelines? An Empirical Measurement on App Data Security. APSEC 2023: 71-80 - [c28]Jianqi Du, Zidong Zhang
Living in the Past: Analyzing BLE IoT Devices Based on Mobile Companion Apps in Old Versions. MSN 2023: 317-324 - [c27]Rui Li, Wenrui Diao, Shishuai Yang, Xiangyu Liu, Shanqing Guo, Kehuan Zhang:
Lost in Conversion: Exploit Data Structure Conversion with Attribute Loss to Break Android Systems. USENIX Security Symposium 2023: 5503-5520 - [c26]Kailun Yan
Bad Apples: Understanding the Centralized Security Risks in Decentralized Ecosystems. WWW 2023: 2274-2283 - 2022
- [j3]Rui Li
Android Custom Permissions Demystified: A Comprehensive Security Evaluation. IEEE Trans. Software Eng. 48(11): 4465-4484 (2022) - [c25]Xing Zhang, Jiongyi Chen, Chao Feng, Ruilin Li, Wenrui Diao
Default: Mutual Information-based Crash Triage for Massive Crashes. ICSE 2022: 635-646 - [c24]Shishuai Yang, Rui Li, Jiongyi Chen, Wenrui Diao
Demystifying Android Non-SDK APls: Measurement and Understanding. ICSE 2022: 647-658 - [c23]Qinsheng Hou, Wenrui Diao
Large-scale Security Measurements on the Android Firmware Ecosystem. ICSE 2022: 1257-1268 - [c22]Guangwei Tian, Jiongyi Chen, Kailun Yan, Shishuai Yang, Wenrui Diao:
Cast Away: On the Security of DLNA Deployments in the SmartTV Ecosystem. QRS 2022: 105-116 - [c21]Jianqi Du, Fenghao Xu, Chennan Zhang, Zidong Zhang
Identifying the BLE Misconfigurations of IoT Devices through Companion Mobile Apps. SECON 2022: 343-351 - [c20]Chennan Zhang, Shuang Li, Wenrui Diao, Shanqing Guo:
PITracker: Detecting Android PendingIntent Vulnerabilities through Intent Flow Analysis. WISEC 2022: 20-25 - 2021
- [c19]Fenghao Xu, Siyu Shen, Wenrui Diao
Android on PC: On the Security of End-user Android Emulators. CCS 2021: 1566-1580 - [c18]Jin Zhang, Chennan Zhang, Xiangyu Liu, Yuncheng Wang, Wenrui Diao, Shanqing Guo:
ShadowDroid: Practical Black-box Attack against ML-based Android Malware Detection. ICPADS 2021: 629-636 - [c17]Rui Li, Wenrui Diao
Android Custom Permissions Demystified: From Privilege Escalation to Design Shortcomings. SP 2021: 70-86 - 2020
- [c16]Zicheng Zhang
An empirical study of potentially malicious third-party libraries in Android apps. WISEC 2020: 144-154
2010 – 2019
- 2019
- [c15]Jiongyi Chen, Chaoshun Zuo, Wenrui Diao
Your IoTs Are (Not) Mine: On the Remote Binding Between IoT Devices and Users. DSN 2019: 222-233 - [c14]Fenghao Xu, Wenrui Diao, Zhou Li
BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth Peripherals. NDSS 2019 - [c13]Li Zhang, Jiongyi Chen, Wenrui Diao, Shanqing Guo, Jian Weng, Kehuan Zhang:
CryptoREX: Large-scale Analysis of Cryptographic Misuse in IoT Devices. RAID 2019: 151-164 - [c12]Wenrui Diao, Yue Zhang, Li Zhang, Zhou Li
Kindness is a Risky Business: On the Usage of the Accessibility APIs in Android. RAID 2019: 261-275 - 2018
- [j2]Wenrui Diao, Rui Liu
Accessing mobile user's privacy based on IME personalization: Understanding and practical attacks. J. Comput. Secur. 26(3): 283-309 (2018) - [c11]Jia Chen, Ge Han
FragDroid: Automated User Interface Interaction with Activity and Fragment Analysis in Android Applications. DSN 2018: 398-409 - [c10]Chao Chen, Wenrui Diao
DRLgencert: Deep Learning-Based Automated Testing of Certificate Verification in SSL/TLS Implementations. ICSME 2018: 48-58 - [c9]Jiongyi Chen, Wenrui Diao, Qingchuan Zhao, Chaoshun Zuo, Zhiqiang Lin, XiaoFeng Wang, Wing Cheong Lau, Menghan Sun, Ronghai Yang, Kehuan Zhang:
IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing. NDSS 2018 - [c8]Shuaike Dong, Menghao Li, Wenrui Diao, Xiangyu Liu, Jian Liu, Zhou Li, Fenghao Xu, Kai Chen, Xiaofeng Wang, Kehuan Zhang:
Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild. SecureComm (1) 2018: 172-192 - [i7]Shuaike Dong, Menghao Li, Wenrui Diao, Xiangyu Liu, Jian Liu, Zhou Li, Fenghao Xu, Kai Chen, Xiaofeng Wang, Kehuan Zhang:
Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild. CoRR abs/1801.01633 (2018) - [i6]Chao Chen, Wenrui Diao, Yingpei Zeng, Shanqing Guo, Chengyu Hu:
DRLGENCERT: Deep Learning-based Automated Testing of Certificate Verification in SSL/TLS Implementations. CoRR abs/1808.05444 (2018) - 2017
- [j1]Zhe Zhou, Wenrui Diao
Vulnerable GPU Memory Management: Towards Recovering Raw Data from GPU. Proc. Priv. Enhancing Technol. 2017(2): 57-73 (2017) - [i5]Nan Zhang, Soteris Demetriou, Xianghang Mi
Understanding IoT Security Through the Data Crystal Ball: Where We Are Now and Where We Are Going to Be. CoRR abs/1703.09809 (2017) - 2016
- [c7]Wenrui Diao
No Pardon for the Interruption: New Inference Attacks on Android Through Interrupt Timing Analysis. IEEE Symposium on Security and Privacy 2016: 414-432 - [c6]Wenrui Diao
Evading Android Runtime Analysis Through Detecting Programmed Interactions. WISEC 2016: 159-164 - [i4]Zhe Zhou, Wenrui Diao, Xiangyu Liu, Zhou Li, Kehuan Zhang, Rui Liu:
Vulnerable GPU Memory Management: Towards Recovering Raw Data from GPU. CoRR abs/1605.06610 (2016) - 2015
- [c5]Xiangyu Liu, Zhe Zhou, Wenrui Diao
When Good Becomes Evil: Keystroke Inference with Smartwatch. CCS 2015: 1273-1285 - [c4]Wenrui Diao
Mind-Reading: Privacy Attacks Exploiting Cross-App KeyEvent Injections. ESORICS (2) 2015: 20-39 - [c3]Xiangyu Liu, Zhe Zhou, Wenrui Diao, Zhou Li, Kehuan Zhang:
An Empirical Study on Android for Saving Non-shared Data on Public Storage. SEC 2015: 542-556 - 2014
- [c2]Wenrui Diao
Your Voice Assistant is Mine: How to Abuse Speakers to Steal Information and Control Your Phone. SPSM@CCS 2014: 63-74 - [c1]Zhe Zhou, Wenrui Diao
Acoustic Fingerprinting Revisited: Generate Stable Device ID Stealthily with Inaudible Sound. CCS 2014: 429-440 - [i3]Zhe Zhou, Wenrui Diao, Xiangyu Liu, Kehuan Zhang:
Acoustic Fingerprinting Revisited: Generate Stable Device ID Stealthy with Inaudible Sound. CoRR abs/1407.0803 (2014) - [i2]Wenrui Diao, Xiangyu Liu, Zhe Zhou, Kehuan Zhang:
Your Voice Assistant is Mine: How to Abuse Speakers to Steal Information and Control Your Phone. CoRR abs/1407.4923 (2014) - [i1]Xiangyu Liu, Wenrui Diao, Zhe Zhou, Zhou Li, Kehuan Zhang:
Gateless Treasure: How to Get Sensitive Information from Unprotected External Storage on Android Phones. CoRR abs/1407.5410 (2014)
Coauthor Index
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
Unpaywalled article links
Add open access links from to the list of external document links (if available).
Privacy notice: By enabling the option above, your browser will contact the API of unpaywall.org to load hyperlinks to open access articles. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Unpaywall privacy policy.
Archived links via Wayback Machine
For web page which are no longer available, try to retrieve content from the of the Internet Archive (if available).
Privacy notice: By enabling the option above, your browser will contact the API of archive.org to check for archived content of web pages that are no longer available. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Internet Archive privacy policy.
Reference lists
Add a list of references from ,
, and
to record detail pages.
load references from crossref.org and opencitations.net
Privacy notice: By enabling the option above, your browser will contact the APIs of crossref.org, opencitations.net, and semanticscholar.org to load article reference information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Crossref privacy policy and the OpenCitations privacy policy, as well as the AI2 Privacy Policy covering Semantic Scholar.
Citation data
Add a list of citing articles from and
to record detail pages.
load citations from opencitations.net
Privacy notice: By enabling the option above, your browser will contact the API of opencitations.net and semanticscholar.org to load citation information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the OpenCitations privacy policy as well as the AI2 Privacy Policy covering Semantic Scholar.
OpenAlex data
Load additional information about publications from .
Privacy notice: By enabling the option above, your browser will contact the API of openalex.org to load additional information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the information given by OpenAlex.
last updated on 2024-11-07 20:31 CET by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by: