Dr. Tan is a full professor in the Computer Science and Engineering
Department and also a co-hire at the Institute for Computational and
Data Sciences of the Pennsylvania State University. He obtained his
B.E. in Computer Science
University, and his Ph.D. in Computer Science from
His research interests are computer security, formal
methods, and programming languages. He leads
the Security of
Software (SOS) Group, which is broadly interested in applying
compiler, programming language, and formal method techniques to
improving computer security.
He currently serves on the DARPA ISAT study group. He has also
received multiple awards, including a James F. Will Career Development
Professorship from 2016 to 2019, an NSF CAREER Award, two Google
Research Awards, a Distinguished Reviewer Award at 2018 IEEE Symposium
on Security and Privacy, a Ruth and Joel Spira Excellence in Teaching
Award at Penn State, and some best paper awards at academic
My research group has a postdoc opening: description
- (7/2020) Joining DARPA's ISAT study group (news release).
- (4/2020) Congratulations to Shen, who finished his PhD with thesis
"Quantitative Privilege Separation with Pointer Supports".
- (3/2020) VEE best paper award for paper "Lightweight Kernel Isolation with Virtualization and VM Functions"; in collaboration with Vikram Narayanan and Anton Burtsev (UC Irvine) and Trent Jaeger.
- (10/2019) Keynote talk at IoT S&P workshop [slides].
- (10/2019) We are glad to release an upgrade of our Program-Dependence Graph (PDG) construction module to LLVM 9.0.
- (9/2019) Darpa project "Secure Handling of Isolated Executables without Leaking Data (SHIELD)" funded; subcontractor to Perspecta Labs.
- (8/2019) Paper "Program-mandering: Quantitative Privilege Separation" accepted by 2019 ACM Computer and Communications Security (CCS).
- (8/2019) NSF project "Automated IoT Safety and Security Analysis and Synthesis" funded; with Patrick McDaniel.
- (6/2019) Darpa project "SPARTA:the Secure Parser Toolkit for Assurance" funded; subcontractor to Galois Inc. [Penn State news release].
- (5/2019) We are glad to release the source code of an LLVM 5.0 module for Program-Dependence Graph (PDG) construction.
- (1/2019) Paper "Using Safety Properties to Generate Vulnerability Patches." accepted by 2019 IEEE Symposium on Security and Privacy (Oakland).
- (11/2018) Paper "IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT." accepted by 2019 Network and Distributed System Security Symposium (NDSS).
- (9/2018) Paper "CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation." accepted by 2019 IEEE Symposium on Security and Privacy (Oakland).
- (8/2018) NSF project "Threat-Aware Defense: Evaluating Threats for Continuous Improvement" funded; with Trent Jaeger and Matthias Payer.
- (6/2018) Glad to receive a Ruth and Joel Spira Excellence in Teaching Award at Penn State.
- (5/2018) Glad to receive a Distinguished Reviewer Award at 2018 IEEE Symposium on Security and Privacy.
- (5/2018) Invited talk at LangSec 2018 [slides].
- (5/2018) Paper "Sensitive Information Tracking in Commodity IoT" Automated IoT Safety and Security Analysis" accepted by Usenix Security.
- (4/2018) Paper "Soteria: Automated IoT Safety and Security Analysis" accepted by Usenix Annual Technical Conference.
- (4/2018) PSU news article about my group's research.
- (3/2018) Outstanding paper award for CODASPY paper "From Debugging-Information Based Binary-Level Type Inference to CFG Generation".
- (10/2017) Darpa project "Automatic Generation of Anti-Specifications from Exploits for Scalable Program Hardening" funded; subcontractor to Virginia Tech.
- (10/2017) Glad to announce a survey article on software-based isolation (SFI):
Principles and Implementation Techniques of Software-Based Fault Isolation.
- (9/2017) NSF/Intel project "CAPA: Lightweight abstract memory features" funded; in collaboration with Lehigh and Arizona State.
[Penn State news release].
- (8/2017) Paper "PtrSplit: Supporting General Pointers in Automatic Program Partitioning" accepted by CCS 2017.
- (5/2017) ONR project on Semantics-Directed Binary Reverse Engineering and Transformation Validation funded. Thanks to ONR!
- (10/2016) Congratulations to Ben, whose dissertation won ACM SIGSAC Dissertation Award Runner-Up.
- (3/2016) Keynote talk at MASS 2016 about MCFI/RockJIT/PICFI; Title: "Protecting Dynamic Code by Modular Control-Flow Integrity"
- Older news...
- CMPSC 461, Programming Language Concepts, Spring 20, Spring 18, Spring 17
- CMPSC 447, Software Security, Spring 19
- CSE 597, Special Topics on Binary-Level Program Analysis, Spring 19
- CSE 597, Special Topics on Theorem Proving and Static Analysis, Fall 16
- CMPSC 443, Introduction to Computer and Network Security, Spring 16
- CSE 262, Programming Languages, Fall 15, Fall 14, Spring 14, Fall 13, Spring 13, Fall 12, Spring 12, Fall 11, Fall 10
- CSE 411, Advanced Programming Techniques, Fall 15, Fall 14, Fall 13
- CSE 334/434, Software System Security, Fall 12, Fall 10, Fall 08
- CSE 497, Advanced Programming Languages, Fall 11
- CSE 216, Software Engineering, Spring 10, Spring 09
- CSE 397/497, Programming Languages Design & Analysis Fall 09
Representative Publications (all publications by year or by topic)
- Ahmed, M. S., Xiao, Y., Snow, K. Z., Tan, G., Monrose, F., and Yao, D. (2020). Methodologies for quantifying (re-)randomization security and timing under JIT-ROP. In 26th ACM Conference on Computer and Communications Security (CCS), page To appear
- Norris, M., Celik, Z. B., Venkatesh, P., Zhao, S., McDaniel, P. D., Sivasubramaniam, A., and Tan, G. (2020). IoTRepair: Systematically addressing device faults in commodity IoT. In 5th ACM/IEEE Conference on Internet of Things Design and Implementation (IoTDI), page To appear. [paper]
- Narayanan, V., Huang, Y., Tan, G., Jaeger, T., and Burtsev, A. (2020). Lightweight kernel isolation with virtualization and VM functions. 16th ACM International Conference on Virtual Execution Environments (VEE), pages 157–171. Best paper award. [paper]
- Liu, S., Zeng, D., Huang, Y., Capobianco, F., McCamant, S., Jaeger, T., and Tan, G. (2019). Program-mandering: Quantitative privilege separation. In 26th ACM Conference on Computer and Communications Security (CCS), pages 1023–1040. [paper]
- Wang, Y.P., Hu, X.Q.., Zou, Z.X.., Tan, W., and Tan, G. (2019). IVT: an Efficient Method for Sharing Subtype Polymorphic Objects. In 2019 Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), to appear..
- Huang, Z., Lie, D., Tan, G., and Jaeger, T. (2019). Using safety properties to generate vulnerability patches. In IEEE Symposium on Security and Privacy (S&P). [paper]
- Brotzman, R., Liu, S., Zhang, D., Tan, G., and Kandemir, M. (2019). CaSym: Cache aware symbolic execution for side channel detection and mitigation. In IEEE Symposium on Security and Privacy (S&P), pages 364–380. [paper]
- Celik, Z. B., Tan, G., and McDaniel, P. (2019). IoTGuard: Dynamic enforcement of security and safety policy in commodity IoT. In Network and Distributed System Security Symposium (NDSS). [paper]
- Celik, Z. B., Babun, L., Sikder, A. K., Aksu, H., Tan, G., McDaniel, P., and Uluagac, A. S.(2018). Sensitive information tracking in commodity IoT. In 27th Usenix Security Symposium, pages 1687–1704. [paper]
- Celik, Z. B., McDaniel, P., and Tan, G. (2018). Soteria: Automated IoT safety and security analysis. In USENIX Annual Technical Conference (ATC), pages 147–158. [paper]
- P. Muntean, M. Fischer, G. Tan, Z. Lin, J. Grossklags, and C. Eckert. tauCFI: Type-assisted
control ﬂow integrity for x86-64 binaries. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID), pages 423–444, 2018
- Zeng, D. and Tan, G. (2018). From debugging-information based binary-level type inference to CFG generation. In 8th ACM Conference on Data and Application Security and Privacy (CODASPY), pages 366–376. Outstanding paper award. [paper]
- Tan, G. (2017). Principles and implementation techniques of software-based fault isolation. Foundations and Trends in Privacy and Security, 1(3), 137–198. [paper]. [slides]
- Liu, S., Tan, G., and Jaeger, T. (2017). PtrSplit: Supporting general pointers in automatic
program partitioning. In 24th ACM Conference on Computer and Communications Security
(CCS), pages 2359–2371. [paper]
- Tan, G. and Jaeger, T. (2017). CFG construction soundness in control-ﬂow integrity. In ACM
SIGSAC Workshop on Programming Languages and Analysis for Security (PLAS), pages 3–13.
- Tian, K., Tan, G., Yao, D., and Ryder, B. (2017). ReDroid: Prioritizing data ﬂows and sinks
for app security transformation. In ACM Workshop on Forming an Ecosystem Around Software
Transformation (FEAST), pages 35–41. [paper]
- Tan, G. and Morrisett, G. (2018). Bidirectional grammars for machine-code decoding and
encoding. Journal of Automated Reasoning, 60(3), 257–277. [paper]
- Tian, K., Yao, D., Rider, B., Tan, G., and Peng, G. (2017). Detection of repackaged Android
malware with code-heterogeneity features. IEEE Transactions on Dependable and Secure
- Tan, G. and Morrisett, G. (2016). Bidirectional grammars for machine-code decoding and
encoding. In 8th International Conference on Veriﬁed Software: Theories, Tools, and Experiments
(VSTTE), pages 73–89. [paper]
- Guo, X., Shrivastava, A., Spear, M., and Tan, G. (2016). Languages must expose memory
heterogeneity. In Second International Symposium on Memory Systems (MEMSYS), pages
- Tian, K., Yao, D., Ryder, B. G., and Tan, G. (2016). Analysis of code heterogeneity
for high-precision classiﬁcation of repackaged malware. In Workshop on Mobile Security
Technologies (MoST), pages 262–271. [paper]
- Niu, B. and Tan, G. (2015). Per-input control-ﬂow integrity. In 22nd ACM Conference on
Computer and Communications Security (CCS), pages 914–926. [paper]. [webpage]
- Niu, B. and Tan, G. (2014). RockJIT: Securing just-in-time compilation using modular
control-ﬂow integrity. In 21st ACM Conference on Computer and Communications Security (CCS),
pages 1317–1328. [paper]
- Li, S. and Tan, G. (2014). Finding reference-counting errors in Python/C programs with
aﬃne analysis. In European Conference on Object-Oriented Programming (ECOOP). [paper]
- Niu, B. and Tan, G. (2014a). Modular control-ﬂow integrity. In ACM Conference on
Programming Language Design and Implementation (PLDI), pages 577–587. [paper]. [webpage]
- Niu, B. and Tan, G. (2013b). Monitor integrity protection with space eﬃciency and separate
compilation. In 20th ACM Conference on Computer and Communications Security (CCS). [paper]
- Zeng, B., Tan, G., and Erlingsson, Ú. (2013). Strato: A retargetable framework for low-level
inlined-reference monitors. In 22nd Usenix Security Symposium, pages 369–382. [paper]
- Morrisett, G., Tan, G., Tassarotti, J., Tristan, J.-B., and Gan, E. (2012). Rocksalt: Better,
faster, stronger SFI for the x86. In ACM Conference on Programming Language Design and
Implementation (PLDI), pages 395–404. [paper]. [webpage]
- Zeng, B., Tan, G., and Morrisett, G. (2011). Combining control-ﬂow integrity and static
analysis for eﬃcient and validated data sandboxing. In 18th ACM Conference on Computer
and Communications Security (CCS), pages 29–40. [paper]
- Tan, G. and Appel, A. (2006). A compositional logic for control ﬂow. In International
Conference on Veriﬁcation, Model Checking, and Abstract Interpretation (VMCAI), pages 80–94.
- Ou, X., Tan, G., Mandelbaum, Y., and Walker, D. (2004). Dynamic typing with dependent types. In Proceedings of IFIP 3rd International Conference on Theoretical Computer Science, pages